The main focus of the v1.4.0 release is the stabilization of the advanced API.

Zstd’s fastest compression level just got faster! Thanks to ideas from Intel’s igzip and @gbtucker, we’ve made level 1, zstd’s fastest strategy, 6-8% faster in most scenarios.

source: HN

A visitor buys a shirt.

If only one of file1 and file2 is a directory, diff shall be applied to the non-directory file and the file contained in the directory file with a filename that is the same as the last component of the non-directory file.

Slapping, Klobbs, speedrunning, cheating Oddjobs and more: Everything you ever wanted to know about the creation of the iconic, game-changing FPS

source: L

Almost every attempt at bypassing SSL Pinning is based on manipulating the SSLContext. Can we manipulate the SSLContext with Frida? What we wanted was a generic/universal approach and we wanted to do it with a Frida JavaScript script.

source: grugq

It’s not the passwords that are weak. It’s you.

In it, Duke parlays her experience with cards into general lessons about decision making that are relevant for all of us. If a well-reasoned decision leads to a negative outcome, was it the wrong decision? How do we distinguish between luck and skill? And how do we move beyond our cognitive biases?

Not entirely sure what the relationship is.

Mr. Korn is the unofficial king of the straders, and an evangelist for the financial world they represent. Across Wall Street, traders who spent their formative years barking into phones are signing up for coding classes. Engineers once relegated to the back office are being empowered to try their hands in the market.

An applied math and economics double-major at Brown University, he comes from a family of computer geeks: His father worked at Bell Labs and in the 1980s helped develop the backbone of the Unix operating system.

Hopefully this example shows that there’s nothing really stopping anyone from using Coq in their Haskell programs today.

source: L

Very long, but still only touches the surface... Some good notes in the conclusion as well.

source: HN

And so we go again.

TL;DR: full reliable 0day drive-by exploit against Fedora 25 + Google Chrome, by breaking out of Super Nintendo Entertainment System emulation via cascading side effects from a subtle and interesting emulation error. Very full details follow.

I want to focus on the rhetorical framing Rosenstein used. Much of it is transparently hyperbolic.

I liked this as an analysis of how language frames debate and discussion.

source: grugq

DragonFly version 5.6 brings an improved virtual memory system, updates to radeon and ttm, and performance improvements for HAMMER2.

source: Dfly

This repository demonstrates various hardware effects that can degrade application performance in surprising ways and that may be very hard to explain without knowledge of the low-level CPU and OS architecture. For each effect I try to create a proof of concept program that is as small as possible so that it can be understood easily.

Those effects obviously depend heavily on your CPU microarchitecture and model, so the demonstration programs may not showcase the slowdown on your CPU, but I try to make them as general as I can. That said, the examples are targeting x86-x64 processors (Intel and AMD) and may not make sense on other CPU architectures. I try to make them compatible with Windows, but they are mainly tested on Linux.

source: Dfly

Most of the time, The New York Times asks you to read something. Today we are inviting you, simply, to look. On this page you will find maps showing almost every building in the United States.

For 500 years, utopia—a word coined by Sir Thomas More to describe the ideal city—has been used as popular shorthand for a perfect world and lies at the heart of the Western political imagination. But what does it really mean today in the context of 21st-century urbanism, especially in a megacity like Los Angeles that has been the setting for utopian and dystopian thinking almost since its founding?

This is outside of my usual software-oriented beat, but sometimes people are wrong on the Internet. Most recently, people have been wrong about payment for order flow, an esoteric topic in the investing industry which seems vaguely unsavory to Hacker News commenters, Michael Lewis [0], etc.

Explaining why payment for order flow isn’t a big deal requires a more in-depth discussion of discount brokerages. All stats below are as of 2018; citations for the annual reports are at the bottom.

source: HN

There is no standard version of the tar program.

Turns out that it can be _very difficult_ to create a generic sandbox suid wrapper thats secure but still flexible enough to sandbox arbitrary binaries.

Full thread: http://marc.info/?t=148353575400001&r=1&w=2

source: solar