October 12, 2019 2:00PM
It's crowded in here!
We recently gave a presentation on Programming socket lookup with BPF at the Linux Plumbers Conference 2019 in Lisbon, Portugal. This blog post is a recap of the problem statement and proposed solution we presented....
July 18, 2019 3:12PM
A Tale of Two (APT) Transports
Securing access to your APT repositories is critical. At Cloudflare, like in most organizations, we used a legacy VPN to lock down who could reach our internal software repositories. However, a network perimeter model lacks a number of features that we consider critical to a team’s security....
July 10, 2019 2:07PM
A gentle introduction to Linux Kernel fuzzing
For some time I’ve wanted to play with coverage-guided fuzzing. I decided to have a go at the Linux Kernel netlink machinery. It's a good target: it's an obscure part of kernel, and it's relatively easy to automatically craft valid messages....
May 30, 2019 2:00PM
Cloudflare Repositories FTW
Kali Linux turned six years old this year! In this time, Kali has established itself as the de-facto standard open source penetration testing platform....
May 18, 2019 4:00PM
Cloudflare architecture and how BPF eats the world
Recently at I gave a short talk titled "Linux at Cloudflare". The talk ended up being mostly about BPF. It seems, no matter the question - BPF is the answer. Here is a transcript of a slightly adjusted version of that talk....