Apocalypse-Proof - 33 Thomas Street
https://placesjournal.org/article/33-thomas-street-and-conspiracy-thrillers/ [placesjournal.org]
2023-09-18 00:10
tags:
architecture
article
history
movies
opsec
urban
A windowless telecommunications hub, 33 Thomas Street in New York City embodies an architecture of surveillance and paranoia. That has made it an ideal set for conspiracy thrillers.
When it was completed in Lower Manhattan in 1974, 33 Thomas Street, formerly known as the AT&T Long Lines Building, was intended as the world’s largest facility for connecting long-distance telephone calls. 1 Standing 532 feet — roughly equivalent to a 45-story building — it’s a mugshot for Brutalism, windowless and nearly featureless. Its only apertures are a series of ventilation hoods meant to hide microwave-satellite arrays, which communicate with ground-based relay stations and satellites in space. One of several long lines buildings designed by John Carl Warnecke for the New York Telephone Company, a subsidiary of AT&T, 33 Thomas Street is perhaps the most visually striking project in the architect’s long and influential career. Embodying postwar American economic and military hegemony, the tower broadcasts inscrutability and imperviousness. It was conceived, according to the architect, to be a “skyscraper inhabited by machines.”
source: HN
Capslock: What is your code really capable of?
https://security.googleblog.com/2023/09/capslock-what-is-your-code-really.html [security.googleblog.com]
2023-09-17 02:39
tags:
development
security
Avoiding bad dependencies can be hard without appropriate information on what the dependency’s code actually does, and reviewing every line of that code is an immense task. Every dependency also brings its own dependencies, compounding the need for review across an expanding web of transitive dependencies. But what if there was an easy way to know the capabilities–the privileged operations accessed by the code–of your dependencies?
source: L
How I implemented MegaTextures on real Nintendo 64 hardware
https://www.youtube.com/watch?v=Sf036fO-ZUk [www.youtube.com]
2023-09-16 20:12
tags:
gaming
gl
graphics
programming
retro
video
This showcases a demo of megatextures running on n64 hardware. A “megatexture” for the n64 is really just a normal sized textured by modern standards but with that you can do some prebaked scenes that look like they don’t belong on the n64.
https://github.com/lambertjamesd/n64brew2023
Her Packard Is a Work of Art That’s Hard to Park
https://www.wsj.com/lifestyle/cars/her-packard-is-a-work-of-art-thats-hard-to-park-43123015 [www.wsj.com]
2023-09-16 03:13
tags:
cars
photos
Linda Velasco’s larger-than-life 1934 Packard evokes classic Hollywood; ‘It is almost like Errol Flynn is with you in the passenger seat’
Analyzing Starfield’s Performance on Nvidia’s 4090 and AMD’s 7900 XTX
https://chipsandcheese.com/2023/09/14/analyzing-starfields-performance-on-nvidias-4090-and-amds-7900-xtx/ [chipsandcheese.com]
2023-09-15 21:19
tags:
gaming
graphics
investigation
perf
We analyzed this scene using Nvidia’s Nsight Graphics and AMD’s Radeon GPU Profiler to get some insight into why Starfield performs the way it does. On the Nvidia side, we covered the last three generations of cards by testing the RTX 4090, RTX 3090, and Titan RTX. On AMD, we tested the RX 7900 XTX. The i9-13900K was used to collect data for all of these GPUs.
source: HN
Bluesky Exploits
https://github.com/qwell/bsky-exploits [github.com]
2023-09-13 20:32
tags:
exploit
security
social
ux
web
web
I have discovered a number of security vulnerabilities in Bluesky and atproto. Each time I’ve found something new, I’ve chosen to report it to Bluesky at security@bsky.app, as requested at https://bsky.app/.well-known/security.txt, and provide them with details. Bluesky has responded to only one of these reports, one time, 4 days after submission, saying “We appreciate the report, and we’ll be taking a closer look at the issue.”. They did not follow up on that report and they have not responded to any of my other reports.
Hacking the Book8088 for Better Accuracy
https://martypc.blogspot.com/2023/09/hacking-book8088-for-better-accuracy.html [martypc.blogspot.com]
2023-09-12 04:46
tags:
graphics
hardware
retro
solder
The Book8088 is trying hard to basically be compatible with the original IBM PC, containing some of the same or equivalent chips. It’s natural to want to put it through its paces, and one of the best tests for IBM PC compatibility has to be the 8088MPH demo. If 8088MPH will run we must be operating pretty darn close to the original.
Now, as it turns out, most of the demo does run, albeit in RGBI mode which loses out on all the cool composite artifact color effects. But most notably the famous Kefrens Bars effect does not display - the screen just goes blank. What’s going wrong on the Book8088 vs a real IBM PC 5150?
source: HN
Turnover of mammal sex chromosomes in the Sry-deficient Amami spiny rat is due to male-specific upregulation of Sox9
https://www.pnas.org/doi/10.1073/pnas.2211574119 [www.pnas.org]
2023-09-03 23:56
tags:
biology
paper
We here report our discovery of a male-specific duplication of an enhancer of Sox9 in the Amami spiny rat Tokudaia osimensis, in which males and females have only a single X chromosome (XO/XO) and the Y chromosome and Sry are completely lost. We performed a comprehensive survey to detect sex-specific genomic regions in the spiny rat. Sex-related genomic differences were limited to a male-specific duplication of a 17-kb unit located 430 kb upstream of Sox9 on an autosome.
The strange, secretive world of North Korean science fiction
https://arstechnica.com/culture/2023/08/the-strange-secretive-world-of-north-korean-science-fiction/ [arstechnica.com]
2023-08-25 21:07
tags:
fiction
future
hoipolloi
policy
Stories often touch on topics like space travel, benevolent robots, disease-curing nanobots, and deep-sea exploration. They lack aliens and beings with superpowers. Instead, the real superheroes are the exceptional North Korean scientists and technologists who carry the weight of the world on their shoulders.
These stories are often rich in political tension, featuring “breathtaking confrontations between North Korea and the United States,” said Jang Hyuk, a young math graduate who defected from North Korea a few years ago. As in Change Course, North Koreans in sci-fi are typically portrayed as trying to save somebody, while the Americans are the villains who want “to monopolize and weaponize [technology] to dominate the world,” he added.
To a Western reader, such plots might seem ludicrous, perhaps designed to boost the confidence of a nation with little contact with the rest of the world. However, exploring them deeper might reveal a more nuanced layer of understanding.
source: ars
The Internet Worm Program: An Analysis
https://spaf.cerias.purdue.edu/tech-reps/823.pdf [spaf.cerias.purdue.edu]
2023-08-25 16:24
tags:
c
dupe
exploit
paper
pdf
programming
security
unix
This report gives a detailed description of the components of the worm program—data and functions. It is based on study of two completely independent reverse-compilations of the worm and a version disassembled to VAX assembly language. Almost no source code is given in the paper because of current concerns about the state of the ‘‘immune system’’ of Internet hosts, but the description should be detailed enough to allow the reader to understand the behavior of the program.
And some modern commentary: https://infosec.exchange/@hovav/110950949212380779
FreeBSD on Firecracker
https://www.usenix.org/publications/loginonline/freebsd-firecracker [www.usenix.org]
2023-08-24 15:14
tags:
freebsd
perf
programming
systems
virtualization
Experiences porting FreeBSD 14 to run on the Firecracker VMM
source: L
Doom-lexing
https://languagelog.ldc.upenn.edu/nll/?p=60323 [languagelog.ldc.upenn.edu]
2023-08-23 21:54
tags:
hoipolloi
language
social
Susie Dent has an ever growing Twitter following of 1,1 million unique word lovers to whom she shares her daily word of the day. Word search engine Unscramblerer.com went through Susie Dent’s whole Twitter history and analyzed what are the most liked, shared and commented words of the day she has posted.
ingordigiousness, recrudescence, sequaciousness, ...
See Inside a Ghost Town of Abandoned Mansions in China
https://www.architecturaldigest.com/story/see-inside-a-ghost-town-of-abandoned-mansions-in-china [www.architecturaldigest.com]
2023-08-11 18:50
tags:
hoipolloi
photos
urban
The State Guest Mansions were envisioned as the palatial homes for the upper crust of society. Now, their only residents are hurdles of cattle and the occasional adventure explorers meandering like ghosts around the arched verandas and stone façades of hundreds of abandoned villas. Located around the hills of Shenyang (about 400 miles northeast of Beijing), the development was originally planned by Greenland Group, a Shanghai-based real estate developer, and broke ground in 2010. But as AFP reports, within two years the project had come to grinding halt, leaving the half-formed skeletons of imitative royalty in its wake. Today the crumbling estates are still abandoned, left in an eerie series of rows appearing like an architectural cornfield.
source: jwz
Smashing the state machine: the true potential of web race conditions
https://portswigger.net/research/smashing-the-state-machine [portswigger.net]
2023-08-10 16:24
tags:
concurrency
exploit
networking
security
web
HTTP request processing isn’t atomic - any endpoint might be sending an application through invisible sub-states. This means that with race conditions, everything is multi-step. The single-packet attack solves network jitter, making it as though every attack is on a local system. This exposes vulnerabilities that were previously near-impossible to detect or exploit.
source: L
The Garden of Computational Delights
https://arbesman.net/computationaldelights/ [arbesman.net]
2023-08-06 22:17
tags:
essay
links
tech
web
Beneath the utilitarian purpose of computation, computing is also a source of delight and wonder. Software is not just databases and mail merges or SaaS and spreadsheets; it’s creative coding and simulated cities, code poetry and bulletin board systems. It’s websites that dazzle and iPhone apps that make the heart sing. And it’s sometimes even spreadsheets, coerced to dance and do all manner of weirdness. All of these approaches to computing are what am collecting here, and bundling under the term “garden of computational delights.” This is a list of places that collect or catalyze sources for being enraptured by the web, programming, and the wider world of computing. Or, as per Tim Hwang and Omar Rizwan, this is a garden of all the different places you might discover where “the computer is a feeling.”
source: Dfly
‘Random Acts of Medicine’ Review: Paging Dr. Chance
https://www.wsj.com/articles/random-acts-of-medicine-review-paging-dr-chance-877170ec [www.wsj.com]
2023-08-06 22:14
tags:
book
hoipolloi
ideas
life
science
People who end up in the emergency room complaining of chest pains a few weeks before their 40th birthday are very similar to people who end up in the emergency room with chest pains a few weeks after their 40th birthday. But on a chart, the former are 39 years old and the latter are 40.
The point of these studies isn’t to titter or sigh at the peculiarities of human reasoning but to use these natural experiments to estimate the effect of medical procedures. If the only reason that near-18 and 18-year-olds are prescribed opioids differently is the semantics of “child” and “adult,” then we can use the discontinuity in prescriptions as a natural experiment—it’s as if prescribing around the age of 18 were randomly assigned. The authors find, for example, that compared to the just-under-18s, the just-over-18s were 12.6% more likely to later be diagnosed for an opioid-related adverse event such as an overdose. The greater rate of overdose is valuable information—but imagine the difficulty of trying to convince an Institutional Review Board that it would be ethical to randomly prescribe opioids to young people.
source: MR
Shamir Secret Sharing
https://max.levch.in/post/724289457144070144/shamir-secret-sharing [max.levch.in]
2023-08-06 21:38
tags:
auth
c
crypto
development
programming
security
unix
It’s 3am. Paul, the head of PayPal database administration carefully enters his elaborate passphrase at a keyboard in a darkened cubicle of 1840 Embarcadero Road in East Palo Alto, for the fifth time. He hits Return. The green-on-black console window instantly displays one line of text: “Sorry, one or more wrong passphrases. Can’t reconstruct the key. Goodbye.”
This is the story of a catastrophic software bug I briefly introduced into the PayPal codebase that almost cost us the company (or so it seemed, in the moment.)
Today, should you try to read up the programmer’s manual (AKA the man page) on getpass, you will find it has been long declared obsolete and replaced with a more intelligent alternative in nearly all flavors of modern Unix.
source: Dfly
A Blog Post With Every HTML Element
https://www.patrickweaver.net/blog/a-blog-post-with-every-html-element/ [www.patrickweaver.net]
2023-08-04 00:16
tags:
docs
essay
html
standard
text
ux
web
I could, element by element, continue to add support (mostly by making CSS updates for each element to fit in with the rest of my style choices) as I came across specific needs for them, but not one to shy away from an exhaustive exploration, I decided to write this post and attempt to use every element.
A goal of the post, was to avoid delaying other future posts with CSS updates on a previously unused element, but in reality it took a year and a half to make all the updates for just this post! I am using the MDN Web Docs list of HTML elements as a reference which has more than 100 tags divided into a few categories, which I will also use in this post.
source: L
The English vegetable picked by candlelight
https://www.bbc.com/travel/article/20190424-the-english-vegetable-picked-by-candlelight [www.bbc.com]
2023-07-30 18:07
tags:
food
hoipolloi
A notoriously fickle vegetable to harvest, Yorkshire forced rhubarb is anything but easy to grow. It thrives in the county’s cold winters, but if the soil is too wet, it can’t be planted. If the temperature is too hot, it won’t grow; and 10 or more frosts are needed before a farmer can even think about forcing it. Only then can horticulturalists remove the heavy roots from the field, then clean and replant them inside the forcing sheds where photosynthesis is limited, encouraging glucose stored in the roots to stimulate growth. It demands patience, expertise and good fortune, and, ultimately, it is engineered for maximum taste: once deprived of light, the vegetable is forced to use the energy stored in its roots, making it far sweeter than the normal variety.
source: HN
Raytraced Order Independent Transparency
https://interplayoflight.wordpress.com/2023/07/15/raytraced-order-independent-transparency/ [interplayoflight.wordpress.com]
2023-07-29 19:47
tags:
gl
graphics
programming
About a year ago I reviewed a number of Order Independent Transparency (OIT) techniques (part 1, part 2, part 3), each achieving a difference combination of performance, quality and memory requirements. None of them fully solved OIT though and I ended the series wondering what raytraced transparency would look like. Recently I added (some) DXR support to the toy engine and I was curious to see how it would work, so I did a quick implementation.
The implementation was really simple. Since there is no mechanism to sort the nodes of a BLAS/TLAS based on distance from the camera, the ray generation shader keeps tracing rays using the result of the closest hit shader as the origin for the next ray until there is nothing else to hit.