Re-developing TCP from the grounds up

Written by hannes

Core Internet protocols require operational experiments, even if formally specified

Deploying reproducible unikernels with albatross

Written by hannes

fleet management for MirageOS unikernels using a mutually authenticated TLS handshake

Mirroring the opam repository and all tarballs

Written by hannes

Re-developing an opam cache from scratch, as a MirageOS unikernel

All your metrics belong to influx

Written by hannes

How to monitor your MirageOS unikernel with albatross and monitoring-experiments

Deploying binary MirageOS unikernels

Written by hannes

Finally, we provide reproducible binary MirageOS unikernels together with packages to reproduce them and setup your own builder

Cryptography updates in OCaml and MirageOS

Written by hannes

Elliptic curves (ECDSA/ECDH) are supported in a maintainable and secure way.

The road ahead for MirageOS in 2021

Written by hannes

Home office, MirageOS unikernels, 2020 recap, 2021 tbd

Traceroute

Written by hannes

A MirageOS unikernel which traces the path between itself and a remote host.

Deploying authoritative OCaml-DNS servers as MirageOS unikernels

Written by hannes

A tutorial how to deploy authoritative name servers, let's encrypt, and updating entries from unix services.

Reproducible MirageOS unikernel builds

Written by hannes

MirageOS unikernels are reproducible :)

X509 0.7

Written by hannes

Five years since ocaml-x509 initial release, it has been reworked and used more widely

Summer 2019

Written by hannes

Bringing MirageOS into production, take IV monitoring, CalDAV, DNS

The Bitcoin Piñata - no candy for you

Written by hannes

More than three years ago we launched our Bitcoin Piñata as a transparent security bait. It is still up and running!

My 2018 contains robur and starts with re-engineering DNS

Written by hannes

New year brings new possibilities and a new environment. I've been working on the most Widely deployed key-value store, the domain name system. Primary and secondary name services are available, including dynamic updates, notify, and tsig authentication.

Albatross - provisioning, deploying, managing, and monitoring virtual machines

Written by hannes

all we need is X.509

Conex, establish trust in community repositories

Written by hannes

Conex is a library to verify and attest package release integrity and authenticity through the use of cryptographic signatures.

Who maintains package X?

Written by hannes

We describe why manual gathering of metadata is out of date, and version control systems are awesome.

Jackline, a secure terminal-based XMPP client

Written by hannes

implement it once to know you can do it. implement it a second time and you get readable code. implementing it a third time from scratch may lead to useful libraries.

Exfiltrating log data using syslog

Written by hannes

sometimes preservation of data is useful

Re-engineering ARP

Written by hannes

If you want it as you like, you've to do it yourself

Minimising the virtual machine monitor

Written by hannes

MirageOS solo5 multiboot native on bhyve

Counting Bytes

Written by hannes

looking into dependencies and their sizes

Configuration DSL step-by-step

Written by hannes

how to actually configure the system

Catch the bug, walking through the stack

Written by hannes

10BTC could've been yours

Fitting the things together

Written by hannes

building a simple website

Why OCaml

Written by hannes

a gentle introduction into OCaml

Operating systems

Written by hannes

Operating systems and MirageOS