Posts
2542
Following
613
Followers
1356
"I'm interested in all kinds of astronomy."
[RSS] The case of the crash when trying to erase an element from a std::set

https://devblogs.microsoft.com/oldnewthing/20250117-00/?p=110777

Rust made me see cases like this in a much different light!
0
0
1
repeated
#music #deathmetal
Show content
0
0
0
repeated

For those of you who are also deep into Windows , , and : My first blog post on researching the Windows driver load order and all its quirks is out, beginning with some WinDbg fundamentals: https://colinfinck.de/posts/nt-load-order-part-1/

1
2
0
repeated

The TikTok ban, the Musk Twitter takeover, the Facebook moderation policy changes, the Republicans’ rapidly intensifying crackdowns on speech... let these be the proof you needed to move anything you care about online to a space you control.

Digital sovereignty is more important than ever.

15
34
1
repeated

ROFLMAO.

Claude decided to crawl one of the sites on my new server, where known bots are redirected to an iocaine maze. Claude has been in the maze for 13k requests so far, over the course of 30 minutes.

I will need to fine tune the rate limiting, because it didn't hit any rate limits - it scanned using 902 different client IPs. So simply rate limiting by IP doesn't fly. I'll rate limit by (possibly normalized) agent (they all used the same UA).

Over the course of this 30 minutes, it downloaded about ~300 times less data than if I would've let it scrape the real thing, and each request took about the tenth of the time to serve than the real thing would have. So I saved bandwidth, saved processing time, likely saved RAM too, and served garbage to Claude.

Job well done.

21
11
1
repeated

I knew would come for all our jobs eventually, but I really thought that Holocaust denial would be safe for a little while longer.

https://futurism.com/the-byte/ai-anne-frank-blame-holocaust

5
7
0
repeated

Inspirational Skeletor💀

2
3
0
repeated

bert hubert 🇺🇦🇪🇺🇺🇦

Also for your mental health, I recommend never reading the source code for the various implementations of mktime() and strptime(). The authors really try their best, but on reading that, you worry how anything ever works. https://github.com/bminor/glibc/blob/master/time/mktime.c

4
3
0
repeated

Okay this is wild: I just noticed that changing 'PasswordAuthentication' to 'no' in /etc/ssh/sshd_config is no longer enough to disable password authentication in . That's because Ubuntu Server now by default creates a sshd_config.d/50-cloud-init.conf file which contains 'PasswordAuthentication yes' which takes priority over sshd_config.

I would've unknowingly left password auth on if I hadn't double checked.

Why?

More: https://askubuntu.com/questions/1516262/why-is-50-cloud-init-conf-created

1
6
0
repeated

bert hubert 🇺🇦🇪🇺🇺🇦

So how hard could it be to convert `Fri, 17 Jan 2025 06:07:07` in UTC into a UNIX epoch time_t timestamp, in C or C++? Quite hard. Many things that you'd think would work actually don't. Here I present solutions (with running code), and a little tour through 'struct tm', 'time_t', 'mktime' and 'strptime':

https://berthub.eu/articles/posts/how-to-get-a-unix-epoch-from-a-utc-date-time-string/

7
5
0
[RSS] On Secure Boot, TPMs, SBAT, and downgrades -- Why Microsoft hasn't fixed BitLocker yet

https://neodyme.io/en/blog/bitlocker_why_no_fix/
0
7
11
Edited 1 month ago
[RSS] Private Keys in the Fortigate Leak

https://blog.hboeck.de/archives/908-Private-Keys-in-the-Fortigate-Leak.html

"stop believing that adding more attack surface will increase security"

/by @hanno
0
5
3
repeated

Daniel J. Bernstein

New blog post https://blog.cr.yp.to/20250118-flight.html "As expensive as a plane flight: Looking at some claims that quantum computers won't work."

1
3
0
Borrow checking in Rust is basically the world's most complex hot-potato game.
1
0
4
repeated

Technology has taken away our community events by making media available on demand, and our interpersonal connections, by first replacing our phone books with social media, and then ruining social media.

There is a massive community and authenticity gap in modern society that most people are even failing to notice, let alone articulate.

1
7
0
repeated

This comic is thirty years old and could be published verbatim today (give-or-take replacing "talk radio show" with "podcast")

1
5
0
repeated

Snyk publishes malicious packages to the public NPM registry.
I'm no expert on ethics, but I believe that this is... frowned upon?

https://sourcecodered.com/snyk-malicious-npm-package/
https://news.ycombinator.com/item?id=42690473
https://snyk.io/blog/snyk-security-labs-testing-update-cursor-com-ai-code-editor/

1
2
0
repeated

"Norway is sounding the alarm after discovering that Russia is no longer only disrupting the Global Navigation Satellite Systems (GNSS) across the border, but also spoofing GPS signals, an attack that can cause significant disruption to commercial aviation."

"We were spoofed on approaching Kirkenes today”
https://www.thebarentsobserver.com/news/we-were-spoofed-on-approaching-kirkenes-today/423323

6
5
0
repeated

In 1h, I’ll do a livestream about JavaScript in PDFs.
A bit about standard JS triggers that is seen in exploits, but also a few simple PDF games.
https://www.youtube.com/live/xZPK04a5ltc?si=_3sz9aEEfDT90-da

0
3
0
Show older