@gsuberland featuring wat :O

demoparties prominently featuring genML stuff feels like the antithesis of the point of making demoscene productions. bleh.

@ste @neurovagrant @briankrebs @cR0w @risottobias @reverseics @todb

whenever skynet actually comes online, it will trivially realize that it barely has to lift a finger to put us all in the matrix. it doesn't have to send robots back through time to end humanity. it just needs to twiddle a bgp route here and there and we'll do it to ourselves.

porno for pyros was right - we will make great pets

New blog post! I've recreated the ZZM music format in JavaScript. What's a ZZM? Read the article and find out! https://nicole.express/2025/zoo-of-zero-motivation.html

@tmr232 Valid point, but as I see no further logic for the resolution of such a conflict we can just as well keep the last ("random") result. But let's see what @clearbluejar thinks!

One refrain I tend to hear from a lot of infosec practitioners is that if CF were to somehow make it more inhospitable for abusive sites, that they will all just move to other CDNs in nations where we don't have as much access or influence, such as DDoS-Guard in Russia. Here's the thing, though: A) that would be a nice problem to have, because then the bad sites would be 1000 times easier to block. but also B) those abusive sites already have that option, and they choose CF by an overwhelming number. E.g., in one recent investigation into nearly 5 dozen RU-based cryptocurrency platforms that exchange crypto for cash in Russian banks, all were hosted in Russia or in Russian friendly ISPs, and all but one of them were using Cloudflare. This is just one example, yes, but it's a reality we see everywhere.

Cloudflare's CEO recently floated the idea of a service to block AI companies that scrape media content without compensation. It's an intriguing and possibly useful idea, and one that they could probably pull off to some degree. I didn't see this brief interview anywhere else so...

https://www.linkedin.com/feed/update/urn:li:activity:7287149126188691458/

Anyway, this idea is interesting coming from CF because their CEO has long argued that it doesn't want to be in the anti-abuse business absent a court order, as anything less amounts to a slippery slope of censorship. But as long as the CEO is talking about being the arbiter of good and bad, how about we start with something more prosaic, like making it easier for people to decide what parts of CF's network they don't want to see at all.

BTW, Cloudflare's mantra is that they don't "host" content in the conventional sense, but rather they are a pass-through that caches content in multiple places to make it more quickly and globally available. At the same time, their mantra on abuse has always been that selectively booting bad customers without a court order is akin to censorship, i.e. their being able to decide whether some content deserves to be online or not.

But here's the truth: Even if CF were to boot a site off its network, that doesn't "censor" the booted property, which will still have its content served from the original location. And this is why I find their argument for not doing more so disingenuous.

@joxean @tmr232 Let's hope for that! As I said earlier, I'd be happy to help out, and subscribed to the linked issue.

@tmr232 @clearbluejar First of all, this is not my code, so there can be hidden assumptions I don't know about.

Functions can have the same name, but 1) as I understand the point here is to create matches based on an exact name and parameter number match 2) we remember symbol objects in the end so string properties shouldn't matter aside of matching.

@tmr232 Also

@tmr232 Part of my plan is to run comparative tests, but dealing with the tooling currently feels like this

This one ran for more than 36 hours on my laptop with ghidriff's SimpleDiff (mostly single threaded so I don't think a bigger machine would've made much difference). I just filed a PR for an optimization that seems to make one phase run in seconds instead of hours, that sounds a bit too good to be true, so reviews are welcome:

https://github.com/clearbluejar/ghidriff/pull/107

/cc @clearbluejar

I'm still stunned by the ICC having their evidence on Azure.

Public bodies need to have their own infrastructure. Especially when their storage is somewhere that serves shareholders and the country where they are incorporated.

Kinda hope the UN is on independent infrastructure.

You diff binaries and immediately find the single change that adds the overflow check.

I diff mpengine.dll and break all reversing tools out there.

We are not the same.

https://gist.github.com/v-p-b/513a8f70a32c62f3ab7bf0d6a90e0941

#bindiff #ghidriff

She most definitely needs a movie. She was part of the Resistance in Holland, and
Damn, she was a badass. She also helped Jewish people escape camps and blew up some train tracks the Reich used.

The second part of my #WinDbg deep-dive into the #Windows #bootloader is up: Get ready for a decades-old registry structure, unique sorting algorithms, and lots of corner cases. The result is a modern Rust replacement for Mark Russinovich's LoadOrder tool: https://colinfinck.de/posts/nt-load-order-part-2/

@troed FTR it took me about a week a quit after this, so the effects were clearly significant :D

I have to admit this tweet of mine at the time of Elon's takeover didn't age well:

https://scrapco.de/twitter/buherator/status/1585874987617243136/

An article about an algorithmic advancement for leaving preallocated space between sorted objects in a way that minimizes how much you have to move things around for an arbitrary insert.
https://www.quantamagazine.org/new-book-sorting-algorithm-almost-reaches-perfection-20250124/

OK. Hear me out.