WARNING, pinned: toots mostly consist of non-CWed Internet memes, anime memes, personal debates, politics, sometimes discussion of controversial ideologies (but it's probably in Chinese w/ CW), even worse, mostly written in Chinese which you cannot understand. Only occasionally posting FLOSS and security-related news and opinions. Wants to follow? Proceed with care. All the views and opinions expressed here is my personal, not necessarily (and mostly, not) related to any organization I am affiliated to.
I've... exploited 0days you programmers wouldn't believe.
[*contemptuous laugh*]
ROP shellcode on non-executable memory ran as the machine of Turing.
I watched Offset2lib pwns ASLR near the stack of kernel space.
All those bugs won't be fixed in time, like
[*cough*] dereference... to... NULL,
Time...to...
segfault (core dumped)
”Don't get confused by the similarities between 4kV ESD testing, 4kV fast transient burst testing, and 4kV
surge. The voltages are the same, but the energy behind them is totally different. Dropping a small rock
on your foot may hurt, but you will still be able to walk. Dropping a large rock from the same height will
most likely cause severe damage to your foot. Doing this 250 times per second will reduce your shoe size
permanently.“
Atmel engineers have done a good job on writing this application note 🤣
"In this thesis, we explore the feasibility of hiding malware in ACPI bytecode by finding the kernel ASLR slide. First, we sketch a proof that
ASL, the programming language of ACPI, is turing-complete.
Furthermore, we demonstrate that because ACPI uses physical addresses, the kernel can be found via brute force. Additionally, we show that this holds true in any kASLR configuration offered by the Linux kernel. This shows that kASLR of physical addresses offers no security benefits."
#TIL ACPI is Turing-complete.
To describe low-level hardware operations in an OS-independent way, ACPI defines a virtual machine, which is provided by an operating system to run the ASL assembly language.
I knew ASL and even have modified it to workaround broken BIOS, but never realized it's running a virtual machine... Here's the question, can someone write a Lisp interpreter on ACPI...
So the kernel is running vendor-provided code with full-privilege... What could possibly go wrong... 🤔
#随便翻翻二次元小说有感
有些书友真是我佛了
拿官方后期的设定怼以前的同人小说
那个时候谁他妈知道学园都市第五位会叫食蜂操祈啊?
作者通篇都只能用女王,第五位等词侧面描述,怪他咯?还不是河马的错
Git-signatures – Multiple PGP signatures for your commits
https://github.com/hashbang/git-signatures
(submitted by Couto)
@bgme mastodon很好用但是明星不来呀😂
Debian 9.8 released https://www.debian.org/News/2019/20190216
Western Digital’s RISC-V “SweRV” Core Design Released for Free
https://www.anandtech.com/show/13964/western-digitals-riscv-swerv-core-released-for-free
(submitted by osivertsson)
@niconiconi
我帮我姐填体检、素质评价什么的(似乎是拿来取得高考资格的)真要把我搞疯了…
@bgme @niconiconi 我跑了一天了还没有结束(然而从监控看只有刚开始运行的时候释放了一些空间,后面似乎就没什么卵了,我觉得 Mastodon 这个问题显然不是 fd 被进程打开造成的,因为存储系统不可能打开几万个冷文件一直不释放否则早就打到 ulimit 了,这个就是删除不完整或者它以为删了但后端没有,或者它漏掉了很多应该被删除的东西,但没有石锤证据、也不知到实际上是为什么(
分享专辑《B1T-0N!》 这位作者读本科时写了个简单的虚拟机当作业,后来又开发了汇编器、脚本和三通道音频合成器,然后在这台自己发明的计算机上二次创作 8-bit 音乐……后来又用 Z80 汇编把石头门 8-bit 外传的脚本引擎移植到了 ZX Spectrum 上,在 demo 大赛获奖。,在真机上真的能运行,128 KiB 内存的那个型号……俄罗斯死宅果然都不是一般人……上半张:https://gglab.bandcamp.com/album/b1t-0n-2 下半张:https://gglab.bandcamp.com/album/b1t-0n-unreleased-tracks
Code monkey, sysadmin of Beijing GNU/Linux User Group / No nations, no flags, no patriots. / Chaotic Neutral / Now Accelerationist / 🔐 OpenPGP: FAD3EB05E88E8D6D #cryptoparty / currently NEET / biologically male, self-identified as '; DROP TABLE genders;