Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @intoverflow
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @intoverflow
-
Prikvačeni tweet
Btw I love you all
This year is gonna be NUTS tho so might be a good idea to get ready!
https://coq.inria.fr
http://softwarefoundations.cis.upenn.edu
Happy 2020! 
Formal methods NOW!Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Tim broker Carstens / Formal Methods NOW! proslijedio/la je Tweet
I have no idea what specifically went wrong in Iowa, though it seems unlikely, given the records kept at each precinct, that it will affect the final official outcome. The big risk is that disruptions and uncertainty like this will be exploited to discourage people from voting.
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Tim broker Carstens / Formal Methods NOW! proslijedio/la je Tweet
The Iowa Caucus delegate allocation rules appear to be the world’s strangest integer rounding function. Somebody should really turn this into a high school math / civics crossover lesson.
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Tim broker Carstens / Formal Methods NOW! proslijedio/la je Tweet
Colors and Proofs were made for each otherpic.twitter.com/syxlfK8sBD
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Tim broker Carstens / Formal Methods NOW! proslijedio/la je Tweet
One nice thing with Rust is that its std containers (strings, vecs, hashmaps) are very well thought out, not trivially made higher-performance, and let people get on with work. Every gameco in C++ has their own because std:: is a dumpsterfire.
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Tim broker Carstens / Formal Methods NOW! proslijedio/la je Tweet
CanSecWest 2020 (March: Dojo 14-17, Conf 18-20, Whistler 20-23) Dojo: We still have seats left for
@richinseattle 's powerful fuzzing course "Advanced Fuzzing and Crash Analysis." https://cansecwest.com/dojos/2020/vulndisco.html …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Tim broker Carstens / Formal Methods NOW! proslijedio/la je Tweet
Building a radio using a pair of SX1257s from
@kbeckmann and two icebreakers from@esden. Hardware compliments of@symbiotic_eda . AM and FM are fairly easy, and fit nicely. Whether I can get the 16QAM link to fit still remains to be determinedpic.twitter.com/ssXj9vf5OV
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
This question was brought to you by this talk
which discusses the complexity of using sandboxing to compile C and C++ from untrusted sourceshttps://www.youtube.com/watch?time_continue=3193&v=bSkpMdDe4g4&feature=emb_logo …Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Thank you to everyone who voted!
Is it safe to compile code from evil sources? Should it be?
Make & ./configure obviously unsafe
But what about gcc? rustc? coqc? etc
IMHO Compiling should be pure as possible. Don't need sockets to typecheck code! Sandbox filesys access!https://twitter.com/intoverflow/status/1224083679376334849 …Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Tim broker Carstens / Formal Methods NOW! proslijedio/la je Tweet
There were multiple examples presented in CTF challenges of reading files/arbitrary code execution. Very much depends on the details - programming language, setup, but in general I would not consider it safe.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Tim broker Carstens / Formal Methods NOW! proslijedio/la je Tweet
Reaching out to my
#infosec peeps to ask a question: Do you know of any legitimate reason not to block DNS 'any' query type queries? Easily spoofed, a great source of amplification... what's the valid use case? Consider the context of blocking from a carrier, not enterprise.Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Tim broker Carstens / Formal Methods NOW! proslijedio/la je Tweet
zig's compile-time features do not allow syscalls, int-to-pointer, or inline assembly. the target system is emulated; it would break cross-compilation to leak anything related to the host system.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Tim broker Carstens / Formal Methods NOW! proslijedio/la je Tweet
Setting up a VPN connection through McMurdo: $9/month The look on the SOC team's faces when they see Antarctica in the location fields in the SIEM: pricelesshttps://twitter.com/malcomvetter/status/1224003799351799809 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Tim broker Carstens / Formal Methods NOW! proslijedio/la je Tweet
Hell, I don't even run strings on unknown stuff anymore after the stuff that's happened in the past there, but honestly I'd be more worried about features in the compilers I don't know about that are _designed_ to execute something or behave in a weird way.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Tim broker Carstens / Formal Methods NOW! proslijedio/la je Tweet
Reminds me of Ken Thompson’s paper “Reflections on Trusting Trust” on compromised compilers. https://www.win.tue.nl/~aeb/linux/hh/thompson/trust.html …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Tim broker Carstens / Formal Methods NOW! proslijedio/la je Tweet
.
@CharlesDardaman just bent my brain in a good way. https://twitter.com/CharlesDardaman/status/1224169305660628993 …pic.twitter.com/BfaAen7eWWHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Tim broker Carstens / Formal Methods NOW! proslijedio/la je Tweet
JavaScript engines are basically compilers that run unknown code and they have a huge attack surface because of it
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Tim broker Carstens / Formal Methods NOW! proslijedio/la je Tweet
ah, yes, my favorite CAD suite, NAME_STRING_FROM_CMAKEpic.twitter.com/fM9TFRzNUV
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Tim broker Carstens / Formal Methods NOW! proslijedio/la je Tweet
Malware authors have been attacking analysts' disassemblers for ages, so....
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Tim broker Carstens / Formal Methods NOW! proslijedio/la je Tweet
"Allowed," "arbitrary," "run," and "code" are way too vague to give a meaningful answer to this question. Should the compiler dump the input into a buffer and branch to it? No. Should it evaluate the input with an interpreter with explicitly modeled side effects? Probably fine.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.