When a Chain Breaks
What a blogger learned from a year of traveling to restaurants that used to be part of much larger chains before being forced to fend for themselves.
Is C# a low-level language?
Specifically, what happens when translating a C++ raytracer and trying to make it fast.
I started by simply porting the un-obfuscated C++ code line-by-line to C#. Turns out that this was pretty straight forward, I guess the story about C# being C++++ is true after all!!
Myers diff in linear space: part 1
Another great article on diff, and some subtleties in producing human preferred output.
Reviving the 1973 Unix Programmer's Manual
Here you can find the manual in PDF format. As is the case with all the original Unix documentation, its quality in terms of conciseness, completeness, and rigour remains unsurpassed until today
Give me 15 minutes and I'll change your view of Linux tracing
My 15 (18) minute demo stepped through the evolution of recent built in Linux tracers: ftrace (2008+) and its many capabilities, perf (2009+), and bcc/BPF (2015+) which provides the final programmatic abilities for advanced tracing. I suspect I might change people’s view of Linux tracing, as these tracers – despite being built in to the Linux kernel – are still not widely known.
Systematic Synthesis of Elliptic Curve Cryptography Implementations
We implemented a framework in the Coq proof assistant for generating efficient code for elliptic curve cryptography (ECC), with proofs of conformance to a whiteboard-level specification in number theory. While some past projects have verified this kind of code, ours is the first to synthesize it from security parameters.
The SipHash Patchset (and more)
Announcing some security treats to protect you from attackers’ tricks
Highlight here seems to be this one.
I remember being impressed that gmail still worked in lynx some time back. No more.
Building Botnet on ServiceWorkers
Possibly alarmist, but the history of browser features suggests anything that can be abused will be.
URLs are UI
So many folks spend time on their CSS and their UX/UI but still come up with URLs that are at best, comically long, and at worst, user hostile.
Why Are Young People Pretending to Love Work?
I saw the greatest minds of my generation log 18-hour days — and then boast about #hustle on Instagram. When did performative workaholism become a lifestyle?
Detonating a bad rabbit: Windows Defender Antivirus and layered machine learning defenses
We use a variety of machine learning models that use different algorithms to predict whether a file is malware. Some of these algorithms are binary classifiers that give a strict clean-or-malware verdict (0 or 1), while others are multi-class classifiers that provide a probability for each classification (malware, clean, potentially unwanted application, etc). Each machine learning model is trained against a set of different features (often thousands, sometimes hundreds of thousands) to learn to distinguish between different kinds of programs.
Information is Beautiful Awards 2018: The Winners
Let’s raise a glass to dataviz that pushes boundaries, illuminates truth, and celebrates beauty. Thank you to everyone who joined us on the Information is Beautiful Awards journey this year - now see which entries took home trophies at tonight’s spectacular ceremony.
Another collection: https://www.wsj.com/graphics/year-in-graphics-2018/
Understanding Runs in the Shadow Banking System
In a new paper, “Information Gaps and Shadow Banking,” forthcoming in the Virginia Law Review and available here, I offer a novel, complementary explanation for why short-term creditors run: information nobody possesses.
In the world of modern portable devices, it may be hard to believe that merely a few decades ago the most convenient way to keep track of time was a mechanical watch. Unlike their quartz and smart siblings, mechanical watches can run without using any batteries or other electronic components.
Over the course of this article I’ll explain the workings of the mechanism seen in the demonstration below. You can drag the device around to change your viewing angle, and you can use the slider to peek at what’s going on inside:
Trends in Memory Errors
Imprecise, but worth considering.
How and why the leap second affected Cloudflare DNS
Time goes backward, and then the real fun starts.
Half the blame is on go, for not providing a monotonic clock. But I’d say the other half is repeating a second. Don’t have this problem if you ignore the leap second. :)
Writing a Formally-Verified Porn Browser in Coq and Haskell
Hopefully this example shows that there’s nothing really stopping anyone from using Coq in their Haskell programs today.
How to defend against Stack Pivoting attacks on existing 32-bit x86 processor architecture?
Stack Pivoting is a common technique widely used by vulnerability exploits to bypass hardware protections like NX/SMEP, or to chain ROP (Return-Oriented Programing, the Wikipedia link) gadgets. However, there is NO hardware protection solution to defend against it (at least for now:-). This blog will describe a software solution to detect Stack Pivoting at run time, and I will also point out some limitations due to current processor architecture implementations.
So that’s one way to do it...
1000 links for the price of one.