> She declined to respond to my queries about the wording of the questions, and said the full results of the survey were not intended to be published.

Fixed one year ago, somewhat quietly.

Good commentary: https://www.agwa.name/blog/post/thoughts_on_the_systemd_root_exploit

> Turner found that the assumptions of Pearce and others that the mounds’ complex tunnel systems serve to circulate air and remove heat to regulate interior temperatures isn’t accurate. The air mixing isn’t the result of the colony’s internal heat but air pressure from outside the mound. The termites build the mounds so tall to catch the wind, and their porous outer surface is what allows the air to move into and through the colony. Turner likens the effect to the alveoli in human lungs: the mound almost “breathes.”

> They are: tutorials, how-to guides, explanation and technical reference. They represent four different purposes or functions, and require four different approaches to their creation. Understanding the implications of this will help improve most software documentation - often immensely.

Not 100% agreed on all points, but this is a good framework for considering what one is doing when writing.

source: L

> I was curious how other private messengers handle the same question, so I checked them out and found some results I did not expect.

The rare article on the subject with more light than heat.

Although, wrt Wire: https://twitter.com/tqbf/status/820828362881040386

> Every once in a while, someone will talk about unsafe in Rust, and how it “turns off the borrow checker.” I think this framing leads to misconceptions about unsafe and how it interacts with safe code.

> So what does unsafe actually do? Unsafe Rust is a superset of Safe Rust. Unsafe never changes the semantics of Rust code. It instead adds new features that you can only use inside an unsafe block.

source: L

> Rather than simply repeat the same tests those drives have already been been subjected to, this review seeks to dig deeper into the performance characteristics of the Optane SSD and explore what it takes to extract the full performance of the drive. There are quite a few esoteric system settings that can have an impact, since a microsecond gained or lost matters more to an Optane SSD than to a flash-based drive.

Some notes about how things work, besides the regular review stuff.

> That all said, I am happy when I see people complain about voluntary censorship, even when I disagree with the complaints, or think the complainer is being too pessimistic. Complaining > complacency. That said, here is my wee dose of complacency, in the form of a list across various parts of the internet:

source: MR

> When this works it’s a great way to stop an attacker cold. However, the downside of these things is that they can turn into a cat and mouse game, where each mitigation just demands more work from an attacker, but none of them can actually block an exploit outright.

Some great points about limits of mitigation, although sandbox breaks are common too. And sometimes hard to isolate all the things that need it.

source: green

> You may know that most websites have third-party analytics scripts that record which pages you visit and the searches you make. But lately, more and more sites use “session replay” scripts. These scripts record your keystrokes, mouse movements, and scrolling behavior, along with the entire contents of the pages you visit, and send them to third-party servers. Unlike typical analytics services that provide aggregate statistics, these scripts are intended for the recording and playback of individual browsing sessions, as if someone is looking over your shoulder.

source: L

> Notes describing my understanding of how modern Python event loops work

source: L

> I’ve always been an admirer of pixel art, because of it’s simplicity and it’s resemblance to bitmap font design. Recently, I decided to take the dive and make some art of my own. I used GIMP because I am fairly familiar with it. Aseprite seems to be the editor of choice for animated pixel art though.

source: L

> In the 30 years since, chunks of the wall have made their way to some 237 locations in more than 40 countries, according to records from a German government foundation tracking them.

Animated slideshow.

Related: https://www.wsj.com/articles/how-to-lose-a-2-6-ton-piece-of-the-berlin-walland-find-it-11572983620

> We introduce natural adversarial examples -- real-world, unmodified, and naturally occurring examples that cause classifier accuracy to significantly degrade. We curate 7,500 natural adversarial examples and release them in an ImageNet classifier test set that we call ImageNet-A. This dataset serves as a new way to measure classifier robustness. Like l_p adversarial examples, ImageNet-A examples successfully transfer to unseen or black-box classifiers. For example, on ImageNet-A a DenseNet-121 obtains around 2% accuracy, an accuracy drop of approximately 90%. Recovering this accuracy is not simple because ImageNet-A examples exploit deep flaws in current classifiers including their over-reliance on color, texture, and background cues. We observe that popular training techniques for improving robustness have little effect, but we show that some architectural changes can enhance robustness to natural adversarial examples. Future research is required to enable robust generalization to this hard ImageNet test set.

Also: https://github.com/hendrycks/natural-adv-examples

source: green

> If you are going to use the current processor as a hint to avoid contention, the entire scenario needs to be quick. If the processor changes while your scenario is running, then you will have contention if the new thread also tries to perform that same processor-keyed operation.

> This post explains how to implement heap allocators from scratch. It presents and discusses different allocator designs, including bump allocation, linked list allocation, and fixed-size block allocation. For each of the three designs, we will create a basic implementation that can be used for our kernel.

> In the dark ages before Unicode, Hebrew used its own encodings which allowed typing both Latin and Hebrew letters: Windows-1255, ISO-8859-8. I speculate that people initially expected input to be written in reverse order (aka “visual order“), assuming that everything will display text left to right.

source: L

Focused on, but not exclusively useful for, Twitter and activists.

> I am not an activist, and I almost certainly don’t live in your country. These guidelines are generic with the hope that they will be useful for a larger number of people.

source: grugq

How to keep a car’s wheels pointed in the right direction.

No OpenBSD, not secure.

source: grugq