two professors at Wisconsin spent 25 years teaching operating systems together
then they wrote a 714 page textbook about "Operating Systems: Three Easy Pieces"
it covers virtualizing the CPU virtualizing memory concurrency persistence security and file systems
small enough to read in parts and also it is written like a conversation not a typical textbook
this is what you read if you want to really understand how operating systems work not just the theory
Imagine if your RAM could execute operations without the CPU.
Not by adding cores to memory. Not by integrating a GPU.
Just by exploiting the analog behavior of the DRAM chips already sitting in your system.
It sounds impossible, but a series of papers proposed exactly that. One of the most influential is "The Processing Using Memory Paradigm."
The motivation was simple.
Modern CPUs spend an enormous amount of time moving data rather than computing on it. Operations like "memcpy()", page initialization, "fork()", Copy-on-Write, bitmap operations, and page migration often involve little or no arithmetic, yet every byte still travels:
DRAM → Memory Controller → CPU Cache → CPU → Cache → Memory Controller → DRAM
That movement consumes memory bandwidth, pollutes caches, burns energy, and limits performance.
The paper proposes a different idea:
If the operation doesn't require the CPU, don't send the data there in the first place.
Instead of adding compute units inside memory (traditional Processing-in-Memory), the authors introduce Processing using Memory (PuM), reusing the circuitry already present in commodity DRAM.
The paper combines two techniques.
RowClone exploits the row buffer (sense amplifiers). By issuing carefully timed ACTIVATE commands, an entire DRAM row can be copied to another row inside the same subarray, without transferring the data over the external memory bus.
The second idea is even more fascinating.
By simultaneously activating three DRAM rows, the sense amplifiers naturally resolve the stored charges according to a majority function. With specially initialized control rows containing all 0s or all 1s, this behavior can implement bulk bitwise AND and OR directly inside DRAM.
No ALU.
No vector instructions.
No CPU execution.
Just the analog physics of DRAM doing useful work.
The potential gains are enormous:
• Lower latency
• Reduced memory bandwidth consumption
• Significant energy savings
• Faster memory-intensive OS operations
So why don't our DDR5 DIMMs do this today?
Because elegant research doesn't automatically become a product.
The techniques require cooperation across the DRAM chips, memory controller, operating system, and ISA. Commodity DRAM vendors prioritize density, cost, reliability, compatibility, and JEDEC standardization. Supporting these operations also introduces challenges around subarray placement, ECC, refresh timing, command scheduling, and software integration.
For general-purpose PCs and servers, those engineering and ecosystem costs outweighed the benefits.
But the paper's real impact wasn't shipping a feature.
It changed an entire research direction.
Instead of asking "How do we make CPUs faster?", architects began asking "Why is the CPU involved at all?"
That question sparked years of work on Processing-in-Memory, influencing projects like Ambit, Buddy RAM, Samsung's HBM-PIM, and many modern near-memory computing architectures.
Sometimes the most important papers aren't the ones that become products.
They're the ones that permanently change how an entire field thinks.
Bypass Windows Defender using XOR encryption and direct system calls
The author demonstrates a practical implementation of bypassing both static and dynamic detection mechanisms in Windows Defender. The main idea is to remove from the executable any artifacts that the antivirus relies on to identify malicious code: signatures of "msfvenom" and calls to standard Win32 APIs. XOR encryption of the shellcode is used on disk, with decryption in memory, while API calls are replaced with direct system calls ("syscalls") via the "SysWhispers2" library.
The first technique hinders signature-based analysis by hiding the payload during static scanning. The second removes dependency on the Import Address Table (IAT) and API monitoring of "CreateFile", "VirtualAlloc", "WriteProcessMemory", allowing the code to execute without detection. As a result, the attacker can evade Defender protection without privilege escalation, executing their own shellcode in the user context.
Article: https://t.co/UF538gvxgl
Tool: https://t.co/3sQv16SUWX
#dbugs_attacks
The Art of Debugging Open Free book is now available in pdf/epub and finally sports a book cover
https://t.co/NPgds6WpOW
While a lot of the focus is on Unix/Python/Pytorch, the methodology chapter is applicable to any Software Debugging.
It currently sports 161 packed pages in 5 solid chapters and more coming...
One of the most interesting Windows memory management data structures is the Virtual Address Descriptor (VAD).
Every process maintains a VAD tree that describes its virtual address space. Whenever memory is allocated with "VirtualAlloc", a DLL is mapped, a stack is created, or a file is memory-mapped, Windows creates or updates a VAD.
Security researchers love VADs because they reveal a process's memory layout. They can be used to detect injected code, manually mapped DLLs, RWX memory regions, and other suspicious allocations that may not appear in the normal module list.
If you want to understand Windows memory forensics, malware analysis, or process injection, learning VADs is a great place to start.
Best YouTube Playlists to learn Programming:
C
https://t.co/oE6k8cxR3b…
C++
https://t.co/oE6k8cxR3b…
Python
https://t.co/VoSkyzq2BX…
Java
https://t.co/oE6k8cxR3b…
C#
https://t.co/VoSkyzq2BX…
SQL
https://t.co/VoSkyzq2BX…
Go
https://t.co/VoSkyzq2BX…
10 free textbooks from MIT, Stanford, and Berkeley that you can download legally right now.
→ Introduction to Linear Algebra - Gilbert Strang, MIT
The textbook behind the most-watched math course in history. 20 million views on OCW. Every ML engineer learned this math from one quiet professor.
https://t.co/Q5ZHXrBuD1
→ Mathematics for Computer Science - MIT 6.042
Proofs, discrete math, probability. The actual foundation of CS that nobody tells undergrads about until it's too late.
https://t.co/FOLUDXTubX
→ Convex Optimization - Stephen Boyd, Stanford
Used in every serious ML and control systems course on earth. Cambridge University Press gave Boyd permission to keep it free on his own site.
web. stanford. edu/~boyd/cvxbook/bv_cvxbook.pdf
→ CS229 Machine Learning Notes - Andrew Ng, Stanford
Not the Coursera version. The actual Stanford graduate course notes. Dense, precise, and the closest thing to a grad school education you can download in one PDF.
https://t.co/De8lcX59zt
→ An Introduction to Statistical Learning - Stanford / USC
The book three statisticians from Stanford and USC made free because they wanted everyone to learn it. 290,000 people have taken the companion course on edX.
https://t.co/TusQK9FDOc
→ Computational and Inferential Thinking - Berkeley Data 8
The textbook behind Berkeley's most popular course. Data science from scratch, built to be understood without a math degree first.
https://t.co/xD2XAE49WA
→ Dive into Deep Learning - Berkeley / Amazon
Jensen Huang called it "excellent." 500 universities across 70 countries use it. Every concept runs as live code directly in the browser.
https://t.co/GJfBeDtJVO
→ Introduction to Probability - Blitzstein & Hwang, Harvard
The official textbook of Harvard's Stat 110, which has been called the best probability course ever put on YouTube. Free second edition online.
https://t.co/8dVzOUZDlH
→ The Elements of Statistical Learning - Hastie, Tibshirani, Friedman, Stanford
The graduate-level version of ISLR. Springer makes it free as a PDF. Researchers keep a copy permanently in their downloads folder.
https://t.co/PzdmjooaZW
→ MIT OCW Online Textbooks Index - 45+ books across every department
One page. Every free MIT textbook organized by subject. Algorithms, physics, economics, engineering. All open access.
https://t.co/eAjUcYzNa0
Save this before someone makes them take it down.
(They won't. But save it anyway.)
What's the fastest language in the world? C++ right now!
I'm stoked to have my C++ solution at the top of the leaderboards for the GitHub Primes project!
If you're not familiar with it, it's the same sieve algorithm implemented in 100 different computer languages, from Ada to Zig, with weird ones like PowerShell and Minecraft included!
Certain rules have to be followed, like you only get one bit per sieve entry, you have to allocate the sieve every pass, and so on. It keeps things fair across a wide range of languages!
With a recent check-in, I managed to eke out a slight win over the assembly language version! But they're close enough to be within variance, so I need to find some more headroom...
Which languages are the fastest? Find out!
https://t.co/oul9spRMF9
BREAKING NEWS: Riot just announced Vanguard On-Demand. Vanguard no longer needs to start at boot.
If you enable Secure Boot, TPM 2.0, VBS, HVCI, and IOMMU, Vanguard will only run while you play. Microsoft built a Runtime Driver Attestation Report that lets Vanguard verify driver integrity without needing to be present at boot.
For everyone who complained about Vanguard running at startup, this is the answer. Enable your hardware security features and it goes away.
The blog also breaks down every cheat vector in detail: kernel exploits, BYOVD, DMA hardware cheats, bootkits, hypervisors, and pixelbots. With real data showing cheaters deliberately downgrade to older Windows to avoid security features.
https://t.co/qjuA7VJ34D
Some of the best security engineers in the industry working on one of the hardest problems in gaming. Massive respect for publishing this level of detail publicly.
@deteccphilippe@nickeverdox@aidankhoury
#AntiCheat #Vanguard #GameSecurity
One of the most interesting Windows kernel internals is "PsActiveProcessHead", the global doubly-linked list that connects every live "EPROCESS" through "ActiveProcessLinks". Process creation inserts into this list, process exit removes from it, and kernel debuggers can walk it to enumerate active processes.
Security researchers love it because many classic rootkits used DKOM (Direct Kernel Object Manipulation) to unlink their "EPROCESS" from "PsActiveProcessHead", effectively hiding a running process from tools that trusted the list. Understanding "PsActiveProcessHead" is often the first step into Windows rootkits, process hiding, forensic detection, and kernel debugging.
"Basic Mathematics" by Serge Lang is an excellent book for readers who want to build solid mathematical foundations.
It covers algebra, geometry, trigonometry, complex numbers, matrices, and other introductory topics with clarity and rigor. It is a very useful resource for readers who are approaching advanced mathematics for the first time.
https://t.co/dQbi7mfokx
A ground-up, math-light walkthrough of how LLMs work, from tokenization through attention to next-token generation (@0xkato)
https://t.co/WIYczAcC8T
#llm
Learn Linux Hands-On: Local Port Forwarding via SSH 🧙♂️
- Access an internal debugging port through a tunnel https://t.co/MDF50NVC8G
- Reach a private VPC service via a bastion host https://t.co/1ghaTgBluO
- Reach a whole VPC through an SSH SOCKS proxy https://t.co/WsZMTDMlu0