This survey is as murky as chocolate milk
> She declined to respond to my queries about the wording of the questions, and said the full results of the survey were not intended to be published.
Headsup: systemd v228 local root exploit
X-ray imaging reveals the secrets of termite mounds
> Turner found that the assumptions of Pearce and others that the mounds’ complex tunnel systems serve to circulate air and remove heat to regulate interior temperatures isn’t accurate. The air mixing isn’t the result of the colony’s internal heat but air pressure from outside the mound. The termites build the mounds so tall to catch the wind, and their porous outer surface is what allows the air to move into and through the colony. Turner likens the effect to the alveoli in human lungs: the mound almost “breathes.”
What nobody tells you about documentation
> They are: tutorials, how-to guides, explanation and technical reference. They represent four different purposes or functions, and require four different approaches to their creation. Understanding the implications of this will help improve most software documentation - often immensely.
Not 100% agreed on all points, but this is a good framework for considering what one is doing when writing.
A look at how private messengers handle key changes
> I was curious how other private messengers handle the same question, so I checked them out and found some results I did not expect.
The rare article on the subject with more light than heat.
Although, wrt Wire: https://twitter.com/tqbf/status/820828362881040386
You can’t “turn off the borrow checker” in Rust
> Every once in a while, someone will talk about unsafe in Rust, and how it “turns off the borrow checker.” I think this framing leads to misconceptions about unsafe and how it interacts with safe code.
> So what does unsafe actually do? Unsafe Rust is a superset of Safe Rust. Unsafe never changes the semantics of Rust code. It instead adds new features that you can only use inside an unsafe block.
Fine Tuning Performance
> Rather than simply repeat the same tests those drives have already been been subjected to, this review seeks to dig deeper into the performance characteristics of the Optane SSD and explore what it takes to extract the full performance of the drive. There are quite a few esoteric system settings that can have an impact, since a microsecond gained or lost matters more to an Optane SSD than to a flash-based drive.
Some notes about how things work, besides the regular review stuff.
Where should you fear private internet censorship the most?
> That all said, I am happy when I see people complain about voluntary censorship, even when I disagree with the complaints, or think the complainer is being too pessimistic. Complaining > complacency. That said, here is my wee dose of complacency, in the form of a list across various parts of the internet:
Securing Browsers Through Isolation Versus Mitigation
> When this works it’s a great way to stop an attacker cold. However, the downside of these things is that they can turn into a cat and mouse game, where each mitigation just demands more work from an attacker, but none of them can actually block an exploit outright.
Some great points about limits of mitigation, although sandbox breaks are common too. And sometimes hard to isolate all the things that need it.
No boundaries: Exfiltration of personal data by session-replay scripts
> You may know that most websites have third-party analytics scripts that record which pages you visit and the searches you make. But lately, more and more sites use “session replay” scripts. These scripts record your keystrokes, mouse movements, and scrolling behavior, along with the entire contents of the pages you visit, and send them to third-party servers. Unlike typical analytics services that provide aggregate statistics, these scripts are intended for the recording and playback of individual browsing sessions, as if someone is looking over your shoulder.
A tale of event loops
> Notes describing my understanding of how modern Python event loops work
Pixel Art In GIMP
> I’ve always been an admirer of pixel art, because of it’s simplicity and it’s resemblance to bitmap font design. Recently, I decided to take the dive and make some art of my own. I used GIMP because I am fairly familiar with it. Aseprite seems to be the editor of choice for animated pixel art though.
The Berlin Wall Fell 30 Years Ago. Where Did It Go?
Natural Adversarial Examples
> We introduce natural adversarial examples -- real-world, unmodified, and naturally occurring examples that cause classifier accuracy to significantly degrade. We curate 7,500 natural adversarial examples and release them in an ImageNet classifier test set that we call ImageNet-A. This dataset serves as a new way to measure classifier robustness. Like l_p adversarial examples, ImageNet-A examples successfully transfer to unseen or black-box classifiers. For example, on ImageNet-A a DenseNet-121 obtains around 2% accuracy, an accuracy drop of approximately 90%. Recovering this accuracy is not simple because ImageNet-A examples exploit deep flaws in current classifiers including their over-reliance on color, texture, and background cues. We observe that popular training techniques for improving robustness have little effect, but we show that some architectural changes can enhance robustness to natural adversarial examples. Future research is required to enable robust generalization to this hard ImageNet test set.
When is it appropriate to use the current processor number as an optimization hint?
> If you are going to use the current processor as a hint to avoid contention, the entire scenario needs to be quick. If the processor changes while your scenario is running, then you will have contention if the new thread also tries to perform that same processor-keyed operation.
> This post explains how to implement heap allocators from scratch. It presents and discusses different allocator designs, including bump allocation, linked list allocation, and fixed-size block allocation. For each of the three designs, we will create a basic implementation that can be used for our kernel.
=?iso-8859-8-i?Q? Handling non-UTF-8 Hebrew email
> In the dark ages before Unicode, Hebrew used its own encodings which allowed typing both Latin and Hebrew letters: Windows-1255, ISO-8859-8. I speculate that people initially expected input to be written in reverse order (aka “visual order“), assuming that everything will display text left to right.
Twitter Activist Security
Focused on, but not exclusively useful for, Twitter and activists.
> I am not an activist, and I almost certainly don’t live in your country. These guidelines are generic with the hope that they will be useful for a larger number of people.
How to keep a car’s wheels pointed in the right direction.
Are we secure yet?
No OpenBSD, not secure.