Hacker News: fay59

New comment by fay59 in "Lesser known tricks, quirks and features of C"

fay59 — Mon, 20 Feb 2023 15:48:52 +0000

The former is ideally resolved with attribute((format_arg)), the latter with attribute((format)).

New comment by fay59 in "Lesser known tricks, quirks and features of C"

fay59 — Mon, 20 Feb 2023 15:47:54 +0000

The flag is -Wformat-nonliteral or -Wformat=2. -Wformat-security only includes a weaker variant that will warn if you pass a variable and no arguments to printf.

New comment by fay59 in "Apple offers $970 in trade-in value for $52,199 Mac Pro"

fay59 — Tue, 17 Jan 2023 21:55:07 +0000

5 years seems like a low for Apple device longevity. I think that there’s an enormous difference between today’s Macs and Macs from 5 years ago and maybe the leap is accelerate deprecation, but there was a long period of stagnating macOS requirements. Hope we return to that for Apple Silicon Macs.

New comment by fay59 in "Figuring out round, floor and ceil with integer division"

fay59 — Sat, 26 Nov 2022 09:19:31 +0000

> We could stop right here but this suffers from overflow limitations if translated into C.

FWIW, the final version also suffers from integer overflow limitations. If the difference between an and INT_MIN/INT_MAX (depending on whether you floor or ceil) is <= b/2, you will have integer overflow.

New comment by fay59 in "Computer proof ‘blows up’ centuries-old fluid equations"

fay59 — Sat, 19 Nov 2022 11:51:17 +0000

In context, it sounds like they relied on simulations that don’t use exact numbers. I’m guessing that they saw an IEEE-754 floating-point infinity and then had to determine whether they got it because the accurate result was infinity or if the infinity they saw was the result of floating-point calculation artifacts.

New comment by fay59 in "Nearly all binary searches and mergesorts are broken (2006)"

fay59 — Sun, 06 Nov 2022 15:44:53 +0000

I feel that it’s so simple that many people will overlook that it even exists. In languages that have both, it’s hard for functions to compete with operators. I don’t think that this is the best design to promote correctness.

New comment by fay59 in "Chess is just poker now"

fay59 — Mon, 19 Sep 2022 15:13:07 +0000

The “battle of preparedness” for grandmasters looks miserable. My experience being bad at chess is pretty cool, though.

If anyone’s looking to pick up chess, it’s a pretty good time to do it even if the people making a living out if it aren’t enjoying it anymore. It used to be that computers would only crush you without helping, but now they’re able to point at your mistakes and show you where the game shifted from one player to the other.

New comment by fay59 in "Android 13 requires devices to have more than 2GB RAM and 16GB storage"

fay59 — Sat, 10 Sep 2022 04:18:14 +0000

Yes, but your 1995 Windows NT 4.0 PC ran a 640x480 display at 60Hz and graphics compositing had, at best, one-bit transparency. It took 3 minutes to boot. Websites could bluescreen it with ``. A malicious attachment could trick your email client into deleting your whole hard drive.

New comment by fay59 in "After self-hosting my email for twenty-three years I have thrown in the towel"

fay59 — Sun, 04 Sep 2022 22:35:00 +0000

How does one verify that their server has never ever sent spam, for instance through a security breach?

New comment by fay59 in "Xz format considered inadequate for long-term archiving (2016)"

fay59 — Sun, 24 Jul 2022 17:01:51 +0000

This is fairly old. When it came up last time, there were robust arguments that xz was characterized unfairly, and that the author’s format wasn’t very good at recovering in most cases either.

New comment by fay59 in "A Kernel Hacker Meets Fuchsia OS"

fay59 — Wed, 01 Jun 2022 22:48:14 +0000

No, logic bug consequences are fundamentally different from memory corruption bugs. A bug with an access check for one resource in the kernel means you get access to that specific resource. A missing bounds check in the kernel—anywhere in the kernel—means you get arbitrary code execution. Sure, _sometimes_ you can escalate from one resource to another with an access check issue, but that’s a _sometimes_. One memory corruption bug _anywhere_ defeats the protection of _all resources, all the time_. Not only that, but memory corruption bugs have well-understood exploit recipes that attackers can make once and reuse any time they find a new bug to save work, whereas an attacker has to write a new distinct exploit for most logic bugs.

There is no equivalence to make. Memory corruption bugs are unambiguously, unequivocally better exploitation primitives than logic bugs.

No one is claiming that memory-safe languages solve logic problems. The claim is that most memory corruption bugs are conveniently exploitable and any exploit can reach for anything in the address space, and logic bugs often can’t. You could as well say that you’d rather promote chess pawns to knights instead of queens. Like, that makes sense sometimes, but it’s a bad default.

New comment by fay59 in "A Kernel Hacker Meets Fuchsia OS"

fay59 — Wed, 25 May 2022 22:12:52 +0000

What the missing access check protected was a stream of information that could defeat ASLR. If Zircon was written in a memory-safe language, that would have been the end of the issue. Logic bugs and missing access checks are still possible, but defeating them has fairly well definable consequences. Since Zircon isn’t written in a memory-safe language, the author was able to use that to fully compromise the kernel instead. I don’t mean that you can’t write bugs in memory-safe languages, but in the end the attacker still has to play by your rules. With a memory safety bug, attackers play by no one’s rules.

New comment by fay59 in "A Kernel Hacker Meets Fuchsia OS"

fay59 — Wed, 25 May 2022 19:49:42 +0000

That’s not really a “but” to the comment, which was that you need to find one bug and it’s game over. We’ve known for a long time that best practices aren’t enough to prevent memory corruption in large enough C++ code bases, so it’s likely a motivated attacker would eventually find something.

New comment by fay59 in "A Kernel Hacker Meets Fuchsia OS"

fay59 — Wed, 25 May 2022 15:09:30 +0000

The intent of the post isn’t to claim that any Fuschia device currently sold is vulnerable. Unless Fuschia never graduates to running third-party code, that seemed like the right assessment to me.

New comment by fay59 in "Chris Lattner on garbage collection vs. Automatic Reference Counting (2017)"

fay59 — Sun, 24 Apr 2022 06:49:29 +0000

One data point from the Prodfiler folks was that even if the GC cost to throughput is relatively low, some programs will still spend up to 25% of their time doing garbage collection. This will show up on your cloud bill even if it doesn’t show up to that extent in your performance analysis.

New comment by fay59 in "Column – a chartered bank for developers"

fay59 — Fri, 22 Apr 2022 02:04:12 +0000

Can I, uh, make a bank account for _myself_ without being a corporate customer?

New comment by fay59 in "BBEdit is 30 years old today"

fay59 — Wed, 13 Apr 2022 00:44:14 +0000

Big fan of BBEdit, didn’t realize it’s just barely younger than me. I started using it probably about 20 years ago.

These days I use it mostly for one-offs and as a scratch pad. It’s doing a very good job at that.

New comment by fay59 in "Dall-E 2 illustrations of Twitter bios"

fay59 — Fri, 08 Apr 2022 21:08:15 +0000

Someone should make an online version of Mysterium that uses Dall-E to make the picture cards!

New comment by fay59 in "Twitter is using its embedded JavaScript to hide tweets that have been deleted"

fay59 — Wed, 06 Apr 2022 07:50:32 +0000

It kinda sucks, but “tampering with the public record”? Is Twitter liable for holding the public record now?

New comment by fay59 in "What happens if you try to download and install Firefox on Windows"

fay59 — Sun, 03 Apr 2022 18:06:47 +0000

For a while, there would be a macOS notification suggesting that you try Safari after updating. This notification should be gone with the latest macOS. Are you talking about something else?