by Ciro Santilli (@cirosantilli, 34)
Just art:
  • useless mathy stuff
  • incredibly nifty little tools that are just so satisfying to use it is mind blowing:
  • media related stuff
Examples under cmake:
Compiler + other closely related crap like linker.
"automatic programming has always been a euphemism for programming in a higher-level language than was then available to the programmer" sums it up.
The ultimate high level is of course to program with: "computer, make money", which is the goal of artificial general intelligence.
Lowering means translating to a lower level representation.
Raising means translating to a higher level representation.
Decompilation is basically a synonym, or subset, of raising.
Saves preprocessor output and generated assembly to separate files.
Very hot stuff! It's like ISA-portable assembly, but with types! In particular it also it deals with calling conventions for us (since it is ISA-portable). TODO: isn't that exactly what C does? :-) LLVM IR vs C
Example: llvm/hello.ll adapted from: llvm.org/docs/LangRef.html#module-structure but without double newline.
To execute it as mentioned at github.com/dfellis/llvm-hello-world we can either use their crazy assembly interpreter, tested on Ubuntu 22.10:
sudo apt install llvm-runtime
lli hello.ll
This seems to use puts from the C standard library.
Or we can Lower it to assembly of the local machine:
sudo apt install llvm
llc hello.ll
which produces:
hello.s
and then we can assemble link and run with gcc:
gcc -o hello.out hello.s -no-pie
./hello.out
or with clang:
clang -o hello.out hello.s -no-pie
./hello.out
hello.s uses the GNU GAS format, which clang is highly compatible with, so both should work in general.
LLVM front-end for C and related language like C++ etc.
Reproducible builds allow anyone to verify that a binary large object contains what it claims to contain!
Many plotting software can be used to create mathematics illustrations. They just tend to have more data-oriented rather than explanatory-oriented output.
Ciro Santilli has some good related articles listed under: the best articles by Ciro Santillis.
The fact that they kept the standard open source makes them huge heroes, see also: closed standard.
Shame that many (most?) of their proposals just die out.
Examples at: two-js/.
JavaScript library, works both on browser and headless with Node.js to SVG.
Feels good. Maybe not ultra featured, and could have more simple examples in docs, but still good.
One of the main features of Two.js appears to be the fact that it can natively render to either SVG and canvas, rather than creating SVG through DOM hacks as done by other projects.
One specific software project, typically with a single executable file format entry point.
As mentioned at Section "Computer security researcher", Ciro Santilli really tends to like people from this area.
Also, the type of programming Ciro used to do, systems programming, is particularly useful to security researchers, e.g. Linux Kernel Module Cheat.
The reason he does not go into this is that Ciro would rather fight against the more eternal laws of physics rather than with some typo some dude at Apple did last week and which will be patched in a month.
Ciro Santilli found out that he likes computer security researchers and vice versa.
It's a bit the same reason why he likes physicists: you can't bullshit with security.
You can't just talk nice and hope for people to belive you.
You can't not try to break things and just keep everyone happy in their false illusion of safety.
You can't do a half job.
If you do any of that, you will get your ass handed to you in a little gift bag.
A superstar security researcher with some major exploits from in the 2000's.
Oh yeah, that felt good. A few months before he died.
Ermm, as of February 2021, I was able to update my 2FA app token with the password alone, it did not ask for the old 2FA.
So what's the fucking point of 2FA then? An attacker with my password would be able to login by doing that!
Is it that Google trusts that particular action because I used the same phone/known IP or something like that?
The fatal flaw of OAuth is that websites have to enable specific providers, they can't just automatically select the correct OAuth for a given email domain. This means that the vast majority of websites will only provide the most widely popular providers such as Google, and the like, which means people won't have decent privacy.
So you are just better off with password logins and a decent password manager.
A cross browser, cross platform, and server-encrypted password manager is a must after Snowden!!! E.g. Proton Pass. And governments should obviously provide one to its citizens, or else be spied upon by the USA obviously: Governments should provide basic Internet infrastructure.
Video 1.
LockPickingLawyer SAINTCON keynote (2021)
Source. SAINTCON is "Utah's Premiere Security Conference".
Basically the opposite of security through obscurity, though slightly more focused on cryptography.
This is really good.
It allows the client to prepare a single request that gets all the data it wants to fill up a given webpage, rather than doing several separate requests.
So it only gets exactly what it needs, and in a single request.
Very sweet. This is the future of the web.
The author Ole Tange answers every question about it on Stack Exchange. What a legend!
This program makes you respect GNU make a bit more. Good old make with -j can not only parallelize, but also take in account a dependency graph.
Some examples under: 
man parallel_exampes
To get the input argument explicitly job number use the magic string {}, e.g.: 
printf 'a\nb\nc\n' | parallel echo '{}'
sample output: 
a
b
c
To get the job number use {#} as in: 
printf 'a\nb\nc\n' | parallel echo '{} {#}'
sample output: 
a 1
b 2
c 3
c 3
{%} contains which thread the job running in, e.g. if we limit it to 2 threads with -j2: 
printf 'a\nb\nc\nd\n' | parallel -j2 echo '{} {#} {%}'
sample output: 
a 1 1
b 2 1
c 3 2
d 4 1
The percent must be a reference to "split the inputs module the number of workers", and modulo uses the % symbol in many programming languages such as C.
To pass multiple CLI argments per command you can use -X e.g.: 
printf 'a\nb\nc\nd\n' | parallel -j2 -X echo '{} {#} {%}'
sample output: 
a b 1 1
c d 2 2
Way too few people know about this. Spread the word.
https://web.archive.org/web/20221208132133if_/https://i.stack.imgur.com/lHXP3.png
The perfect Middle Way between command-line interfaces and GUIs. A thing of great beauty.
Check which you you have: 
systemctl status display-manager.service
Tested on Ubuntu 23.10 I see: 
● gdm.service - GNOME Display Manager
     Loaded: loaded (/lib/systemd/system/gdm.service; static)
     Active: active (running) since Sun 2023-12-24 10:34:50 GMT; 23min ago
    Process: 1827 ExecStartPre=/usr/share/gdm/generate-config (code=exited, status=0/SUCCESS)
   Main PID: 1850 (gdm3)
      Tasks: 4 (limit: 71817)
     Memory: 6.8M
        CPU: 119ms
     CGroup: /system.slice/gdm.service
             └─1850 /usr/sbin/gdm3
which means I have GNOME Display Manager.

Tagged (3)

Ancestors (5)

  1. Computer
  2. Information technology
  3. Area of technology
  4. Technology
  5. Home

Incoming links (8)

View article source

Discussion (0)

New discussion

There are no discussions about this article yet.

Articles by others on the same topic (0)

There are currently no matching articles.
See all articles in the same topic Create my own version