Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @elazarl
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @elazarl
-
I'm sitting behind a couple who are probably the parents of the pine that gives the talk, they're taking video of their son's talk. A sweet moment, I'm melting.
#bluehatilpic.twitter.com/qtgEmxstkJ
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
TIL, it was actually
@bcantrill who chose the name "redshift"pic.twitter.com/tmuTQtDimF
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
In case anyone needs that, small script to convert AES test vectors to C struct value initiaziation.https://gist.github.com/elazarl/41865ca98e5dc560d98566dfe2331b59 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Possible complexity I didn't touch: Changing ssp, SAVEPREVSSP RSTORSSP and token (say, for userspace threads) Long jumps/calls (changing segments), to other priv level & ssp security cookie interrupts, exceptions ssp int3 for debugging Speculative execution (see screenshot) +morepic.twitter.com/yIh1lj5pgw
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Here's a better link explaining why current form of endbr is not restrictive enough, and hence actually not used in practice by MSFT. I wonder if intel can add requirement of a matching hash in a backwards compatible way. See also https://lwn.net/Articles/758254/ …https://twitter.com/liran_alon/status/1218574987336060928 …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
However, FW edges support isn't complete. HW protection allows any call site to call any function. CET can't limit a fptr() to only a subset of functions. Modern CFI can limit, say, f(int) to call only function with f(int) prototype. ⇒FW edges CET unusedhttps://twitter.com/Liran_Alon/status/1218477026501386240 …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
CET adds HW support for that. FW edges: requires call sites to have endbr64 instruction right after call site. You can only call function end. BW edge: new reg ssp points to tamper-resistant shadow stack (marked by page table). Call&ret push/pop from sp+ssp, ret fault sp₀≠ssp₀pic.twitter.com/fgz4MQmtgY
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
What is
@Intel CET? The goal is limiting call site. If I have foo(): 1: x++ 2: y-- I want it to be impossible to do "call 2", incrementing y only. This is "forward edge". Likewise when returning from f, changing stack ret addr shouldn't be possible. This is "backwards edge" ⋙pic.twitter.com/MkEq6wa2IM
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Elazar Leibovich proslijedio/la je Tweet
Want to learn more about Ceph? I will be giving a Ceph architecture talk athttps://www.meetup.com/in-dev/events/266805065/ …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
This is the best description of the C/C++ standards I've ever read. (and do follow
@whitequark , she's a pleasure to read, see this thread for a great exposition proving is[a-z] prefix is indeed a UB by language lawyering across three different places in the standard text).https://twitter.com/whitequark/status/1215247045528821761 …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
TIL about a scandal involving
@mkilmo inserting his hometown to the crypto community lingo, with one of the worst excuses I've seen for acronyms, in crypto community, even at all. (What I don't get is, how didn't@CrypTomer_pers publish a similar trolling earlier in his career)pic.twitter.com/G30fJTEw3e
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Good criticism of Go design NIH in 1)Debug/call conv. Not using standard tooling leaves perf on tbl, hard to get trace from dump 2)GC, existing proven approaches weren't used. New approacheds failed. Weird for "no research" lang 3)Compiler opt. 4)Generics. https://news.ycombinator.com/item?id=21912140 …pic.twitter.com/SEQA44LAEx
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
TIL `token_t tokenize_str(char* str)` is not recommended by GCC manual, and forbiddened by POSIX. GCC manual since tokenize starts with "to" followed by lowercase letter. POSIX, since, no type may have the _t suffix. (couldn't find {to,is}* in the C std Library Reserved Names) https://twitter.com/jckarter/status/1214066926470615042 …pic.twitter.com/OOKGi1jvmU
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
TIL US Visa applicants are requested to dislose their social media accounts. Interesting times.pic.twitter.com/ccd01ZLylB
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
What's the practical use of whitebox crypto? Attacker can't know the key, but he can run the code that decrypts this key, and decrypt whatever he wishes, doesn't he? How should that work in practice? What the actual threat model? cc
@CrypTomer_pers@mkilmoHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
In an official letter from a bank: For, Elazar Leibovich++ I really wonder which bug appended this ++ to my name.pic.twitter.com/W6GysFMil4
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
TIL for old clang & GCC compat. you can have unreachable code warning by clang, which gcc misses (ignoring comprehensive enum switch) Remedy is, add __builtin_unreachable, but ifdef it out for old clang: if !defined(__clang_major__) || __clang_major__ >= 5 https://godbolt.org/z/-_-cpk pic.twitter.com/FuelqOgngv
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
You wanna know what a veth pair in Linux is? This is a veth pair: From
@DevOpsDaysTLVpic.twitter.com/3YbGIwZ07Q
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
I'm not expert, this isn't a literature survey. But it seems that at least some experts thinks that electric toothbrush is not more effective than regular toothbrush. (Oral-B ads doesn't lie though, there's research proving e-brush is more, less or equally effective to regular)pic.twitter.com/qnoyFQx1kR
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.