WTF Bites
-
@ben_lubar said in WTF Bites:
@anonymous234 said in WTF Bites:
There's an OS called Cosmos, written in C#, using a compiler that can compile any CIL to native, bootable code.
Naturally anyone's first question when hearing this should be "how does it do memory management?" You know, since automatic memory management is kinda .net's biggest thing and the main obstacle to writing a CIL-to-native compiler.
So I'm sure it will be explained in the website right? No? Then in the documentation? No? Maybe in some forum post?
Nope. As far as I've been able to find, I'm literally the first person on the internet to ask that.
Well, here's the code in Heap.cs (timestamped to today's date for future on-lookers): https://github.com/CosmosOS/IL2CPU/blob/master@{2018-07-11}/source/Cosmos.IL2CPU/Heap.cs
Ah, I see the algorithm now:
public static void Heap_Free(uint aObject) { // }
-
@anonymous234 They didn't like that it did nothing, so they commented it out.
-
Forget turbofish. Rust now supports punch cards!
..=..=.. .. .. .. .. .. .. .. .. .. .. ..=.. .. ..=.. ..=.. .. .. .. .. .. .. .. .. ..=..=..=.. ..=.. ..=.. ..=.. ..=.. .. ..=..=.. .. ..=.. .. ..=..=.. .. ..=.. ..=.. ..=.. .. .. .. ..=.. .. ..=.. ..=.. ..=.. ..=.. .. ..=.. .. .. ..=.. .. ..=.. ..=.. ..=.. ..=.. .. .. ..=.. .. ..=.. .. ..=.. ..=.. .. ..=..=.. ..=..=.. .. .. ..=.. ..
It might be hard to believe, but the above is valid Rust. As in, when put inside a function, it compiles.
-
@anonymous234 It's got the
PlugMethodAttribute
which means, roughly, "PLZ 2 INJECT FROM DEE COINTANNER!"
-
@gąska Lord. Is this binary literals only? I already know you said it was source code, but I really want it to be binary literal only, you see, and also not this, I want it to be more like 01010010b. But that's pretty neat!
-
@gribnit no, .. is the range operator and ..= is the range inclusive operator.
-
@zecc So TV steals keyboard input even when the window is not active? That a major WTF. Devs that make programs do that need to have their developer licenses revoked unless there's a good reason for it to happen (e.g. AutoHotKey).
-
Forget turbofish. Rust now supports punch cards!
..=..=.. .. .. .. .. .. .. .. .. .. .. ..=.. .. ..=.. ..=.. .. .. .. .. .. .. .. .. ..=..=..=.. ..=.. ..=.. ..=.. ..=.. .. ..=..=.. .. ..=.. .. ..=..=.. .. ..=.. ..=.. ..=.. .. .. .. ..=.. .. ..=.. ..=.. ..=.. ..=.. .. ..=.. .. .. ..=.. .. ..=.. ..=.. ..=.. ..=.. .. .. ..=.. .. ..=.. .. ..=.. ..=.. .. ..=..=.. ..=..=.. .. .. ..=.. ..
It might be hard to believe, but the above is valid Rust. As in, when put inside a function, it compiles.
-
@twelvebaud said in WTF Bites:
@anonymous234 It's got the
PlugMethodAttribute
which means, roughly, "PLZ 2 INJECT FROM DEE COINTANNER!"A continuous question in computer science: can you implement the entire runtime for a garbage-collected type-safe language in the same garbage-collected type-safe language?
-
@brisingraerowing said in WTF Bites:
So TV steals keyboard input even when the window is not active? That a major WTF. Devs that make programs do that need to have their developer licenses revoked
The OS is the because it provides the API to do it.
Maybe one day Windows will catch up to KDE:
-
@zerosquare said in WTF Bites:
So I guess it's a WTF-nibble?
Almost a TIL; it's obscure, not turned on by default, and needs very high privileges to make use of.
-
@timebandit said in WTF Bites:
@brisingraerowing said in WTF Bites:
So TV steals keyboard input even when the window is not active? That a major WTF. Devs that make programs do that need to have their developer licenses revoked
The OS is the because it provides the API to do it.
Maybe one day Windows will catch up to KDE:
My favorite part of Windows is when NVIDIA wants to update and then it patiently waits to be in the foreground so it can give the user a UAC prompt but also starts a timer and if the timer runs out the UAC prompt won't actually give it permission and the install will fail.
-
@ben_lubar I know Rust is entirely written in Rust.
-
@pie_flavor said in WTF Bites:
@ben_lubar I know Rust is entirely written in Rust.
Go is written entirely in Go, but the garbage collector uses the
unsafe
package.Rust is NOT a garbage-collected language unless something has drastically changed recently.
-
@ben_lubar I was ignoring the <ins>.
std::ptr::Rc
is better anyway.
-
@pie_flavor said in WTF Bites:
@ben_lubar I was ignoring the <ins>.
std::ptr::Rc
is better anyway.Yeah, I'm sure reference counting is the best method of memory management and that's why nobody invented anything better since then.
-
@ben_lubar If everything gets frozen during the memory sweep, then the application actually ends up being slower in the long run, when you contrast the constant tiny slowdown with the occasional giant freeze.
-
So that's why IrfanView doesn't create an .svg association.
https://i.imgur.com/xpwtFCj.png
-
@pie_flavor said in WTF Bites:
@ben_lubar If everything gets frozen during the memory sweep, then the application actually ends up being slower in the long run, when you contrast the constant tiny slowdown with the occasional giant freeze.
Check out this Twitter thread:
-
@ben_lubar And yet it's still a shitty language.
-
type boomzilla interface{}
-
@pie_flavor said in WTF Bites:
@ben_lubar If everything gets frozen during the memory sweep, then the application actually ends up being slower in the long run, when you contrast the constant tiny slowdown with the occasional giant freeze.
Your garbage collection knowledge is way out of date. A properly managed modern GC will give you zero significant pauses.
-
@anonymous234 said in WTF Bites:
Coming soon: "two-factor authentication is now mandatory for extra security".
"Nominate 3 to 5 friends to help if you are locked out of your account."
-
A properly managed modern GC will give you zero significant pauses.
I believe the only time you get significant pauses now is when the only other alternative is crashing immediately due to being totally out of memory, and that's almost always only likely to happen when the program has a memory leak in the object graph (i.e., the objects are still in use in a way that the programmer hadn't accounted for) and those are evil bugs to hunt even with the proper tools…
-
https://i.imgur.com/6zDFN7S.png
Ten read, and ten unread.
Seriously, what the fuck.
-
@brisingraerowing said in WTF Bites:
So TV steals keyboard input even when the window is not active?
It usually works with no problems, it was only this one time.
What was really weird was that AFAICT it was only stealing Tab and Esc .
I also had RDP sessions both inside the TV session and out, and I've certainly had problems with RDP deciding to capture keystrokes, so who knows what really happened.
-
@ben_lubar said in WTF Bites:
@twelvebaud said in WTF Bites:
@anonymous234 It's got the
PlugMethodAttribute
which means, roughly, "PLZ 2 INJECT FROM DEE COINTANNER!"A continuous question in computer science: can you implement the entire runtime for a garbage-collected type-safe language in the same garbage-collected type-safe language?
If your language allows you to output whatever native instructions you want to an executable, the world is yours to own (and garbage collect).
-
@ben_lubar said in WTF Bites:
the garbage collector uses the unsafe package.
-
Outlook, clicking
Mark All As Read
isn't working for some folders, they still show a number of unread items in them:Then I wonder about:
It wouldn't show unread items that aren't in the local cache but be unable to remove the flag unless they were synched down local?
Of bloody course it would:
-
@ben_lubar said in WTF Bites:
the garbage collector uses the unsafe package.
Importing the
unsafe
package removes the type safety guarantees from Go.
-
@ben_lubar What type safety guarantees?
-
@pie_flavor Safety guarantees you won't be stabbed by Cow-orkers for talking about Go.
-
@pie_flavor said in WTF Bites:
So that's why IrfanView doesn't create an .svg association.
https://i.imgur.com/xpwtFCj.pngOpen binary in Hex Editor, replace
Please purchase yadda yadda
text with spaces. Done.
-
@ben_lubar said in WTF Bites:
Importing the
unsafe
package removes the type safety guarantees from Go.Fine, but your original question was:
@ben_lubar said in WTF Bites:
A continuous question in computer science: can you implement the entire runtime for a garbage-collected type-safe language in the same garbage-collected type-safe language?
Not "A continuous question in computer science: can you implement the entire runtime for Go in Go".
So I'm still calling :P
And I still think you could write your own compiler+assembler+linker in Go.
-
@ben_lubar said in WTF Bites:
Importing the
unsafe
package removes the type safety guarantees from Go.Fine, but your original question was:
@ben_lubar said in WTF Bites:
A continuous question in computer science: can you implement the entire runtime for a garbage-collected type-safe language in the same garbage-collected type-safe language?
Not "A continuous question in computer science: can you implement the entire runtime for Go in Go".
So I'm still calling :P
And I still think you could write your own compiler+assembler+linker in Go.
You can, and they did. The thing I'm saying is that Go is not the answer to that question.
-
@ben_lubar Go isn't really the answer to any question. Or problem, for that matter.
-
-
@loopback0 said in WTF Bites:
@pie_flavor Safety guarantees you won't be stabbed by Cow-orkers for talking about Go.
Those guarantees never existed.
-
@ben_lubar said in WTF Bites:
@timebandit said in WTF Bites:
I'll use that secure password everywhere.
The weird thing is that nobody seems to have actually used it anywhere yet. Even
correct horse battery staple
is in a few breaches.That's not as useful though. Everyone knows it and it's easy to remember, but while xkcd has shown it would be secure (if it weren't public), it fails all those retarded websites' security checks. Can't use spaces, must use capitals, numbers, hieroglyphs, etc.
The spaces aren't really a problem, just replace them by some other symbol as long as you can remember which. Dashes, questions marks, all good. Capitals are also no issue if you can uppercase the initial letter of the passphrase and you need just a single one. Finally, the number is a matter of taste. You can insert a random number at a random position in your passphrase for extra security or replace some character in your passphrase with 1337speak characters (whatever seems the most obvious to you) and it might be ok.
The only real enemy of passphrases is a length limitation. EFF's modern diceware guide recommends six random words while the original diceware author explains the reason in his FAQ (BEWARE: Web 1.0 styles). Depending on your word list you get a six-word password which is 40 characters or more, so if you can only enter 16 then you are royally fucked.
For example, my employer uses Office365 identities and we're limited to 16 characters until they complete roll out of custom password rules. Yay!
-
@jbert Timely Raymond Chen post:
-
@jbert: that xkcd strip was clever when it came out, but is bad advice now. Theoretical entropy isn't everything, and password cracking tools now check for concatenations of dictionary words, common misspellings (intentional or not), etc.
-
@zerosquare That's why if you really want something secure I wouldn't recommend choosing passphrases as "just anything you can think of" (because people's thoughts are rarely random).
I linked to those diceware guides earlier: for a six-word password you use 6 x 5 dice throws, each group of 5 lets you pick a word out of a dictionary of 7776 items. It doesn't really matter that an attacker knows what dictionary you used because he still has to test 7776 X 7776 X 7776 X 7776 X 7776 X 7776 combinations. That's a big number; an attacker might get lucky or they might not find it in a lifetime.
-
Reposting here.
One of the customisation options for the Dell Precision laptop on their website is optional BIOS settings.
£10.29 each setting.
No idea what these settings come as by default if you don't pay to specify, nor what happens if you specify both Enabled and Disabled for a setting. Some sort of Schrödinger's BIOS type deal maybe.
-
Representative screenshot from an inherited project:
-
@loopback0 This reminds me of a BIOS WTF I encountered earlier this year. One of our products is a customized rugged laptop shipped and preconfigured for use with our hardware. Some of these systems end up becoming classified systems on military bases, and so they are not allowed to have webcams, BlueTooth, Wi-Fi, wireless anything, etc. We worked out a deal with the laptop vendor to purchase units that had no Wi-Fi. Wi-Fi adapters are just mini-PCI Express cards.
While trying to resolve an unusual incompatibility with a piece of very necessary hardware, I updated the BIOS on one of these systems. This made the hardware work, but, somehow after the BIOS update, the system magically had Wi-Fi. Fortunately I discovered this while configuring a system prior to shipping it, because such an ordeal would be Very Bad Indeed(TM) if it happened after the system became classified. And this obviously confused the hell out of me, because these systems shouldn't even have Wi-Fi adapters in them! We paid extra for that!
So I tore it down, and sure enough it had a normal-looking mini PCI Express card in it. I tried a BIOS update on another such system, and same thing. Wi-Fi worked.
We eventually deduced that rather than have the factory ship units without Wi-Fi adapters, the vendor had cooked up a custom BIOS that skipped over Intel Centrino-branded adapters during PCI enumeration. And by updating the BIOS with a general one from their website, that customization was wiped out.
We no longer order the "non-Wi-Fi" units. We get the standard models, and I have to tear them down and physically remove the adapter before shipping to the customer.
-
@loopback0 said in WTF Bites:
£10.29 each setting.
Some of their customers may totally find that worth it if it's just a setting or two they need. If they know it comes configured a certain way from the factory, they can deploy it immediately (or hook them all up and image them using a push-button PXE solution). We're talking the customers that are small enough they may have to pay $100/hour for a tech to come out to do anything "oh nooo, complicated". (One of my old employers was like this.)
-
@zerosquare said in WTF Bites:
@jbert: that xkcd strip was clever when it came out, but is bad advice now. Theoretical entropy isn't everything, and password cracking tools now check for concatenations of dictionary words, common misspellings (intentional or not), etc.
This proves that you didn't understand the xkcd…
-
The XKCD strip left out the most important part: as JBert mentioned above, for this strategy to work, you have to choose the four words with a true random process, not just four "random" words that pop into your mind.
Without that, telling people to use four random common words as their password is bad advice. Because the only ones who would apply it properly are people who are most likely already using strong password and/or password managers.
-
@heterodox said in WTF Bites:
@scarlet_manuka said in WTF Bites:
You're triggering me.
I just got a notification last week that one of my service requests closed on MOS. I should have posted this SR in the I Hate Oracle Club a while back.
Me: "We're having a problem with the security configuration of one of your products. We went to the trouble of recreating it in the latest version. We even tracked down what bug it is for you and good news, you've already released a patch! You only released it for Linux, though. Can you give us a Windows patch?"
Four months. Count them, it took them FOUR MONTHS of "development work" for them to do this.
Just got asked to fill out a customer satisfaction survey. Okey dokey!
... it may not have been kind. Curious to see whether I'll get contacted by the manager or if they'll let it go. (If I were them, I'd probably let it go. When you see that kind of performance, it's usually a systemic problem, probably not one that an Oracle Support Services manager can do much about.)
-
why are you doing that? What reason do you have?
Could they make this any more confusing? That's three different usernames I have to keep track of, one of which isn't the original because the original broke their systems at one point and they had to force me to rename it.Well I complain but the truth is I will likely not be using my minecraft forum account again. I'm just annoyed at the number of merges and login changes throughout the lifetime of my minecraft-related accounts.
EDIT: attempt #2 after clearing cookies to get around the login form doing nothing but refreshing the page:
{"status":500,"message":"unable to get oauth client"}
One refresh later and it finally seems to have worked. Good riddance.