There has been some discussion recently about the bypassing of
Little Snitch by the first datagram of a three-way TCP
handshake. The
facts: When a deny-rule for a domain is set in Little Snitch, and a
TCP
connection is made to that domain, a TCP
SYN
data packet is sent to the remote server. Although this packet does
not carry any payload, it does include crucial information such as
your IP address, as well
as the sending and receiving port
numbers.
Image processing plays a crucial role in numerous fields, ranging
from computer vision and medical imaging to surveillance systems and
photography. The implementation of image processing algorithms in
programming languages like C has become increasingly important due
to the need for efficient and optimized solutions especially on
embedded devices where computing power is still limited.
There’s been quite a lot of discussion lately about whether or not
to use an ORM. As someone who’s been both proponent and opponent of
the use of ORM’s over the years, I figured I’d write a blog post
about my current opinion on the matter (which may change again a
couple of times in the future ;-)).
So I almost fell out of my seat yesterday when I caught wind of the
announcement that CSS nesting has
landed
in actual browsers and if you want to play around with them then you
can do that in the latest version of Safari Technology
Preview. This means it’s half a step
away from landing in real browsers very soon.
This guide shares strategies and tactics for getting better results
from GPTs. The methods described here can sometimes be deployed in
combination for greater effect. We encourage experimentation to find
the methods that work best for you.
Telnet, the protocol and the command line tool, were how system
administrators used to log into remote servers. However, due to the
fact that there is no encryption all communication, including
passwords, are sent in plaintext meant that Telnet was abandoned in
favour of SSH almost as soon as SSH was created.
For the purposes of logging into a remote server, you should never,
and probably have never considered it. This does not mean that the
telnet command is not a very useful tool when used for debugging
remote connection problems.
In this guide, we will explore using telnet to answer the all too
common question, “Why can’t I ###### connect‽”.
You might expect that implementing a VMM more or less requires use
of a systems language such as C or Rust. Interestingly, this turns
out not to be the case. In actuality, the KVM
API turns
out to be simple enough to use that it is entirely feasible to write
a VMM for Linux in Python.
I want to introduce the new (soft) keyword struct (the name was
chosen by my wife, Andrea, as more understandable than data once
you explain struct is short for structure and how it's used in
other programming languages). You would be able to follow the
keyword with the name of the struct class. The parentheses after the
name would contain the positional-or-keyword and/or keyword-only
parameters the constructor would accept. Each parameter name would
directly map to an attribute name for which the parameter would be
saved to. Because of this mapping of parameter name to attribute
name, no positional-only parameters are allowed (the only
deviation from function declearation syntax).
This PEP specifies an improved syntax for specifying type parameters
within a generic class, function, or type alias. It also introduces
a new statement for declaring type aliases.
At the beginning of the evening I finished Lords of
Uncreation,
The Final Architecture Book 3 by Adrian Tchaikovsky. An action packed
page turner and a good conclusion to the Final Architecture trilogy.
After moving his family back to his hometown to be with his friends
and their kids, Lenny finds out that between old bullies, new
bullies, schizo bus drivers, drunk cops on skis, and four hundred
costumed party crashers sometimes crazy follows you.
In the evening Esme and I watched Grown Ups
2. I liked the movie less than
the previous one so I give it a 6 out of 10.
THE HUNT IS ON AND THE POLICE ARE RUNNING OUT OF TIME. Two young
women are missing, their only connection a party they both attended,
hosted by a notorious real-estate magnate. When one of the women is
found murdered, the police discover an unusual signature left by the
killer, giving them reason to suspect he will strike again.
THEY'RE FACING A KILLER UNLIKE ANY OTHER. And exposing him calls for
a detective like no other. But the legendary Harry Hole is
gone—fired from the force, drinking himself to oblivion in Los
Angeles. It seems that nothing can entice him back to Oslo. Until
the woman who saved Harry's life is put in grave danger, and he has
no choice but to return to the city that haunts him and track down
the murderer.
CATCHING HIM WILL PUSH HARRY TO THE LIMIT. He'll need to bring
together a misfit team of former operatives to accomplish what he
can't do alone: stop an unstoppable killer. But as the evidence
mounts, it becomes clear that there is more to this case than meets
the eye...
In the evening I started in Killing
Moon,
a Harry Hole Novel (13) by Jo Nesbø.
NixOS is a Linux distribution configured using
Nix. It is
declarative, meaning that the entire system state can be defined in
a single .nix file; and reproducible, meaning you can have
multiple computers set up identically.
Once you ship your software, most of your end users will be better
served by replacing the stack trace with some actionable error
message in case of a crash.
Choosing good test cases for our Go programs can be a bit
hit-and-miss. Sometimes we get lucky and find an input that causes
incorrect behaviour, or even a crash, but in general, picking inputs
at random isn’t a good way to find bugs.
Or is it? What if we leaned into that idea a little and used a lot
of different inputs? Say, a million, or even a billion. With that
many inputs, our chances of finding the one weird value that
triggers a problem start to look pretty good.
The Rust team is happy to announce a new version of Rust,
1.70.0. Rust is a programming language empowering everyone to build
reliable and efficient software.
I was watching this amazing lightning
talk by Karla
Burnett and wanted to understand how
traceroute works in UNIX. Traceroute is a tool that shows the
route of a network packet from your computer to another computer on
the internet. It also tells you how long it takes for the packet to
reach each stop along the way.
Hey everyone, we are Ryan Lahfa
and Martin Weinelt, the release
managers for this stable release and we are very proud to announce
the public availability of NixOS 23.05 “Stoat”.
A lot of basic, important information about transformer language
models can be computed quite simply. Unfortunately, the equations
for this are not widely known in the NLP community. The purpose of
this document is to collect these equations along with related
knowledge about where they come from and why they matter.
Source: Transformer Math
101, an article by
Quentin Anthony, Stella Biderman, and Hailey Schoelkopf.
With more than 9 billion gigabytes of information traveling the
internet every day, researchers are constantly looking for new ways
to compress data into smaller packages. Cutting-edge techniques
focus on lossy approaches, which achieve compression by
intentionally “losing” information from a transmission. Google, for
instance, recently unveiled a lossy strategy where the sending
computer drops details from an image and the receiving computer uses
artificial intelligence to guess the missing parts. Even Netflix
uses a lossy approach, downgrading video quality whenever the
company detects that a user is watching on a low-resolution device.
Very little research, by contrast, is currently being pursued on
lossless strategies, where transmissions are made smaller, but no
substance is sacrificed. The reason? Lossless approaches are already
remarkably efficient. They power everything from the PNG image
standard to the ubiquitous software utility PKZip. And it’s all
because of a graduate student who was simply looking for a way out
of a tough final exam.
That gives me an idea: I can't change the hostname from a container
because of limited capabilities. But I could totally launch a new
process in the same namespace, and this new process would have no
capability limits—so it could change the hostname. And that change
would be shared with the container! Let's try it!
What I’ve since realized is that JavaScript reuses its full-power
Objects for many non-OO purposes, most of which are much
simpler. I’ve used JS objects for roughly 4 things:
You may have heard there are new, modern standards in Python
packaging (pyproject.toml!) that have been adopted over the last
few years. There are now several popular and shiny modern tools for
managing your packaging projects. (Poetry! Hatch! PDM!) However, the
documentation is scattered and much of it is specific to these
competing tools. What are the recommended best practices when
creating a Python package? What is the minimal amount that you
need to do in order to follow the best practices?
The tragic and controversial story of Cameron Todd Willingham, who
was sentenced to death in Texas for killing his three children even
after scientific evidence and expert testimony bolstered his claims
of innocence.
In the evening I watched Trial by
Fire. I liked the movie and
give it a 7 out of 10.
Overall, there was agreement that the original motivations for a
large, “batteries-included” standard library no longer held up to
scrutiny. “In the good old days,” Ned Deily reminisced, “We said
‘batteries-included’ because we didn’t have a good story for
third-party installation.” But in 2023, installing third-party
packages from PyPI is much easier.
This blog post is about benchmarking Caddy against Nginx and their
respective performance metrics as reverse proxies. Be forewarned: I
was very thorough and there are tons of graphs and tables in here. I
didn’t want to make any mistakes! Nobody is allowed to make mistakes
on the Internet.
In this blog post, I will guide you through the steps of adding
security headers using Cloudflare, making the process much simpler
and hassle-free, without even touching a single line of code on your
web server.
What I've come to realize, though, is that anyone can write code
that seems complicated. The hard thing is solving complex problems
with simple code. If you can develop that skill, nobody will ever
doubt your abilities.
Media queries are a CSS language feature which allow an author to
conditionally apply CSS rules according to characteristics of the
device or window in which an application is being viewed. Most
commonly, these might be according to the viewport width allowing
CSS authors to create components and layouts that are responsive
to the size of the window or device that they are being viewed
in. But this may also extend to whether a user prefers light or dark
mode, or even a user's accessibility preferences, plus many more
properties.
Over the years, I've observed modern password hashing algorithms
significantly reduce the effectiveness of brute-force password
guessing. However, password stuffing attacks—where attackers use
previously leaked credentials to gain unauthorized access—continue
to be a persistent threat. On the other hand, the advent of
multi-factor authentication (MFA) has shifted the focus to
protecting user accounts through additional layers of verification,
making passwords less critical to security.
We’ve just uploaded mypy 1.3 to the Python Package Index
(PyPI). Mypy is a static type
checker for Python. This release includes new features, performance
improvements and bug fixes.
I don’t like Bash. It’s just too confusing. Do I need to use double
brackets for this? Do I need to quote this? Am I still writing
Bash or am I
sprinkling in some bits of
sh? I can never
remember.
Emacs 29 introduces tree-sitter support, a powerful parsing library
that enhances its understanding of source code. With this
integration, Emacs gains features like precise syntax highlighting,
accurate indentation and easier extensibility. Here's how you
install and configure Emacs with tree-sitter support.
On our way to the shopping mall in Naaldwijk I spotted a duck. When I
walked into the duck's direction I noticed that she had six small
ducklings, so I took the photo below.
This is a story about the journey we’ve been on at
HUMAN Security to find the best
project structure for Go, what decisions we’ve made based on our
exploration, and the conclusions we’ve drawn. We’ve created an
open-source template
repository for
the final structure, and a branch containing a tiny example
project
alongside. To use this template, fork the repository or use it as a
template.
John Wick uncovers a path to defeating The High Table. But before he
can earn his freedom, Wick must face off against a new enemy with
powerful alliances across the globe and forces that turn old friends
into foes.
In the evening I watched John Wick: Chapter
4. At first, Esme was
watching as well. But she was very tired so she fell asleep a few
times during the movie. Alice was making "Hello, Kitty" cookies and
also watched parts.
The movie was a lot, and I mean a lot, of killing. At times it looked
(probably on purpose) like a computer game. I didn't like the movie
much and give it a 6 out of 10. Of the recent carnage movies I liked
Sisu more.
Like M. Fielder's and M. Hunter's 1986 book, one can find many
instances in books, on the World Wide Web, in tutorials, and even on
manual pages, of abusing su for dropping superuser privileges and
running programs with ordinary user privileges — in cron jobs,
/etc/rc scripts, init.d scripts, and even from
/etc/inittab. They are all wrong.
Don't abuse su for this purpose. It has never in fact been the
function of su, and for the past two decades people have been
triggering errors with this abusage. Over the past decade or so, as
of 2014, this error has gradually become more and more blatant,
going from a few ignorable warning messages in obscure log files to
systems that fail to function, but it has in fact been there all of
this time.
In March, IPinfo began offering a free, file-based country-level
dataset download for IPv4 and IPv6 addresses. This file is the
result of over 900 TB of data on BigQuery being synthesized down
into a file a few MB in size. The downloads are refreshed daily so
changes in IPv4 locations and ownership can be seen with 24-hour
granularity.
In this blog post, I'll walk through downloading this dataset as
well as looking at some interesting IP address space analysis that
it can be used for.
Today, as part of that long term effort to secure the Python
ecosystem, we are announcing that every account that maintains any
project or organization on PyPI will be required to enable 2FA on
their account by the end of 2023.
Renfield, Dracula's henchman and inmate at the lunatic asylum for
decades, longs for a life away from the Count, his various demands,
and all of the bloodshed that comes with them.
In the evening Alice, Adam, and I watched
Renfield. I liked the movie
and give it a 7 out of 10.
I previously wrote about starting a Go project in
2018. A lot
has changed since I wrote that and I had been wanting to write an
updated version. What follows should be enough for anyone new to Go
to get started and ideally start them being productive.
In this article, you will learn how to add a backdoor to the SSH
Public Key. The backdoor will execute whenever the user logs in. The
backdoor hides as an unreadable long hex-string inside
~/.ssh/authorized_keys or ~/.ssh/id_*.pub.
Popovers are everywhere on the web. You can see them in menus,
toggletips, and dialogs, which could manifest as account settings,
disclosure widgets, and product card previews. Despite how prevalent
these components are, building them in browsers is still
surprisingly cumbersome. You need to add scripting to manage focus,
open and close states, accessible hooks into the components,
keyboard bindings to enter and exit the experience, and that’s all
even before you start building the useful, unique, core
functionality of your popover.
To resolve this, a new set of declarative HTML APIs for building
popovers is coming to browsers, starting with the popover API in
Chromium 114.
In the evening I found out that when saving an encrypted text file
from Aquamacs that the program became unresponsive until I pressed
C-g. After some Googling I learned that downgrading GNU Privacy
Guard to version 2.4.0 fixed this issue. I wrote about how to do
this with Mac Ports.
A month ago I blogged about ways to reduce strenuous key presses in
my Emacs use. I analyzed my runs of chords in
Emacs, then
speculated
on the merits of exclusive vs mixed
editing. Since then I
wrote an Emacs mode called
god-mode. It’s a mode that
you toggle in and out of, and when you’re in it, all keys are
implicitly prefixed with C- (among other helpful shortcuts). Over
all, it’s been a resounding success. A couple other people,
including the author of multiple mark mode, contributed some
patches. I’ve been using it for a month and have been very
satisfied.
Then Brad
Westfall
reminded me of a Sass feature that, while small, is probably the one
I miss the most every single time I write vanilla CSS: single line
// comments.
Before you can process your data with Pandas, you need to load it
(from disk or remote storage). There are plenty of data formats
supported by Pandas, from CSV, to JSON, to Parquet, and many others
as well.
Which should you use?
You don’t want loading the data to be slow, or use lots of memory:
that’s pure overhead. Ideally you’d want a file format that’s
fast, efficient, small, and broadly supported.
You also want to make sure the loaded data has all the right
types: numeric types, datetimes, and so on. Some data formats do a
better job at this than others.
While there is no one true answer that works for everyone, this
article will try to help you narrow down the field and make an
informed decision.