44500+ entries in 0.31s
caaddr: compared to compilation as a *software transformation device*, which
I consider a different case: that is for automating levers, not running your program off of a cliff faster than before
☟︎ caaddr:
I suppose you would prefer hardware-only optimizations in any case, so ideally they would not be part of the software stack at all. compilation for performance as caching only
caaddr:
I wonder how early in such a stack you would add the kind of compile time protections that ada guarantees. compile time protections seem to be the hardest thing to keep a programming language at "fits in head" size
caaddr: oh,
I remember the gnat ouroboros from the logs now
caaddr: it didn't, but
I thought source would be available
caaddr:
I get the same output with "!!up caaddr"
caaddr:
I said "!!up" to deedbot in pm, and it replied "You must be registered."
caaddr: GNATMAKE 4.9.2 is the answer to the now redundant question.
I'll use adacore instead.
I had avoided this because it contains precompiled binaries, with no independent reproducible build certification
☟︎ diana_coman: from my own experience with adacore and with gnat,
I tend to agree with asciilifeform's evaluation there ^^
caaddr:
I've registered my key with deedbot now
caaddr: yes,
I created a vpatch.
I'm happy to add my key to deedbot too
diana_coman:
I suppose asciilifeform will want to have a look at them perhaps ;
I'm not sure though
I see a point in changing ffa to fit whatever gnat4 wants though
shinohai:
I believe mod6 told ne he got it running on deb,
I haven't tried
caaddr: so
I've created a vpatch for both of these issues, which makes the genesis Chapter 1 code work with gnat-4
a111: Logged on 2017-11-23 17:55 whaack: asciilifeform: gnat1: error: unrecognized command line option ‘-fdump-scos’ when
I try gprbuild. gnat version 4.6 gcc version 4.8.4.
I removed the command line option from the gpr file since it seemed to be just used for coverage tools. Then got error prefix of "Image" attribute must be a type in 3 places in blocks.adb
caaddr: having browsed the logs of #trilema
I've found that
I'm not the only one who has run into issues:
caaddr:
I'm trying to follow the instructions precisely, and that has included not using gcc-5.x or above.
I'm just using the standard gnat-4 package in debian which is linked to the gcc-4 package, and
I've noticed these are a bit out of date
caaddr:
I've been working on Chapter 1 of the ffalib guide
☟︎ shinohai:
I expected more from an academic.
diana_coman:
I really can't begin to understand what exactly is that; some gems in there too with organisation making silk-purse out of a sow's ear and "every participant has the option to be that player" and ...
☟︎ trinque:
I am not putting a negative in the history file
a111: Logged on 2018-01-21 23:56 spyked looked at the patch. admits to not being able to compile an example with gcc 4.9 nor 5; so there's probably more to it, e.g. C++ voodoo.
I'm curious of asciilifeform's answer
a111: Logged on 2018-01-21 23:26 douchebag: Thanks man,
I've been spending a lot of my time focusing on security research and helping others get involved in the InfoSec community.
I have a pretty decent resume compared to most people
I go to college with because
I have a pretty decent amount of experience, and when it comes to InfoSec jobs experience is probably the most important factor for most employers
mod6:
I don't have the incantation in front of me at the moment... but if you would like it,
I can dig it up for you tomorrow.
mod6: <+hanbot> no onboard ulimit, no package found, heh. << it is a huge pain to get a ulimit set on these mclinux boxes. but after seriously, a bunch of trial and error,
I was able to get it to work.
mircea_popescu:
i hope open source comes and rescues us from this shitpile.
trinque: once done
I'll post to blog, and hopefully patch authors can add detail.
trinque taps out for now. history file's coming along;
I've got about 7 patches left to reread and write up.
lobbes: yeah,
I'm thinking eventually
I will need to take advantage of TBI at some point. But currently very low overhead (home laptop with ssd + cheap VPSen)
lobbes: hm. damn
I'ma look into this one
ben_vulpes: bing's in there but noooo love for me lobbes,
i see how it is :P
lobbes:
I think the wotpastes muddle it up a bit
lobbes: ty all.
I'm happy to sap
ben_vulpes: eyy lobbes how do
i get me blog in there
a111: Logged on 2018-01-11 06:25 lobbes: Top three things
I need to do next: 1) set up automated updating of the reporting database the thing sits on (currently 'stale' data). 2) set up lobbesbot to similarly search via IRC commands 3) Zip distribution system!
BingoBoingo: The fine points of usage are harder for me to discern when 90% of the time
I hear a word it is because Latinos fear not hearing their own voice.
BingoBoingo: Apologies for the brainmush lemme disambiguate: That has worked so far, until the pretty girl who invited me to her place offered a beer and she met my "no" with a series of gentle teases. Since
I was in her home when my dick asked "what's the worst that could happen" my brain wasn't ready to answer with "Look at all these other pretty girls"
BingoBoingo:
I feel sufficiently bodily ill to have a strong awareness that if it happens again my life, in LATAM and in general will probably be short.
BingoBoingo: Being in LATAM and full of gringo confidence
I slacked on my recovery. Going forward the talking to pretty girls time budget is going to have to take some cuts to make more room for talking to old men about feelings.
BingoBoingo: But
I did find a local AA sponsor at the meeting tonight. In the interim my sweat hasn't smelled this bad since the first time
I sobered up.
BingoBoingo:
I woke up at 9:30 this morning in a fat chick's bed.
I didn't know those existed here. Today had been a day of confusion, convalescence, and doubt.
BingoBoingo:
I had been slacking on meeting to get more Spanish conversation in, and when the pretty girl offered me a beer in her place there was no resistance.
BingoBoingo: <mircea_popescu> BingoBoingo how the hell can that thing contain NO numeric characters ?! do it properly, x - y - z - k = q. <<
I appologize.
I got drunk last night and rushed the report in order to get my ass into an AA meeting.
douchebag:
I've learned a ridiculous amount about infosec and met some extremely talented people by following security researchers on twitter.
douchebag:
I only use my Twitter for infosec related stuff
douchebag: However, if
I just were to have my own blog on my own website it would be a bit more difficult for people to find it until
I am better known in the community
douchebag: Actually yes it is,
I've seen a number of people who reposted my medium blog on a few websites other than medium. The people who are reposting this found my blog post through medium and shared it elsewhere
douchebag: Oh no, not yet
I'll throw something up the next time
I find something interesting to blog about. Currently
I'm using medium as a way to get better known in the community
mircea_popescu: a right medium.
i mean YOURS. like, you know, trilema.
mircea_popescu: spyked well,
i expect the ivf of ye olde library was epsilon. as alf says, "entomologist only". because wtf do they have, a story of two scytales ? tyvm, it's obsolete.
spyked looked at the patch. admits to not being able to compile an example with gcc 4.9 nor 5; so there's probably more to it, e.g. C++ voodoo.
I'm curious of asciilifeform's answer
☟︎ a111: Logged on 2016-05-30 15:37 asciilifeform: but
i find it hard to see how it is not obvious that 'every sewer rat can publish' is a considerable damper on culture
douchebag: Thanks man,
I've been spending a lot of my time focusing on security research and helping others get involved in the InfoSec community.
I have a pretty decent resume compared to most people
I go to college with because
I have a pretty decent amount of experience, and when it comes to InfoSec jobs experience is probably the most important factor for most employers
☟︎ mircea_popescu:
i thought the whole "memory security" shit sandwich just got blown to smithereens coupla weeks ago.
douchebag:
I plan on learning more about low level memory exploitation in the future, however it's a bit more difficult these days due to stack canaries and other protections to prevent that sort of stuff from happening.
douchebag: Ohh right,
I understand.
I agree, however to me
I treat web application pentesting as almost a sort of game or puzzle, in my opinion it is rather entertaining challenge to be able to modify a web applications behavior in a way that leads to total comprimise.
mircea_popescu:
i would definitely put up with this in exchange for all-svg.
douchebag: Last night
I found a rather interesting vulnerability in a website for a bug bounty, second time
I've been able to leverage SSRF to XXE, very fun stuff.
douchebag: Alright forsure, if
I were to find something how would you want me to disclose the information to you in a secure manner?
douchebag: mircea_popescu:
I'm a little bored at the moment and
I'm looking to practice my web application pentesting skills, would you mind if
I took a look at your site and try to identify any potenial vulnerabilities?
mircea_popescu: phf there's no direction re proper cuz of first principle issues,
i dun want to make dumb part of the history.
phf: mircea_popescu: it's not clear to me what "properly handle" is, given the many conversations on the subj. there's no reason why it couldn't if there was some direction as far as proper.
i'm personally leaning towards the idea that binary blobs shouldn't be in vpatch (as per latest thread on subj), but it's a non-pragmatic take
☟︎ phf: the oldest solution, by
i believe mp, is "replace all the mp-wp images with their svg equivalents"
phf: did you get the source directly from mp, or did
i republish it?
i remember being asked for the source and putting it up at some point, but
i don't remember by whom and too lazy to log in this case
shinohai: Hmmm ...
I may have put it in there to test or something.
phf:
http://btcbase.org/log/2018-01-21#1773562 << pretty sure that's one of mine, it's either comments.diff or it could be a diff against the baseline wp of that vintage (
i wanted to see what kind of modifications exactly mp version introduced)
☝︎ mircea_popescu: trinque
i can tell you it was a multi-week pain in the ass to clear the shit out of eulora codebase.
trinque: anyhow if anyone recalls specifically why int64_t was present on some systems and not others,
I'd be interested for the HISTORY file.
shinohai: Worth looking into tho,
I should grep and see if this patch was applied at some point in there. Thanks for notifying!
shinohai: The only garbage
I remember in the one on my site was
I changed icons in the images/ directory, otherwise
I believe as
I received.
shinohai:
I was unsure hanbot,
I don't recall if
I ever asked mp about it, or why it was included in the copy
I got originally.
mircea_popescu: yeah, in order to show up
i have to approve it, so it's no accident.