Beneath the utilitarian purpose of computation, computing is also a source of delight and wonder. Software is not just databases and mail merges or SaaS and spreadsheets; it’s creative coding and simulated cities, code poetry and bulletin board systems. It’s websites that dazzle and iPhone apps that make the heart sing. And it’s sometimes even spreadsheets, coerced to dance and do all manner of weirdness. All of these approaches to computing are what am collecting here, and bundling under the term “garden of computational delights.” This is a list of places that collect or catalyze sources for being enraptured by the web, programming, and the wider world of computing. Or, as per Tim Hwang and Omar Rizwan, this is a garden of all the different places you might discover where “the computer is a feeling.”

source: Dfly

This and that.

Presenting the list I mentioned earlier in which I highlight a number of worthwhile science-fiction films (also some TV productions) that aren’t the usual Hollywood fare. I’ve spent the past few years watching many of these while searching for more. This isn’t a definitive collection, and it isn’t filled with favourites; I’ve deliberately omitted a number of popular films that would count as such. It’s more a map of my generic tastes, and an answer to a question that isn’t always spoken aloud in discussions I’ve had about SF films but which remains implicit: “Okay, if you dislike all this stuff then what do you like?” I tend to like marginal things, hybrids, edge cases, the tangential, the unusual and the experimental.

Just the stills make for interesting browsing.

source: Dfly

Section 230 had such a drama-filled year that I decided to do a separate roundup, in addition to my annual Internet Law wrapup coming soon. (I know 2020 feels like it was a decade ago…) Trigger warning: this post is a shitshow.

I recently found myself wishing for a single online reference providing a brief summary of the high-level exploit flow of every public iOS kernel exploit in recent years; since no such document existed, I decided to create it here.

This post summarizes original iOS kernel exploits from local app context targeting iOS 10 through iOS 13, focusing on the high-level exploit flow from the initial primitive granted by the vulnerability to kernel read/write. At the end of this post, we will briefly look at iOS kernel exploit mitigations (in both hardware and software) and how they map onto the techniques used in the exploits.

Wheelhouse is a newsletter for makers that covers new materials, techniques, and tools.

(You can read on the web without subscribing.)

I am often get asked in DMs about how GPUs work. There is a lot of information on GPU architectures online, one can start with these:

Pixel art.

Cognitive scientists have identified a number of common ways in which people avoid being gullible. But con artists are especially skillful at what social scientists call framing, telling stories in ways that appeal to the biases, beliefs and prominent desires of their targets. They use strategies that take advantage of human weaknesses.

Good collection of cons.

Cross post: https://theconversation.com/why-do-people-believe-con-artists-130361

My web server logs referrer data whenever it’s available. It means I pick up a bunch of attempted referrer spam from some crazy Kyivstar GSM blocks, but it also means I can see when certain sites link to me. While this has shrunk over the years as browsers curtail what data they’re willing to convey to foreign origins, it’s not quite dead yet. Watching this over the past year or so has showed me that a handful of my posts are apparently very popular in bug tracking systems. I see quite a few inbound visitors from various corporate JIRA systems, and even a couple from some GitHub issue tracking pages.

This is certainly an interesting way to make a best of list.

Despite the title, this isn’t so much a roundup of generic techniques but links to write ups of specific exploits. Good coverage.

There are a few conferences from 2019 that I didn’t manage to get to last year (notably CCS, SOCC, and NeurIPS) which are still on my plate. And then I’ve pulled together this initial ‘watch list’ for the coming year.

Every week The Wall Street Journal’s My Ride column profiles vehicles and their owners, with surprising back stories. Here’s a look back at 2019.

A young Studebaker fan, a historic race car made newly famous by a Matt Damon movie and a Corvette expert’s Corvette are among the My Ride column’s highlights this year

On this episode of On the Metal, we interview Ron Minnich. Ron has had a fascinating career working on the interface between software and hardware. Join us as ~we install Gentoo and compile GCC~ to hear a mesmerizing conversation about Unix, Plan9, LinuxBIOS, Chromebooks, RISC-V, of course some Gentoo jokes, flip flop programming toys, and more!

Didn’t actually listen, but there’s a pile of links here anyway.

source: white

Over the last few years, I’ve come across more and more research papers based, in some way, on the ‘Common Language Runtime’ (CLR). So armed with Google Scholar and ably assisted by Semantic Scholar, I put together the list below.

Why Penn Jillette kind of makes sense as a tech magazine’s back-page columnist

But Jillette was something different. He was already famous—certainly more famous than Pournelle, an established science-fiction author, thanks to being a regular fixture on television during much of his career and starring in a legendary Run-DMC music video—and he likely did not need a nationally distributed computer magazine column to make a living. Jillette simply liked computers and knew a lot about them, which meant that he could rant about the details of an Autoexec.bat file just as easily as he can about politics. He gave the tech writing form something of an edge, while maintaining the freewheeling nature established by fellow pre-blogging voices like Pournelle.

Some good quotes and links here.

Lots of articles and links about design of shared urban spaces and their affect on behavior.

source: E

Shit happened. Mistakes were made.

As you might expect, the BBC test card with the girl and clown has both a backstory and a cult following.

source: K

A long and vivid debate for and against different vulnerability disclosure models is still taking place. Sources that collect all these valuable arguments are scarce. This document acts as a place-holder for related contributions that we are aware of. Paper, articles and more informal documents are grouped based on the type of publication. We hope that these links are useful to anyone familiarising themselves with the scene or planning further contributions.

source: grugq