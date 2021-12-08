Language Selection

Programming Leftovers

Development
  • Code memory safety and efficiency by example | Opensource.com

    C is a high-level language with close-to-the-metal features that make it seem, at times, more like a portable assembly language than a sibling of Java or Python. Among these features is memory management, which covers an executing program's safe and efficient use of memory. This article goes into the details of memory safety and efficiency through code examples in C and a code segment from the assembly language that a modern C compiler generates.

    Although the code examples are in C, the guidelines for safe and efficient memory management are the same for C++. The two languages differ in various details (e.g., C++ has object-oriented features and generics that C lacks), but these languages share the very same challenges with respect to memory management.

  • 0x0G CTF: gRoulette (Author Writeup)

    gRoulette is a simplified Roulette game online. Win enough and you’ll get the flag. The source code is provided, and the entire thing is run over a WebSocket connection to the server.

  • David Tomaschik: 0x0G CTF: Authme (Author Writeup)

    0x0G is Google’s annual “Hacker Summer Camp” event. Normally this would be in Las Vegas during the week of DEF CON and Black Hat, but well, pandemic rules apply. I’m one of the organizers for the CTF we run during the event, and I thought I’d write up solutions to some of my challenges here.

    The first such challenge is authme, a web/crypto challenge. The description just wants to know if you can auth as admin and directs you to a website. On the website, we find a link to the source code, to an RSA public key, and a login form.

  • Session switching with the tmux menu

    I thought that using a context menu like this to present a list of sessions to switch to would be fun and teach me more about the display-menu command. Basically I just wanted to have the menu display the sessions I had, and when I’d selected one, switch me to it. So, this is what I did.

  • Parse command options in Java with commons-cli | Opensource.com

    When you enter a command into your terminal, whether it's to launch a GUI app or just a terminal app, there are often options (sometimes called switches or flags) you can use to modify how the application runs. This is a standard set by the POSIX specification, so it's useful for a Java programmer to know how to detect and parse options.

Proprietary Software and Security Leftovers

  • The Massive Army of Volunteers That Built AOL in the 90s

    Whatever the case, during the 1980s and 1990s, it was very common for many online networks to rely on the unpaid services of their users to help onboard or support others within their communities, a role that would later be taken on instead by paid individuals.

  • Ransomware attacks increased by 64% in last one year: Report [iophk: Windows TCO]

    Barracuda, a cloud-enabled security solutions provider, in its latest Threat Spotlight, analysed 121 ransomware incidents between August 2020 and July 2021.

    They found many attacks are being led by a handful of high-profile ransomware gangs.

  • Why No HTTPS? The 2021 Version

    More than 3 years ago now, Scott Helme and I launched a little project called Why No HTTPS? It listed the world's largest websites that didn't properly redirect insecure requests to secure ones. We updated it December before last and pleasingly, noted that more websites than ever were doing the right thing and forcing browsers down the secure path. That's the good news, the bad news is that there are still some really wacky, unexplainable anti-HTTPS views out there, but those voices are increasingly less relevant as the browsers march forward: [...]

  • All your DNS were belong to us: AWS and Google Cloud shut down spying vulnerability

    Until February this year, Amazon Route53's DNS service offered largely unappreciated network eavesdropping capabilities. And this undocumented spying option was also available at Google Cloud DNS and at least one other DNS-as-a-service provider.

  • Black Hat security conference returns to Las Vegas – complete with hacks to quiet the hotel guest from hell • The Register

    After a year off due to a certain virus, the Black Hat and DEF CON security conferences returned to Las Vegas last week, just in time for the US government's attempts to foster more collaboration across the infosec industry. The newly appointed Security Director of the Cybersecurity and Infrastructure Agency Jen Easterly took to the virtual Black Hat stage last week (although there was a limited and well-spaced physical conference this year) and announced the Joint Cyber Defense Collaborative (JCDC), which she claimed would be a true public/private partnership to try to lock down security incidents by sharing data and skills.

  • A Critical Random Number Generator Flaw Affects Billions of IoT Devices

    A critical vulnerability has been disclosed in hardware random number generators used in billions of Internet of Things (IoT) devices whereby it fails to properly generate random numbers, thus undermining their security and putting them at risk of attacks.

  • What are Command Injection vulnerabilities?

    Command injection vulnerabilities are probably one of the most dangerous vulnerabilities that can happen in an application.

Linux 5.15 To Add Graphics Support For Qualcomm Adreno 680, 7c3

The MSM DRM kernel updates to this open-source Qualcomm Adreno driver have been sent in to DRM-Next ahead of the upcoming Linux 5.15 merge window. There are a variety of updates and fixes to this drm-msm-next update but most notable is new Adreno 600 series support. Qualcomm's Adreno 680 is now supported as well as the 7c3. The 7c3 is the Adreno 7c Gen 3 GPU found within their new Snapdragon compute platform. The 7c3 is similar to an Adreno 660 GPU but with some driver programming changes. Read more

What is SteamOS? Everything Important You Need to Know About This “Gaming Distribution”

SteamOS is a Linux distribution from the game distribution platform Steam. It is not a generic desktop operating system like Debian, Linux Mint or Ubuntu though you could use the desktop features. By default, SteamOS gives you a console like interface because SteamOS is intended to be the operating system on Steam devices like Steam Machine (discontinued) and Steam Deck. Read more Also: Will the Steam Deck need to be JAILBROKEN? - Invidious

Mabox Linux 21.08 – August ISO refresh

August ISO refresh is available for download. It contain all the updates as of 8/12/2021 and a bunch of small improvements and fixes. Read more

