Zum Inhalt der Seite gehen


Gerade @Malte 's exzellente Einführung in SSRF (server side request forgery) genossen am #Winterkongress und fleissig Notizen gemacht. Habe da noch ein paar Punkte am PrivateBin directory nachzubessern. Gopher-URLs via (lib)curl zu nutzen um ganz andere Protokolle zu sprechen (das gezeigte Beispiel war SMTP) ist echt kreativ, aber wenigstens recht einfach zu unterbinden.


Experimentieren mit den Wertmodellen der KI: https://www.biastest.ch/ #Winterkongress
Dieser Beitrag wurde bearbeitet. (2 Wochen her)

teilten dies erneut


elrido hat dies geteilt


Heute beginnt der #Winterkongress der @digiges im Casinotheater in #Winterthur:

Abgesehen davon, dass ich spannende #Technik-Aufgaben haben werde, freue ich mich dort mein #Weekend zu verbringen und wieder mit mir bekannte #Nerds und Menschen aus dem #Fediverse treffen zu können. Wir sehen uns dann im #Reallife und deswegen so wie des weiteren, ist nun Ruhe hier von mir 😉

🟩 https://www.winterkongress.ch/2024/

P.S. Ihr könnt nun zB meine bisherigen #Toot's in meiner Timeline auf @kubikpixel ansehen.

teilten dies erneut



A classic bug for a leap day: At work, colleagues discovered and fixed a bug in a lesser used tool that only occurs on February 29th. It did trip up the tests, so no one got to merge until it got identified and resolved.

The source file in question hadn't been touched in over 4 years. Last leap year, the 29th was on a Saturday, so likely no one noticed.

What was annoying is that the logic had been clearly written with the intent of handling leap years. A leap year check condition was present, validated only on a February > 28th, but had to get inverted.

You may wonder why we wouldn't have used the languages' standard library date functions to validate the date - unfortunately the language in question doesn't have such a sophisticated standard library (language omitted to protect the innocent).


elrido hat dies geteilt


Niklaus Wirth, the inventor of the Pascal programming language, author of "Algorithms + Data Structures = Programs", and more, passed away on January 1.

Wirth's law, named after him, is an adage which states that software gets slower more rapidly than hardware gets faster.

#programming #computerscience

Dieser Beitrag wurde bearbeitet. (2 Monate her)

teilten dies erneut



Best #37C3 quote so far:

[...] to observe the international compressor holiday [...]

Context: Newag's train "DRM"




MadMike77 hat dies geteilt


Congratulations to Sergio Benitez on releasing rocket.rs 0.5.0! Thank you for this great framework. 👏

I got to follow rocket's journey to async and stable #rust with the PrivateBin directory service. Coming from Python flask apps, it is really easy to pick up and get going with your webservice, offering static & templated content, easy to create web forms and JSON APIs.

Thanks to rust's strict type system I could focus on the logic and didn't have to waste time double checking and casting data received by clients. If my API accepts an integer in a certain parameter, Rocket will ensure I only receive valid requests in my logic.

teilten dies erneut


elrido hat dies geteilt


I'm so so excited to announce #rust hyper v1.0 🚀

https://seanmonstar.com/blog/hyper-v1/

#rust

teilten dies erneut



Holiday in Peru


Fun


I like CSS-animations, clocks and dials for making metrics easier to digest (we are quicker at detecting angular changes than reading and parsing digits). So I'm in awe with this creative use of a watch-dial to visualize a 32-bit hexadecimal number:

https://retr0.id/stuff/2038/



#PrivateBin v1.6.0 released - adding translations for Japanese & Arabic, configuration option to disable email button and increases the minimal required PHP version to 7.3.


The letters below were discovered in September 1993 in a reverse time-capsule apparently sent from 2023.

The first of those emails dates from this morning. Note the author of the RFC and the publication date. :-)

RFC 1607

Fun








Schade das zu erfahren und vielen Dank an Herrn Dornier für die jahrzehnte-lange gute Betreuung und die ausgezeichneten Produkte!

Habe beruflich und privat seit Ende der 2000er Jahre immer wieder auf PC Engines für m0n0wall- und später OPNsense-basierte Router gesetzt. Diese Nachricht wurde über eine apu4d4 ins Internet geschickt und von einem Server hinter einer apu2e4 gehostet.



#TIL:

prompt injection, which is a form of cyberattack that exploits [an AI's] natural language processing abilities.

elrido hat dies geteilt


Winterkongress der Digitalen Gesellschaft

Während zwei Tagen werden Themen rund um Informationstechnologie, Digitalisierung und deren Auswirkungen auf unsere Gesellschaft in verschiedenen Vorträgen und Workshops behandelt.

#Digitale_Gesellschaft #Winterkongress #Zürich #Linux

https://gnulinux.ch/winterkongress-2023

elrido hat dies geteilt.



PrivateBin 1.5.1 released - Filesystem purge lookup change & administration script

elrido hat dies geteilt


2022 update to this quantum computing progress chart: http://sam-jaques.appspot.com/quantum_landscape_2022

tl;dr Commendable progress, but we're still a long long way from factoring.

elrido hat dies geteilt.


elrido hat dies geteilt


At 63 #curl bindings, updated and corrected.
#curl

elrido hat dies geteilt.

Als Antwort auf daniel:// stenberg://

what’s a good use-case for PyCurl, etc? I use curl on the command like daily, but not sure what I would do with it in a program. I’m sure that I’m missing something.
Als Antwort auf Ben Hayes

@benhayes if you write a program that needs Internet transfers for example...
Als Antwort auf daniel:// stenberg://

i think most people would just use requests module. maybe i'll try pycurl in future.
Als Antwort auf Ben Hayes

@benhayes everyone should use the tool they deem necessary to solve their problem
Als Antwort auf Ben Hayes

While python 3 now has decent native support for HTTP(S) with it's urllib module (which does cover 99+% of my use cases), PyCurl supports "FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMAP, SMTP, POP3 and RTSP. libcurl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies, user+password authentication (Basic, Digest, NTLM, Negotiate, Kerberos4), file transfer resume, http proxy tunneling and more!" -- http://pycurl.io/

So it can solves those edge cases. It may also be useful if you hit performance or memory usage issues in your python based search spider or similar massively parallel connection applications.
Unbekannter Ursprungsbeitrag

daniel:// stenberg://
@0xDEADBEEF I am not aware of any binding for cobol!


PrivateBin 1.5.0 released - Adding S3 Storage backend, storage migration script & 4 new translations

https://privatebin.info/news/v1.5.0-release.html


elrido hat dies geteilt


Wenn ihr mal „sprechende“ RGB-Codes braucht: https://hexwords.netlify.app

elrido hat dies geteilt.



PrivateBin 1.4.0 released - Hardening the attachment preview, Google Cloud Storage and Oracle database support & adding new translations


My team at LzLabs GmbH in Wallisellen, Switzerland, is looking for a 4th DevOps Engineer. You'd be working primarily with a CloudBees (Jenkins) cluster of around 90 blades for build & testing, for several software stacks that targets RHEL, but hopefully soon™ also other platforms. And of course there are also a lot of build and deployment related projects to be spice things up on the side, like maintaining and developing a test statistics database, code coverage reporting, change log and other automation projects, all in a mostly ansible-ized environment. The companies main language is English, living in or moving to the vicinity of Zürich would certainly be advantageous.

#followerpower #Stellenangebote #jobs #jeRecrute

Als Antwort auf elrido

Next week a new hire starts in our team. To help them find their way in our environment, we created this map. Let's hope it wont scare them away. :-D


Yeah, das Friendica Update war wieder einmal ein voller Erfolg! Ich freue mich immer darauf nach dem Update die Netzwerkstatistiken zu durchstöbern und zu sehen wie das Fediverse wächst und gedeiht. Aktuell sehe ich da bei mir:
Momentan kennt dieser Knoten 2065 Knoten mit insgesamt 1238363700 registrierten Nutzern, die die folgenden Plattformen verwenden:
- Friendica (234/14306)
- BirdsiteLIVE (3/9295)
- Diaspora (104/745029)
- [...]
- Lemmy (4/15876)
- Mastodon (1195/2801105)
- Misskey (33/1234575069)
[...]
Hm, die Misskey stats bedürfen wohl noch etwas der Interpretation... 🤔

elrido hat dies geteilt


Les testeurs: 😂

elrido hat dies geteilt.

Als Antwort auf sebsauvage

the case in which the near-light speed travel has been done by the question maker is still missing. She could potentially be even older than 43.

Retrocomputing Forum hat dies geteilt


!Retrocomputing Forum An article on a large, mid-90s BBS setup and a second article containing some more background of what it got used for (includes a higher-resolution image):
- http://rachelbythebay.com/w/2022/01/26/swcbbs/
- https://3drealms.com/news/3d-realms-website-turns-20/

elrido hat dies geteilt


a computer can never be held accountable

therefore a computer must never make a management decision

(IBM, 1979 slide)

teilten dies erneut



Oh, wow: Nachdem ich von den beiden Druckwellen des Vulkanausbruches in der Nähe von Tonga hörte, habe ich in den Messungen von meiner kleinen Wetterstation nachgeguckt und die sind dort klar zu erkennen!


Als ich 1997 meine erste Reise in die USA machte, hatte ich einen Psion Siena dabei und darauf Tagebuch geführt. Leider konnte ich mir damals das Datenkabel nicht leisten und es irgendwann verpasst die leeren Batterien zu tauschen und die Dokumente gingen so verloren.

Vor einigen Wochen habe ich mir aus Neugier dessen grossen Bruder angeschafft, den Psion Series 3a. Und diesmal auch ein serielles Kabel dazu, damit ich Programme hoch- und Daten davon runter laden kann. Hab mal ein paar Notizen dazu gemacht:



Field report on upgrading a rocket v0.4 application to v0.5


Als Antwort auf elrido


elrido hat dies geteilt


Mit Clive Sinclair ist einer der IT-Pioniere Europas gestorben. Der Brite war viel mehr als nur der Unternehmer, der mit den preiswerten ZX-Heimrechnern die Mikrocomputer-Revolution vorantrieb. Ein Nachruf von Martin Wolf (Wissenschaft, Technologie)

teilten dies erneut



My employer is looking for a Junior and a Senior Web Developer in Wallisellen, Switzerland. Please feel free to share and/or message me privately or publicly, if you want to know more about the company.

https://lzlabs.peoplehr.net/Pages/JobBoard/Opening.aspx?v=286d1604-0dd9-4068-9ca4-4927773aea80
https://lzlabs.peoplehr.net/Pages/JobBoard/Opening.aspx?v=d74084e2-926b-4863-bf1c-505043c0f111

#hiring #jobs #JeRecrute (pas moi)


Not entirely serious question: Why does the Gnome Terminal icon represent an IBM PC DOS prompt instead of UNIX shell prompt? Is that what folks think of first, when they think of a command prompt?

Bild/Foto looks more like

Bild/Foto as opposed to



Good morning, currently reading a book called:

10 PRINT CHR$(205.5+RND(1)); : GOTO 10

The book's title and subject is the one liner that produces a maze on the Commodore 64 BASIC V2. In one of the chapters the books authors consider ports to other 8 bit systems, as well as modern scripting languages, using unicode characters. Here is their port to perl:

perl -e 'binmode STDOUT,"utf8";{print chr(9585.5+rand);redo}'

Got me inspired, here are my attempts for python (the second one cheats a bit, as it uses POSIX shell to format the script):

python3 -c 'import random;exec("while True:\n\tprint(chr(int(9585.5+random.random())),end=\"\");")'
printf "import random\nwhile True:\n\tprint(chr(int(9585.5+random.random())),end='')" | python3 -


and php (still no native unicode support, so have to build the 3 bytes for the utf-8 symbol one by one):

php -r 'while(1){echo chr(226),chr(149),chr(177.5+rand(0,1));}'
Als Antwort auf elrido

bash:

bash -c 'while true;do printf %b "\U$(printf %08x $((9585 + $RANDOM % 2)))";done'


Shell parsing is hard.

Yes, shell parsing is non-obvious - it does help enormously to understand that the shell takes what you type on the command line after you hit enter, parses it, replacing variables, expanding globs (wildcards) and other language constructs in the process and only then issues a system call, passing the resulting argv structure to the kernel for execution.

Exhibit A (source of the above quote): How the local shell ssh and the remote shell interact, in unexpected ways

Exhibit B: skarnet's introduction to the execline language design and grammar goes into further details of the argv structure

Exhibit C: How to use execlineb for nginx to wait for up to 10s on the startup of php-fpm, avoiding involvment of a shell process




PrivateBin 1.3.5 released - Fixing several smaller issues, adding new translations https://privatebin.info/news/v1.3.5-release.html