Popular:
Virtualization DNS security formal verification reachability analysis compiler errors macro conflict web extension development framework Bitmap Graphics API inconsistencies All Tags

Vanity SHA-1 Generator: A Clever Case-Changing Approach

2025-03-31
Vanity SHA-1 Generator: A Clever Case-Changing Approach

This code attempts to generate a SHA-1 hash matching the target prefix "20250327" by manipulating the capitalization of words in an input text. It parses the text, identifies mutable words, and then iterates through all possible case combinations, calculating the hash and comparing it to the target. If a match is found, the modified text is written to a file. The program demonstrates a clever brute-force approach, using case variations to try and generate a specific hash prefix, showcasing an understanding of hash algorithms and combinatorics.

Read more
(gist.github.com)
Development hash collision brute-force

Xfinity XB3 Hardware Mod: Disable WiFi, Save 2 Watts

2025-03-30
Xfinity XB3 Hardware Mod: Disable WiFi, Save 2 Watts

A user modded their Xfinity XB3 modem to save power. The XB3, provided with Comcast's cheaper Xfinity NOW service, consumes 14.9 watts. By disassembling the modem and grounding the EN pin on the TPS54328 voltage regulator, the user disabled WiFi, reducing power consumption to 12.5 watts – a 2-watt saving. While the admin page is briefly inaccessible after booting, network functionality remains unaffected.

Read more
(gist.github.com)
Hardware hardware mod power saving

Make Ubuntu Packages 90% Faster: A Tale of Recompilation and Allocators

2025-03-19
Make Ubuntu Packages 90% Faster: A Tale of Recompilation and Allocators

This post details how recompiling the jq source package used by Ubuntu resulted in a staggering 90% performance improvement. The author benchmarked against a 500MB GeoJSON file. Simply rebuilding the package yielded a small but noticeable speedup. Further optimizations included using clang with better flags (-O3, -flto, -DNDEBUG), which provided a 20% boost. Switching to the TCMalloc allocator improved performance by another 40%. Finally, using mimalloc, either dynamically loaded or integrated during the rebuild, resulted in the remarkable 90% speed increase. The recompiled jq with mimalloc is nearly twice as fast as the default Ubuntu package in various tests.

Read more
(gist.github.com)
Development compilation optimization memory allocation

A Hierarchical Approach to Programming Languages and Multi-Language Development

2025-03-16
A Hierarchical Approach to Programming Languages and Multi-Language Development

The author proposes a four-level hierarchy for classifying programming languages based on typing and compilation: interpreted dynamically typed (e.g., JavaScript), interpreted statically typed (e.g., TypeScript), compiled with automatic memory management (e.g., Go), and compiled with manual memory management (e.g., Rust). The author argues that choosing the right level for different needs is crucial and proposes a language set comprising Rust, RustGC (a level 2/3 hybrid), and RustScript (level 4) to improve development efficiency and code performance. This set shares syntax and allows seamless calls between different levels, addressing issues of maintaining different toolsets and training personnel. The ultimate goal is to improve programming efficiency and code quality.

Read more
(gist.github.com)
Development development efficiency multi-language collaboration

Svelte5: Not as Advertised?

2025-03-08
Svelte5: Not as Advertised?

Svelte5's release touted its reactive state system, "runes," as a major improvement. However, this author found several limitations in real-world projects. Runes are restricted to Svelte components or .svelte.ts files, requiring state wrapping in functions for reactivity and offering incomplete class support. Svelte's template features lack JavaScript equivalents, making testing bindable props cumbersome. Form components are uncontrolled by default, leading to potential issues. While Svelte5 attempts to mimic React/Vue, it falls short in usability and feature completeness, leading the author to consider SolidJS as a superior alternative.

Read more
(gist.github.com)
Development Frontend Framework Reactive State

Building a Micro Asynchronous Event Loop Library from Scratch

2025-02-28
Building a Micro Asynchronous Event Loop Library from Scratch

This project implements a minimal, yet feature-complete asynchronous event loop library from scratch for educational purposes. It demonstrates core asynchronous programming concepts: task scheduling and management, I/O multiplexing with non-blocking sockets, timeouts and sleep functionality, task cancellation, and coroutine-based concurrency. The library uses Python's generator-based coroutines and the `select` module for I/O multiplexing, providing a simplified model of how modern async frameworks like `asyncio` work internally. Learn the magic behind `await`, how `yield from` functions, and how coroutines communicate with the event loop.

Read more
(gist.github.com)
Development asynchronous programming event loop coroutines

Roc Compiler's Rewriting Journey: From Rust to Zig

2025-02-04
Roc Compiler's Rewriting Journey: From Rust to Zig

The Roc programming language compiler team has embarked on a significant undertaking: rewriting their 300K-line Rust compiler in Zig. This isn't a simple language port; it's a strategic move to address Rust's slow compilation times and accumulated technical debt. The rewrite will improve the parser, formatter, canonicalization, documentation generation, type inference, and LLVM code generation, among other modules. They also plan to use an interpreter for the development backend, significantly speeding up the development loop. The ultimate goal is to improve compilation speed, enhance maintainability, and release Roc 0.1.0.

Read more
(gist.github.com)
Development rewrite

LLMs Fail a Simple Chess Puzzle: A Curious Test

2025-01-26
LLMs Fail a Simple Chess Puzzle: A Curious Test

The author tests various new LLMs with a simple chess puzzle featuring underpromotion and the 50-move rule. Despite guidance, most LLMs fail to solve it, highlighting limitations in logical reasoning and domain-specific knowledge. This quick test serves as a benchmark, sparking discussion on whether LLMs can ever reach master-level chess play without specialized training. The puzzle's simplicity and focus on a less common technique make it an insightful probe into LLM capabilities.

Read more
(gist.github.com)
AI

Sophisticated Phishing Attempt: Almost Pwned

2025-01-24
Sophisticated Phishing Attempt: Almost Pwned

This detailed account describes a sophisticated phishing attack where the perpetrator impersonated a Google employee, using phone calls and emails to trick the author into resetting their account. Exploiting a vulnerability in Google Workspace and leveraging the g.co domain, the attacker convincingly mimicked Google support, nearly succeeding. The author ultimately uncovered the scam and shares their experience as a cautionary tale, highlighting the importance of cybersecurity awareness and vigilance against advanced phishing techniques.

Read more
(gist.github.com)
Tech

15-Year-Old Discovers Zero-Click Deanonymization Exploit Leveraging Cloudflare Cache

2025-01-21
15-Year-Old Discovers Zero-Click Deanonymization Exploit Leveraging Cloudflare Cache

A 15-year-old high school student, Daniel, discovered a critical zero-click deanonymization attack exploiting Cloudflare's caching mechanism. This vulnerability allows attackers to pinpoint the location of users within a 250-mile radius by sending a malicious payload to vulnerable applications like Signal, Discord, and hundreds of others. The attack requires no user interaction and can even be achieved via push notifications. Daniel developed a tool, Cloudflare Teleport, to demonstrate the exploit. While he responsibly disclosed the vulnerability, responses from affected companies were largely unsatisfactory. This highlights the potential security risks inherent in CDN caching and underscores the importance of user privacy awareness.

Read more
(gist.github.com)
Tech vulnerability

Stack Overflow's Decline: The ChatGPT Impact and Uncertain Future

2025-01-08
Stack Overflow's Decline: The ChatGPT Impact and Uncertain Future

A GitHub data analysis reveals a staggering 70.7% drop in new questions on Stack Overflow from March 2023 to December 2024, plummeting from 87,105 to 25,566. This correlates strongly with the rise of ChatGPT; since its launch, Stack Overflow has seen nearly 83,000 fewer questions. The author, a top Stack Overflow contributor, describes their own experience of having well-formatted questions quickly closed, highlighting a potential key factor in the platform's decline. The drastic decrease in question volume suggests a concerning trajectory, mirroring levels seen in 2009 shortly after launch, hinting at a potential lifespan of less than a year.

Read more
(gist.github.com)
Development Platform Decline

Operational PGP: A Guide to Secure Email Communication

2024-12-24
Operational PGP: A Guide to Secure Email Communication

This guide isn't about installing or using PGP; it's about using it securely. It emphasizes operational security beyond just encrypting email content, covering email composition, storage, key management, and more. It recommends composing emails in a text editor, avoiding saving drafts in email clients; generating and destroying keys frequently; avoiding publishing keys to keyservers; keeping email subjects blank to minimize metadata leakage; using the `gpg --throw-keys` option during encryption; enabling encryption by default and explicitly choosing whether to sign emails. The goal is maximizing PGP's security potential.

Read more
(gist.github.com)
Development Email Security Key Management

SQLite-Backed Key-Value Store with JS-Like Object Manipulation

2024-12-22
SQLite-Backed Key-Value Store with JS-Like Object Manipulation

A GitHub project introduces a key-value store built on SQLite, enabling JavaScript-like object manipulation with automatic JSON serialization. The `createDatabaseClient` function creates a parallel client with separate reader (`rdr`) and writer (`wtr`) components. The writer utilizes proxies for partial JSON updates, while the reader returns plain JavaScript objects. Comprehensive tests cover basic CRUD operations, nested updates, deletions, and array manipulations.

Read more
(gist.github.com)
Development key-value store JSON serialization

A Curious Case of Slow USD Import in Blender

2024-12-22
A Curious Case of Slow USD Import in Blender

A developer encountered unexpectedly slow import times when importing USD scenes into Blender. Profiling revealed the bottleneck to be Blender's internal ID sorting function, `id_sort_by_name`. This function, expected to be O(N), degraded to O(N^2) due to the naming scheme in the USD files. By modifying the naming convention and optimizing the sorting algorithm, the developer reduced import times from 4 minutes 40 seconds to 8 seconds for smaller files. However, the underlying issue stems from Blender's requirement for sorted IDs, leading to suggestions for replacing the linked list with a Trie or hash table. This optimization highlights a common challenge in performance tuning: identifying and addressing unexpected complexity.

Read more
(gist.github.com)
Development

QEMU Gains Vulkan Acceleration with VirtIO GPU Driver Update

2024-12-12
QEMU Gains Vulkan Acceleration with VirtIO GPU Driver Update

QEMU version 9.2.0 and later now supports Vulkan acceleration for VirtIO-GPU thanks to the Venus patches. This represents a significant advancement in Vulkan graphics rendering for QEMU virtual machines. The article details the setup process, including installing necessary packages (Linux kernel 6.13+, QEMU 9.2.0+, Vulkan drivers, etc.), building QEMU from source, and creating a VM image. While virt-manager currently lacks Vulkan configuration support, command-line parameters offer a workaround. Troubleshooting tips are provided, along with notes on current limitations in virt-manager and libvirt.

Read more
(gist.github.com)
Development