Programming Leftovers
-
Cybergeeks ☛ Call stack spoofing explained using APT41 malware
Call stack spoofing isn’t a new technique, but it has become more popular in the last few years. Call stacks are a telemetry source for EDR software that can be used to determine if a process made suspicious actions (requesting a handle to the lsass process, writing suspicious code to a newly allocated area, and so on). The purpose of the technique is to construct a fake call stack that mimics a legitimate call stack in order to hide suspicious activity that might be detected by EDR or other security software.
-
University of Toronto ☛ The Go module proxy and forcing Go to actually update module versions
Suppose, not hypothetically, that you have two modules, such as a program and a general module that it uses. Through working on the program, you realize that there are some bugs in the general module, so you fix them and then test them in the program by temporarily using a replace directive, or perhaps a workspace. Eventually you're satisfied with the changes to your module, so you commit them and push the change to the public repository. Now you want to update your program's go.mod to use the module version you've just pushed.
-
Rlang ☛ Monads in R
One quick-and-dirty solution that might come to mind would be to make a with_logging() function that takes an expression, writes a text-representation of it to a file or a global, then evaluates the expression. This would probably work, but it means that every step of the pipeline needs to be wrapped in that. Not the worst, but I had a feeling I knew of something more suitable. I’ve been trying to learn Haskell this year, and so far it’s going sort of okay, but I’m taking a detour through Elm which has most of the same syntax but less of the hardcore ‘maths’ constructs.
Returning readers may have seen me use the term ‘monadic’ in the context of APL where it means that a function ‘takes one argument’ (as compared to ‘dyadic’ which takes two) and I believe this definition predates the mathematical one I’m going to use for the rest of this post.
‘Monad’ is a term often best avoided in conversation, and is often described in overly mathematical terms, the “meme” definition being the category theory version which states: [...]
-
Jacob Nowosad ☛ Comparison of spatial patterns in continuous raster data for overlapping regions using R – Thinking in spatial patterns
This blog post shows various methods for comparing spatial patterns in continuous raster data for overlapping regions, i.e., how to compare two rasters for the same region, but in different moments in time (or, in some cases, with different variables)1 using R programming language.
Two continuous raster datasets are used in this blog post: the Normalized Difference Vegetation Index (NDVI) for Tartu (Estonia) for the years 2000 and 2018.
-
Shell/Bash/Zsh/Ksh
-
At This Link ☛ Did User Experience Peak with the Command Line?
I try not to let myself fall into becoming too much of a caricature of a UNIX-like evangelist on this blog but over the past few weeks I've kept returning to the same question: Did user experience peak with the command line?
Yes, the command line. That thing that effectively serves as a visual shorthand for 'nerdy' 'technical'-types. Green text scrolling by on a black background. When presented as such, the command line can certainly look like an intimidating thing not intended for the typical user. In fact, many platforms will go to extreme lengths to suppress users coming into contact with the command line - wrapping it in a GUI, abstracting functionality away into pre-defined shortcuts, depriving the user of one of the most fundamental and direct ways of interacting with a computer.
Yet I think there's a real case here that much of the functionality offered by the command line is actually of more benefit to a typical user. As I hope you'll see, despite its bluntness, or perhaps because of, the command line I think offers some compelling design choices and functionality that could make it easier for users to interact with, trouble-shoot, and understand; offering a range of ways to minimise user frustration and extend capability that just aren't present in more 'user-friendly' programs.
-
-
Java
-
Kevin Boone ☛ Why are the variable names all wrong in my decompiled Java class?
Java logo A Java compiler produces machine code, but not machine code for any particular CPU: it produces machine code for the Java virtual machine. Still, it looks like machine code: it has simple operations that do arithmetic, move data between the stack and variables, branch, and call subroutines. Sometimes it is helpful to be able to convert the compiled code (usually called 'byte code' in the Java world) back into Java source. Various tools are available that can attempt this, with varying degrees of success. All these tools have the disadvantage that they lose information; in particular, they lose many of the variable names.
This article explains why this happens, by examining the compiled Java bytecode in detail.
-