A Cursed Bug - Made of Bugs
Software History
That Dragon Guy on Twitter
Open a terminal window on your computer—whether Windows, Mac or Linux—and unless you’ve fiddled the defaults, the width is almost always 80 columns. Run a code reformatter like clang-format and same deal…defaults to 80 columns. Why? (1/18) pic.twitter.com/OQLInQDaCo— That Dragon Guy (@PaintYourDragon) February 15, 2022
What About Monkey Patching? Is it as Dangerous as They Say?
Revisiting the Black Sunday Hack
One of the most impressive hacks I've ever read about has to be the Black Sunday kill. Since the original 2001 Slashdot article I read on this [http://slashdot.org/articles/01/01/25/1343218.shtml] is 99.9% quote, I'm going to do the same. I can see why
The Apple GPU and the Impossible Bug
xoreaxeaxeax/sinkhole: Architectural privilege escalation on x86
Architectural privilege escalation on x86. Contribute to xoreaxeaxeax/sinkhole development by creating an account on GitHub.
Cppiceberg
Main is usually a function. So then when is it not?
It began when my coworker, despite already knowing how to program, was forced to take the intro level Computer Science course at my university. We joked with...
The GNU C Library - strfry
Hertzbleed Attack
Turning Power Side-Channel Attacks Into Remote Timing Attacks on x86
WebTV Anecdotes
@sparrowgrine@chaos.social on Twitter
Cursed computing memory hierarchy, feel free to reply with questions about some of the more obscure stuff here, sources are available for all the cursed knowledge in this. pic.twitter.com/pfZ2FmCcy5— @sparrowgrine@chaos.social (@sparrowgrine) October 13, 2021
Lace card - Wikipedia
Theories, Solvers and Static Analysis by Abstract Interpretation
The algebraic/model theoretic design of static analyzers uses abstract domains based on representations of properties and pre-calculated property transformer...
Tales (anon)
Strip
The 8000th Busy Beaver number eludes ZF set theory: new paper by Adam Yedidia and me
I’ve supervised a lot of great student projects in my nine years at MIT, but my inner nerdy teenager has never been as personally delighted by a project as it is right now. To…
What is the '-->' operator in C/C++?
After reading Hidden Features and Dark Corners of C++/STL on comp.lang.c++.moderated, I was completely surprised that the following snippet compiled and worked in both Visual Studio 2008 and G++ 4....
Superoptimizing LLVM
Compilers are caught in a tug-of-war between increasingly exotic architectures and instruction set extensions on one hand, and our desire for advanced progra...
Getting Arbitrary Code Execution from fopen's 2nd Argument
hugeh0ge's blog
Intrinsic Propensity for Vulnerability in Computers? Arbitrary...
The universal Turing machine is generally considered to be the simplest, most abstract model of a computer. This paper reports on the discovery of an accidental arbitrary code execution...
Explaining the Entombed Algorithm
In \cite{entombed}, John Aycock and Tara Copplestone pose an open question, namely the explanation of the mysterious lookup table used in the Entombed Game's Algorithm for two dimensional maze...
A New Era of SSRF - Exploiting URL Parser in Trending Programming Languages!
We propose a new exploit technique that brings a whole-new attack surface to bypass SSRF (Server Side Request Forgery) protections. This is a very general at...
Linux in a Pixel Shader - A RISC-V Emulator for VRChat
Binary Banshees and Digital Demons
The Committee says these things do not exist. The Committee says these things are invisible, not our business, and not something we can or should talk about....
PNG Parser Differential
Pwnkit
Mytkowicz wrong data
Stuxnet - Wikipedia
The RISKS Digest, Volume 14 Issue 44