Perhaps it was Pro Git's chapter 10: Git Internals(1)? I once used it as a guide when writing a basic 'git inspection' tool and definitely found the whole experience useful for getting a better understanding of Git.

1) https://git-scm.com/book/en/v2/Git-Internals-Plumbing-and-Po...

For me it was "Git for Computer Scientists": https://eagain.net/articles/git-for-computer-scientists/

I found the Git section of "The Missing Semester of Your CS Education" to be helpful.

Understanding what git is doing under the hood did more for my ability to use it effectively than it did for most tools.

That said, this document in particular does not seem to be a very good way to get that understanding, it's a very "IBM documentation" way of presenting git. I wish I remembered what I read, because it's was a much easier read.

Tangentially, one of the things I always enjoyed seeing in the wild was semantic colouring in equations. The educational YouTuber 3Blue1Brown [0] and to some extent the maths side of YouTube in general tend to make use of them, colouring like terms the same to give a subtle visual aid, similar to pretty printing.

[0] https://youtube.com/3blue1brown

Experimental science is all based around ruling out the null hypothesis. For that it needs to be falsifiable.

The hypothesis 'the dog can differentiate between A and B' is very hard to falsify. Because the dog could differentiate, but choose to not act. You would need a fairly complete understanding of the dogs mental workings, and scanners to study them.

On the other hand, 'the dog can't differentiate between A and B' is much easier to falsify. If you repeat an experiment a sufficient amount of times and the dog consistently has different behavior between A and B, you can rule this null hypothesis out.

That is the real reason we always 'assume the worst'. Because 'assume the worst' is the easiest to scientifically rule out.

EDIT: I would suggest this video by Veritasium, which also touches on this, at a very fundamental level: https://www.youtube.com/watch?v=vKA4w2O61Xo.

Tom Aptek’s (security company founder) pitch a few years back was

Get through ‘A Web Application Hacker’s Handbook’ and ‘Securing DevOps’ and his company would probably give you six figures and a brand new macbook.

For an extra bonus you could work through their crypto challenges.

https://cryptopals.com/sets/1

https://www.manning.com/books/securing-devops

https://archive.org/details/TheWebApplicationHackersHandbook...

Santa Clara county did surveillance testing which likely saved California https://www.cdc.gov/mmwr/volumes/69/wr/mm6914e3.htm despite the shortage of test kits. Just imagine if the nation had sufficient tests available.

Agreed. Wish there were more games out there like Portal, but it seems to be entirely unique in the industry.

An (unfairly short) tl;dr could be that not only the memory subsystem itself can be used as a side-channel or leak, but also speculative and OoO execution itself. Speculative execution in this instance also does not consider (likely for performance reasons) certain dependencies (such as between a load setting an exception and a subsequent instruction depending on the load). While the result is still correct after settling, this introduces timing deltas.

This basically adds another set of tools to the architectural-level attack toolbox. From reading this I expect we'll see some interesting developments in the future.