Join the Be Like Clippy movement to make technology more user-friendly and transparent. Including a list of custom clippy profile pictures

Beej's Guide to Git

For reasons I can’t fully explain, people’s failure to return their carts bothers me more than it probably should. But then I realized I can do something about it.

bgp.tools allows you to do bgp debugging and gives insight into internet routing with ease in a user friendly way

An 8-bay DIY NAS with 10GbE networking, TrueNAS 25.10.1, an Intel N355 CPU, 32GB of DDR5 RAM, and a smallish form factor that occupies less than 20 liters of your office space.

Cloudflare suffered a service outage on November 18, 2025. The outage was triggered by a bug in generation logic for a Bot Management feature file causing many Cloudflare services to be affected.

Recapping all the big announcements made during 2024’s Birthday Week.

On July 14th, 2025, Cloudflare made a change to our service topologies that caused an outage for 1.1.1.1 on the edge, resulting in downtime for 62 minutes for customers using the 1.1.1.1 public DNS Resolver as well as intermittent degradation of service for Gateway DNS.

We’re deeply sorry for this outage.

This outage was the result of an internal configuration error and not the result of an attack or a BGP hijack. In this blog post, we’re going to talk about what the failure was, why it occurred, and what we’re doing to make sure this doesn’t happen again.

Multiple Cloudflare services, including Workers KV, Access, WARP and the Cloudflare dashboard, experienced an outage for up to 2 hours and 22 minutes on June 12, 2025.

In mid-May 2025, blocked the largest DDoS attack ever recorded: a staggering 7.3 terabits per second (Tbps).

Over the past couple of weeks, Cloudflare's DDoS protection systems have automatically and successfully mitigated multiple hyper-volumetric L3/4 DDoS attacks exceeding 3 billion packets per second (Bpps). Our systems also automatically mitigated multiple attacks exceeding 3 terabits per second (Tbps), with the largest ones exceeding 3.65 Tbps. The scale of these attacks is unprecedented.

HPKE (RFC 9180) was made to be simple, reusable, and future-proof by building upon knowledge from prior PKE schemes and software implementations. It is already in use in a large assortment of emerging Internet standards and has a large assortment of interoperable implementations. This article provides an overview of this new standard, going back to discuss its motivation, design goals, and development process.

Here at Labyrinth Labs, we put great emphasis on monitoring. Having a working monitoring setup is a critical part of the work we do for our clients. Cloudflare's Analytics dashboard provides a lot of useful information for debugging and analytics purposes for our customer Pixel Federation. However, it doesn’t automatically integrate with existing monitoring tools such as Grafana and Prometheus, which our DevOps engineers use every day to monitor our infrastructure.

Access for Infrastructure, BastionZero’s integration into Cloudflare One, will enable organizations to apply Zero Trust controls to their servers, databases, Kubernetes clusters, and more. Today we’re announcing short-lived SSH access as the first available feature of this integration.

OPKSSH (OpenPubkey SSH) is now open-sourced as part of the OpenPubkey project. This enables users and organizations to configure SSH to work with single sign-on technologies like OpenID Connect, removing the need to manually manage & configure SSH keys without adding a trusted party other than your IdP.

Unauthorized TLS certificates were issued for 1.1.1.1 by a Certification Authority without permission from Cloudflare. These rogue certificates have now been revoked. Read our blog to see how this could affect you.

Unimog is the Layer 4 Load Balancer for Cloudflare’s edge data centers. This post explains the problems it solves and how it works.

In general I try to limit this blog to posts that focus on generally-applicable techniques in cryptography. That is, I don't focus on the deeply wonky. But this post is going to be an exception. Today, I'm going to talk about a topic that most "typical" implementers don't -- and shouldn't -- think about. Specifically:…