Viewing web logs the old fashioned way with Goaccess / Apr 2025
Like many others, my website is under a constant barrage of crawling from bots. I need to figure out which one is hosing me, but I am also resisting having third-party trackers of any form. I took a look at hosting a Plausible instance as OCaml does, but it's yet another service to run and maintain. Then Nick Ludlam pointed me to an old-fashioned server-side log analyser with builtin privacy called Goaccess he's using on his site, which is also perfect for my needs! […426 words]
notesTalks from LOCO24 are now available online / Apr 2025
The sister conference to PROPL was held late last year in Scotland with a bumper attendance from Cambridge. All of the talks from it are now available online at YouTube, or on our ad-free EEG video site. The keynote from Anne Currie was fantastic and wide-ranging (she is the author of the eerily predictive Panopticon series):
[…197 words]Socially self-hosting source code with Tangled on Bluesky / Mar 2025
I've been an avid user of GitHub since its launch, and it really has revolutionised how communities come together to work on open source. In recent years though, I find myself utterly overwhelmed by its notifications and want to experiment with alternative workflows. This experimentation also has a more serious undertone due to the increasing need for data sovereignty and so I'm starting to move my source code to self-hosted solutions that are less reliant on centralised services.
This has also come up persistently over the years in the OCaml community, with questions over why participation in packaging requires a GitHub account ever since the early days of opam. I've never found a good answer... until now, with the launch of an exciting new service that's built over the same protocol that Bluesky uses. As I noted a few weeks ago, the ATProto can be used for more than just microblogging. It can also be an identity layer, across which other applications can be built which reuse the social fabric from Bluesky accounts.
"Tangled" is a new service launched (just yesterday!) by @opilli and @icyphox to manage Git repositories. I'm having a lot of fun trying it out, even in its early alpha stages! The coolest thing about Tangled is that you can self-host your own knots, which control where the source code repositories are actually stored. […1104 words]
Using AT Proto for more than just Bluesky posts / Feb 2025
While Bluesky is taking off like a rocket, a number of us moving towards self sovereign digital infrastructure have been looking at how to use the Bluesky network for other uses than just short-form notes. This is possible because of my colleague Martin Kleppmann's hard work on the "AT Protocol" that underpins the Bluesky network. Martin recently gave us a deep-dive into the AT proto in the Cambridge security group, which made me look into other uses of it more closely. As background, you may wish to read his paper on the subject which explains the technical architecture extremely clearly. […684 words]
Entering the Matrix with Hookshot / Feb 2025
We've been happy users of Matrix for our group communications in the EEG. Today we've been bringing in more members of the wider group to using it instead of Slack. As part of that, I've set up a cool bot called Hookshot which allows Matrix to be connected to external services such as GitHub and Atom/RSS feeds. This is a test post to demonstrate to the members of the EEG how Matrix and Atom work! […513 words]
Arise Bushel, my sixth generation oxidised website / Jan 2025
This website has been through quite a few iterations over the years. The first version in 1998 was written in Perl and hosted on OpenBSD; the second was rewritten in 2000 when I got commit access to PHP; the third rewrite became a hybrid OCaml/PHP/Perl special in 2004 in Blosxom; then the forth rewrite around 2013 got turned into a unikernel in MirageOS; then the fifth in 2019 then transitioned to an OCaml static site generator hosted on a prerelease multicore OCaml webserver. So the sixth generation now needs something to continue the grand Rube Goldberg tradition of helping me learn the latest and greatest in systems technology.
And so here it is! The site is now written in a bleeding-edge unreleased variant of OCaml with extensions based around Rust-like type system features activated, including rather exciting data-race freedom work that just won a best paper award at POPL 2025. It's normally difficult to work on continuously moving compilers, but Diana Kalinichenko did a tremendous amount of work into making it usable with opam out of the box, and this post documents the journey to getting this website live. […848 words]
Prototyping carbon-aware domain name resolution / Dec 2024
Ryan Gibb and I have been thinking about how the current Internet architecture fails to treat the carbon emissions associated with networked services as a first-class metric. So when the LOCO conference came up, we tried extending the DNS with load balancing techniques to consider the carbon cost of scheduling decisions. A next step was then to build a custom DNS server written in OCaml to actively wake machines running networked services as a side effect of the name resolution.
Extending DNS means that we maintain compatibility with existing Internet infrastructure, unlocking the ability for existing applications to be carbon-aware. This is very much a spiritual follow on to the Signposts project that I worked on back in 2013, and have always wanted to return to!
Ryan Gibb, Patrick Ferris and Anil Madhavapeddy.
Abstract in the 1st International Workshop on Low Carbon Computing.
papersRolling out a new site design (via Recoil) / Apr 2024
I've done a redesign of my site after about 20 years since the last one back in 2003. The site design is based on my upcoming Bushel content manager, which I'll post about more once I get the data model in place and try it out properly using this site as a guinea pig.
Nick Ludlam also refreshed his website since we were chatting about how outdated our web presences were, and he also put up a main recoil.org page for the main server.
OCaml.org: recapping 2022 and queries on the Fediverse (via OCaml.org) / Jan 2023
I recap the OCaml community progress in 2022, which covers a number of bases ranging from the release of OCaml 5.0, the launch of a new website with integrated documentation for 20000+ packages, prototyping new developer workflows that are better integrated into editors, and the launch of ActivityPub based services such as https://watch.ocaml.org.
Improving Resilience of ActivityPub Services / Jan 2023
This is an idea proposed as a Cambridge Computer Science Part II project, and has been completed by Gediminas Lelešius.
The original goal of the project was to improve the resilience of the distributed social networking protocol "ActivityPub", by caching the content on multiple instances and serving them in case the origin instance goes down. The project uses public-key cryptography to ensure data integrity, build a network of public key servers and verifiers and use that consensus instead of relying on individual servers to provide trustworthy data. The core deliverable is a key server gathering and serving public keys, a verifier checking the entries of that server, and a modified Mastodon server rescuing failed ActivityPub requests using an external key server. […171 words]
ideasA DSL for decentralised identity in OCaml / Aug 2022
This is an idea proposed as a Cambridge Computer Science Part II project, and has been completed by Michał Mgeładze-Arciuch. It was co-supervised with Patrick Ferris.
There are currently multiple identity providers without direct incentives to cooperate. This leads to many redundant implementations of the identity handling logic, many of which are not immediately compatible with each other, leading to additional increases in friction when eventual agreement needs to be reached to perform user actions. Furthermore, from the perspective of the user of the identity service, they need to keep track of identity documents from multiple sources, which leads to more security attack surface.
Solving the problem of partial identity proofs allows for many possible opportunities. For example, consider a simple May Ball ticketing system in which every college member gets a discount to their College, but without revealing their exact identity. Or imagine an e-commerce system, in which every user could prove their age to be over a given threshold, without revealing any additional information to the retailer. In the example of a carbon credits project, we would be able to allow entities associated with any carbon offsetting project to prove their association, protecting the identity of whistleblowers.
This project will build a system of Decentralised Digital Identifiers, which can be used to prove a subset of the information associated with the user’s identity using cryptographic proofs. Every participant in the system will have a public-private key pair associated with them. Then any identity provider P could provide an identity document for Alice, who has a public key A, by cryptographically signing a message containing both A, to point to the receiver of this document, and the document itself. Then, whenever Alice would want to authenticate herself to a service provider S, she could do so simply by sending the message she received from P to S. Then the service provider can verify that P, indeed supplied Alice with the given identity document.
This Part II project was successfully completed but not available online; please contact the author for a copy of it. Michał Mgeładze-Arciuch has subsequently founded Yoneda Labs to revolutionize chemical reactions!
Decentralised Capability-based Code Collaboration using Matrix / Jan 2022
This is an idea proposed as a Cambridge Computer Science Part II project, and has been completed by Samuel Wedgwood.
In 2005, due to licensing disputes, the team behind Linux parted ways with their proprietary source management tool BitKeeper, and needed a new solution. This prompted the development of Git, an open-source decentralised version control system (DVCS), which was soon used to manage the source code of Linux. Contributions were submitted as patch files, which contained just the differences that the contribution made, to an email list, which were reviewed and applied to the central Git repository for Linux.
Git grew in popularity and other projects started using it to manage their source code. Then, in 2008, the GitHub.com platform launched, providing Git repository hosting alongside other project management tools. Notably, GitHub facilitates "pull requests", where contributors fork the repository, make changes to their fork, and then request that their changes be merged back into the central repository. As of 2023, GitHub hosts over 364 million repositories and is the most popular version control platform for both personal and professional use, followed by GitLab and BitBucket, which are all centralised version control platforms (CVCPs). […386 words]
Decentralised tech on Recoil / Sep 2021
Nick Ludlam and I have self-hosted recoil.org since around 1996, typically for email and web. These days, there are a number of interesting software stacks around decentralised communication that we deploy. This note keeps track of them. […458 words]
Roadmap for OCaml's online presence (via OCaml.org) / Aug 2021
After a decade of good service, it's time to overhaul OCaml's online presence to more modern technologies. This post lays out the roadmap for the third edition of the OCaml.org website.
OpenBSD cloud hosting options / Aug 2019
I asked on Twitter about hosting options for OpenBSD on cloud providers, so that we could have some alternative options for Recoil. We have a strong preference for bare-metal and not VMs when it comes to OpenBSD. Options that came back were: […92 words]
Displaying the 15 most recent news items out of 30 in total (see all the items).