flak rss random www

quick thoughts on bouncy castle bcrypt broken compare

A few thoughts on the BCBCBC vulnerability. Original report. There's a few things not explicitly stated in the report, which I thought may be interesting.

more...

Posted 22 Dec 2020 17:53 by tedu Updated: 22 Dec 2020 17:53
Tagged: programming security

small views of large files

Sometimes you have a large file when you want a small file. You may not be able to edit the large file, but that's okay, you can simply read the small part you want out of the large file. libfdview is a proof of concept library that presents a smaller view of a larger file.

more...

Posted 22 Sep 2020 20:00 by tedu Updated: 22 Sep 2020 20:00
Tagged: c programming

comparative unsafety

I wrote some rust code. I used unsafe. It was unsafe. After months of contemplating this unfortunate result, I've found someone else to blame.

more...

Posted 17 Aug 2020 13:53 by tedu Updated: 17 Aug 2020 18:24
Tagged: go programming rust

Cenum safety warning

Before relying on compiler warnings for enum mismatches, it's important to know when or if such warnings will be generated.

more...

Posted 30 Jul 2020 20:07 by tedu Updated: 30 Jul 2020 20:07
Tagged: c programming

three valued structs

Sometimes we have a boolean, which is great for storing two values, but we need just a little more space to squeeze in a third value. There's a few ways to do this.

more...

Posted 29 Jul 2020 06:20 by tedu Updated: 06 Aug 2020 01:17
Tagged: c programming

against testing

I really dislike writing tests. There's some amount of discomfort I'd be willing to sustain if I felt it they were beneficial, but I also find they're rarely worth the bother. Some reasons why. Most of this probably applicable specifically to unit testing, but some other bits to integration testing.

more...

Posted 07 Jul 2020 00:36 by tedu Updated: 22 Dec 2020 18:22
Tagged: programming thoughts

Postel's law in development

Postel’s law, also known as the robustness principle, states that we should all be friends and try to get along. It’s also occasionally harmful. Here’s an example.

more...

Posted 20 May 2020 17:42 by tedu Updated: 20 May 2020 17:42
Tagged: programming thoughts

dechroma

A while back somebody posted some “amazing” images which were black and white except for the stripes that were colored. So, not black and white, but the point was to demonstrate that vision is highly perceptual and the brain will interpolate from what’s there. I thought this might be fun to play around with. I guess it kinda works, but I think some of the demo images were selected carefully.

more...

Posted 15 May 2020 16:41 by tedu Updated: 15 May 2020 16:41
Tagged: go programming project www

embedding binary objects in c

You have a blob of some data which you would like to embed into your C program. Perhaps a splash screen, or a special font, firmware for your scsi card, or whatever. The usual approach which I think most people are familiar with is to run something like xxd -i to generate a source file with a large array of hex constants. Or write your own little script for that purpose.

more...

Posted 16 Apr 2020 11:02 by tedu Updated: 16 Apr 2020 11:02
Tagged: c programming

rethinking openbsd security

OpenBSD aims to be a secure operating system. In the past few months there were quite a few security errata, however. That’s not too unusual, but some of the recent ones were a bit special. One might even say bad. The OpenBSD approach to security has a few aspects, two of which might be avoiding errors and minimizing the risk of mistakes. Other people have other ideas about how to build secure systems. I think it’s worth examining whether the OpenBSD approach works, or if this is evidence that it’s doomed to failure.

more...

Posted 31 Mar 2020 04:20 by tedu Updated: 04 Apr 2020 09:15
Tagged: openbsd programming security thoughts