Research based on the .NET Runtime
http://www.mattwarren.org/2019/10/25/Research-based-on-the-.NET-Runtime/ [www.mattwarren.org]
2019-10-27 04:41
tags:
compsci
dotnet
jit
links
paper
> Over the last few years, I’ve come across more and more research papers based, in some way, on the ‘Common Language Runtime’ (CLR). So armed with Google Scholar and ably assisted by Semantic Scholar, I put together the list below.
All Penn, No Teller
https://tedium.co/2019/09/26/penn-jillette-pc-computing-magazine-columnist/ [tedium.co]
2019-09-28 19:43
tags:
essay
links
media
retro
tech
> Why Penn Jillette kind of makes sense as a tech magazine’s back-page columnist
> But Jillette was something different. He was already famous—certainly more famous than Pournelle, an established science-fiction author, thanks to being a regular fixture on television during much of his career and starring in a legendary Run-DMC music video—and he likely did not need a nationally distributed computer magazine column to make a living. Jillette simply liked computers and knew a lot about them, which meant that he could rant about the details of an Autoexec.bat file just as easily as he can about politics. He gave the tech writing form something of an edge, while maintaining the freewheeling nature established by fellow pre-blogging voices like Pournelle.
Some good quotes and links here.
Urban Nudges
http://www.urbannudges.com/ [www.urbannudges.com]
2019-08-19 20:11
tags:
design
hoipolloi
links
urban
Lots of articles and links about design of shared urban spaces and their affect on behavior.
source: E
2019 Pwnies Award Nominations
https://pwnies.com/nominations/ [pwnies.com]
2019-08-03 15:04
tags:
archive
exploit
links
security
Shit happened. Mistakes were made.
Vintage TV Test Patterns
https://kottke.org/19/06/vintage-tv-test-patterns [kottke.org]
2019-06-10 22:24
tags:
graphics
links
retro
tech
testing
> As you might expect, the BBC test card with the girl and clown has both a backstory and a cult following.
source: K
Vulnerability disclosure publications and discussion tracking
https://www.ee.oulu.fi/research/ouspg/Disclosure_tracking [www.ee.oulu.fi]
2019-06-08 00:44
tags:
development
links
security
> A long and vivid debate for and against different vulnerability disclosure models is still taking place. Sources that collect all these valuable arguments are scarce. This document acts as a place-holder for related contributions that we are aware of. Paper, articles and more informal documents are grouped based on the type of publication. We hope that these links are useful to anyone familiarising themselves with the scene or planning further contributions.
source: grugq
inks
https://inks.tedunangst.com/ [inks.tedunangst.com]
2019-04-18 00:45
tags:
links
update
Meta note: new domain, new code base, everything should be about the same, but not quite done converting all features.
RSS now at /rss.
Porting old posts
https://ericlippert.com/2019/04/09/porting-old-posts-part-1/ [ericlippert.com]
2019-04-11 00:38
tags:
links
programming
windows
> I’ve started the long process of porting old articles and it has been fun revisiting topics I haven’t thought about much for years.
> Anyways, as I port articles over I’ll post links to them here, with a few reflections.
A short reading list on voting security
https://twitter.com/mattblaze/status/1107016083930787840 [twitter.com]
2019-03-30 03:15
tags:
links
policy
security
tweet
The Internet of Food
https://tedium.co/2019/03/07/internet-food-delivery-history/ [tedium.co]
2019-03-10 00:58
tags:
food
ioshit
life
links
retro
web
> You know something you can’t get through the internet’s wires, at least not on its own? Food. We’ve been working on it for years, but no, we’re not at the point where we can deliver nourishment directly via the series of tubes. But food has always been something of a means to an end—a way of driving the internet forward, making it something people would actually like to use.
Plus tons of links.
Modern Microprocessors
http://www.lighterra.com/papers/modernmicroprocessors/ [www.lighterra.com]
2019-02-22 03:15
tags:
best
cpu
hardware
links
paper
perf
programming
> Okay, so you’re a CS graduate and you did a hardware course as part of your degree, but perhaps that was a few years ago now and you haven’t really kept up with the details of processor designs since then. In particular, you might not be aware of some key topics that developed rapidly in recent times...
> pipelining (superscalar, OOO, VLIW, branch prediction, predication)
> multi-core and simultaneous multi-threading (SMT, hyper-threading)
> SIMD vector instructions (MMX/SSE/AVX, AltiVec, NEON)
> caches and the memory hierarchy
> Fear not! This article will get you up to speed fast. In no time, you’ll be discussing the finer points of in-order vs out-of-order, hyper-threading, multi-core and cache organization like a pro. But be prepared – this article is brief and to-the-point.
I would say all of that is accurate except the brief part. It’s quite long, but very dense. Excellent resource.
It’s Time for Some Queueing Theory
https://kottke.org/19/01/its-time-for-some-queueing-theory [kottke.org]
2019-01-30 22:26
tags:
compsci
links
> Queueing theory is the scientific study of waiting in line. It can apply to familiar lines like those at the grocery store or bank but also to things like web servers, highway traffic, and telecommunications…basically any situation where you have things entering a system, being processed by a system for a certain period of time, and leaving the system.
Assorted stories and links.
source: K
The State Of Software Security In 2019
https://noncombatant.org/2019/01/06/state-of-security-2019/ [noncombatant.org]
2019-01-09 04:11
tags:
defense
development
links
security
> My goal in this post is to skim my observations on the state of software design and development over the past year, and to try to find a meaningful way forward for myself for 2019. My perspective is limited by the fact that I have worked exclusively in client-side software security for the past 7.5 years. Still, I think there are broad trends visible even to me, and some clear signs about where we need to go as an industry.
source: L
The best of GAN papers in the year 2018
https://dtransposed.github.io/blog/Best-of-GANs-2018-(Part-1-out-of-2).html [dtransposed.github.io]
2019-01-04 02:49
tags:
ai
graphics
links
paper
> This year I had a great pleasure to be involved in a research project, which required me to get familiar with a substantial number of publications from the domain of deep learning for computer vision. It allowed me to take a deep dive into the field and I was amazed by the progress done in the last 2-3 years. It is truly exciting and motivating how all different subfields such as image inpainting, adversarial examples, super-resolution or 3D reconstruction have greatly benefited from the recent advances. However, there is one type of neural networks, which has earned truly massive amounts of hype (in my humble opinion definitely for a reason)- Generative Adversarial Networks (GANs). I can agree that those models are fascinating and I am always on a lookout for some new GAN ideas.
source: HN
Ars Technica’s best games of 2018
https://arstechnica.com/gaming/2018/12/ars-technicas-best-games-of-2018/ [arstechnica.com]
2018-12-25 04:41
tags:
gaming
links
> Running through this year’s list of video games that made the most impact on the Ars staff, I’m struck by the sheer variety. Sure, there’s the usual selection of open world adventures and slick action games. But there are also a handful of fresh takes on the puzzle game genre, a few promising virtual reality games, a relatively wide variety of 2D platformers, racing games that run the gamut from realistic to campy, a couple of fighting games, and even a rhythm game!
20 more ways to spend time and money.
The 2018 Stratechery Year in Review
https://stratechery.com/2018/the-2018-stratechery-year-in-review/ [stratechery.com]
2018-12-23 20:00
tags:
business
links
policy
valley
> In last year’s Stratechery Year in Review I noted that the predominant theme was the impact of tech on society; perhaps unsurprisingly, the dominant theme in 2018 was tech and regulation.
Securely running processes that require the entire syscall interface
https://queue.acm.org/detail.cfm?id=3301253 [queue.acm.org]
2018-12-20 21:23
tags:
defense
links
security
virtualization
> While evidence has shown that “a container with a well-crafted seccomp (secure computing mode) profile (which blocks unexpected system calls) provides roughly equivalent security to a hypervisor” (https://blog.hansenpartnership.com/measuring-the-horizontal-attack-profile-of-nabla-containers/), methods are still needed for securely running those processes that require the entire syscall interface. Solving this problem has led to some interesting research.
> Let’s take a look at some of the research being done in these areas.
Information is Beautiful Awards 2018: The Winners
https://www.informationisbeautifulawards.com/news/323-information-is-beautiful-awards-2018-the-winners [www.informationisbeautifulawards.com]
2018-12-17 03:27
tags:
archive
links
media
visualization
> Let’s raise a glass to dataviz that pushes boundaries, illuminates truth, and celebrates beauty. Thank you to everyone who joined us on the Information is Beautiful Awards journey this year - now see which entries took home trophies at tonight’s spectacular ceremony.
Another collection: https://www.wsj.com/graphics/year-in-graphics-2018/
source: K
Everything You Wanted to Know About Emojis and the Law
https://blog.ericgoldman.org/archives/2018/11/everything-you-wanted-to-know-about-emojis-and-the-law.htm [blog.ericgoldman.org]
2018-11-30 19:53
tags:
language
links
policy
text
> For the past couple of years, I have invested significantly in all things emojis. This post rounds up everything I’ve done during that period.
Archives of POC2018
http://powerofcommunity.net/2018.htm [powerofcommunity.net]
2018-11-27 19:13
tags:
archive
links
pdf
security
slides
> Denis Kolegov, Oleg Broslavsky, “WebGoat.SDWAN.Net in Depth”
> En He, Jiashui Wang “Hacking Android VoIP for Fun and Profit!”
> Gmliu, “Windows Kernel Fuzzing”
> Jaanus Kääp, “Document parsers “research” as passive income”
> Jiafeng Li, Zuotong Feng, “How to Exploit Blockchain Public Chain and Smart Contract Vulnerability”
> Jin Liu & Chong Xu, “Pwning Microsoft Edge Browser: From Memory Safety Vulnerability to Remote Code Execution”
> Kang Li, “Practical evading attacks on commercial AI image recognition services”
> Liang Chen, “Era of iOS 12 with A12: End of iOS War?”
> Lidong LI & Naijie XU, “802.11 Smart Fuzzing”
> Ned Williamson, “Exploiting Chrome IPC”
> Nikita Tarakanov, “Automating Windows Kernel Pool Overflow/Corruption Exploits Development”
> Samuel Groß, “IPC MitM: Exploiting a Fun Logic Bug for Kernel-Mode Code Execution on MacOS”
> Tielei Wang, Hao Xu, “IOService Becomes a Grandpa”
> WYP, “Vulnerability analysis of Z-wave products used in Korea”
> Yannay Livneh, “Baby I can drive your car: remotely hacking Telematics CAN-connected devices”
> Yongtao Wang, Sai Cheng, Jie Fu, “SSRF To RCE In Java ”
> Yunhai Zhang, “Diving into Windows Defender Application Guard”
source: solar