Project: microsoft/TypeScript https://github.com/microsoft/TypeScript
File: src/compiler/utilities.ts:3549 https://github.com/microsoft/TypeScript/blob/cbac1ddfc73ca3b9d8741c1b51b74663a0f24695/src/compiler/utilities.ts#L3549

function isExpressionNode(node: Node): boolean

SVG:
dark https://tmr232.github.io/function-graph-overview/render/?github=https%3A%2F%2Fgithub.com%2Fmicrosoft%2FTypeScript%2Fblob%2Fcbac1ddfc73ca3b9d8741c1b51b74663a0f24695%2Fsrc%2Fcompiler%2Futilities.ts%23L3549&colors=dark
light https://tmr232.github.io/function-graph-overview/render/?github=https%3A%2F%2Fgithub.com%2Fmicrosoft%2FTypeScript%2Fblob%2Fcbac1ddfc73ca3b9d8741c1b51b74663a0f24695%2Fsrc%2Fcompiler%2Futilities.ts%23L3549&colors=light

For those of you who are also deep into Windows #reverseengineering, #bootloaders, and #WinDbg: My first blog post on researching the Windows driver load order and all its quirks is out, beginning with some WinDbg fundamentals: https://colinfinck.de/posts/nt-load-order-part-1/

The TikTok ban, the Musk Twitter takeover, the Facebook moderation policy changes, the Republicans’ rapidly intensifying crackdowns on speech... let these be the proof you needed to move anything you care about online to a space you control.

Digital sovereignty is more important than ever.

#DigitalSovereignty

ROFLMAO.

Claude decided to crawl one of the sites on my new server, where known bots are redirected to an iocaine maze. Claude has been in the maze for 13k requests so far, over the course of 30 minutes.

I will need to fine tune the rate limiting, because it didn't hit any rate limits - it scanned using 902 different client IPs. So simply rate limiting by IP doesn't fly. I'll rate limit by (possibly normalized) agent (they all used the same UA).

Over the course of this 30 minutes, it downloaded about ~300 times less data than if I would've let it scrape the real thing, and each request took about the tenth of the time to serve than the real thing would have. So I saved bandwidth, saved processing time, likely saved RAM too, and served garbage to Claude.

Job well done.

I knew #AI would come for all our jobs eventually, but I really thought that Holocaust denial would be safe for a little while longer.

https://futurism.com/the-byte/ai-anne-frank-blame-holocaust

Also for your mental health, I recommend never reading the source code for the various implementations of mktime() and strptime(). The authors really try their best, but on reading that, you worry how anything ever works. https://github.com/bminor/glibc/blob/master/time/mktime.c

Okay this is wild: I just noticed that changing 'PasswordAuthentication' to 'no' in /etc/ssh/sshd_config is no longer enough to disable password authentication in #ubuntu. That's because Ubuntu Server now by default creates a sshd_config.d/50-cloud-init.conf file which contains 'PasswordAuthentication yes' which takes priority over sshd_config.

I would've unknowingly left password auth on if I hadn't double checked.

Why?

More: https://askubuntu.com/questions/1516262/why-is-50-cloud-init-conf-created

#security #linux #server #ubuntuserver

So how hard could it be to convert `Fri, 17 Jan 2025 06:07:07` in UTC into a UNIX epoch time_t timestamp, in C or C++? Quite hard. Many things that you'd think would work actually don't. Here I present solutions (with running code), and a little tour through 'struct tm', 'time_t', 'mktime' and 'strptime':

https://berthub.eu/articles/posts/how-to-get-a-unix-epoch-from-a-utc-date-time-string/

New blog post https://blog.cr.yp.to/20250118-flight.html "As expensive as a plane flight: Looking at some claims that quantum computers won't work." #quantum #energy #variables #errors #rsa #secrecy

Technology has taken away our community events by making media available on demand, and our interpersonal connections, by first replacing our phone books with social media, and then ruining social media.

There is a massive community and authenticity gap in modern society that most people are even failing to notice, let alone articulate.

This comic is thirty years old and could be published verbatim today (give-or-take replacing "talk radio show" with "podcast")

Snyk publishes malicious packages to the public NPM registry.
I'm no expert on ethics, but I believe that this is... frowned upon?

https://sourcecodered.com/snyk-malicious-npm-package/
https://news.ycombinator.com/item?id=42690473
https://snyk.io/blog/snyk-security-labs-testing-update-cursor-com-ai-code-editor/

"Norway is sounding the alarm after discovering that Russia is no longer only disrupting the Global Navigation Satellite Systems (GNSS) across the border, but also spoofing GPS signals, an attack that can cause significant disruption to commercial aviation."

"We were spoofed on approaching Kirkenes today”
https://www.thebarentsobserver.com/news/we-were-spoofed-on-approaching-kirkenes-today/423323

In 1h, I’ll do a livestream about JavaScript in PDFs.
A bit about standard JS triggers that is seen in exploits, but also a few simple PDF games.
https://www.youtube.com/live/xZPK04a5ltc?si=_3sz9aEEfDT90-da