tritoke🏳️‍🌈

@popovicu94 Yea you can create sparse files which appear to be big but the kernel knows sections of them are empty :) wiki.archlinux.org/title/Sparse_f…

Now, something to think about: the file used here was just a bunch of zeroes. Could the OS optimize something based on that knowledge? 🤔

Quick Linux insight: Ever wonder why you can mv a 100GB file instantly, but cp takes forever? Because a file's name isn't stored with its data. All file data is stored in blocks on your disk. Each file has an inode number that identifies its inode, a data structure that points to all those blocks and stores permissions, owner, and size. A directory is just a list that maps human-readable names to inode numbers. When you cp, you copy all the data blocks AND create a new inode. When you mv (within the same filesystem), you just update directory entries. The inode and data blocks are never touched. You're not moving a house; you're just changing the address in the phonebook. (Note: mv across different filesystems still copies everything!)

@popovicu94 Often if you are running on a system with journald you can view these without root with the -k flag :) journalctl -fkb should look most similar to normal dmesg output, still supports the level filtering other comments mentioned as well

Quick Linux insight: Your kernel keeps a running "diary" of everything it sees and does. This log is dmesg. It records booting, initializing drivers, and identifying new hardware. It's the #1 tool for debugging "why isn't my hardware working?" But most people only read it after something goes wrong. The real power is reading this as it's being written. Here's the trick: Open a terminal and run dmesg -WH -H (or --human) turns cryptic boot seconds into real, human-readable timestamps. -W (or --follow-new) is the magic. It's like tail -f for your kernel, printing new messages as they happen. Now, plug in a USB device. You will see the kernel "discover" the device, identify it, and load the right drivers, line-by-line, in real-time. It's the best way to watch exactly what your system is doing under the hood.

@shank_03 @davydog187 You can just cause an abort directly, std::process::abort :) doc.rust-lang.org/std/process/fn…

@davydog187 you could set panic = “abort” in cargo toml config

Still the best code at TV Labs

@BrodieOnLinux I use DWM and I haven't had the time / energy to try out DWL / give Wayland a proper shot, nothing against it just lack of energy :(

If you're still on X11, I want to know why, I don't want theoretical things you could do but don't actually care about. But the actual real reasons that X11 is keeping you on it. Why are you still an X11 user in 2025?

You can now jailbreak your AMD CPU! 🔥We've just released a full microcode toolchain, with source code and tutorials. bughunters.google.com/blog/542484235…

@teh_0xdeadbeef @_hyp3ri0n fwiw xxd can do a basic form of this with xxd -i :)

notisrac.github.io/FileToCArray/ @_hyp3ri0n Useful. My usecase was simple. Supplying graphics for my ESP32 project. I'm sure everyone else can find way cooler uses for it.

@__phantomderp I've found IncludeIf to be quite helpful for working with this though it's a bit of a faff to configure :( @eduardosilva_94960/git-tips-simplify-multi-identity-management-with-includeif-8a4c9bcc9eb" target="_blank" rel="nofollow noopener">medium.com/@eduardosilva_…

Using 2 accounts with git and ssh is such a pain in the fucking ass, god. Software sucks, always, beyond the basic use case.

@jsrailton 🤔💭

This weekend I made xoflib with my friends Robin Jadoul and @_tritoke. xoflib is a Python package for the Shake extendable-output functions (XOFs) written using pyO3 bindings to the sha3 Rust crate. github.com/GiacomoPope/xo…

@DrawsMiguel @__phantomderp I've got similar by dereferencing an int by accident, via writing an int to an int*...

For all he people that kept linking me that asshole's thread, HE'S WRONG. Provably so. Here's an analysis from somebody who's head in on straight and is a literal world expert at this (also featuring a quick Godbolt snippet, praise be to CE!!):

@secundaa I love rust for having both! :D .rem_euclid ftw!

@anaisbetts @fasterthanlime Wait is it not just the MSBs???

@paulmillr @lukOlejnik @matthew_d_green They're speaking at RWC on Tuesday so I wonder if they will after that. I doubt it though a lot of academic attacks prefer to keep the source closed.

@_tritoke @lukOlejnik @matthew_d_green I wish they just published the code on github to play with it

Security flaw in Apple M1/M2 processor architecture. Information leaks. Encryption keys can be stolen. Cannot be fixed at the processor level (might be mitigated in software implementations). Perhaps a good idea to hold off on hardware purchases of M1/2/? gofetch.fail/files/gofetch.…

@paulmillr @lukOlejnik @matthew_d_green I'm not sure I'd just assume these primitives are safe. The paper seems to have mentioned some examples but it certainly implies that this technique is not dependent on the type of cryptography used.

@lukOlejnik @matthew_d_green They didn’t mention ECC, ECDH or SLH-DSA. Seem to be safe for now.

@billatnapier Really impressed that chacha is that high up given the AES (and I believe SM4?) ones can both use the AESNI instructions!

How does the performance of symmetric key methods and modes vary? Well, 3DES doesn't do well, along with the Chinese cipher (SM4): medium.com/asecuritysite-…

@b0rk I would also add that info pages are considerably more complicated to use as well :( tried using the info page for bash once (I was very lost...) and it was easier to just read the source code than use info...

this guidance on man pages for the GNU project is wild gnu.org/prep/standards… (they seem to think everyone should use info pages instead, which I personally have never used despite having used GNU tools for 20 years)

"a + b", this one line of Python code executes thousands of lines of C behind the scenes. My latest article explains what goes on in the CPython runtime to execute this seemingly simple operation. You will learn about: - Dynamic dispatch implementation in CPython - What is the abstract object interface in CPython and its role in dynamic dispatch - What is the PyTypeObject struct and its role in the CPython runtime - How the various types in CPython implement operators and make them available to the runtime for dynamic dispatch to work. - And, look inside the implementation of the float type to understand this more concretely. The article includes 13 annotated code listings from CPython with all the explanations. Check it out: open.techwriters.info/codeconfession…

@jordwalke @p1xelHer0 JS has a fairly significant cost of its runtime/interpreter. lua is significantly smaller to bundle into your app.

@p1xelHer0 Why avoid js. Can’t be that much worse than lua and however bad it is, that is offset by how many people know it. Lsps are doing just fine. Editor tools aren’t user facing mission critical. It’s fine to use a mediocre language that everyone knows for editor tooling.

“VimScript is too obscure! We need a fresh start for vim using a plugin scripting language people actually know!” Neovim: picks Lua as replacement 🤦‍♂️

@coder_rc Rip, I think theres a lot of matrix maths in RE challenges nowadays cos it can be hard to spot a matrix multiply.

@_tritoke if I understood, I would've solved it 😀

CTF authors, please don't put PhD level math in reverse engineering challenges. thank you.