Tweetovi

Blokirali ste korisnika/cu @intoverflow

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @intoverflow

  1. Prikvačeni tweet

    Btw I love you all ❤️ This year is gonna be NUTS tho so might be a good idea to get ready! Happy 2020! 🙌😁 Formal methods NOW!

    Poništi
  2. I have no idea what specifically went wrong in Iowa, though it seems unlikely, given the records kept at each precinct, that it will affect the final official outcome. The big risk is that disruptions and uncertainty like this will be exploited to discourage people from voting.

    Prikaži ovu nit
    Poništi
  3. prije 4 sata

    The Iowa Caucus delegate allocation rules appear to be the world’s strangest integer rounding function. Somebody should really turn this into a high school math / civics crossover lesson.

    Prikaži ovu nit
    Poništi
  4. Colors and Proofs were made for each other

    Poništi
  5. prije 12 sati

    One nice thing with Rust is that its std containers (strings, vecs, hashmaps) are very well thought out, not trivially made higher-performance, and let people get on with work. Every gameco in C++ has their own because std:: is a dumpsterfire.

    Prikaži ovu nit
    Poništi
  6. prije 9 sati

    CanSecWest 2020 (March: Dojo 14-17, Conf 18-20, Whistler 20-23) Dojo: We still have seats left for 's powerful fuzzing course "Advanced Fuzzing and Crash Analysis."

    Poništi
  7. 2. velj

    Building a radio using a pair of SX1257s from and two icebreakers from . Hardware compliments of . AM and FM are fairly easy, and fit nicely. Whether I can get the 16QAM link to fit still remains to be determined

    Poništi
  8. This question was brought to you by this talk 👇 which discusses the complexity of using sandboxing to compile C and C++ from untrusted sources

    Prikaži ovu nit
    Poništi
  9. 🤓 Thank you to everyone who voted! Is it safe to compile code from evil sources? Should it be? 🤔 Make & ./configure obviously unsafe But what about gcc? rustc? coqc? etc IMHO Compiling should be pure as possible. Don't need sockets to typecheck code! Sandbox filesys access!

    Prikaži ovu nit
    Poništi
  10. prije 20 sati
    Odgovor korisniku/ci

    There were multiple examples presented in CTF challenges of reading files/arbitrary code execution. Very much depends on the details - programming language, setup, but in general I would not consider it safe.

    Poništi
  11. prije 11 sati

    Reaching out to my peeps to ask a question: Do you know of any legitimate reason not to block DNS 'any' query type queries? Easily spoofed, a great source of amplification... what's the valid use case? Consider the context of blocking from a carrier, not enterprise.

    Poništi
  12. Poništi
  13. prije 23 sata
    Odgovor korisnicima

    zig's compile-time features do not allow syscalls, int-to-pointer, or inline assembly. the target system is emulated; it would break cross-compilation to leak anything related to the host system.

    Poništi
  14. 2. velj

    Setting up a VPN connection through McMurdo: $9/month The look on the SOC team's faces when they see Antarctica in the location fields in the SIEM: priceless

    Poništi
  15. 3. velj
    Odgovor korisniku/ci

    Hell, I don't even run strings on unknown stuff anymore after the stuff that's happened in the past there, but honestly I'd be more worried about features in the compilers I don't know about that are _designed_ to execute something or behave in a weird way.

    Poništi
  16. 3. velj
    Odgovor korisniku/ci

    Reminds me of Ken Thompson’s paper “Reflections on Trusting Trust” on compromised compilers.

    Poništi
  17. 3. velj
    Poništi
  18. 3. velj
    Odgovor korisnicima

    JavaScript engines are basically compilers that run unknown code and they have a huge attack surface because of it

    Poništi
  19. 2. velj

    ah, yes, my favorite CAD suite, NAME_STRING_FROM_CMAKE

    Poništi
  20. 3. velj
    Odgovor korisniku/ci

    Malware authors have been attacking analysts' disassemblers for ages, so....

    Poništi
  21. 3. velj
    Odgovor korisniku/ci

    "Allowed," "arbitrary," "run," and "code" are way too vague to give a meaningful answer to this question. Should the compiler dump the input into a buffer and branch to it? No. Should it evaluate the input with an interpreter with explicitly modeled side effects? Probably fine.

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·