Thanks! eBPF has been a big win for us. Once you get past the verifier constraints, it really changes how you think about observability — pushing filtering and classification into the kernel reduces noise and makes the data much more actionable.
Workflow-wise, iteration is slower at first (compile → load → fail verifier ), but once the patterns are in place it actually simplifies things a lot. The ability to run this safely in production without noticeable overhead has been the biggest impact.
Yes — Sysdig/csysdig are great tools and I’ve used them before. They’re excellent for syscall-level visibility and host/container forensics.
Cerberus targets a different layer: always-on, low-overhead network classification in CNI environments. It attaches at TC, limits L7 inspection intentionally, and focuses on predictable performance rather than rich event streams.
They’re complementary rather than competing tools.
Not exactly — that statement is only partly correct.
Yes, tcpdump and Wireshark do use libpcap for packet capture and filtering. libpcap compiles the familiar tcpdump filter syntax into classic BPF (cBPF) programs that run in the kernel to decide which packets should be passed up to userspace.
On newer Linux kernels, libpcap can translate those classic BPF filters into eBPF, but that’s mostly an internal optimization. From a user point of view, you’re still just writing simple packet filters, and packets are still being copied to userspace for analysis. libpcap itself is not really an eBPF framework.
That’s where Cerberus is different.
Cerberus uses native eBPF programs directly, not just for filtering packets, but for running logic inside the kernel. Instead of copying packets out and decoding them later, it works with structured kernel events and can correlate network activity with processes, syscalls, and security context. In many cases it can even act or block things in real time.
So while tcpdump/Wireshark are great for debugging and traffic inspection, they’re fundamentally packet sniffers. Cerberus is more of an in-kernel observability and security system, built on eBPF as a programmable platform rather than just a fast filter.
In short:
tcpdump uses BPF to filter packets.
Cerberus uses eBPF to run logic.
I don't think so as in this case Deutsche Bahnn owns both the station and the train. In the UK they've gone a bit crazy with the whole free market thing. Public transport should not be a market.
In Germany there's also the issue that the powerful car makers are always lobbying the government to budget cut public transport.
It's not even about uploaded consciousness,
"Software will fill every basic human need. What will be left? Art and entertainment."
Replace "software" with "robots" and you are in a 1950s kids sci-fi cliche
It’s likely some utilitarian reason, i.e. sacrifice the riders on the train for the good of all the other schedules.
This is the one benefit of living in an overly-litigious country that has news media which can pick up on a story like this. They’d rather have the masses suffer to avoid the legal fees and bad press, so instead of sacrificing a train, they’d make everyone’s lives worse overall.
I’m not arguing for utilitarianism, though. Ir allows dictators to thrive.
I got tired of the "cluttered look" next to my bed. I had a beautiful open bedside table but it started looking messy. So, I choose a closed bedside table with storage this time and it made the room feel little better. The soft-glide drawers is a great addition as I can slam it as hard as I want it always closes silently making my partner sleep quietly even though I can't.
Same we missed the right stop on our way back to France.
We just managed to get in a train going the other way but dB personal almost ticketed us a penalty...
The one big reason why CEOs exist is trust. Trust from the shareholders that someone at the company is trying to achieve gains for them. Trust from vendors/customers that someone at the company is trying to make a good product. Trust from the employees that someone is trying to bring in the money to the company (even if it doesn't come to them eventually).
And that trust can only be a person who is innately human, because the AI will make decisions which are holistically good and not specifically directed towards the above goals. And if some of the above goals are in conflict, then the CEO will make decisions which benefit the more powerful group because of an innately uncontrollable reward function, which is not true of AI by design.
I don't see the point of these speculative articles, since the answer always is - diversify your skill set, keep up with the new tech trends and you will be fine.
Personally, I think that independent, reliable and economically viable AI will for a good century be 10 years away, just like nuclear fusion and quantum computing.
Most people think that you should remove JavaScript to load your sites faster or for reasons like that. You have to learn to balance things, always use it if you need some good interactivity, validation etc. Don't try to use HTML only to force things.
What kind of evidence would you take? If it’s someone from the project openly saying what I imply, there obviously isn’t any. But if you are looking for evidence that the project took a politically biased turn to one side of the aisle, I’m sure you’ll find a lot on your own. And from there you can understand why there isn’t a single mention of what’s happening in the UK.
In this very thread you can find lots of comments excusing the censorship because it’s being used to censor the “wrong ideas”.
Update: Part 2 is out now on my Substack. I will submit it as a separate post on HN later today once this thread cools down, to avoid spamming the front page. But for those asking, here is the direct link: https://substack.com/home/post/p-182824207
Gitmore uses github api and AI generates insights/ custom newsletters for users.
You can also connect Gitmore's AI into slack and ask it questions directly from your workspace.
Devnagari you mean. We have devnagari keyboard layout which can be used. you of course need to switch between keyboard layouts which can be done with a keyboard shortcut as well.
It's good from a text typing point of view but horrible from a keyboard shortcut point of view. I personally had to disable the feature so that I could actually use keyboard shortcuts in a sane manner.
The AltGr approach is much superior by not invading on the keyboard shortcut space.
The "Mimicry" Angle (Best for technical discussion)
The shift from "obfuscation" to "mimicry" is the real story here. In 2025, "random-looking" traffic is itself a signature for DPI. Tools like WebTunnel that mimic standard HTTPS/SNI and Conjure that hides in unused ISP space force censors into a "collateral damage" dilemma: they can't block Tor without breaking their own web.
I talked to a CEO of one of these companies who claimed his accountants were pushing him to do the leasing only since a company was only supposed to be in one sector. A tech company that has a lot of real estate on the books wasn't going to have the same ups relative to book value, etc. Of course not having the same downs seems worth it if you aren't a day trader.
Building an AI Hacker - https://aisafe.io
After years of manually reviewing thousands of lines of code, I realized the demand for security expertise is vastly outpacing the supply, and AI-generated code is only accelerating this gap.
I don't believe "generate secure code by default" is a problem we'll solve anytime soon, if ever. So I'm building an autonomous solution to help restore the balance.
