What if you had to fight against your company’s culture to bring a revolutionary tool to life? Meet Jeffrey Snover, the Microsoft architect behind PowerShell, a command tool that transformed Windows system administration. Initially met with skepticism, Snover’s idea faced resistance from a company that favored graphical interfaces.

source: HN

There are many things to take from this story — about beginner’s mind, the diversity of human experience, and the interoperability of language. But what stood out to me most was two opposing lessons about shared protocols and modularity. Tomás’ experiment failed. It failed because each amateur cartographer injected their own methodology and process, resulting in incompatible maps. But in another sense, Tomás succeeded. Sure, maybe this collection of artifacts would be useless for military strategy or commerce, but on the other hand... LOOK AT THESE MAPS, THESE MAPS RULE.

source: HN

Today, the team declared victory. They’ve finally verified the true value of a number called BB(5), which quantifies just how busy that fifth beaver is. They obtained the result — 47,176,870 — using a piece of software called the Coq proof assistant, which certifies that mathematical proofs are free of errors.

source: HN

A customer reported that a recent Windows update broke their ability to type a snowman by using Alt+9731. We explained that the update was not at fault; rather, Alt+9731 was never supposed to produce a snowman at all! But the customer insisted that it used to work.

source: HN

The Valve.Computer is an 8 bit computer, with the usual 12 bit address and data buses plus the rather unusual current demand of over 200 Amps. It can play a decent game of PONG using its valve and relay RAM, or run a 32 bit Fibonacci sequence using modern NVRAM. After switch on you have to wait a while for the last thermionic valve to warm up. If you look from the side you see a few start to show a red glow.

After visiting Bletchley Park, it occurred to me that several thermionic valve computers had been rebuilt, and now run in museums, but that no new design of a valve computer had been constructed in over 50 years. The thought of building one seemed ridiculous, but I wondered if a modern design could overcome the issues of size, power and the very real danger of high voltages.

source: HN

I, sadly, did not get a message from a teenage YouTuber earnestly offering to return my stolen phone. Instead I received a series of texts from someone cycling through a number of different strategies for engaging, convincing, tricking or scaring me into unlocking the phone for them.

source: HN

A new ant species, Paraparatrechina neela sp. nov., with a captivating metallic-blue color is described based on the worker caste from the East Siang district of Arunachal Pradesh, northeastern India. This discovery signifies the first new species of Paraparatrechina in 121 years, since the description of the sole previously known species, P. aseta (Forel, 1902), in the Indian subcontinent.

source: HN

Software shadow stacks could deliver up to 8x faster stack trace capturing in the Go runtime when compared to the frame pointer unwinding that landed in go1.21. This doesn’t mean that this idea should escape from the laboratory right away, but it offers a fun glimpse into a potential future of hardware accelerated stack trace capturing via shadow stacks.

source: HN

wazero is an extremely unique and rare piece of production software out there in the Go ecosystem in the sense that it generates semantically equivalent x86-64 and AArch64 machine code from WebAssembly bytecode at runtime, and then provides the API to execute and interact with it with zero dependency, hence without CGo.

This post is decoupled from wazero itself, and I’ll focus on the general concept of runtime code generation and execution in Go.

source: HN

A tiny raycasting engine and city generator that fits in a standalone 256 byte html file. In this post I will share all the secrets about how this magical program works.

source: HN

In this post I want to create a single file C file program to open a windows inside Linux without using xlib or any similar libraries. The idea is to explore X11 protocol and see how it is used to interact with X server to create windows.

source: HN

It’s a game we’d been dreaming of for years: a giant rube goldberg machine builder in the style of the classic Incredible Machine games, made of a patchwork of machines created by individual xkcd readers. For more details, check out Explain xkcd’s wonderful writeup.

source: HN

Computers aren’t random. On the contrary, hardware designers work very hard to make sure computers run every program the same way every time. So when a program does need random numbers, that requires extra effort. Traditionally, computer scientists and programming languages have distinguished between two different kinds of random numbers: statistical and cryptographic randomness. In Go, those are provided by math/rand and crypto/rand, respectively. This post is about how Go 1.22 brings the two closer together, by using a cryptographic random number source in math/rand (as well as math/rand/v2, as mentioned in our previous post). The result is better randomness and far less damage when developers accidentally use math/rand instead of crypto/rand.

source: HN

This blog post examines the details of the HVIF format using a hex editor and the canonical parser’s source code. In the process of dissecting an example icon, I’ll also show you an optimization bug in the icon image editor.

source: HN

Every time a block is broken in Minecraft versions Beta 1.8 through 1.12.2, the precise coordinates of the dropped item can reveal another player’s location. “Randar” is an exploit for Minecraft which uses LLL lattice reduction to crack the internal state of an incorrectly reused java.util.Random in the Minecraft server, then works backwards from that to locate other players currently loaded into the world.

source: HN

Today, I’d like to tell you about the Etak Navigator, a truly revolutionary product and the world’s first practical vehicle navigation system.

Back in 1985 you used paper maps to navigate, like this one from a Thomas Brother’s map of Los Angeles: A Thomas Brother’s Map. As you can see, the maps weren’t always pretty. By today’s standards it was also supremely difficult and tedious to find locations and even more difficult to work out how to get there. So, when the Etak Navigator launched, it was like something from the future.

source: HN

After almost three years since the initial design document and hundreds of CLs in the meantime, the V8 Sandbox — a lightweight, in-process sandbox for V8 — has now progressed to the point where it is no longer considered an experimental security feature. Starting today, the V8 Sandbox is included in Chrome’s Vulnerability Reward Program (VRP). While there are still a number of issues to resolve before it becomes a strong security boundary, the VRP inclusion is an important step in that direction. Chrome 123 could therefore be considered to be a sort of “beta” release for the sandbox. This blog post uses this opportunity to discuss the motivation behind the sandbox, show how it prevents memory corruption in V8 from spreading within the host process, and ultimately explain why it is a necessary step towards memory safety.

source: HN

Deep technical analysis of the CONTINUATION Flood: a class of vulnerabilities within numerous HTTP/2 protocol implementations. In many cases, it poses a more severe threat compared to the Rapid Reset: a single machine (and in certain instances, a mere single TCP connection or a handful of frames) has the potential to disrupt server availability, with consequences ranging from server crashes to substantial performance degradation. Remarkably, requests that constitute an attack are not visible in HTTP access logs.

source: HN

Different regions have ended up with different equilibria in the rewards game. In the United States, card acceptance is expensive and the rewards economy is robust. In Japan, card acceptance is expensive and the rewards economy is fairly muted due to—ahem—effective collusion by issuers. In Europe, card acceptance is cheap by regulatory fiat and so rewards are far less common (or commonly lucrative) than in the U.S.

source: HN

To improve on this, we are introducing Jpegli, an advanced JPEG coding library that maintains high backward compatibility while offering enhanced capabilities and a 35% compression ratio improvement at high quality compression settings. Jpegli is a new JPEG coding library that is designed to be faster, more efficient, and more visually pleasing than traditional JPEG.

source: HN