This is a new website currently under development. To visit the old website, click here
Blog

5 min read

Sunday Bookmarks Reading - Apr 13, 2025

On weekdays, upon discovering interesting links / pages I keep on bookmarking, but due to schedule I can’t read them. Sundays (sometime Saturdays) are perfect time to empty the Bookmark Stack.

Notes

How we clone a running VM in 2 seconds

1/ At CodeSandbox, uses can fork a development environment in just 2 seconds. How can they do this so quickly?

2/ Earlier VMs are thought as slow, expensive, bloated and outdated, but recent development in Firecracker Project by Amazon has shown promising resulting in modern VMs, its being used in AWS Lambda, AWS Fargate, Fli.io, and CodeSandbox

3/ Firecracker spawns MicroVM not normal VM, this help to start a environment only 300 MS as compared to 5 Seconds.

4/ Firecracker can resume a sleeping VMs quite fast. It has a feature, exposes through create_snapshot which can take Configuration (CPU, Disk, Network, etc) snapshots (snapshot.snap) and Memory snapshots (memory.snap). These 2 files contains everything that we need to start a MicroVM.

5/ This is what CodeSnapshot and other Cloud IDEs are doing behind the scene.

6/ They also discuses how they run microservice in a MicroVM, and hibernate when there is no usage, saving cost.

7/ Ok, so when I click on FORK we don’t download code, install dependencies etc. But we safe the memory snapshot and clone it and resume it, making this process 200-300 ms operation.

8/ Challenge is that copying these memory.snap files are slow process, like 1 s for 1 GB for CodeSandbox

9/ When Firecracker loads the memory.snap from disk, it does not load the whole file directly, but Firecracker uses mmap linux syscall to retrieve the files into memory. What mmap does is it creates a placeholder in RAM what points to the Actual data byes in disk. We only load thinks in memory that are actually needed / read.

10/ Using mmap’s MAP_SHARED flag helps in writing the new changes to the VM memory lazily to the disk, which interns save time to do snapshot again.

11/ When new VM is created, we need to clone the memory_vm_a.snap to memory_vm_b.snap, but this byte-by-byte copy will require signification time. So They uses CoW (Copy on Write, a popular architecture already used in git, unix etc. ). This way we initially uses same memory_vm_a.snap for VM B, and only copy that portion of memory which is altered.

CoW Image

Beyond vulnerabilities: Detect malicious dependencies in your supply chain

TROX Stealer: A deep dive into a new Malware as a Service (MaaS) attack campaign

Codebase and CLI for PLAPT: A state-of-the-art protein-ligand binding affinity model for drug discovery

Creatures of chaos

1/ Consciousness gives us a way to make decisions when perfect calculations aren’t possible.

2/ AI, On other hand operates in worlds of certainty. They have not developed consciousness because it doesn’t needed it, we developed for our survival.

3/ The gap between human and artificial minds isn’t just about capacity—it’s about the different worlds we’ve evolved to inhabit.

4/ AI was born into world we wished we had - where patterns can be perfectly detected.

5/ “The irony is that now, as AI grows more capable within these certain domains, we find ourselves once again facing profound uncertainties—about our role, our uniqueness, our future. The very tools we created to master uncertainty have become sources of new uncertainties.”

6/ Possibility of understanding consciousness by studying what emerges - and what not - when we try to create it artificially.

NixOS for FRC Coprocessors

1/ FRC stands for First Robotics Competition, an yearly robotics challenge.

2/ The author uses NixOS for declarative deployment for Coprocessors in Robots.