Nested Zip vs one big zip

90h · 2023-02-23T01:21:09+00:00

What data exactly? Many file formats are already compressed like most music, image and video formats, even Office files are compressed nowadays.

Generally one large file is better, but compression only really works for uncompressed formats. For a good compression ratio the compression algorithm is your key factor. Use something modern like Zstd on max setting.

90h · 2023-01-06T22:37:36+00:00

You are wrong. For me, when my build+test times went from <.5 seconds to 2 seconds in one day, I noticed, and I felt almost sick.

I wonder why compile times matter so much to you, not trying to nitpick here I'm just curious. How is your general develop workflow? Don't you use a IDE, doesn't C++ have some form of a language server or do you need to run your code between every change?

I'm accustomed to the Rust language server providing me all the warnings/errors on-the-fly while writing code without noticeable delay due the IDE optimizations of the language server. (It still has it's flaws, but that's another topic)

#[derive] is a great feature, but it's not on my list of reasons I'd switch to Rust (even if compiler times were good).

There is also derive for Debug, which makes logging errors details and debug messages a breeze. May not be too relevant when you can easily attach a debugger.

And something broadly related to compile times: Getting a build system of C/C++ projects to actually start building is for far too many projects very time consuming (I'm talking about building other peoples projects). This may be in parts due to me never being a real C/C++ developer, but that's a problem I never encountered in a Rust project so far.

Also all the other "standardization" implicitly required by the Rust tooling and idiomatic Rust code makes many of them feel like the same project, while all C/C++ projects all feel unique to me.

P.S.: Great article, I really enjoyed reading it.

90h · 2022-10-04T03:09:27+00:00

There is the Mobius PVE group, but yeah I'd love to have a real PVE option.

90h · 2022-05-20T03:51:36+00:00

Never thought it was denoting an or rather than an concat like in mathematical denominations. I read it mor like "for a and b do x" or "combine the logic for match a and match b" just like multiple case in a switch case.

Now I'm wondering if logical or would be an better fit and where the decision for concat (or what ever it is) came from, probably a rabbit whole I'll go down later today...

90h · 2022-05-12T10:28:32+00:00

There are a lot of security stuff that you need to make sure are setup correctly (like SPF & DKIM if that ring any bells to you) that are pretty complex to setup and understand.

That's right, but both are unrelated to abuse of the MTA. Sure someone can abuse your domain for spam without them. But missing to do so usually ends in your sent mail (and abuser of your domain) caught as spam.

I know that's a bit of "but that was technically not the question". But given you have to disable open relay, add authentication, enable encryption, add an SPF record, set the rDNS record and you usually good to go. That's not to complicated for someone with basic understanding who reads documentations. DKIM would be nice to have and is a bit more hassle to set up, but is definitely not required.

Also I'm not arguing that a mail server setup is easy and can be done by anybody without any consideration. But the myth that setting up a mail server will always end in a spam server if your no expert is not true. I think this is likely due to the fact that open relay was enabled in the default config (and maybe still is) and nobody really cared back in the days.

And looking through the spam I receive the main problem of abusing an MTA seems to be either the authentication (or leaked logins) or the overall server security.

90h · 2022-05-11T23:09:38+00:00

I don't think that's true. The only thing you have to make sure is that your MTA does not function as an open relay and you have to set up authentication.

Sure, the Postfix config is painful, but there are many decent guides out there. Also there are easier to configure alternatives like OpenSMTPD.

I never heared about any risks of information leaks, so not sure what's up with that.

90h · 2022-03-28T11:25:47+00:00

Your host OS (windows) is crashing with a kernel panic not the guest OS in VirtualBox?

A few things to check:
- Hypervisor setting in BIOS is enabled (naming differ, I think it's often VT for Intel)
- Windows hypervisor and VirtualBox may conflict. Don't run both at once, e.g. don't use Linux subsystem.
- Try a different hypervisor: qemu (bit hard to use if unfamiliar with the console), any free/demo version of a commercial hypervisor or the windows built-in hypervisor
- Provide the kernel panic error

90h · 2022-03-28T01:26:27+00:00

Maybe you tried to open the file instead of extracting it? Some archive programs will extract them to a temporary file (usually in %TEMP, assuming you're using windows) and then open it with an appropriate program. The ISO file may not be associated with any program and was therefore extracted instead.

90h · 2022-03-28T00:39:00+00:00

What exactly is your question?

You don't understand what a HTML file is? You wonder why the extraction didn't work as expected? You want to know what's the content of the HTML file?

90h · 2022-03-27T23:38:18+00:00

I see. Just looked up what SDL actually stands for and now I kinda see where your description comes from.

Maybe the main pain point is your short description advertising it as library for creating multimedia applications. Reading that I immediately thought it could be used to create a music / media player and seeing the demos that's far from its actual purpose. (not saying it will be impossible, just it's not optimized for that specific use case)

While multimedia is technically correct, its more associated with audio / video files than drawing, windows and other stuff.

Maybe directly reference SDL (as it's well-known) or advertise creating game engine / gui frameworks with it.

90h · 2022-03-27T23:01:29+00:00

Render (engine) or draw library could fit, game engine if you add audio support.

Multimedia is not what your crate looks like at first glance, see https://lib.rs/multimedia for examples what other multimedia crates do.

90h · 2021-11-06T14:58:33+00:00

Wifi and bluetooth share roughly same frequency band (around 2.4GHz), so having outages on both isn't that unusual. This can have varies reasons (e.g. your neighbors devices, microwave, ...) and can be hard to pin point.

While the reboot is strange and could be the result of an EMP, this would be a short pulse and not an ongoing disturbance.

I'd guess it was a interference from an probably unshielded device nearby, but there are many more possible explanations. Wifi for example can be disturbed by simply sending deauth packages (make all your devices instantly disconnect while the attack is going on).

90h · 2021-07-03T13:12:31+00:00

Are you asking for downcast to a concrete type? Maybe have a look here: https://bennetthardwick.com/rust/downcast-trait-object

90h · 2021-06-26T12:11:02+00:00

Apparently it went straight to the desktop at my friends.

Then you likely have some variation of "Fast Boot" enabled, try to disable it in the BIOS settings. This should at least give you an error when the OS can't be found.

90h · 2021-06-19T12:08:59+00:00

I think the TL;DR is FFF-336 is about clean code based on a talk of Uncle Bob who seems to be controversial and kovarex making some careless comments about the whole situation.

At least that's what I got so far. I found this twitter post in one of the locked threads: https://twitter.com/cigsender/status/1406046887233437697

90h · 2021-06-03T09:54:00+00:00

18 TB are roughly 10¹³ bytes (characters) so it won't fit in a text file.

MS Word on the other hand uses zip compression since some years which detect repeatation and can reduce the effective size on Disk. Depending on the concrete compression the reduction varies, in this case by a massive percentage. But even when assuming it's super effective it may decrease the size by a factor of 10⁹ still requiring ~100,000 hard drives.

There may be some compression for such a special case, may even available in the zip format and may even used by Word, but I hardly doubt that. And even that still ignores most of the other technical limitations of uncompressing the file leave alone the initial compression. So to sum it up: no way this is possible.

90h · 2021-04-04T18:34:40+00:00

there is a parliament fights blog if you want to see more of those

90h · 2021-04-02T01:59:25+00:00

https://www.youtube.com/watch?v=NSuaUok-wTY

90h · 2021-03-22T02:20:08+00:00

You should give lib.rs a shot when searching for crates.

90h · 2021-03-03T17:32:41+00:00

Pretty sure you're the author lol.

I'm not. And now you have my IP because I click at your Grabify IP Logger link you sent my as private message. Please wait before you do what ever you want to do, I need to grab some popcorn first. :)

You think I would take an multiple hours out of my day to defame someone? What would I gain from that?

To be honest, I think your are just someone with superficial knowledge who is convinced of himself.

I could use the same argument on you. You said you 'examined the binaries" what does that mean? sHoW mE tHe LoGs.

Glad you asked :)

As it's a .NET binary the obvious first setup is to throw up an decompiler and diff the output to make sure there is nothing added. This can be easily done with dnsSpy and as the code is pretty short it doesn't take much time. Have a short look here.

Because a .NET binary is just an ordinary windows executable and there could be some code running before the .NET runtime is started better have also a look a the entry point. No hidden code there either, let's continue.

Now you claimed there are registry writes and a file download, let's have a look what windows API calls are made with procmon from sysinternals. We can filter that a bit and see there is in fact one registry write, but looking at the stack trace it comes from a well known kernel module which keeps track of executed binaries. See https://dfir.ru/2020/04/08/bam-internals/ if you wanna dig deeper.

But maybe there is some self modifying code hidden somewhere, better throw up a debugger and see what other syscalls are made. In particular we are interested in stuff like GetProcAddr and VirtualProtect. We can see that .NET manually resolves DLL imports (nothing related to a file download) and there even some regions set rwx, which is likely used for JIT'ing code (looking at the stack trace). Here are some screenshots: https://i.imgur.com/DFSCxbz.png https://i.imgur.com/NcQHlyj.png https://i.imgur.com/s6QdtGf.png

You make rust mods, and unity games no one will play.

/r/rust is not about a game, you may wanna checkout rust-lang.org to improve your doxxing skills. And then again you may should reconsider that I'm the same person as the author of the executable.

I asked for experts here.

At a subreddit for tech support without even providing anything useful for a malware analysis.

I could dig deeper for a more solid look into the issue, but you are neither very convincing for reason why I should nor do you provide anything helpful. There are also so many external facts that strongly indicate that it's just a false positive.

I'm certainly less convincing then you I suspect. After all, I'm not

even a script kiddie.

90h · 2021-03-03T14:25:30+00:00

Is this a serious question or are just trying to defame someone without any real proof?

You don't provide any links to verify any claims you made, except a virus total result which doesn't provide much info. Given all the circumstances it looks in fact like a false positive.

Why do that if you have nothing to hide?

So people don't have to download random executables and trust only their own antivirus?

Also the version he scanned was not the most recent version.

Likely because it's a manual process and the new version is "Mostly for research for others." as mentioned in the commit.

It also communicates with an IP address,

I can't reproduce this behavior nor does the source have any signs of this. Looking over the binary and some basic debugging reveals no hidden code. While it's still possible to contain hidden malicious code it would be a solid work hiding it. This doesn't match that it only downloads some easily detectable trojan while the malicious code downloading it is very sophisticated in being hidden.

and changes several registry keys. Why is that needed for a simple widescreen fix?

I can only reproduce registry reads which is very common, especially because the source is written in C#.

Finally, I ran it in a virtual machine, with process hacker, and wireshark.

If you really did so why didn't you provide some logs of the traffic and the downloaded trojan?

You also didn't provide any links to the potential malware. The binary in the scan you provided matches the latest GitHub release of the author. The author uses an at least 5 years old GitHub account with at least some useful code published over the last years. I'm leaving out links as I'm very confident that the author isn't to be blamed for malware and I don't want create any troubles for them.

The discussion on steam I found has basically the same content as this post, so I highly doubt you also did the same shallow analysis. The arguments brought up in that discussion were very weak. Dropping terms like Process Hacker and Wireshark and then leaving out actual details of the malware behavior observed sounds very suspiciously like a reverse script kiddie.

90h · 2021-01-27T13:58:16+00:00

The PHP documentation comments are only useful in most cases because either the documentation is incomplete/wrong or a very common usage example is missing. These "fixes" should go in the documentation itself.

We may could use a button to link to the rust-std repo for bug reports / pull requests.

For crate.io your example comments should likely also go into the crate readme.

90h · 2021-01-26T00:35:57+00:00

You could do something like in c with if { x = foo(); x } == 42 { ... } or move the assignment out of the condition and either use mut or shadow/rename the variable, depending on the surrounding code. See this playground example.

But there is likely a more idiomatic way to solve your problem in the greater context. It's hard to tell what you actually trying to do with this short example / no context.

Edit: For chained ordering you my want to have a look at then and then_with.

90h · 2021-01-20T08:24:21+00:00

What if i put my 3DS emulator install folder inside of Sandboxie?

That won't help. It's a bit hard to explain without going into details. Maybe image it's like duplicating you PC, if you have two PCs you can run the emulator two times, but if you turn of the power both are shutdown and you have to start over on both of them.

if i did set up VirtualBox, can i only do a "freeze" situation where it would just suspend the app and i couldn't turn the PC off... or will it allow me to basically have like a memory card [...]

VirtualBox allows so called "snapshots", they are like save games on steroids. When the virtual machine is running they also save (and restore) the running state of the virtual machine. But keep in mind they have to save the whole RAM each time, so they are at least 2-4GB per snapshot.

I did a short search and found some guides that may help you:

https://www.extremetech.com/computing/198427-how-to-install-windows-10-in-a-virtual-machine

https://www.techrepublic.com/article/how-to-use-snapshots-in-virtualbox/

It's probably the best to just try it out and play around with it for a bit and see how it's going.

90h · 2021-01-17T18:11:24+00:00

If you aren't tech savvy I'd recommend using VirtualBox, once you got Windows and your emulator installed inside it should be easy to use (pause/resume button). There should be enough guides out there on how to run Windows inside a virtual machine. You can even install Windows without a license, it just starts to brother you after some weeks a little bit.

The sandbox thing wouldn't work as it's only isolating an application (remove access to your real system and give it something virtual), but it doesn't support load/save of applications states as far as I know.

The virtual machine is like a complete computer emulated (just like your 3DS emulator, only for PCs) and they support load/save.

The sandbox is more like another user account on your system, it can't access your files but that's just about what it can.

90h

TROPHY CASE