Joe Birr-Pixton
@jbp.io
computers, computer security, cryptography. rather dull really.
locale: cambridge, uk
github: https://github.com/ctz/ & https://github.com/rustls/
locale: cambridge, uk
github: https://github.com/ctz/ & https://github.com/rustls/
Reposted by Joe Birr-Pixton
Congratulations to the shortlisted nominees in the 6th annual OpenUK Awards 2026, 🏆🍾🥂 Andy Piper, @bboreham.bsky.social, Daniel Gale, @davidtw.co, Dermoscopea, @flox.dev, Godfrey Inyama, Jan Faracik, @jbp.io, LVFS (fwupd.org), lowRISC CIC, Dr Margaret Hartnett, @manyfold.3dp.chat.ap.brid.gy,...
November 4, 2025 at 10:00 AM
Congratulations to the shortlisted nominees in the 6th annual OpenUK Awards 2026, 🏆🍾🥂 Andy Piper, @bboreham.bsky.social, Daniel Gale, @davidtw.co, Dermoscopea, @flox.dev, Godfrey Inyama, Jan Faracik, @jbp.io, LVFS (fwupd.org), lowRISC CIC, Dr Margaret Hartnett, @manyfold.3dp.chat.ap.brid.gy,...
Reposted by Joe Birr-Pixton
"I appreciate that you're frustrated, but I should clarify: I'm an AI assistant, so I don't have a mother or family relationships."
October 26, 2025 at 5:09 PM
"I appreciate that you're frustrated, but I should clarify: I'm an AI assistant, so I don't have a mother or family relationships."
It's time to send GCC to live on a farm.
October 25, 2025 at 5:44 PM
It's time to send GCC to live on a farm.
Reposted by Joe Birr-Pixton
I wrote another blog post for the Prossimo blog about how we improve the unhappy path for rustls users:
www.memorysafety.org/blog/rustls-...
www.memorysafety.org/blog/rustls-...
Improving Error Handling in Rustls
Dirkjan Ochtman is a maintainer of the Rustls TLS library that we've invested in since 2021. While he and the other maintainers have made many improvements and landed important features, we've asked D...
www.memorysafety.org
October 1, 2025 at 3:47 PM
I wrote another blog post for the Prossimo blog about how we improve the unhappy path for rustls users:
www.memorysafety.org/blog/rustls-...
www.memorysafety.org/blog/rustls-...
Microsoft has a product called Copilot Pro, and Github has a product called Copilot Pro. They are different prices, different and unrelated products, shipped by teams that have no awareness of each other. Incredible product management and business acumen.
September 29, 2025 at 8:50 PM
Microsoft has a product called Copilot Pro, and Github has a product called Copilot Pro. They are different prices, different and unrelated products, shipped by teams that have no awareness of each other. Incredible product management and business acumen.
We have a little blog post about this rustls.dev/blog/2025-09...
September 3, 2025 at 4:51 PM
We have a little blog post about this rustls.dev/blog/2025-09...
Reposted by Joe Birr-Pixton
PowerDNS Recursor 5.3.0 has a nice note in the changelog:
> The embedded webserver used to display the status page and process REST API calls has been rewritten in Rust and now supports multiple listen addresses and TLS.
The new code is powered by Hyper+Rustls+Ring 🦀 🔒
(h/t Stefan Schmidt)
> The embedded webserver used to display the status page and process REST API calls has been rewritten in Rust and now supports multiple listen addresses and TLS.
The new code is powered by Hyper+Rustls+Ring 🦀 🔒
(h/t Stefan Schmidt)
August 28, 2025 at 4:07 PM
PowerDNS Recursor 5.3.0 has a nice note in the changelog:
> The embedded webserver used to display the status page and process REST API calls has been rewritten in Rust and now supports multiple listen addresses and TLS.
The new code is powered by Hyper+Rustls+Ring 🦀 🔒
(h/t Stefan Schmidt)
> The embedded webserver used to display the status page and process REST API calls has been rewritten in Rust and now supports multiple listen addresses and TLS.
The new code is powered by Hyper+Rustls+Ring 🦀 🔒
(h/t Stefan Schmidt)
Reposted by Joe Birr-Pixton
When working with async, you often need to call a function that would block the runtime. Turns out not all blocking functions are the same
Tokio defines two kinds of blocking functions: IO bound and CPU bound.
A close read of the tokio docs tells you to avoid CPU bound tasks in spawn_blocking
Tokio defines two kinds of blocking functions: IO bound and CPU bound.
A close read of the tokio docs tells you to avoid CPU bound tasks in spawn_blocking
August 27, 2025 at 5:47 AM
When working with async, you often need to call a function that would block the runtime. Turns out not all blocking functions are the same
Tokio defines two kinds of blocking functions: IO bound and CPU bound.
A close read of the tokio docs tells you to avoid CPU bound tasks in spawn_blocking
Tokio defines two kinds of blocking functions: IO bound and CPU bound.
A close read of the tokio docs tells you to avoid CPU bound tasks in spawn_blocking
i've been trying to use LLMs a lot today, to convert around 1000 pages of dense legal agreement PDFs into markdown.
August 26, 2025 at 5:47 PM
i've been trying to use LLMs a lot today, to convert around 1000 pages of dense legal agreement PDFs into markdown.
Reposted by Joe Birr-Pixton
** Major milestone ** our sudo-rs is the default sudo for the upcoming Ubuntu 🚀 🦀
More on the Ubuntu blog:
discourse.ubuntu.com/t/sudo-rs-is...
#rust #rustlang
More on the Ubuntu blog:
discourse.ubuntu.com/t/sudo-rs-is...
#rust #rustlang
August 26, 2025 at 7:42 AM
** Major milestone ** our sudo-rs is the default sudo for the upcoming Ubuntu 🚀 🦀
More on the Ubuntu blog:
discourse.ubuntu.com/t/sudo-rs-is...
#rust #rustlang
More on the Ubuntu blog:
discourse.ubuntu.com/t/sudo-rs-is...
#rust #rustlang
Reposted by Joe Birr-Pixton
Reposted by Joe Birr-Pixton
Happy new Rust! 🎆🦀
Rust 1.89.0 has been released!
This release brings you inferrred array length, new lints, u128/i128 in extern "C", NonZero, File::lock, many x86 intrinsics, and much more! ✨
Check out the blog post and release notes for all the details: blog.rust-lang.org/2025/08/07/R...
Rust 1.89.0 has been released!
This release brings you inferrred array length, new lints, u128/i128 in extern "C", NonZero
Check out the blog post and release notes for all the details: blog.rust-lang.org/2025/08/07/R...
Announcing Rust 1.89.0 | Rust Blog
Empowering everyone to build reliable and efficient software.
blog.rust-lang.org
August 7, 2025 at 11:18 AM
Happy new Rust! 🎆🦀
Rust 1.89.0 has been released!
This release brings you inferrred array length, new lints, u128/i128 in extern "C", NonZero, File::lock, many x86 intrinsics, and much more! ✨
Check out the blog post and release notes for all the details: blog.rust-lang.org/2025/08/07/R...
Rust 1.89.0 has been released!
This release brings you inferrred array length, new lints, u128/i128 in extern "C", NonZero
Check out the blog post and release notes for all the details: blog.rust-lang.org/2025/08/07/R...
When rustc 1.89 is released next week, Graviola is going to shift to that as its MSRV to take advantage of AVX512 intrinsics being stabilised. If your CPU has AVX512 support, AES-256-GCM speed will improve to about 8.9GiB/s (from about 5.2 now) as measured on a random AMD CPU.
July 29, 2025 at 8:00 PM
When rustc 1.89 is released next week, Graviola is going to shift to that as its MSRV to take advantage of AVX512 intrinsics being stabilised. If your CPU has AVX512 support, AES-256-GCM speed will improve to about 8.9GiB/s (from about 5.2 now) as measured on a random AMD CPU.
Reposted by Joe Birr-Pixton
Replication of Quantum Factorisation Records with an 8-bit Home Computer, an Abacus, and a Dog (Peter Gutmann, Stephan Neuhaus) ia.cr/2025/1237
July 11, 2025 at 9:42 PM
Replication of Quantum Factorisation Records with an 8-bit Home Computer, an Abacus, and a Dog (Peter Gutmann, Stephan Neuhaus) ia.cr/2025/1237
Today we released rustls 0.23.29 crates.io/crates/rustl... -- highlights are better error reporting for unsupported signature algorithms in certificates, and quite a few performance improvements (via a set of changes that started almost 2 years ago!)
crates.io: Rust Package Registry
crates.io
July 10, 2025 at 3:26 PM
Today we released rustls 0.23.29 crates.io/crates/rustl... -- highlights are better error reporting for unsupported signature algorithms in certificates, and quite a few performance improvements (via a set of changes that started almost 2 years ago!)
Reposted by Joe Birr-Pixton
Nerd-sniped by bagder into looking at how rustls-ffi stacks up against OpenSSL on memory allocations/peak heap usage when plugged in as a curl vTLS backend.
Headlines:
* with rustls-ffi 0.15.0: 2,176 allocations. peak heap of 394kB.
* with openssl 3.4.1: 308,132 allocations (!). peak heap of 2.1MB
Headlines:
* with rustls-ffi 0.15.0: 2,176 allocations. peak heap of 394kB.
* with openssl 3.4.1: 308,132 allocations (!). peak heap of 2.1MB
1.Download https://curl.se using #curl built to use OpenSSL
2. count number of allocations made with heaptrack
3. pause for gasping
4. double-check that curl only does 134 allocs itself, independently of the downloaded size
5. check the heaptrack number again
54,000
hm
2. count number of allocations made with heaptrack
3. pause for gasping
4. double-check that curl only does 134 allocs itself, independently of the downloaded size
5. check the heaptrack number again
54,000
hm
curl
curl.se
July 7, 2025 at 3:03 PM
Nerd-sniped by bagder into looking at how rustls-ffi stacks up against OpenSSL on memory allocations/peak heap usage when plugged in as a curl vTLS backend.
Headlines:
* with rustls-ffi 0.15.0: 2,176 allocations. peak heap of 394kB.
* with openssl 3.4.1: 308,132 allocations (!). peak heap of 2.1MB
Headlines:
* with rustls-ffi 0.15.0: 2,176 allocations. peak heap of 394kB.
* with openssl 3.4.1: 308,132 allocations (!). peak heap of 2.1MB
You've hit the free plan limit for overconfidence followed by grovelling apologies. You can create more inane nonsense when the limit resets in 23 hours and 3 minutes.
June 28, 2025 at 1:47 PM
You've hit the free plan limit for overconfidence followed by grovelling apologies. You can create more inane nonsense when the limit resets in 23 hours and 3 minutes.
learning a lot about US business practices from severence. does the marching band come under opex or capex? do middle management only dance on special occasions?
June 23, 2025 at 11:17 AM
learning a lot about US business practices from severence. does the marching band come under opex or capex? do middle management only dance on special occasions?
Here's my talk on Graviola -- youtu.be/n6gA93iSj68
June 10, 2025 at 2:20 PM
Here's my talk on Graviola -- youtu.be/n6gA93iSj68
"by default" implies there's an option for this -- right?
June 3, 2025 at 8:23 AM
"by default" implies there's an option for this -- right?
Reposted by Joe Birr-Pixton
Impressively well-run conference and events. Thanks so much to the organisers! 💐
On my way back home after RustWeek 2025. So, so proud that we hosted the Rust Project All-Hands, the 10 years of Rust celebration, and the biggest Rust conference yet. See you all next year!
Thanks to my co-organizers Jana, Laura, @tertsdiepraam.bsky.social and @mara.bsky.social ❤️
#rustlang #rust
Thanks to my co-organizers Jana, Laura, @tertsdiepraam.bsky.social and @mara.bsky.social ❤️
#rustlang #rust
May 17, 2025 at 5:17 PM
Impressively well-run conference and events. Thanks so much to the organisers! 💐
Reposted by Joe Birr-Pixton
We created a safer AV1 decoder, rav1d, by forking the dav1d decoder and rewriting the C code in Rust. It works great except our Rust is 5% slower than the C. We're not sure why so we're offering a $20k bounty to figure it out and make the Rust code faster. www.memorysafety.org/blog/rav1d-p...
$20,000 rav1d AV1 Decoder Performance Bounty
In March of 2023 we announced that we were starting work on a safer high performance AV1 decoder called rav1d, written in Rust. We partnered with Immunant to do the engineering work. By September of 2...
www.memorysafety.org
May 14, 2025 at 8:02 AM
We created a safer AV1 decoder, rav1d, by forking the dav1d decoder and rewriting the C code in Rust. It works great except our Rust is 5% slower than the C. We're not sure why so we're offering a $20k bounty to figure it out and make the Rust code faster. www.memorysafety.org/blog/rav1d-p...