I drove 300 miles in rural Virginia, then asked police to send me their public surveillance footage of my car.
https://cardinalnews.org/2025/03/28/i-drove-300-miles-in-rural-virginia-then-asked-police-to-send-me-their-public-surveillance-footage-of-my-car-heres-what-i-learned/ [cardinalnews.org]
2025-03-29 00:52
tags:
cars
opsec
policy
So I took a daylong drive across Cardinal Country and asked 15 law enforcement agencies, using Freedom of Information Act requests, to provide me with the Flock LPR footage of my vehicle. My journey took me over 300 miles through slices of the communities those agencies serve, including the nearly 50 cameras they employ. And this journey may take me to one more place: an April Fool’s Day hearing in a courtroom in Roanoke. There, a judge will be asked to rule on a motion to declare the footage of the public to be beyond the reach of the public.
Better Shell History Search
https://tratt.net/laurie/blog/2025/better_shell_history_search.html [tratt.net]
2025-03-28 06:12
tags:
admin
sh
swtools
Using Ctrl-r and fzf roughly doubled my efficiency in the shell overnight. Interestingly, it had an even greater long term effect: I became a more ambitious user of shell commands because I knew I could outsource my memory to fzf. For example, since it’s now very easy to recall past commands, I no longer set global environment variables, which had previously caused me grief when I forgot about them. Now I set environment variables on a per-command basis, knowing that I can recall them with Ctrl-r and fzf.
source: HN
Why does the Wells Fargo Building have its own zip code?
https://www.inquirer.com/news/curious-philly-19109-zip-code-wells-fargo-20190819.html [www.inquirer.com]
2025-03-27 20:19
tags:
history
philly
urban
The answer lies in the history of the zip code and its predecessor, the postal zone.
Blasting Past Webp - An analysis of the NSO BLASTPASS iMessage exploit
https://googleprojectzero.blogspot.com/2025/03/blasting-past-webp.html [googleprojectzero.blogspot.com]
2025-03-27 16:45
tags:
exploit
iphone
malloc
security
Whilst the Isosceles and Dark Navy posts explained the underlying memory corruption vulnerability in great detail, they were unable to solve another fascinating part of the puzzle: just how exactly do you land an exploit for this vulnerability in a one-shot, zero-click setup? As we’ll soon see, the corruption primitive is very limited. Without access to the samples it was almost impossible to know.
source: HN
The Ocean Liner That Could Outsprint a Torpedo
https://www.youtube.com/watch?v=Lzfc-6_twUc [www.youtube.com]
2025-03-26 19:19
tags:
architecture
design
history
transport
video
The ocean liner SS United States - renowned for her beauty and record-breaking speed - lies in wait in Mobile, Alabama, counting down the days until she is sunk and turned into an artificial reef off the coast of Florida. It is a controversial end for a vessel of such luxury and grandeur; one with a rich and magnificent history as one of the greatest ships to ever grace the waves of the Atlantic. Together, let’s celebrate her legacy through some of my own illustrations, and explore everything that made SS United States truly one of a kind.
I want a good parallel computer
https://raphlinus.github.io/gpu/2025/03/21/good-parallel-computer.html [raphlinus.github.io]
2025-03-22 17:56
tags:
concurrency
cpu
graphics
hardware
programming
I believe a simpler, more powerful parallel computer is possible, and that there are signs in the historical record. In a slightly alternate universe, we would have those computers now, and be doing the work of designing algorithms and writing programs to run well on them, for a very broad range of tasks.
source: L
CVE-2024-9956 - PassKey Account Takeover in All Mobile Browsers
https://mastersplinter.work/research/passkey/ [mastersplinter.work]
2025-03-20 05:23
tags:
auth
browser
exploit
security
web
An attacker within bluetooth range is able to trigger navigation to a FIDO:/ URI from an attacker controlled page on a mobile browser, allowing them to initiate a legitimate PassKeys authentication intent which will be received on the attacker’s device. This results in the attacker being able to “phish” PassKeys credentials, completely breaking this assumption that PassKeys are impossible to phish.
source: HN
Memory safety for web fonts
https://developer.chrome.com/blog/memory-safety-fonts [developer.chrome.com]
2025-03-19 22:52
tags:
browser
graphics
library
text
The FreeType library is used by Chrome to compute metrics and load hinted outlines from fonts. Overall, use of FreeType has been a huge win for Google. It does a complex job, and does it well, we rely on it extensively and contribute back to it. However, it is written in unsafe code and has its origins in a time when malicious inputs were less likely. Merely keeping up with the stream of issues found by fuzzing costs Google at least 0.25 full time software engineers. Worse, we observably don’t find everything or find things only after the code has shipped to users.
source: HN
The Defer Technical Specification: It Is Time
https://thephd.dev/c2y-the-defer-technical-specification-its-time-go-go-go [thephd.dev]
2025-03-19 22:48
tags:
c
compiler
programming
standard
Time for me to write this blog post and prepare everyone for the implementation blitz that needs to happen to make defer a success for the C programming language.
source: HN
There's more to those colliding blocks that compute pi
https://www.youtube.com/watch?v=6dTyOl1fmDo [www.youtube.com]
2025-03-18 00:31
tags:
math
physics
quantum
video
visualization
Weird typo
https://languagelog.ldc.upenn.edu/nll/?p=68342 [languagelog.ldc.upenn.edu]
2025-03-17 22:16
tags:
ideas
language
“what’s” –> “once”
For me, the causation of such mysterious typographical errors is not just a matter of sloth or clumsiness. Since they often come out in ways that are superficially intelligible but logically and grammatically impossible, I believe that intelligently studied, they might be able to tell us something significant about the way the brain and neuro-muscular system work.
I make such “transcription” errors frequently as well.
API design note: Beware of adding an “Other” enum value
https://devblogs.microsoft.com/oldnewthing/20250217-00/?p=110873 [devblogs.microsoft.com]
2025-03-17 22:11
tags:
intro-programming
type-system
If you return WidgetFlavor::Mint, then this will confuse code written with the Version 1 API, because they expected to get Other for anything that isn’t vanilla, chocolate, or strawberry. The word “other” means “not mentioned elsewhere”, so the presence of an Other logically implies that the enumeration is exhaustive. On the other hand, you obviously should return WidgetFlavor::Mint because that’s why you added the value to the enum in the first place!
The USB That Wasn’t
https://tedium.co/2025/02/17/access-bus-i2c-usb-competitor-history/ [tedium.co]
2025-03-17 22:06
tags:
hardware
retro
tech
Today’s Tedium highlights ACCESS.bus, the would-be standard that wanted to be USB, but couldn’t stick the landing.
Also called the Inter-Integrated Circuit protocol, it’s used as a low-level way to communicate with peripherals, both in its original form and through its de facto successor, SMBus. Developed in the early 1980s by Philips Semiconductor, I²C may be one of the oldest things still in wide use in most modern computers beyond the x86 instruction set—and it is often key to adding driver support into operating systems.
We have long left ACCESS.bus, our would-be contender for the USB throne, into the dustbin of history, but DDC is still at the root of how both HDMI and DisplayPort communicate with our computers.
Sign in as anyone: Bypassing SAML SSO authentication with parser differentials
https://github.blog/security/sign-in-as-anyone-bypassing-saml-sso-authentication-with-parser-differentials/ [github.blog]
2025-03-15 19:37
tags:
auth
format
security
turtles
web
Critical authentication bypass vulnerabilities (CVE-2025-25291 + CVE-2025-25292) were discovered in ruby-saml up to version 1.17.0. In this blog post, we’ll shed light on how these vulnerabilities that rely on a parser differential were uncovered.
As shown once again: relying on two different parsers in a security context can be tricky and error-prone.
source: HN
Robust Wavefront OBJ model parsing in C
https://nullprogram.com/blog/2025/03/02/ [nullprogram.com]
2025-03-15 19:25
tags:
c
graphics
programming
Wavefront OBJ is a line-oriented, text format for 3D geometry. It’s widely supported by modeling software, easy to parse, and trivial to emit, much like Netpbm for 2D image data. Poke around hobby 3D graphics projects and you’re likely to find a bespoke OBJ parser. While typically only loading their own model data, so robustness doesn’t much matter, they usually have hard limitations and don’t stand up to fuzz testing. This article presents a robust, partial OBJ parser in C with no hard-coded limitations, written from scratch. Like similar articles, it’s not really about OBJ but demonstrating some techniques you’ve probably never seen before.
I Went To SQL Injection Court
https://sockpuppet.org/blog/2025/02/09/fixing-illinois-foia/ [sockpuppet.org]
2025-03-14 23:52
tags:
database
policy
Should public bodies in Illinois, like cities and school districts and sheriff’s departments, be allowed to hide information from Freedom of Information requests by keeping them in databases? That question is before the 104th Illinois General Assembly, thanks to a bill sponsored by Donald P. DeWitte, elected state senator by the wise citizens of Batavia and Elgin (motto: “The City In The Suburbs”; indeed), and prompted in part by my friend Matt Chapman.
Shift Happens - A book about keyboards
https://shifthappens.site/ [shifthappens.site]
2025-03-14 23:25
tags:
book
history
interactive
text
The book is sold out, but there are some fun widgets to play with as well.
The Pentium contains a complicated circuit to multiply by three
http://www.righto.com/2025/03/pentium-multiplier-adder-reverse-engineered.html [www.righto.com]
2025-03-14 23:21
tags:
article
cpu
hardware
investigation
math
In 1993, Intel released the high-performance Pentium processor, the start of the long-running Pentium line. I’ve been examining the Pentium’s circuitry in detail and I came across a circuit to multiply by three, a complex circuit with thousands of transistors. Why does the Pentium have a circuit to multiply specifically by three? Why is it so complicated? In this article, I examine this multiplier—which I’ll call the ×3 circuit—and explain its purpose and how it is implemented.
Travertine (CVE-2025-24118) - An absolutely wild race condition in the macOS kernel
https://jprx.io/cve-2025-24118/ [jprx.io]
2025-03-14 23:14
tags:
auth
c
concurrency
exploit
macos
security
systems
It involves a combination of several cutting-edge features in the macOS kernel (XNU)- Safe Memory Reclamation (SMR), read-only page mappings, per-thread credentials, memcpy implementation details, and of course, a race condition tying everything all together. This bug allows for corruption of thread’s kauth_cred_t credential pointer. Specifically, the SMR-protected p_ucred field of a process’s read-only struct can be corrupted to point to invalid memory, or potentially to a different (maybe even more privileged) credential.
https://github.com/jprx/CVE-2025-24118
source: trivium
Quicksort with Jenkins for Fun and No Profit
https://susam.net/jenkins-quicksort.html [susam.net]
2025-03-14 22:48
tags:
programming
sorting
swtools
turtles
Jenkins supports pipeline scripts written in Groovy as a first-class entity. A pipeline script effectively defines the build job. It can define build properties, build stages, build steps, etc. It can even invoke other build jobs, including itself.
Wait a minute! If a pipeline can invoke itself, can we, perhaps, solve a recursive problem with it? Absolutely! This is precisely what we are going to do in this post. We are going to implement quicksort as a Jenkins pipeline for fun and not a whit of profit!
source: trivium