All streams

Однажды мы со Standoff 365 договорились сделать крутой конкурс для начинающих багхантеров и представить его на PHDays Fest. Каково же было наше удивление, когда за первые 5 минут в конкурсе зарегистрировались 17 человек, всего же было 74 участника и 10 победителей. Еще больше удивило то, что багхантеры были вовсе не начинающие: в конкурсе участвовали сильнейшие хакеры страны. В этой статье разберем, какие были задания.

Мы приняли решение сделать конкурс в формате CTF. Для этого с нуля в ChatGPT была разработана платформа. Как показала практика, код, который написала нейросеть, оказался неидеальным в плане безопасности, но в целом после исправления некоторых проблем все стало работать стабильно.

Now that pgpro-otel-collector has had its public release, I’m excited to start sharing more about the tool — and to kick things off, I’m launching a blog series focused entirely on the Collector.

The first post is an intro — a practical guide to installing, configuring, and launching the collector. We’ll also take our first look at what kind of data the collector exposes, starting with good old Postgres metrics.

It all started as a joke by the office coffee machine. But, as with every decent joke, it suddenly sounded worth trying — and before we knew it, we were knee-deep in an experiment that turned out to be anything but trivial, complete with a whole minefield of gotchas.

It began simply: while everyone else was busy debating hardware tuning and squeezing out extra TPS from their systems, we thought — why not just shove a huge chunk of data into PostgreSQL and see how it holds up? Like, really huge. Say, a one-petabyte database. Let’s see how it survives that.

It was December 10, the boss wanted the report by January 20, and New Year was less than a month away. And that itch that all engineers know? It hit hard.

Declarative partitioning may sound complex, but in reality it’s just a way to tell your database how best to organize large tables — so it can optimize queries and make maintenance easier. Let’s walk through how it works and when declarative partitioning can save the day.

41 TB/day from Oracle to Postgres Pro without stopping the source system — not theory, but numbers from our latest tests. We broke the migration into three stages: fast initial load, CDC from redo logs, and validation, and wrapped them into ProGate. In this article, we’ll explain how the pipeline works, why we chose Go, and where the bottlenecks hide.

During load testing of Tantor Postgres databases or other PostgreSQL-based databases using the standard tool pgbench, specialists often encounter non-representative results and the need for repeated tests due to the fact that details of the environment (such as DBMS configuration, server characteristics, PostgreSQL versions) are not recorded. In this article we are going to review author's pg_perfbench, which is designed to address this issue. It ensures that scenarios are repeatable, prevents the loss of important data, and streamlines result comparison by registering all parameters in a single template. It also automatically launches pgbench with TPC-B load generation, collects all metadata on the testing environment, and generates a structured report.

If you meet the Buddha, kill the Buddha. Notes on the Forgotten Nature of Zen Koans

I don’t know how koans were perceived when they sounded like thunder. Perhaps not at all as they are analyzed by modern philosophers. Perhaps koans were not analyzed, but lived. And it is impossible to transmit a lived experience across centuries. It is an individual experience. Well then, perhaps we have lost the essence of koans. Or perhaps we never knew it. In that case, I can very well allow myself to present koans as I see them.

The students of the Intelligent Systems Department successfully defended their bachelor’s and master’s theses. This year, 14 Bachelor’s and 8 Master’s students earned their degrees in Physics, Mathematics, and Computer Sciences. We are proud to say that our Department is unique in publishing the complete set of defense materials during the last ten years. These materials include the text of the dissertation work, the published papers, the code of the computational experiments, and the slides with video of the defense talk.

In this post, we gladly summarize the defended works of our BS and MS students and highlight the results. A recording of their pre-defence presentations can be found here and here in Russian. Most part of the theses has a publicly available English version. 

The repo of this script is https://gitlab.com/vitaly‑zdanevich/full‑backup/‑/blob/master/full‑backup.sh

Incremental with hard links means that if a file is not changed, on the next backup it will link to the same underlying data, like deduplication. Hard links — its usual files.

Also, this script ignores .gitignore of every folder.

Run this script from another system.

CAPTCHA protocols are designed to tell bots from humans, yet in the worlds of automation and testing there is often a need to bypass them. Dedicated CAPTCHA‑solving services take over this task, combining algorithms with human labor.

In this article we present an in‑depth comparison of four popular platforms — 2Captcha, SolveCaptcha, DeathByCaptcha, and AntiCaptcha. We will examine not only pricing and the types of CAPTCHAs supported, but also internal architecture, API integrations, speed and stability, plus the quirks of using each service.

The technical community will find a deep dive here — from API and SDK structure to real‑world use cases. Below you will see a table comparing key characteristics, lists of pros and cons, and a discussion of which service best fits particular automation tasks.

Postgres Pro recently announced the release of Enterprise Manager 2, commonly known as PPEM.

In short, PPEM is an administration tool designed for managing and monitoring Postgres databases. Its primary goal is to assist DBAs in their daily tasks and automate routine operations. In this article, I'll take a closer look at what PPEM has to offer. My name is Alexey, and I'm part of the PPEM development team.

If you’re like me and work with multiple AI coding agents, you know the frustration of managing different instruction files. It’s a pain to keep everything updated across various formats. But I’ve got some great news for you. A new, simplified standard has emerged, and it’s called AGENTS.md.

DocLing in Working with Texts, Languages, and Knowledge — an in-depth overview of the open-source DocLingtoolkit for extracting, structuring, and analyzing data from documents. The article covers approaches to processing multilingual texts, building language- and domain-specific knowledge models, and integrating DocLing into AI and NLP projects. Includes practical examples and recommendations for developers working with large volumes of unstructured data.