Our eyes are weird organs that often are telling lies to us. But if you know the peculiarities of human visual perception, you can build more approachable and clean designs. Not only do type designers utilize optical tricks for creating readable and well-balanced fonts, but it’s also helpful for interface designers, who build user-machine communication.

source: L

This showcases a demo of megatextures running on n64 hardware. A “megatexture” for the n64 is really just a normal sized textured by modern standards but with that you can do some prebaked scenes that look like they don’t belong on the n64.

https://github.com/lambertjamesd/n64brew2023

A fun set of fixes, several for already known vulns.

This, and the followup, is a presentation that I recommend as required reading to people wanting to get deeper into shader programming, not just for the knowledge but also the attitude towards shader programming (check compiler output, never assume, always profile). It has been 10 years since it was released though; in those 10 years a lot of things have changed on the GPU/shader model/shader compiler front and not all the suggestions in those presentations are still valid. So I decided to do a refresh with a modern compiler and shader model to see what still holds true and what doesn’t. I will target the RDNA 2 GPU architecture on PC using HLSL, the 6.7 shader model and the DXC compiler (using https://godbolt.org/) in this blog post.

To understand the monumental change that technology has wrought on hostage-taking strategy, let’s first examine two other advances that changed global kidnapping: commercial airlines and the nightly news.

source: grugq

Some nice notes on the complicated nature of unix sockets. And a variety of other kernel details.

And of course, part two, wherein the bugfix is a bug: https://objective-see.com/blog/blog_0x1B.html

source: grugq

How Chrome OS, Termux, YubiKey & Duo Mobile make for great usable security

The real key here is termux.

source: L

Back in the late 1980s and early 1990s, I quietly built some counterhacking and beaconing tools that I installed in a “fake front” machine on our local network. People who tried to break into it might get surprises and leave me log info about what they were up to, and things they downloaded would not do what they thought or might beacon me to indicate where the code went. This was long before honeypots were formalized, and before firewalls were in common use.

This a very good and interesting read.

source: grugq

Some of them anyway.

source: grugq

Making up for lost bits.

source: grugq

Not only has are my builds now portable across all unix-like systems, my Makefiles are cleaner and more robust. Many of the common make extensions — conditionals in particular — lead to fragile, complicated Makefiles and are best avoided anyway. It’s important to be able to trust your build system to do its job correctly.

Less is more.

It’s always interesting to dive into framework internals. objc_msgSend in particular is a work of art, and delightful to read through.

This week’s interview features Dr. Steven Gass, the inventor of the SawStop—considered one of the best table saws (we love the one in our office!). SawStop has a unique safety feature that automatically brakes the blade if a finger touches it.

source: K

Another good post looking at code generation and optimization.

Consider a square in the xy-plane, and let A (an “assassin“) and T (a “target“) be two arbitrary-but-fixed points within the square. Suppose that the square behaves like a billiard table, so that any ray (a.k.a “shot“) from the assassin will bounce off the sides of the square, with the angle of incidence equaling the angle of reflection.

Puzzle: Is it possible to block any possible shot from A to T by placing a finite number of points in the square?

source: grugq

Maybe, if you make the sausage yourself. Good luck.

source: green

This is an online edition of the classic technical reference Five Hundred and Seven Mechanical Movements by Henry T. Brown.

This site contains the original illustrations and text from the 21st edition of the book, published in 1908. It also includes animated versions of the illustrations, and occasional notes by the webmaster.

source: K

A setting for every config and a config for every setting.

source: Dfly

So let’s start at the start - we have a problem - we want to send two pieces of information, an SSID and the keyphrase, from one party that is already a member of the wifi network to an external party who can monitor all the encrypted wifi traffic but who cannot decrypt it.

So the solution to our problem is to encode the information in the size of the packets sent (the actual content is irrelevant). The party on the secured network just sends UDP packets with particular lengths to another party on the network. That the other party is not interested in receiving the packets is not important.

I believe this is possible. I am amazed it’s actually done.

source: solar

In this work we attempt a full accounting of the current and historical status of smartphone security measures. We focus on several of the most popular device types, and present a complete description of both the available security mechanisms in these devices, as well as a summary of the known public information on the state-of-the-art in bypass techniques for each. Our goal is to provide a single periodically updated guide that serves to detail the public state of data security in modern smartphones.

source: green