Programming Leftovers
-
2023-07-19 [Older] EU Parliament intends to widen participation in the Interoperable Europe Board
-
Mutex without lock, Queue without push: cancel safety in lilos
I’m trying to do something kind of unusual with lilos: in addition to almost all the APIs being safe-in-the-Rust sense, I’m also attempting to create an entire system API that is cancel-safe. I’ve written a lot about Rust’s async feature and its notion of cancellation recently, such as my suggestion for reframing how we think about async/await.
My thoughts on this actually stem from my early work on lilos, where I started beating the drum of cancel-safety back in 2020. My notion of what it means to be cancel-safe has gotten more nuanced since then, and I’ve recently made the latest batch of changes to try to help applications built on lilos be more robust by default.
So, wanna nerd out about async API design and robustness? I know you do.
-
[Old] The Six Dumbest Ideas in Computer Security
If you're a security practitioner, teaching yourself how to [cr]ack is also part of the "[Cr]acking is Cool" dumb idea. Think about it for a couple of minutes: teaching yourself a bunch of exploits and how to use them means you're investing your time in learning a bunch of tools and techniques that are going to go stale as soon as everyone has patched that particular hole. It means you've made part of your professional skill-set dependent on "Penetrate and Patch" and you're going to have to be part of the arms-race if you want that skill-set to remain relevant and up-to-date. Wouldn't it be more sensible to learn how to design security systems that are [cr]ack-proof than to learn how to identify security systems that are dumb?
My prediction is that the "[Cr]acking is Cool" dumb idea will be a dead idea in the next 10 years. I'd like to fantasize that it will be replaced with its opposite idea, "Good Engineering is Cool" but so far there is no sign that's likely to happen.
-
Happy Pi Approximation Day
The R computer language carries 15 or 16 digits. That seems like enough. A NASA engineer says he can’t think of a practical application that would require more than 15 digits of π . π appears in many areas of math besides geometry and trigonometry. It is hidden away in statistics where the probability density function formula of the normal curve has a √(2π) term in the denominator to get the integral equal to 1, and elsewhere in other branches of math.
-
An algorithm for shuffling playlists
It is a common observation that for shuffling playlists, humans don’t want an actual shuffle, because that might play the same artist twice in a row, which doesn’t feel random. This topic has been discussed by others, including famously by Spotify, which in turn references Martin Fiedler’s algorithm. However, neither algorithm is optimal, in the sense that they might play an artist consecutively in cases where this was possible to avoid. I’ve been thinking about this for Musium, the music player that I am building. In this post I want to outline an algorithm that is optimal in the above sense.
-
Play a jingle on Git commits
When you complete a challenge in a video game, you usually hear a congratulatory sound effect. This is cute and I like it.
What if you could hear a little jingle when you make Git commits?
-
Type Systems for Memory Safety
Manual memory management and memory safety used to be incompatible. But it is possible to design programming languages and type systems that provide memory safety at compile time, combining the safety of high-level languages with the performance and low-level control of languages like C.
-
How to undo a git rebase, a beginner's guide with an easy example
Git is the most popular distributed version control system. It is very powerful and valuable too. Git Rebase is done when the main (master) branch has moved ahead and you need to apply the changes from the main branch to your branch while maintaining the history. In this post, you will learn how to undo a git-rebase. Let’s get started!
-
Security Developer-in-Residence – Weekly Report #4
Ever since the 3.11.0 release of Python, all Python release tarballs are signed using Sigstore. You can read this page for more information about Sigstore signatures and how to verify the signatures using the Python Sigstore client.
-
Python Program to Scan Port Range
Port scanning is a useful technique for exploring network systems and gathering information about the services they offer. Often, security professionals and system administrators use port scanning for diagnosing network problems, auditing network security, or discovering vulnerabilities.
-
Bash Script to Scan Port Range
Network administrators and security experts often need to scan ports to identify open or closed services and evaluate the security of their networks. While there are robust tools like nmap for this purpose, sometimes you might need to create a custom solution that fits your specific requirements.