Lesser HTTPS for non-browsers
Browsers do all sorts of things to keep https connections secure. Most other clients do not. Why can’t we all just get along?
I'm not yours anymore, now I'm Senya's
> he took me to the local Soviet to listen to Lenin’s speeches
Reckon you've seen some stupid security things? Here, hold my beer
I can imagine any of these things happening through negligence or laziness. The responses after being called out are more worrisome. Simply being defensive or actually misguided?
Starting a real business
Start a business with just one click! OK, maybe a few more, but Stripe’s trying to streamline the process.
Dijkstra's in Disguise
> We have 3 very well-known algorithms (currency arbitrage, Q-learning, path tracing) that independently discovered the principle of relaxation used in shortest-path algorithms such as Dijkstra’s and Bellman-Ford. Remarkably, each of these disparate fields of study discovered notions of hard and soft optimality, which is relevant in the presence of noise or high-dimensional path integrals.
In Praise of Hierarchy
> Established, traditional order is under assault from freewheeling, networked disrupters as never before. But society craves centralized leadership, too.
I think the idea is to stop before going full French Revolution. Just a touch of change, please.
> Mr. Ferguson’s new book, “The Square and the Tower: Networks and Power, from the Freemasons to Facebook,” will be published by Penguin Press on Jan. 16.
Quinto: Resurrecting an Abandoned Board Game
> Quinto is basically Scrabble, except with numbers instead of letters.
Dirty Game Development Tricks
How to autopatch a game without a patching feature?
> Takeaways: Include patching code in your shipped game, and don’t use unbounded strcpy.
Two other tales of low level mayhem included as well.
A Fireside Foray into a Firefox Fracas
Writeup of previous Tor/Firefox vuln and exploit from November.
A cache invalidation bug in Linux memory management
> This blogpost describes a way to exploit a Linux kernel bug (CVE-2018-17182) that exists since kernel version 3.16. While the bug itself is in code that is reachable even from relatively strongly sandboxed contexts, this blogpost only describes a way to exploit it in environments that use Linux kernels that haven’t been configured for increased security (specifically, Ubuntu 18.04 with kernel linux-image-4.15.0-34-generic at version 4.15.0-34.37). This demonstrates how the kernel configuration can have a big impact on the difficulty of exploiting a kernel bug.
> The bug was fixed by changing the sequence numbers to 64 bits, thereby making an overflow infeasible, and removing the overflow handling logic.
The miracle cure for all your overflow ailments, the bigger int.
> The policy of only printing a warning even when the kernel has discovered a memory corruption is problematic for systems that should kernel panic when the kernel notices security-relevant events like kernel memory corruption.
That does seem problematic.
Weight Agnostic Neural Networks
> Not all neural network architectures are created equal, some perform much better than others for certain tasks. But how important are the weight parameters of a neural network compared to its architecture? In this work, we question to what extent neural network architectures alone, without learning any weight parameters, can encode solutions for a given task. We propose a search method for neural network architectures that can already perform a task without any explicit weight training. To evaluate these networks, we populate the connections with a single shared weight parameter sampled from a uniform random distribution, and measure the expected performance. We demonstrate that our method can find minimal neural network architectures that can perform several reinforcement learning tasks without weight training. On supervised learning domain, we find architectures that can achieve much higher than chance accuracy on MNIST using random weights.
Some fun demos.
All 17 species of penguins in pictures
One for each linux distro.
Using Microarchitectural Design to Break KASLR and More
Good rundown of how paging and CPUs work, too.
Reflections on Rusting Trust
> This also means that the compiler is vulnerable to what is colloquially known as the “Trusting Trust” attack, an attack described in Ken Thompson’s acceptance speech for the 1983 Turing Award. This kind of thing fascinates me, so I decided to try writing one myself.
Monday Is the Last Day You Can Buy Tokens at SEPTA Stations
> It’s the end of an era — finally.
There was something pleasantly archaic about using tokens, provided you had one ready and weren’t in a scramble to find it.
I can Haz TLS 1.3 ?
Maybe, if you make the sausage yourself. Good luck.
Explaining SNARKs Part I: Homomorphic Hidings
> Constructions of zk-SNARKs involve a careful combination of several ingredients; fully understanding how these ingredients all work together can take a while.
Off main thread HTML parsing in Servo
> Why can’t we mark these scripts and execute them all at the end, after the parsing is done? This is because of an old, ill-thought out Document API function called document.write(). This function is a pain point for many developers who work on browsers, as it is a real headache implementing it well enough, while working around the many idiosyncrasies which surround it.
CPU Adventure – Unknown CPU Reversing
> We reverse-engineered a program written for a completely custom, unknown CPU architecture, without any documentation for the CPU (no emulator, no ISA reference, nothing) in the span of ten hours.
Explaining Code using ASCII Art
> People tend to be visual: we use pictures to understand problems. Mainstream programming languages, on the other hand, operate in an almost completely different kind of abstract space, leaving a big gap between programs and pictures. This piece is about pictures drawn using a text character set and then embedded in source code. I love these! The other day I asked around on Twitter for more examples and the responses far exceeded expectations (thanks everyone!). There are a ton of great examples in the thread; here I’ve categorized a few of them. Click on images go to the repositories.