C can be memory safe, part 2

|
This post from last year was posted to a forum, so I thought I'd write up some rebuttals to their comments.The first comment is by David Chisnall, creator of CHERI C/C++, which proposes we can solve the problem with CPU instruction set extensions. It's a good idea, but after 14 ... Read More
C can be memory-safe

C can be memory-safe

|
The idea of memory-safe languages is in the news lately. C/C++ is famous for being the world's system language (that runs most things) but also infamous for being unsafe. Many want to solve this by hard-forking the world's system code, either by changing C/C++ into something that's memory-safe, or rewriting everything in ... Read More

I’m still bitter about Slammer

|
Today is the 20th anniversary of the Slammer worm. I'm still angry over it, so I thought I'd write up my anger. This post will be of interest to nobody, it's just me venting my bitterness and get off my lawn!!Back in the day, I wrote "BlackICE", an intrusion detection ... Read More

The RISC Deprogrammer

|
I should write up a larger technical document on this, but in the meanwhile is this short (-ish) blogpost. Everything you know about RISC is wrong. It's some weird nerd cult. Techies frequently mention RISC in conversation, with other techies nodding their head in agreement, but it's all wrong. Somehow ... Read More
DS620slim tiny home server

DS620slim tiny home server

|
In this blogpost, I describe the Synology DS620slim. Mostly these are notes for myself, so when I need to replace something in the future, I can remember how I built the system. It's a "NAS" (network attached storage) server that has six hot-swappable bays for 2.5 inch laptop drives.That's right, ... Read More
No, a researcher didn't find Olympics app spying on you

No, a researcher didn’t find Olympics app spying on you

|
For the Beijing 2022 Winter Olympics, the Chinese government requires everyone to download an app onto their phone. It has many security/privacy concerns, as CitizenLab documents. However, another researcher goes further, claiming his analysis proves the app is recording all audio all the time. His analysis is fraudulent. He shows ... Read More
Journalists: stop selling NFTs that you don't understand

Journalists: stop selling NFTs that you don’t understand

|
The reason you don't really understand NFTs is because the journalists describing them to you don't understand them, either. We can see that when they attempt to sell an NFT as part of their stories (e.g. AP and NYTimes). They get important details wrong.The latest is Reason.com magazine selling an ... Read More
Example: forensicating the Mesa County system image

Example: forensicating the Mesa County system image

|
Tina Peters, the election clerk in Mesa County (Colorado) went rogue and dumped disk images of an election computer on the Internet. They are available on the Internet via BitTorrent [Mesa1][Mesa2], The Colorado Secretary of State is now suing her over the incident.The lawsuit describes the facts of the case, ... Read More
Debunking: that Jones Alfa-Trump report

Debunking: that Jones Alfa-Trump report

|
The Alfa-Trump conspiracy-theory has gotten a new life. Among the new things is a report done by Democrat operative Daniel Jones [*]. In this blogpost, I debunk that report.If you'll recall, the conspiracy-theory comes from anomalous DNS traffic captured by cybersecurity researchers. In the summer of 2016, while Trump was ... Read More

Review: Dune (2021)

|
One of the most important classic sci-fi stories is the book "Dune" from Frank Herbert. It was recently made into a movie. I thought I'd write a quick review.The summary is this: just read the book. It's a classic for a good reason, and you'll be missing a lot by ... Read More