A slow developing series, only up to 30 now, but with more variety and better reviews than most such lists.

Since I design social software for a living I feel like I should have a professional opinion on why Twitter and Facebook made me unhappy.

Another “quit the socials” essay, but perhaps one that’s better than average.

I’d never heard of “Haberman” before. The name of the neighborhood that people who live here would recognize is Maspeth (which you can see up-and-to-the-right of Haberman). Is Haberman even a real neighborhood? Why did Google put this giant Haberman label on the map?

source: HN

But there is still something remarkable and almost Raymond Carver-esque about this story of a small town in Arkansas being visited—over and over again—by runaway trucks, their drivers misled by GPS, their vehicles mechanically unprepared for the town’s sharp curves and steep terrain.

F# numbers can have units attached. So who wants to rewrite the units utility?

These are the release notes for Blender 2.79, released September 12th, 2017.

source: HN

Problems often appear just because we put some pieces together in the first place.

source: HN

Theoretically restricted to admin, practically not so much.

Chris is on a roll. Lots of interesting data to be found in uninitialized memory.

Previous: https://scarybeastsecurity.blogspot.com/2017/05/bleed-continues-18-byte-file-14k-bounty.html

One side effect of this multigenerational production environment is that a new software release or configuration change might result in a system running healthily on one machine but experiencing an out-of-memory (OOM) issue on another. Facebook runs Linux as the host operating system on its machines. The traditional Linux OOM killer works fine in some cases, but in others it kicks in too late, resulting in the system entering a livelock for an indeterminate period.

source: L

High-pressure experiments explore what it might take to make exoplanets habitabl

I’ve yet to find a project which actually bothered implementing hostkey verification in SSH client code. None.

Great comparison of responses at two levels, language vendor and downstream project.

Anyone using SSH as a client in Golang who wants to keep being insecure will need to explicitly mark it as such in their codebase and face public ridicule.

source: L

This is not allowed in C++. The return type of a function cannot be overloaded.

But Kenny Kerr taught me how to fake it. What you do is return an object that doesn’t yet know whether it’s a widget or doodad.

Related: https://devblogs.microsoft.com/oldnewthing/20191107-00/?p=103071

The one rule of thumb is: If you allow complexity into a place that should be simple, more complexity will follow.

source: grugq

As you approach Nithurst Farm, architect Adam Richards’ new house, the sheep look up suspiciously from their grazing. You feel like an intruder. Sitting in the middle of the undulating Sussex countryside, the house looks more like a piece of railway viaduct or a bit of agricultural or industrial infrastructure left over from some obscure purpose than a conventional dwelling. It might even be a ruin, the stray remains of a Roman villa.

A great retrospective on building the IMDB message boards, early web development, running a social site, etc.

source: L

You could raise from the chair and turn the shades, I guess. You could. But I can not. I need an automatic sun-b-gone mechanism! Something smart, IOT and with blockchain technology. A true Window Manager™.

source: L

Ideally, this is an uncircumventable, rigid process, removing any possibility of compromise, even when attackers can achieve arbitrary code execution on the high level operating system (e.g., Android or iOS). However, hardware vendors are given a great amount of discretion when implementing these bootloaders, leading to variations in both the security properties they enforce and the size of the attack surface available to an adversary.

source: grugq

Sharing my own copy-on-write story in light of the Dirty COW bug.

When things go wrong at a low level, it’s hard to figure out why.

Guests as a service!

source: HN