Self-Study in February 2023

Feb 1, 2023 - 2 minute read - Comments - self-study-aggregation 2023 february addresssanitizer afl asan bare-metal bound-check c c-language cbmc checker clang crashdump dr-memory firmware fuzzing gperftools hacker-news heap imported llvm memcheck memory-sanitizer memsan nubix reini-urban san sat-solver stack static-analysis testing testing-pyramid tool ubsan valgrind

CBMC: The C Bounded Model Checker CBMC on GitHub: https://github.com/diffblue/cbmc Some usage examples: https://haslab.github.io/MFES/2122/CBMCexamples-handout.pdf https://news.ycombinator.com/item?id=34703004 Tags: cbmc, c, c-language, bound-check, sat-solver, tool, static-analysis, checker, imported, hacker-news Id: bbe38520-a846-11ed-957a-0242ac110002 Read: Wed Feb 8 01:46:40 2023 TESTING BAREMETAL FIRMWARE AT NUBIX Extensive guide on how to test firmware. Lots of tools, good recommendations Tags: bare-metal, firmware, testing, nubix, reini-urban, tool, crashdump, testing-pyramid, addresssanitizer, valgrind, memcheck, dr-memory, gperftools, cbmc, clang, c-language, c, heap, stack, fuzzing, afl, llvm, asan, ubsan, memory-sanitizer, memsan, san

Self-Study in January 2023

Jan 1, 2023 - 2 minute read - Comments - self-study-aggregation 2023 january acceptance-testing afl automated-testing bdd behavior-driven-development binding c-language ci command continuous-integration cucumber cve cve-2022-3502 daemon dictionary ffi foreign-function-interface fuzzing gherkin guide hacker-news hanno haystack imported index knowledge-base language-feature linux mimicry neural-network note openssl privacy punycode reification repository rumpy rust systemd term terminology test-bench test-suite testing tool unix

Show HN: I built Haystack – your own google for scattered workplace knowledge https://news.ycombinator.com/item?id=34218724 Tags: tool, index, note, knowledge-base, haystack, privacy, neural-network, imported, hacker-news Id: 0fb5be84-8b37-11ed-b09f-0242ac110003 Read: Mon Jan 2 15:14:13 2023 Extending Python with Rust Tags: binding, rust, ffi, foreign-function-interface, tool, rumpy, tool Id: 232ad576-8b37-11ed-bc27-0242ac110003 Read: Tue, 03 Jan 2023 07:20:44 +0000 Why CVE-2022-3602 was not detected by fuzz testing So recently a very hyped memory corruption security vulnerability was discovered in the OpenSSL punycode parser.

Self-Study in December 2022

Dec 1, 2022 - 3 minute read - Comments - self-study-aggregation 2022 december adaptation akrasia application atomic-habits beauty book bug c c++cache cats certificate clang cli command-line compilation-cache cpp craftsmanship danger defect elegance endava eoin-woods evolution field fitting fuzz-test fuzz-testing gcc github github-api giving-up gravity grit habit hacker-news hackernews idea imported james-clear java long-running-system matt-might model openapi optimization otoolep philip-o'toole physics private-key procrastination production psychology roy-baumeister rqlite safe self-control signature software speedup sqlite stubbornness temptation test-tool time tool willenergy willpower zone

CCache: a fast c/c++ compiler cache Related to 027d6f8a-714e-11ed-869a-0242ac110003 Tags: tool, cache, compilation-cache, optimization, speedup, c, cpp, c++, gcc, clang Id: f2423a38-714d-11ed-92b4-0242ac110003 Read: Thu, 01 Dec 2022 07:58:30 +0000 CATS: OpenAPI fuzzing and test generation tool Tags: cats, tool, openapi, fuzz-testing, test-tool, java, endava, eoin-woods Id: 08b0cdb0-714f-11ed-a45c-0242ac110003 Read: Thu, 01 Dec 2022 08:06:18 +0000 I’ve fuzzed a small part of the GitHub API. Here are my findings. Using CATS to fuzz part of the Github API.

Self-Study in November 2022

Nov 1, 2022 - 4 minute read - Comments - self-study-aggregation 2022 november apisix auth bdd c c++c-language cache clang comparison compilation-cache cpp curl cve distribution download end-to-end-testing fuzz-testing fuzzing gcc generator-function hacker-news hosting http imported internet javascript learning measurement minimum-viable-product mvp open-source openssh openssl optimization parser performance pgsql plain-text poc postgresql postgrest programming proof-of-concept protection python rust speedup sql ssh sshguard statistics testing tom-mewett tool torrent webrtc webtorrent wireguard yield

Doing what you love when the money won’t follow https://news.ycombinator.com/item?id=33434326 Tags: imported, hacker-news Id: 509ce49c-c1a4-11ed-afdd-0242ac110004 Read: Wed Nov 2 12:01:16 2022 Ask HN: How to deal with burnout and its consequences? https://news.ycombinator.com/item?id=33434742 Tags: imported, hacker-news Id: 52f6012e-c1a4-11ed-b778-0242ac110004 Read: Wed Nov 2 12:38:33 2022 Embedded programming is like web development https://news.ycombinator.com/item?id=33450575 Tags: imported, hacker-news Id: 59ea8176-c1a4-11ed-9922-0242ac110004 Read: Thu Nov 3 13:24:05 2022 Ask HN: How to regain focus when you feel overwhelmed?

Self-Study in October 2022

Oct 1, 2022 - 7 minute read - Comments - self-study-aggregation 2022 october asdf assembly aws aws-account bash bash-boilerplate c c++c-language c-programming-language career career-management cdn ceres cheat-sheet cloudflare comparison configuration content-delivery-network cosmopolitan-libc crdt crosscompilation cryptography data-isolation database debugging dev-environment digraph docker electric-sql employment file file-system free free-tier glue hacker-news horocrux html-content imported installation intel ionotify isolation javascript js libc local microservice non-html-content non-linear-optimization offline openssl operator optimization optimization-library patch physical-isolation port postgresml programming progressive-web-app pwa python quirk react redis risk-management safety salary salary-transparency scripting setup shamir-secret-sharing shard shell shellcheck sqlite ssss stacktrace synchronization tactic tips tool transpilation tricks trigraph unix vulnerability wasm watch watchman web-assembly webassembly x64 zero-knowledge-proof zkp

The Art of Logging https://news.ycombinator.com/item?id=33054741 Tags: imported, hacker-news Id: 02a22390-c1a1-11ed-b61a-0242ac110004 Read: Sun Oct 2 10:42:15 2022 “Rust is safe” is not some kind of absolute guarantee of code safety https://news.ycombinator.com/item?id=33056077 Tags: imported, hacker-news Id: 12483f20-c1a4-11ed-84be-0242ac110004 Read: Sun Oct 2 14:20:21 2022 Have lots of AWS accounts Using the physical separation of your AWS accounts as a way to isolate the data and services https://news.ycombinator.com/item?id=33069547 Tags: aws, aws-account, physical-isolation, isolation, data-isolation, risk-management, imported, hacker-news

Self-Study in September 2022

Sep 1, 2022 - 6 minute read - Comments - self-study-aggregation 2022 september 10x-programmer accounting architecture architecture-pattern branch brooks-law bruteforce business-rules c carmack cheating chess computer-peripheral cryptography database david-allen domain-specific embedded-software fabrice-bellard feature-branch ffmpeg getting-things-done git github gtd hacker-news hagiography hash imported inbox-zero john-von-neumann ken-thompson late-project layer management merge merge-conflict password password-cracker productivity programming-language project rainbow-table rebase rules separation social-engineering solid solid-principles teaching time-management windows

The forty-year programmer https://news.ycombinator.com/item?id=32690892 Tags: imported, hacker-news Id: e23d7fb0-c1a4-11ed-a032-0242ac110004 Read: Fri Sep 2 13:55:12 2022 Cheating at chess with a computer for my shoes https://news.ycombinator.com/item?id=32729105 Tags: imported, hacker-news Id: e489c7ce-c1a4-11ed-b44b-0242ac110004 Read: Mon Sep 5 20:34:15 2022 A history of cheating in chess (2) Describes several attempts to cheat in chess, including one by a black dreadlock John von Neumann Tags: chess, cheating, computer-peripheral, ken-thompson, john-von-neumann Id: 2cac0610-2dc2-11ed-8876-0242ac110003 Read: Tue, 06 Sep 2022 08:59:11 +0000

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40