Issue #120
Read about infrastructure and programming topics and news every week
Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account
A very dangerous hack: check whether you are using Axios and which version you are using to see if you have been affected.
https://thehackernews.com/2026/03/axios-supply-chain-attack-pushes-cross.html
France buys nuclear supercomputing spinoff Bull from Atos for €404M
More on Digital Sovereignty, this time more specifically, France.
https://www.theregister.com/2026/04/01/france_bull_purchase/
disko
Declarative Disk Partitioning the NixOS Way
https://github.com/nix-community/disko
BorgBackup
BorgBackup is an open-source backup tool built for efficient, secure, versioned backups. Its core pitch is straightforward: it stores only the chunks that have changed, supports compression, and offers authenticated encryption, which makes it attractive to operators who want to back up large filesystems repeatedly without incurring the full storage cost each time. It also supports mounting backups with FUSE, so archives can be browsed like a filesystem rather than treated as opaque blobs.
The biggest advantages are space efficiency, strong security primitives, and a design that fits well with Unix-style automation. Borg is especially compelling when you have servers, laptops, or workstations that need frequent snapshots over SSH to a remote repository, including cases where the storage target is not fully trusted. The trade-offs are mostly operational: Borg is not a SaaS backup platform, so you need to manage repository lifecycle, retention, key handling, and restore testing yourself. Some advanced modes, such as append-only repositories, also come with caveats: delete and prune behaviour is nuanced, and append-only mode does not protect the repository from someone bypassing Borg and deleting files directly at the filesystem level.
In practice, Borg is best used in infrastructure operations where you want scriptable, encrypted, deduplicated backups without adopting a heavyweight backup suite: homelabs, small production fleets, virtual machine hosts, database dump rotation, config backups, and off-site backups over SSH are all strong fits. It is less ideal for teams that want a polished central control plane, enterprise policy orchestration, or a point-and-click restore workflow for non-technical users. In other words, Borg shines when the operator is comfortable owning the backup process end-to-end and values efficiency, transparency, and Unix composability over managed-service convenience.
SnapRAID
SnapRAID is a snapshot-style parity and data-integrity tool for disk arrays, designed primarily for large collections of files that do not change frequently. Instead of behaving like traditional RAID, it periodically calculates parity information and hashes your data to recover from disk failures and detect silent corruption, such as bit rot. The project positions itself as especially well-suited to home media servers and archival storage, where flexibility matters more than real-time write performance.
Its biggest strengths are operational flexibility and fault isolation. You can use disks of different sizes, start with drives that already contain data, add more disks later, and avoid the lock-in of striped RAID layouts. SnapRAID also has a meaningful advantage for cold or semi-static datasets because only one disk needs to spin to read a file, which reduces noise and power usage and, if failures exceed parity protection, leaves data on healthy disks accessible rather than making the whole array unusable. The downside is that protection is not real-time: any files added or changed after the last sync are not yet protected, making it a poor fit for high-churn transactional data or workloads with constant writes.
In operations, SnapRAID fits best where storage is large, cheap, and mostly append-only: media libraries, backup repositories, photo archives, ISO collections, and general-purpose NAS boxes for infrequently changing content. It is much less appropriate for primary databases, VM images with constant writes, container volumes, or other live infrastructure datasets where real-time redundancy and fast recovery points matter more than flexibility. In that sense, SnapRAID is not really a ZFS or enterprise SAN competitor; it is a pragmatic tool for operators who want low-cost parity protection and integrity checking on JBOD-style storage without giving up simple disks and incremental expansion.
syncthing
Syncthing is an open-source continuous file synchronisation tool that keeps folders in sync directly between your devices, without requiring your data to live on a central cloud service. Its model is simple but powerful: machines discover each other, establish authenticated and encrypted connections, and replicate file changes in near real time using an open protocol. For operators and technically minded users, that makes Syncthing feel like a self-hosted alternative to consumer sync products, but with far more transparency about how data moves and where it lives.
The advantages are obvious once you care about control. Syncthing is private by design, uses TLS with forward secrecy, identifies devices with cryptographic certificates, and avoids the usual dependence on a third-party storage provider. It is also efficient with common file operations: renames do not trigger full retransfers, and appends to existing files are handled efficiently. The main drawbacks are operational rather than conceptual. This is still peer-to-peer synchronization, not backup, so accidental deletions or bad changes can propagate unless you design around that. And while Syncthing runs on many platforms, the project documentation explicitly states that there is no official iOS client due to platform restrictions on background processing.
In practice, Syncthing is best used for workstation-to-laptop sync, moving project files between personal machines, replicating data between edge nodes, sharing directories across trusted teams, or maintaining live copies of files across small infrastructure estates without introducing a central file service. It is less suitable where you need immutable backups, strict auditability, centralized enterprise administration, or classic object storage semantics. The cleanest way to think about it is this: Syncthing is an excellent fit for operational file replication and data mobility, but it should usually sit beside a real backup system rather than replace one.
Provided by: https://tacconiconsulting.com/