Popular:
Virtualization DNS security formal verification reachability analysis compiler errors macro conflict web extension development framework Bitmap Graphics API inconsistencies All Tags

One-Time Passcodes: Worse Than Passwords?

2025-08-07

Many services use a flawed login method: sending a 6-digit code via email or phone. This is incredibly insecure. Attackers can easily create phishing sites to trick users into entering codes, stealing accounts. Password managers offer no protection. Microsoft's Minecraft login, using this method, has already suffered numerous account thefts. Stop using this insecure login system!

Read more
(blog.danielh.cc)
Tech

Linux's PATH: The Shell's Secret

2025-04-29

Ever wondered how Linux finds the commands you execute? The answer: it relies on the shell, not the kernel! This article delves into the mechanics of the PATH environment variable, revealing how shells (like dash) use functions like `padvance` to search for executables within PATH, while the kernel's `execve` syscall actually receives the full path. Programming languages like Python, Go, and Rust also implement their own PATH searching in their subprocess libraries, ultimately relying on underlying functions like `execvp`. The article also explains why shebangs require absolute paths and the clever role of `/usr/bin/env`.

Read more
(blog.danielh.cc)
Development

Stop Explaining *e* with Compound Interest

2025-04-11

Math classes often introduce the natural constant *e* using compound interest: a 100% annual interest account doubles with yearly compounding, becomes 2.25 times with semi-annual compounding, approximately 2.714 times with daily compounding, and exactly *e* times with continuous compounding. However, this is misleading. Compound growth is exponential, but the example uses linear division of compounding periods. Banks must separately publish the interest rate, compounding interval, and annual percentage yield. There are far more elegant ways to introduce *e*, such as its unique property of being its own derivative, or its crucial role in Euler's formula. These approaches don't require prior knowledge of *e* and are mathematically more rigorous.

Read more
(blog.danielh.cc)
Misc math natural constant e compound interest

From Hours to 360ms: Over-Engineering a Sudoku Solution

2025-02-08

The author tackles a Sudoku puzzle aiming for the highest possible GCD among the nine 9-digit numbers formed by the rows. Initial attempts using the Z3 solver failed to find a solution within hours. The author then employed several optimization strategies: mathematical analysis to reduce the search space, a BFS algorithm, and iterative improvements to the `is_good` function, transitioning from HashSet to bitset and finally leveraging SIMD for vectorized computation. Multithreading and refined thread synchronization reduced the solution time from hours to 360ms, achieving over 1600x speedup. While a hardcoded answer proved fastest, the article showcases how even seemingly simple arithmetic problems offer significant performance gains through meticulous algorithmic optimization.

Read more
(blog.danielh.cc)
Development

Minecraft Server Site Selection Sparks Voting System Debate

2024-12-21

A Minecraft server's site selection problem led to an in-depth discussion of different voting systems. The initially used plurality voting system resulted in the least popular option winning due to the "spoiler effect." Subsequently, instant-runoff voting was tried, which solved some problems, but violated monotonicity when candidates changed. The author further introduces the Borda method and Arrow's impossibility theorem, ultimately recommending score voting and approval voting as superior options because they satisfy the three conditions of Arrow's impossibility theorem: unanimity, non-dictatorship, and independence of irrelevant alternatives.

Read more
(blog.danielh.cc)
Game voting systems Arrow's impossibility theorem