Tweetovi

Blokirali ste korisnika/cu @elazarl

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @elazarl

  1. 5. velj

    I'm sitting behind a couple who are probably the parents of the pine that gives the talk, they're taking video of their son's talk. A sweet moment, I'm melting.

    Poništi
  2. 28. sij

    TIL, it was actually who chose the name "redshift"

    Poništi
  3. 23. sij

    In case anyone needs that, small script to convert AES test vectors to C struct value initiaziation.

    Poništi
  4. 19. sij

    Possible complexity I didn't touch: Changing ssp, SAVEPREVSSP RSTORSSP and token (say, for userspace threads) Long jumps/calls (changing segments), to other priv level & ssp security cookie interrupts, exceptions ssp int3 for debugging Speculative execution (see screenshot) +more

    Prikaži ovu nit
    Poništi
  5. 19. sij

    Here's a better link explaining why current form of endbr is not restrictive enough, and hence actually not used in practice by MSFT. I wonder if intel can add requirement of a matching hash in a backwards compatible way. See also

    Prikaži ovu nit
    Poništi
  6. 19. sij

    However, FW edges support isn't complete. HW protection allows any call site to call any function. CET can't limit a fptr() to only a subset of functions. Modern CFI can limit, say, f(int) to call only function with f(int) prototype. ⇒FW edges CET unused

    Prikaži ovu nit
    Poništi
  7. 19. sij

    CET adds HW support for that. FW edges: requires call sites to have endbr64 instruction right after call site. You can only call function end. BW edge: new reg ssp points to tamper-resistant shadow stack (marked by page table). Call&ret push/pop from sp+ssp, ret fault sp₀≠ssp₀

    Prikaži ovu nit
    Poništi
  8. 19. sij

    What is CET? The goal is limiting call site. If I have foo(): 1: x++ 2: y-- I want it to be impossible to do "call 2", incrementing y only. This is "forward edge". Likewise when returning from f, changing stack ret addr shouldn't be possible. This is "backwards edge" ⋙

    Prikaži ovu nit
    Poništi
  9. proslijedio/la je Tweet
    16. sij

    Want to learn more about Ceph? I will be giving a Ceph architecture talk at

    Poništi
  10. 9. sij

    This is the best description of the C/C++ standards I've ever read. (and do follow , she's a pleasure to read, see this thread for a great exposition proving is[a-z] prefix is indeed a UB by language lawyering across three different places in the standard text).

    Poništi
  11. 8. sij

    TIL about a scandal involving inserting his hometown to the crypto community lingo, with one of the worst excuses I've seen for acronyms, in crypto community, even at all. (What I don't get is, how didn't publish a similar trolling earlier in his career)

    Poništi
  12. 7. sij

    Good criticism of Go design NIH in 1)Debug/call conv. Not using standard tooling leaves perf on tbl, hard to get trace from dump 2)GC, existing proven approaches weren't used. New approacheds failed. Weird for "no research" lang 3)Compiler opt. 4)Generics.

    Poništi
  13. 6. sij

    found the recommendation in the standard

    Prikaži ovu nit
    Poništi
  14. 6. sij

    TIL `token_t tokenize_str(char* str)` is not recommended by GCC manual, and forbiddened by POSIX. GCC manual since tokenize starts with "to" followed by lowercase letter. POSIX, since, no type may have the _t suffix. (couldn't find {to,is}* in the C std Library Reserved Names)

    Prikaži ovu nit
    Poništi
  15. 4. sij

    TIL US Visa applicants are requested to dislose their social media accounts. Interesting times.

    Poništi
  16. 2. sij

    What's the practical use of whitebox crypto? Attacker can't know the key, but he can run the code that decrypts this key, and decrypt whatever he wishes, doesn't he? How should that work in practice? What the actual threat model? cc

    Poništi
  17. 30. pro 2019.

    In an official letter from a bank: For, Elazar Leibovich++ I really wonder which bug appended this ++ to my name.

    Poništi
  18. 22. pro 2019.

    TIL for old clang & GCC compat. you can have unreachable code warning by clang, which gcc misses (ignoring comprehensive enum switch) Remedy is, add __builtin_unreachable, but ifdef it out for old clang: if !defined(__clang_major__) || __clang_major__ >= 5

    Poništi
  19. 20. pro 2019.

    You wanna know what a veth pair in Linux is? This is a veth pair: From

    Poništi
  20. 11. pro 2019.

    I'm not expert, this isn't a literature survey. But it seems that at least some experts thinks that electric toothbrush is not more effective than regular toothbrush. (Oral-B ads doesn't lie though, there's research proving e-brush is more, less or equally effective to regular)

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·