I was on an engagement where I simply could not elevate privileges, so I had to become creative and look deep into my old bucket (bucket being my head) of knowledge, and this resulted in some fun stuff. I had found that the client had…
57744
7
USA
7 Min Read
CAP Theorem explained You’ll often hear about the CAP theorem which specifies some kind of an upper limit when designing distributed systems. As with most of my other introduction tutorials, lets try understanding CAP by comparing it with a real world situation. Chapter 1: “Remembrance…
23927
23
USA
23 Min Read
Starting October 28th and fully resolving on October 31st, Roblox experienced a 73-hour outage.¹ Fifty million players regularly use Roblox every day and, to create the experience our players expect, our scale involves hundreds of internal online services. As with any large-scale service, we have service…
23408
109
USA
109 Min Read
10 years ago, systemd was announced and swiftly rose to become one of the most persistently controversial and polarizing pieces of software in recent history, and especially in the GNU/Linux world. The quality and nature of debate has not improved in the least from the…
9979
5
USA
5 Min Read
I recently came up with what I think is an intuitive way to explain Bayes’ Theorem. I searched in google for a while and could not find any article that explains it in this particular way. Of course there’s the wikipedia page, that long article by Yudkowsky, and a bunch…
48668
10
USA
10 Min Read
I decoded a recording I made with the Allen Telescope Array. I used an IQ sample rate of 3.84 Msps when doing this recording because I wanted to see if there were any ranging signals. Usually, ranging signals have a bandwidth of 1.5 MHz or…
24660
13
USA
13 Min Read
Imagine that you wrote a program for a problem that is very easy to solve. Each thread does its own piece of work, and the threads don’t have to work together except to combine their results at the end. The more cores it runs on,…
45812
10
USA
10 Min Read
In order to understand the differences between automatic differentiation libraries, let’s talk about the trade-offs that were made by the people who made them. I would say that none of these libraries are better than the other. They all make engineering decisions based on the…
6719
10
USA
10 Min Read
When you start using a new reverse engineering platform for the first time, it can be hard to get used to it. It’s too much information. I don’t know what I should be looking at. A window is a place where you can look out…
56905
3
USA
3 Min Read
Hello there. I took a break from my Internet activity but here I am again. In this piece, I am writing about Fully Convolutional One-Stage Object Detection (FCOS), which was published after YOLOv3 but before YOLOv4. Therefore, I feel like it is important to look…
1997017
25
USA
25 Min Read
The dynamics of staking on Ethereum under PoS are complicated by the increased variation in validator income.
345793
62
USA
62 Min Read
Introduction Apple designed the iOS platform with security at its core. When we set out to create the best possible mobile OS, we drew from decades of experience to build an entirely new architecture. We thought about the security hazards of the desktop environment, and…
5669
4
USA
4 Min Read
A few months ago we saw a post on the r/programminghorror subreddit: A developer describes the struggle of identifying a syntax error resulting from an invisible Unicode character hidden in JavaScript source code. This post inspired an idea: What if a backdoor literally cannot be seen and thus evades detection even from thorough code reviews?…
65926
40
USA
40 Min Read
Fizz Buzz is a common challenge given during interviews. The challenge goes something like this: Write a program that prints the numbers from 1 to n. If a number is divisible by 3, write Fizz instead. If a number is divisible by 5, write Buzz…
23697
2
USA
2 Min Read
Why should you learn at least the basic Architecture Patterns as Software Engineer? I believe there are many articles answering to this question, but I will give you a few reasons to consider. First of all, if you know the basics of architecture patterns, then…
87148
9
USA
9 Min Read
Bayesian histograms are a stupidly fast, simple, and nonparametric way to find how rare event probabilities depend on a variable (with uncertainties!). My implementation of Bayesian histograms is available as the Python package bayeshist. So if you think this could be useful, just install the package…
10180
26
USA
26 Min Read
Let’s dive into the interesting details, breaking down the general ideas into 18 concrete container security best practices that you can apply in your DevOps workflows. A complex stack Containers’ success is often fueled by two really useful features: They are a really convenient way to…
269
25
USA
25 Min Read
Self-Parking Car in 500 Lines of Code TL;DR In this article, we’ll train the car to do self-parking using a genetic algorithm. We’ll create the 1st generation of cars with random genomes that will behave something like this: On the ≈40th generation the cars start…
9298
23
USA
23 Min Read
Introduction It might be a bit funny to call this post “Hello IPv6”, since the first draft of IPv6 was published in late 1998; however, it is ratified as a standard only in 2017. When I first heard about IPv6 many years ago, I thought…
23773
6
USA
6 Min Read
People sometimes wonder how the set of primitives in BQN was chosen. Outsiders to array programming might assume that the “big idea” of APL is just to take the most common tasks and write them with symbols instead of names—even Dijkstra said something like this,…
3543
9
USA
9 Min Read
Convolutional neural networks are very important in machine learning. If you want to do computer vision or image recognition tasks, you simply can’t go without them. But it can be hard to understand how they work. In this post, we will talk about the mechanisms…
55090
20
USA
20 Min Read
Summary: In this article we will demonstrate how to trigger an automated end to end data loading, transformation and visualization process using Google Cloud Platform. At the end of this exercise a Cloud Data Fusion Pipeline execution will be trigger automatically with a Cloud Function…
125584
6
USA
6 Min Read
Installation guide Mitigation of VM detectionThis website is dedicated to disseminating critical information on the detection and mitigation of virtual machines (vm). Configure VirtualBox x64 Hardened loader v2 to prevent VM detection. Section on characteristics: What is detection of virtual machines (vm)? Malware uses VM…
8203
22
USA
22 Min Read
On December 20, Citizenlab published “The Great iPwn”, detailing how “Journalists [were] Hacked with Suspected NSO Group iMessage ‘Zero-Click’ Exploit”. Of particular interest is the following note: “We do not believe that [the exploit] works against iOS 14 and above, which includes new security protections”. Given…
33629
11
USA
11 Min Read
After a month of reverse-engineering, we’re excited to release documentation on the Valhall instruction set, available as a PDF. The findings are summarized in an XML architecture description for machine consumption. In tandem with the documentation, we’ve developed a Valhall assembler and disassembler as a…
3243
24
USA
24 Min Read
Explanation of the various GPU architectures The behavior of the graphics pipeline is practically standard across platforms and APIs, yet GPU vendors come up with unique solutions to accelerate it, the two major architecture types being tile-based and immediate-mode rendering GPUs. In this article we…
3898
4
USA
4 Min Read
VPCs by default use the Amazon-provided DNS which can be used to bypass some network-level protection mechanisms (e.g. NACLs or SGs) or monitoring (e.g. VPC Flow Logs).
5038
2
USA
2 Min Read
Challenge/Opportunity The customer managed their projects, clients, invoicing and finance, as well as the contractors engaged in each project, using a variety of different platforms and spreadsheets. The majority of data entry and aggregation were performed manually or through Excel files, and data integration and…
3630
2
USA
2 Min Read
The client, a global leader in the import and marketing of high-quality tires, offers wholesale tire dealers with services in over 55 countries. The firm is committed to providing high-quality services and goods to its clients and believes in investing extensively in its employees to…
1649
14
USA
14 Min Read
CVE-2021-22555 is a 15 years old heap out-of-bounds write vulnerability in Linux Netfilter that is powerful enough to bypass all modern security mitigations and achieve kernel code execution. It was used to break the kubernetes pod isolation of the kCTF cluster and won 10000$ for…
Page 1 of 8 Next