Saving up a bunch of changes for a very special treat.

more...

Some observations regarding edge vs chrome. Not a complete investigation, some aspects not mentioned may have been outside the scope of inquiry.

more...

Another chapter from the ongoing quest to find an efficient music player, this time tackling the unexplored wilderness of Windows. I have a new Surface, which I sometimes use to watch a video or two, then read a web page. Since I already have my headphones on and connected to the Surface, why not listen to the music while I’m at it?

more...

I wanted to read, or reread, some books, but couldn’t decide which ones, so figured reading all of them at once would be the best solution. In particular, I’d read Coders at Work about the time it came out, and liked it, then skimmed it again recently. The second time through I still liked it, but I noticed new things. I should reread the whole thing. And what about these other books I’m always certain to install on each Kindle but never quite read? My favorite unread books.

more...

All the cool kids are clashing their stacks, and all the cool developers are trying to reduce stack usage. In the midst of this, it is revealed that calling alloca can be difficult.

For starters, we might look at this fine patch removing alloca from a function in glibc. I’m mostly interested in the first chunk. That’s quite the incantation to prototype a function.

Another variant of the alloca spellbook is in bash. This version supports a different set of operating systems.

As Ben Franklin never said, “Beer is proof God loves us and wants us to be happy.” The ifdef maze one encounters trying to call alloca is proof your compiler hates you and you will be unhappy.

Decided to go full dark side. A few notes about the new Surface Pro and my setup. Until yesterday Amazon was telling me that my order would ship on the 15th to arrive perhaps next week, but then miraculously it shipped and arrived all in the same day. So about a day of playing with it.

more...

Amazing that a music group formed in 2003 already had an album in 1982, no?

Having trouble with your network? The Ubiquiti Cloud Key can reduce casting costs.

The machines are learning. But what?

There may have been a hackathon.

more...

One ROP mitigation is Execute no Read (XnR) or Execute Only (XOM) memory. We can wait for someone to add this to our operating system kernel using paging (You Can Run But You Can’t Read: Preventing Disclosure Exploits in Executable Code PDF) or VT-x and EPT (ExOShim: Preventing Memory Disclosure using Execute-Only Kernel Code PDF). Or we can do it today in userland. This is only a partial implementation, that protects JIT pages only, but demonstrates the technique.

more...

Another way to isolate untrusted media players is to run them in a virtual machine. I was joking with mlarkin that if he’s run out of things to work on, he can add audio emulation to vmd. But of course, this is actually pretty easy to do (playing sounds, not emulating audio), thanks to network support in sndiod.

The setup is fairly easy. To export the audio device on the host side, run sndiod. Or kill and restart, or whatever.

sndiod -L 10.1.0.19

On the guest side, specifying the audio device can vary by program, but the default can be set via environment variable.

env AUDIODEVICE=snd@10.1.0.19/0 mpg123 song31.mp3

And with that...

BSD fight buffer reign
Flowing blood in circuit vein
Quagmire, Hellfire, RAMhead Count
Puffy rip attacker out.