Best 38C3 preso I have seen so far (kinda week so far this year!) -> https://events.ccc.de/congress/2024/hub/en/event/from-silicon-to-sovereignty-how-advanced-chips-are-redefining-global-dominance/

Amazing tech to build modern chips!!!! :O
Fucking bonkers...

Circle Drone of Doom progress

2024 has been an exciting year for our research group! We pushed the boundaries of fuzzing and ventured into Android security, uncovering some fascinating bugs along the way. Don’t miss the highlights --- check out my latest blog post for a quick summary and links to some of our most intriguing papers: https://nebelwelt.net/blog/2024/1227-retrospective.html

In 10 minutes: What the PHUZZ?! Finding 0-days in Web Applications with Coverage-guided #Fuzzing

https://streaming.media.ccc.de/38c3/zigzag/hls

#38c3

ahh, we have infected the dataset

Hey #38c3
Hat jemand einen Gürtel Clip übrig oder 3D Druck files für ein Mitel 612d?
Danke
#help #dect #eventphone

@laund Yes, that. Also note that the assignment alone would fail at compile time because it's refutable, but in the `if` "context" it magically works. If you think about it this way, `if let` is a special, distinct expression that uses the syntax of two related, but different expressions (`if` and `let`, sry if I use "expression" wrong here). I find this confusing too.

Round two in our fun game: "slop or not?"

(In here, the report is a rewrite of our previous published CVE in a way that I strongly suspect was done by an AI.)

https://hackerone.com/reports/2912277

#curl #hackerone

@laund Thanks for the explanation, that actually made things clearer!

However, my original question is exactly about the lack of syntactic sugar that would make the syntax arguably less elegant for the sake of making it more readable.

Your example with `for` is a great one because it shows that similar "backwards" constructs are already present in many languages (incl. Rust). On the other hand I'd argue that the `in` keyword makes a significant difference here for readability. Similarly reading assignments by themselves makes perfect sense until they are written in a different context.

@laund thinking out loud:
- seeing an assignment in an `if` (in reality `if let`) condition is like having a scar in your mouth: it draws away my attention because it looks like wrong syntax
- having the subject of my "test" at the right-hand side of an expression feels backwards, esp. because if I destructure a value it "goes" from right (from the variable under test) to left (to the left-hand part of `let`), then jumps right to the code block where I can use it.

Based on this something like this would feel more natural to me (but I have no experience in language design, hence my question):

```
if x match Foo::Bar { ... };
if y_with_val match Foo::Baz(val) { /*...work with val...*/}
```

Merry fucking Christmas from Palo Alto Networks (Zero-Day): CVE-2024-3393 PAN-OS: Firewall Denial of Service (DoS) in DNS Security Using a Specially Crafted Packet
CVE-2024-3393 (CVSSv4: 8.7 high) A Denial of Service vulnerability in the DNS Security feature of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to send a malicious packet through the data plane of the firewall that reboots the firewall. Repeated attempts to trigger this condition will cause the firewall to enter maintenance mode.

Palo Alto Networks is aware of customers experiencing this denial of service (DoS) when their firewall blocks malicious DNS packets that trigger this issue.

#zeroday #eitw #activeexploitation #vulnerability #paloaltonetworks #cve #CVE_2024_3393 #christmas

Is there a reason why #Rust is so minimalist with keywords? For example the `if let` syntax is completely unreadable to me.

Also, things like `&_` make googling for errors practically impossible.

In case if anyone is looking for them, #38c3 streams are here:

https://streaming.media.ccc.de/38c3

In 50 minutes I’ll present some awesome hardware hacking on Apple’s new USB-C controller at #38c3 - would love to see you there!

Remark concerning #Azerbaijan #Airlines #Flight #8243:

We would do well to remember the names of the pilots who died.

They fought for over an hour with a mortally wounded plane to get it as good as possible to the ground.

They had now yaw, no rudder, no ailerons, no flaps, only the power level of the engine as means of control.

Air Traffic Control denied them the use of the closest airports and sent them to cross a sea.

What they have shown is courage in the face of insurmountable odds. They knew exactly what their chances were. Their airmanship was on the highest possible level.

Their names are Igor Kshnyakin and Aleksandr Kalyaninov.

To the media: please don’t give any airtime to the obviously disinformation spreading speaker of the Kremlin and report about those who saved 29 lives.

TIL that with a linker script, you can have emojis as ELF section names.

I need an opportunity to use this knowledge.

@muminpappa Here's my old project with some (relatively) easy to get code and links to more mature resources: https://github.com/v-p-b/ghidra-vftable

Picard management tip: Take your leisure time seriously. A relaxed captain is a sane captain.

Here's a no-cost, non-denominational, last-minute gift idea.

Reach out to people who made a positive difference in your life but with whom you have not been in touch for a while. Tell them that they were a force for good in your life. Thank them.

Be generous -- pass on this idea. Spread some joy.

Hahahaha whaaaaaaat

https://techcrunch.com/2024/12/26/microsoft-and-openai-have-a-financial-definition-of-agi-report/