The Unclear Impact

The Unclear Impact

Krist贸f Marussy ferdium馃巰 | @kristof@pleroma.marussy.com

I'm a researcher working on the extra-functional requirements and formal verification of cyber-physical system architectures.
I also like free (as in liberty) software, privacy enhancing technologies, and cryptography.

I may not be trans but transgender hating script kiddies are too incompetent to tell the difference. Donkey Kong says trans rights = human rights.

If you see a Java performance optimization guide that talks about any of:

* Long methods
* Lots of small objects
* If-else statements

etc

then you should just throw the guide away and look for another resource.

The JIT and the modern GCs are _beasts_. You aren't going to get finely-tuned-C++ level performance (at least with the JVM you are most likely using), but any of the advice from 20-30 years ago (that has stuck around nonetheless) just needs to be thrown out.

@hrefna the scariest thing i've seen with java was when we were optimizing a complex data structure that was doing pointer chasing and allocations all over the place (the sort of thing people warn about being slow), and it turned out after microbenchmarking that the actual slowest part was the % 6 we had in a hash computation for an array index. ablobfoxdundundunowo

GC-that-turns-allocations-into-atomic-increments-and-compacts-your-objects is a beast indeed

@dalias i'll be something evil with sequence points, won't it? blobfoxshocked

@julesh wouldn't that be the same thing, just 24 hours earlier? blobfoxthonking

linux

postgres 15 -> 16 migration took 28 hours for my tiny 5.2 GB database... i probably messed something up with the config blobfoxthink

I can finally reveal some research I've been involved with over the past year or so.

We (@redford, @mrtick and I) have reverse engineered the PLC code of NEWAG Impuls EMUs. These trains were locking up for arbitrary reasons after being serviced at third-party workshops. The manufacturer argued that this was because of malpractice by these workshops, and that they should be serviced by them instead of third parties.

1/4

@mrtick@infosec.exchange in front of an Impuls.

arch linux

if resume from hibernation from a swap file is not working on [testing] currently, probably (the lack of) this is the reason: https://github.com/systemd/systemd/commit/b7c1f9eaf490c65c431af9fd93d974479ab315aa

@shriramk i guess then if it's doing bugger all, it's \prod

linux

intellij decided to crash #swayvm sporadically, so it's relegated into a nested sway session until i can figure out what's going wrong blobfoxannoyed

To FLOSS projects but also individuals: Please stop relying on GitHub, Discord or other proprietary services. What happened to Twitter and Unity WILL happen to them as well.

Also people shouldn't have to use proprietary software or services to contribute to FLOSS projects, that just doesn't make any sense.

java

java.lang.NullPointerException: Cannot read field 鈥淲鈥 because 鈥渢his鈥 is null

this doesn鈥檛 sound healthy at all

(trying to cross-build a docker container for aarch64 using jlink with buildx and qemu binfmt_misc)

rust, java, cursed

i have a sudden urge to combine tauri with the jni invocation api

re: linux

@robby i accidentally rsynced something to my server into the directory named '~' instead of into my home directory, and i tried to get rid of it

(a very poor man鈥檚 deployment solution when i work on the app at https://refinery.services 鈥 rsync the jar into my home directory, then sudo mv into /var/lib where it should live and restart the corresponding systemd service. the funny thing is that this project is sponsored by amazon science, but we have our AWS guy on vacation, and debugging research software on my own VPS is much easier)

linux

so i just issued the command rm -rf ~ instead of rm -rf '~' blobfoxfacepalm

good thing i have btrfs snapshots

i wish i understood more Coq (or french in general)

drm

https://support.github.com/contact/report-abuse?category=report-content&report=RupertBenWiser&report_content_url=https%3A%2F%2Fgithub.com%2FRupertBenWiser%2FWeb-Environment-Integrity&report_id=26461279&report_type=content#contact_comments

The repository contains a proposal for a piece of malware which, through remote attestation, directly threatens browser diversity (by only allowing officially certified builds of a handful of browsers to access webpages), operating system diversity (by only allowing certified builds of certain operating systems), device diversity (by only allowing devices with certified firmware) and computer architecture diversity (by only allowing architectures where such certified firmware, OS, and browsers exist). As such, it poses a critical threat to innovation and free and open source software.

By taking away users鈥 ability to customize their user agents, computing technology not only becomes solely a vehicle for corporate profit, but we also risk extinguishing the very human curiosity and experimentation that is needed to produce the next generation of developers. More broadly, by forcing people to watch advertisements in their browser without the possibility filtering in order to access any web service (likely including government services), we expose citizens to mandatory misinformation. Locked down platforms also promote government surveillance and control, destroying democracy itself by removing the possibility of protest and dissent.

While some people might be able to buy a non-locked down device (in addition to a locked-down device required to access websites with integrity requirements), the proposal discriminates against people with no economic means to do so. Disabled people are also discriminated against, especially if they need accessibility tools not certified and locked down for attestation.

Therefore, any attempt to lock down the web and adopt DRM ubiquitously should be stopped at all costs.

drm

who will write magisk for the web and how long will they take to get hired by google anyways?

@reto it probably works 鈥 but i set up UKI and signing before systemd 253 (so no ukify) and never bothered to migrate

when my script finally broke, i was trying to fix my system that didn鈥檛 boot and just went with the first option for building a UKI from the arch wiki opened on my phone

hacked the userChrome.css of the new @thunderbird 115 a bit to make it better fit my mostly vimix themed desktop (sans the redaction bars)

https://linx.marussy.com/lhd42vo6.css

i guess i could make a theme, but this is easier blobfoxlaughsweat

screenshot of the toolbar and some of the message list view of thunderbird 115 with customized colors, increased UI density, semi-transparent search bar on the right, full width quick filter bar, and hidden year switcher in the agenda view. some mailboxes and e-mails were redacted with black bars

apparently, my EFI UKI building script hodge-podged together with objcopy stopped working, so i moved to building UKI with mkinitcpio

so far so good blobfoxcomfycomputer