There have been multiple accounts created with the sole purpose of posting advertisement posts or replies containing unsolicited advertising.

Accounts which solely post advertisements, or persistently post them may be terminated.

@ABasilPlant@lemmy.world cover

ABasilPlant

@[email protected]

InfoSec Person | Alt-Account#2

This profile is from a federated server and may be incomplete. Browse more on the original instance.

ABasilPlant , (edited )

en.wikipedia.org/wiki/INT_(x86_instruction) (scroll down to INT3)

stackoverflow.com/a/61946177

The TL;DR is that it’s used by debuggers to set a breakpoint in code.

For example, if you’re familiar with gdb, one of the simplest ways to make code stop executing at a particular point in the code is to add a breakpoint there.

Gdb replaces the instruction at the breakpoint with 0xCC, which happens to be the opcode for INT 3 — generate interrupt 3. When the CPU encounters the instruction, it generates interrupt 3, following which the kernel’s interrupt handler sends a signal (SIGTRAP) to the debugger. Thus, the debugger will know it’s meant to start a debugging loop there.

ABasilPlant , (edited )

Excellent question!

Before replacing the instruction with INT 3, the debugger keeps a note of what instruction was at that point in the code. When the CPU encounters INT 3, it hands control to the debugger.

When the debugging operations are done, the debugger replaces the INT 3 with the original instruction and makes the instruction pointer go back one step, thereby ensuring that the original instruction is executed.

ABasilPlant ,

The debug version you compile doesn’t affect the code; it just stores more information about symbols. The whole shtick about the debugger replacing instructions with INT3 still happens.

You can validate that the code isn’t affected yourself by running objdump on two binaries, one compiled with debug symbols and one without. Otherwise if you’re lazy (like me 😄):

stackoverflow.com/a/8676610

And for completeness: gcc.gnu.org/onlinedocs/…/Debugging-Options.html

ABasilPlant OP ,

… I am 100% certain that if they switched to being individually wrapped tomorrow, a complaint about excessive packaging would be one of the top posts here.

You’re undeniably right. The best situation would be to not have any wrapping at all… but with the crumb situation, that’d be another top post here :/

ABasilPlant ,

www.gimp.org/news/2024/…/gimp-2-10-38-released/

This (possibly last) GIMP 2 stable release brings much-requested backports from GTK3, including improved support for tablets on Windows. A number of bug fixes and minor improvements are also included in this release.

If the release says that this is possibly the last GIMP2 stable release, it feels like GIMP3 is actually on its way. I understand your cynicism, but I’d be more optimistic this time around.

ABasilPlant ,

In dark mode, the anchor tags are difficult to read. They’re dark blue on a dark background. Perhaps consider something with a much higher contrast?

A picture of a website with a dark purple background and dark blue links.

Apart from that, nice idea - I’m going to deploy the zipbomb today!

ABasilPlant ,

That’s not a very valid argument.

First and foremost, most devs probably see it as a job and they do what they’re told. They don’t have the power to refute decisions coming from above.

Second, in this economy where jobs are scarer than a needle in multiple haystacks, people are desperate to get a job.

Third, yes, there may be some Microsoft (M$) fan-people who end up being devs at M$. Sure, they may willingly implement the things upper management may request. However, I’m not sure whether that’s true for most of the people who work at M$.

Your comment suggests to shift the blame to the devs who implement the features that upper management request for. Don’t shoot the (MSN) messenger.

ABasilPlant , (edited )

Probably most speeches by Conan O’Brien.

“Work hard, be kind, and amazing things will happen” at 23:09 in Conan O’Brien’s 2011 Dartmouth College Commencement Address: youtu.be/KmDYXaaT9sA

Conan Addresses The Harvard Class Of 2020: youtu.be/VI2B3sZ1GaY

Very riveting stuff.

ABasilPlant ,

Looks cool and I’m glad something new has arrived after nitter.

A few things, however:

  1. It doesn’t look like I can view comments on tweets; I can only view the tweet. (Firefox mobile if that matters)
  2. It’s pretty slow. It’s not a big problem, but it is very noticeable.
  3. Somewhat irrelevant, but why is it called TWStalker? It’s a… bit of a weird name. ‘Stalker’ makes me feel like I’m doing something illegal even though I definitely am not.
ABasilPlant ,

See Wendover Productions’ most recent video, “The Increasing Reality of War in Space” (from around 7:54); they talk about SpaceX launching unknown satellites and not reporting it either.

youtu.be/V0DmliiUFHk?t=7m54s

ABasilPlant ,

Edit: nvm I’m an idiot, I just got the joke.

en.wikipedia.org/wiki/Kerning

In typography, kerning is the process of adjusting the spacing between characters in a proportional font, usually to achieve a visually pleasing result. Kerning adjusts the space between individual letterforms while tracking (letter-spacing) adjusts spacing uniformly over a range of characters.

ABasilPlant ,

Will you (the community) be setting your username to your public username (a username you use everywhere) or something that’s different from your public username?

Idk why, but signal feels more… personal(?) and I’d hate for general people to stumble across my signal account just by guessing whether my signal username is my public username.

I’d be fine if they got my Discord account, mastodon account, Lemmy account (they’re all different usernames anyway) because they’re public-ish accounts. Signal feels less public and I’d want to go with a username that only I can send to people I know.

It looks like there will be a message requests area and it looks like usernames can also be changed (should a username ever be doxxed).

I’m still on the fence.

ABasilPlant , (edited )

I used to have the same exact one. For some reason, I can only find similar ones here (Amazon de, in):

www.amazon.de/…/B08HLN4B3B

www.amazon.in/…/B0C14RHW4H

However, searching for “world map large desk mat” yields you similar results.

I’m not sure where I bought that one now hmmm

ABasilPlant ,

You’re right, that’s exactly what happened. If you look at the top of the trace, it says __handle_sysrq. Moreover, it’s in the sysrq_handle_crash. That gets called when a sysrq combo is pressed.

How exactly "secure" is a container with all capabilities dropped, distroless, with a custom rootfs directory, a static, single binary with chmod set at 100 and file ownership pointed to non-root u...

ser*, and said non-root user being “nonexistant” (i.e set via ENV)? Can such container -STILL- be exploited/breached through malicious means? Forgot to mention that its a DOCKER container @ title, but there you have it. Just curious....

ABasilPlant ,

Absolutely. Check out side channel attacks. The problem here isn’t about software exploits, but hardware issues. en.wikipedia.org/wiki/Side-channel_attack

Some things to get you started: Meltdown and Spectre: en.wikipedia.org/…/Meltdown_(security_vulnerabili…, en.wikipedia.org/…/Spectre_(security_vulnerabilit…

Rowhammer: en.wikipedia.org/wiki/Row_hammer

These are exploited by malicious processes doing something to the hardware which may result in information about your process(es) being leaked. Now, if this is on your computer, then the chances of encountering a malicious process that exploits this hardware bug would be low.

However, when you move this scenario to the cloud, things become more possible. Your vm/container is being scheduled on CPUs that may/may not be shared by other containers. All it would take is for a malicious guest VM to be scheduled on the same core/CPU as you and try exploiting the same hardware you’re sharing.

ABasilPlant ,

This is such a cool photo - I’m going to use it as my laptop wallpaper (if that’s okay 🤞)!

ABasilPlant ,

Hands down, one of the best tools I’ve used in a very long time:

github.com/PJ-Singh-001/Cubic

Download a Debian 12 standard live ISO (or with GNOME or any other iso) and you’re good to go. I’ve compiled custom kernels with it too. If you want persistence, then you use mkusb.

ABasilPlant ,

Use the live version (thd try without installing option). You can also remove the installer code if you really want to - I think Ubuntu uses ubiquity/subiquity.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • random
  • lifeLocal
  • goranko
  • All magazines