When a Chain Breaks
https://tedium.co/2018/12/04/broken-chains-fast-food-restaurants/ [tedium.co]
2018-12-05 17:57
tags:
food
travel
What a blogger learned from a year of traveling to restaurants that used to be part of much larger chains before being forced to fend for themselves.
Is C# a low-level language?
https://mattwarren.org/2019/03/01/Is-CSharp-a-low-level-language/ [mattwarren.org]
2019-03-01 16:30
tags:
csharp
cxx
dotnet
jit
perf
programming
Specifically, what happens when translating a C++ raytracer and trying to make it fast.
I started by simply porting the un-obfuscated C++ code line-by-line to C#. Turns out that this was pretty straight forward, I guess the story about C# being C++++ is true after all!!
source: L
Myers diff in linear space: part 1
https://blog.jcoglan.com/2017/03/22/myers-diff-in-linear-space-part-1/ [blog.jcoglan.com]
2017-04-01 15:53
tags:
compsci
development
paper
series
swtools
visualization
Another great article on diff, and some subtleties in producing human preferred output.
source: L
Reviving the 1973 Unix Programmer's Manual
https://www.spinellis.gr/blog/20171119/ [www.spinellis.gr]
2017-11-21 03:43
tags:
docs
retro
unix
Here you can find the manual in PDF format. As is the case with all the original Unix documentation, its quality in terms of conciseness, completeness, and rigour remains unsurpassed until today
Give me 15 minutes and I'll change your view of Linux tracing
http://www.brendangregg.com/blog/2016-12-27/linux-tracing-in-15-minutes.html [www.brendangregg.com]
2016-12-22 03:55
tags:
development
linux
programming
slides
swtools
video
My 15 (18) minute demo stepped through the evolution of recent built in Linux tracers: ftrace (2008+) and its many capabilities, perf (2009+), and bcc/BPF (2015+) which provides the final programmatic abilities for advanced tracing. I suspect I might change people’s view of Linux tracing, as these tracers – despite being built in to the Linux kernel – are still not widely known.
Systematic Synthesis of Elliptic Curve Cryptography Implementations
https://people.csail.mit.edu/jgross/personal-website/papers/2017-fiat-crypto-pldi-draft.pdf [people.csail.mit.edu]
2016-11-30 20:49
tags:
compsci
crypto
math
paper
pdf
perf
security
We implemented a framework in the Coq proof assistant for generating efficient code for elliptic curve cryptography (ECC), with proofs of conformance to a whiteboard-level specification in number theory. While some past projects have verified this kind of code, ours is the first to synthesize it from security parameters.
The SipHash Patchset (and more)
http://www.openwall.com/lists/kernel-hardening/2016/12/16/6 [www.openwall.com]
2016-12-16 16:35
tags:
crypto
hash
linux
perf
security
Announcing some security treats to protect you from attackers’ tricks
https://security.googleblog.com/2018/10/announcing-some-security-treats-to.html [security.googleblog.com]
2018-11-01 01:56
tags:
auth
browser
cloud
ux
web
Highlight here seems to be this one.
When your username and password are entered on Google’s sign-in page, we’ll run a risk assessment and only allow the sign-in if nothing looks suspicious. We’re always working to improve this analysis, and we’ll now require that JavaScript is enabled on the Google sign-in page, without which we can’t run this assessment.
I remember being impressed that gmail still worked in lynx some time back. No more.
source: HN
Building Botnet on ServiceWorkers
http://sakurity.com/blog/2016/12/10/serviceworker_botnet.html [sakurity.com]
2016-12-10 21:12
tags:
browser
javascript
networking
security
Possibly alarmist, but the history of browser features suggests anything that can be abused will be.
URLs are UI
https://www.hanselman.com/blog/URLsAreUI.aspx [www.hanselman.com]
2017-07-08 08:40
tags:
development
html
ux
web
So many folks spend time on their CSS and their UX/UI but still come up with URLs that are at best, comically long, and at worst, user hostile.
Why Are Young People Pretending to Love Work?
https://www.nytimes.com/2019/01/26/business/against-hustle-culture-rise-and-grind-tgim.html [www.nytimes.com]
2019-01-29 22:06
tags:
business
hoipolloi
valley
I saw the greatest minds of my generation log 18-hour days — and then boast about #hustle on Instagram. When did performative workaholism become a lifestyle?
source: ML
Detonating a bad rabbit: Windows Defender Antivirus and layered machine learning defenses
https://blogs.technet.microsoft.com/mmpc/2017/12/11/detonating-a-bad-rabbit-windows-defender-antivirus-and-layered-machine-learning-defenses/ [blogs.technet.microsoft.com]
2017-12-11 23:05
tags:
ai
cloud
defense
malware
security
windows
We use a variety of machine learning models that use different algorithms to predict whether a file is malware. Some of these algorithms are binary classifiers that give a strict clean-or-malware verdict (0 or 1), while others are multi-class classifiers that provide a probability for each classification (malware, clean, potentially unwanted application, etc). Each machine learning model is trained against a set of different features (often thousands, sometimes hundreds of thousands) to learn to distinguish between different kinds of programs.
Information is Beautiful Awards 2018: The Winners
https://www.informationisbeautifulawards.com/news/323-information-is-beautiful-awards-2018-the-winners [www.informationisbeautifulawards.com]
2018-12-17 03:27
tags:
archive
links
media
visualization
Let’s raise a glass to dataviz that pushes boundaries, illuminates truth, and celebrates beauty. Thank you to everyone who joined us on the Information is Beautiful Awards journey this year - now see which entries took home trophies at tonight’s spectacular ceremony.
Another collection: https://www.wsj.com/graphics/year-in-graphics-2018/
source: K
Understanding Runs in the Shadow Banking System
http://clsbluesky.law.columbia.edu/2016/12/05/understanding-runs-in-the-shadow-banking-system/ [clsbluesky.law.columbia.edu]
2016-12-05 20:39
tags:
finance
paper
In a new paper, “Information Gaps and Shadow Banking,” forthcoming in the Virginia Law Review and available here, I offer a novel, complementary explanation for why short-term creditors run: information nobody possesses.
Mechanical Watch
https://ciechanow.ski/mechanical-watch/ [ciechanow.ski]
2023-03-31 02:44
tags:
interactive
physics
tech
visualization
In the world of modern portable devices, it may be hard to believe that merely a few decades ago the most convenient way to keep track of time was a mechanical watch. Unlike their quartz and smart siblings, mechanical watches can run without using any batteries or other electronic components.
Over the course of this article I’ll explain the workings of the mechanism seen in the demonstration below. You can drag the device around to change your viewing angle, and you can use the slider to peek at what’s going on inside:
Trends in Memory Errors
https://vvdveen.com/memory-errors/ [vvdveen.com]
2017-02-17 17:31
tags:
exploit
malloc
security
visualization
Imprecise, but worth considering.
source: solar
How and why the leap second affected Cloudflare DNS
https://blog.cloudflare.com/how-and-why-the-leap-second-affected-cloudflare-dns/ [blog.cloudflare.com]
2017-01-02 17:12
tags:
go
networking
Time goes backward, and then the real fun starts.
Half the blame is on go, for not providing a monotonic clock. But I’d say the other half is repeating a second. Don’t have this problem if you ignore the leap second. :)
Writing a Formally-Verified Porn Browser in Coq and Haskell
http://www.michaelburge.us/2017/08/25/writing-a-formally-verified-porn-browser-in-coq.html [www.michaelburge.us]
2017-08-27 01:12
tags:
compsci
development
functional
haskell
programming
type-system
Hopefully this example shows that there’s nothing really stopping anyone from using Coq in their Haskell programs today.
source: L
How to defend against Stack Pivoting attacks on existing 32-bit x86 processor architecture?
http://hypervsir.blogspot.com/2015/01/a-software-solution-to-defend-against.html [hypervsir.blogspot.com]
2018-03-06 23:33
tags:
cpu
defense
security
systems
Stack Pivoting is a common technique widely used by vulnerability exploits to bypass hardware protections like NX/SMEP, or to chain ROP (Return-Oriented Programing, the Wikipedia link) gadgets. However, there is NO hardware protection solution to defend against it (at least for now:-). This blog will describe a software solution to detect Stack Pivoting at run time, and I will also point out some limitations due to current processor architecture implementations.
So that’s one way to do it...
Multics Bibliography
https://multicians.org/biblio.html [multicians.org]
2018-09-20 17:33
tags:
archive
development
links
paper
retro
security
systems
unix
1000 links for the price of one.