Posts
4638
Following
317
Followers
483
Linux kernel hacker and maintainer etc.

OpenPGP: 3AB05486C7752FE1
@RunRichRun makes me wonder why this was not obvious from the get go
1
0
1

Security Firm Discovers Remote Worker Is Really a North Korean Hacker —
"The incident occurred at KnowBe4, which develops security awareness programs to teach employees about phishing attacks and cyber threats. The company recently hired a remote software engineer who cleared the interview and background check process. But last week, KnowBe4 uncovered something odd after sending the employee a company-issued Mac." https://www.pcmag.com/news/security-firm-discovers-remote-worker-is-really-a-north-korean-hacker

1
1
0

Climate Change Actions Are Far More Popular Than People in U.S. Realize
https://www.scientificamerican.com/article/climate-change-actions-are-far-more-popular-than-people-in-u-s-realize/
“False social reality” obscures widespread U.S. support for climate protection measures

Not just the US, this is a global problem

0
1
0
@thegibson Irritating welcome screen really nails this site!
0
0
1

Jarkko Sakkinen

Great, #Bitwig 5.2 has a stock #compressor, which I don't proactively hate ;-) I think the previous ones were quite horrible but this does the job (also glues nicely).
0
0
0
@donovanh @exerra @rolle

Modern protocol story goes like this:

1. First a company creates a JSON protocol because it is what everyone else is using.
2. After a while a scalability/bandwidth issue is hit.
3. Someone finds out about protobuf, and it is used as duct tape to address the bad design choice.

If text protocol was designed in the first place from grounds to fit the application, one could realize that it could become an investment.

As long as data is UTF-8 text representation, it is dead easy to convert to some other format (for e.g. protocol bridges) despite not using a standard syntax (JSON, XML). JSON is totally over-rated these days ;-)

https://www.joelonsoftware.com/2001/04/21/dont-let-architecture-astronauts-scare-you/
0
0
1

Jarkko Sakkinen

Found a #Parallax #Propeller 1 #CPU while cleaning up my place ("breadboard" version).

I wonder what I need to do to make that tick and how do you get a VGA adapter for it.
0
0
0
I probably do next a texture mapper for triangles (not a goal just next thing in mind).

I have my 86box setup as Pentium-166 MMX so to take advantage of that I'm also going to do a texture mapper for triangles, which uses texture organized into 8x8 tiles for the sake of efficient L1 usage, and order opcodes in a way that the filler keeps both of the two pipelines busy. Can be extended to perspective correction later on without huge sacrifice in perf as FPU (MMX) can run in parallel with ALUs.

From classic Intel CPU's Pentium is my favorite because it already has a bit of modern parallel and pipeline alike stuff but you can still cope it in your head easily ;-)
0
0
0

Jarkko Sakkinen

Edited 1 year ago

#holiday activities (last week ongoing).

I learned how to compile DOS COM executables with the latest GCC. It can be done with a trivial LD script, i.e. dump to 0x100. It has a memory topology of single 16-bit code and data segment.

I also learned that event with ELF toolchain “-nostdlib” is still required because crt0.o is not compatible with MS-DOS.

I also implemented couple of features for this “not for profit MS-DOS framework”:

  1. At launch visit in the protected mode and load GDT with code segment according to real-mode, limit for data segment set to 4GB, and return back to the real mode. CPU will just use the latest cached descriptors. This means that BIOS calls continue to work but data can be accessed with the full 32-bit address space, because x86 has opcode prefixes in real mode for 32-bit registers.
  2. Setup 320x240 256 color planar mode based on tweaking various VGA registers (invented by Michael Abrash originally). It has square pixels and can address multiple, and can page flip by setting the new address to CRT index port.

Not sure what I’m going to do with this next but no rush with MZ EXE (I have idea how approach that w/o sacrificing modern tools) because 64 kB is enough for some time, and I have no data limit ;-)

#x86 #dos #assembly #intel #86box #gcc

1
0
1

Jarkko Sakkinen

Edited 1 year ago
@rolle @donovanh @exerra A problem for me with Matrix is that I consider it as a failure in protocol design, like just from pure engineering perspective. So even if I had a really good user experience for it, given that I also engineer security stuff, I'd feel bad using it ;-)
1
0
1

@rolle @exerra @donovanh

Few things I like in IRC over Matrix, or any other protocol in professional setting:

  1. Does not try to blend #security and #decentralization. By not having security at all is one way to implement a sound security model. This allows to design security properties both by means of infrastructure security, i.e. outside the protocol, and also by tunneling, i.e. inside the protocol (classic example is off-the record messaging). This keep the core protocol compact and sound, and easy to verify for correctness, which is by itself a strong security property.
  2. Has both decentralized and client/server based topology since 1988(!). It is a network of servers, which together form an IRC network.
  3. Protocol messages are both rigidly structured AND still human-readable (unlike JSON), and have a clean specification (RFC 1459).
  4. Features not in the protocol itself can be implemented efficiently with bots, given the ease parsing and producing IRC protocol messages.
  5. IRC network heals fast from failures and has high #availability properties, given the clean and rigid definition of what it does and what it does not do.

#IRC #infosec

1
9
8

@rolle @exerra @donovanh

Few things I like in IRC over Matrix, or any other protocol in professional setting:

  1. Does not try to blend #security and #decentralization. By not having security at all is one way to implement a sound security model. This allows to design security properties both by means of infrastructure security, i.e. outside the protocol, and also by tunneling, i.e. inside the protocol (classic example is off-the record messaging). This keep the core protocol compact and sound, and easy to verify for correctness, which is by itself a strong security property.
  2. Has both decentralized and client/server based topology since 1988(!). It is a network of servers, which together form an IRC network.
  3. Protocol messages are both rigidly structured AND still human-readable (unlike JSON), and have a clean specification (RFC 1459).
  4. Features not in the protocol itself can be implemented efficiently with bots, given the ease parsing and producing IRC protocol messages.
  5. IRC network heals fast from failures and has high #availability properties, given the clean and rigid definition of what it does and what it does not do.

#IRC #infosec

1
9
8
@rolle @donovanh My main tool for informing about new kernel features is mastodon, and IRC for syncing up in dev (OFTC). I use IRCCloud for convenience and first class per-network bouncer (~60€ annually). They are my main tools for communicating in professional life in addition to plain text email. BTW I dislike Matrix 🥲 Nothing ever works when Ive tried it. The product I sell is being a hacker and TikTok and Instagram do not reach my potential ”customer base”.
1
0
2

Jarkko Sakkinen

Edited 1 year ago
  1. Stack Overflow answer: “My friend/AI told me that…”
  2. Man page answer: “ You need to do this because…”

#stackoverflow

0
0
1

Jarkko Sakkinen

Edited 1 year ago
Also, 9/10: 20 minutes of a man page > 60 minutes of Stack Overflow vomit. #stackoverflow
1
0
2

Jarkko Sakkinen

Edited 1 year ago

note to myself: when #zsh completions are not working as expected in any OS, 9/10 times it is missing -u flag for compinit ;-) Had forgotten this.

From zshcompsys man page:

To avoid these tests and make all files found be used without asking, use the option -u, and to make compinit silently ignore all insecure files and directories use the option -i. This security check is skipped entirely when the -C option is given.

1
0
0
@raven667 essentially most audio plugins call a limited subset on Win32, meaning that it would be possible to make API shim for that subset.
0
0
0
nothing to do with packaging
1
0
0

Jarkko Sakkinen

Edited 1 year ago
This would be great for #audio #plugins, as they don't need an enormous subset of Win32 API.

This could be realized in practical manner for instance in a future version of #CLAP, which could have up-calls whose API signatures would be along the lines with stuff commonly used for from Win32 API. I.e. basic graphics context stuff, file picker etc. Most of the plugins neither sample nor produce audio. They are just plain data processors with a fancy GUI.

A plugin using only those API's would be universal to all operating systems.

And since PE/COFF is widely know format and used across the operating systems for EFI support, DLL would be perfect format for the binary. That way one could have plugin binary that is cross-operating system compatible. I.e. host would implement the API and provide PE/COFF loader to initialize the plugin.

In addition to PE/COFF there should probably be target for wasm, which would enable plugin ecosystem for web daw's.a

https://www.youtube.com/watch?v=H5v0CK249rI

#MusicProduction
1
0
0

Jarkko Sakkinen

Great I get in my “hello bpf” truncated stacks delivered through a ringbuf:

❯ sudo build/hello-ebpf
[0]: 0xffffa5c74e6e9498
[1]: 0x0000000000000000
[2]: 0x0000000000000000
[3]: 0x0000000000000000
[4]: 0x0000000000000000
[5]: 0x0000000000000000
[6]: 0x0000000000000000
[7]: 0x0000000000000000

It looks like this because I temporarily hooked kprobe to a syscall. Next I change the hook to tpm_transmit.

I do all post-processing from this at the host.

#linux #kernel #bpf #profiler

0
1
0
Show older