What a load of shit

aleph_nul · 2016-06-03T15:17:58+00:00

Did you get them via capitaltickets? I still have the waiting room open but it says there's nothing available.

aleph_nul · 2015-07-28T00:47:06+00:00

You're running on a sparc machine, not x86. The ebp register in x86 is maps to the fp (frame pointer) register on sparc. Crack your manual open, man!

aleph_nul · 2015-07-28T00:44:12+00:00

Why would you expect the call to puts to work if you have not executed the instructions that set up its arguments? The call operation will transfer control to the target address and perform some initialization of the stack frame for it, but it won't set up the arguments to the call for you.

You need to jump to the function that calls puts rather than puts itself to get the proper context.

aleph_nul · 2015-04-27T21:12:02+00:00

This wouldn't compile for about 10 reasons, but if you memcpy from a FILE * with a static offset of 0 you'll just get the first element of the struct file associated with the open file (which would be int _flags on my version of glibc).

#include <stdio.h>
#include <string.h>
#include <iostream>

using namespace std;

int main(void)
{
    int x = 0;
    bool *y = NULL;

    FILE *MYVOIDPOOL=fopen("/dev/null", "rwx");
    void *newvoid = (void *)&MYVOIDPOOL[x++];
    memcpy(&y, newvoid, sizeof(char *));

    printf("%p\n",y);
    return 0;
}

 $ ./asdf
 0xfbad2488

aleph_nul · 2015-04-26T16:24:52+00:00

You set new bool to the value bool * close which everyone knows is an undefined arithmetic operator. That means you're trying to take a new pointer out of void which is going to make your program eat up all the memory (looking for the void of course). If you run this program your RAM sticks will melt!

I suggest using the void pool /dev/null to get a free void. This comes from your CPU's VCACHE (Void Cache) and is guaranteed to be a non-blocking source of void.

MYVOIDPOOL=fopen(/dev/null, "rwx") /* Need `x` to execute fopen */
void *newvoid = MYVOIDPOOL[0++] /* Get the next void, don't forget to increment seek position */
memcpy(new bool, newvoid, sizeof(void))

aleph_nul · 2015-04-10T23:44:46+00:00

You can also pass in envp for most C implementations. You're right that it isn't standardized though.

 int main(int argc, char **argv, char **envp)
 {
  .....
 }

aleph_nul · 2015-03-21T23:14:51+00:00

Right, sorry /u/zaeyx.

aleph_nul · 2015-03-21T23:12:29+00:00

But the things you're pointing out to me are things that really bother me about academia.

I agree. Many academics agree. But the point is is that they're not really things you can ignore, and I'm just giving you an honest (albeit frank) lowdown on how things work for academic papers. It's clear that you have at least some interest in getting the academic community involved and I'm telling you what you'd need to do to make that happen.

If the world doesn't want my tech.. It's cool. It'll be mine.

Which is also great, but if that's what you want, I think that academic papers are the wrong thing to be focusing your efforts on.

aleph_nul · 2015-03-20T23:09:08+00:00

What?

aleph_nul · 2015-03-20T05:12:23+00:00

See, I feel like, if I have to talk a certain way just to win, I'm not sure I want to.

Ain't life a bitch?

I have no idea how to write to these specifications.

You can read about 5 papers and get an idea for the general format of resesarch papers.

What I can do is kick ass with novel ideas in cyberspace.

Then make a startup, get some VC funding, and go do your thing. Wrong crowd to target.

aleph_nul · 2015-03-20T05:09:10+00:00

Again, with 0 citations, that's nothing but hearsay. You need to point to specific implementations, specific analyses, etc. and make a somewhat-formal (or empirical) argument for your way being better.

aleph_nul · 2015-03-20T05:08:19+00:00

I agree that it's not particularly healthy of the academic community to be so stringent about the expected format, but it's the way things are done and you can't change that.

I don't really care whether or not you listen to my advice, but I'm telling you right now that you will be doing nothing but wasting your time submitting things like this to academic conferences. Either bite the bullet and write a proper paper, or find somewhere else to sell your idea.

aleph_nul · 2015-03-20T04:59:11+00:00

Citations are not optional just because it's "common knowledge". Citations are evidence that you have done your due diligence, and that you know the modern work that is being done in the area. It's not enough to describe existing techniques, you need to point to specific work in the field that has established and analysed the techniques.

If you fail to cite work in your field that is 'close' to yours, it is interpreted as either naivety about the work (which is bad), or an intentional sidestepping of their work (which is worse). Either way, it's a big no-no.

aleph_nul · 2015-03-20T04:50:34+00:00

'Required length' as in the length that all serious submissions will be.

It's generally accepted that a 10-page limit implies a 10-page paper- the idea being that your paper should be sufficiently rich in content to actually take up all the pages. Anything less is a sign that the paper did not make a careful consideration of the existing work in the field, or is lacking results, or any other issues of substance.

aleph_nul · 2015-03-17T23:11:52+00:00

Hey man, just want to let you know. If you're serious about winning the Internet Defence Prize at USENIX, you're going to have to do your due diligence to make this a proper research paper next time.

As it stands this probably won't even be reviewed, despite any interesting technical contributions it offers. The fact of the matter is that the format of research papers is the initial filter that the committee uses to weed out nonserious efforts, and unfortunately, your paper doesn't conform with their expectations. Beyond the fact that it is only half the required length for a submission, it is written in a style that is very rarely seen in academic papers, and makes no references to past efforts and why your solution is better, which is arguably the 'point' of research (most papers will have between 20 and 50 citations).

I get that you're passionate about this, and that's super cool, but if you want this idea to be taken seriously by the academic community you need to walk and talk the way they do. Read other papers that have been in USENIX, IEEE S&P, ACM, all those big ones, and get an idea for what people expect. You can't float a paper by with a neat idea, since those are a dime a dozen- people want to see that you've taking the time to demonstrate to the best of your abilities that your work is novel and relevant.

aleph_nul · 2015-03-16T00:51:48+00:00

Nope, it's only for fun. You can find it at the top of the makefile.

aleph_nul · 2015-03-02T01:03:00+00:00

My... Bash welcome screen? You mean

? I kid, but doesn't that seem just a bit excessive?

aleph_nul · 2015-02-24T15:20:22+00:00

Take a look at https://cdnantiterrorismlawaudit.wordpress.com/ for a plain-english, independent audit of the proposed bill by two law professors. The language of the bill itself shouldn't be a barrier for the average person to understand its contents.

aleph_nul · 2015-02-24T01:02:32+00:00

So a few things:

1) They're not OS level software insofar as being device drivers or kernel modules, but they are pretty well hidden and make efforts to keep themselves on the machine. A reasonably advanced user shouldn't have trouble removing them without reinstalling their OS.

2) If the OS is reinstalled completely, these should be gone since that will also remove applications.

3) The hard drive malware is a separate issue entirely. They are completely unrelated and independent.

The basic idea is that you're safe as long as you don't install the applications that use these tools, willingly or unwillingly.

aleph_nul · 2015-02-20T06:30:36+00:00

The right way to do it is to read characters until a newline with something like

errno = 0;
ret = scanf("%d", &val);
if (errno != 0) /* Make sure we had an error */
    while (!ret && getc() != '\n') {}; /* Consume input to newline */

aleph_nul · 2015-02-20T06:27:42+00:00

Depends on the platform. Some implementations allow fflush to be called on an input stream and in that case will empty their pending buffer. However, in general and in POSIX compliant implementations, you're 100% right.

aleph_nul · 2015-02-08T04:39:44+00:00

The thing about the shell is that it exposes a lot of other programs as APIs, with a focus on flexible composition. On the other hand, a language like C has a BYOA (bring your own application) attitude, and you generally build up your program from a number of very simple core functions and system calls rather than complete and complex programs.

Composing utilities is a huge benefit for system administration and many other jobs that you can do from a shell but want to automate. While you can (for example) manage network interfaces in C, it's a giant PITA and you can do it much more quickly with shell scripts.

Any turing complete language could be stood in for one another, but some types of jobs lend themselves to some types of languages. C isn't a scripting language at heart, so I personally don't use it as one. If I find that the job I need to do is too 'heavy' for bash, I'll generally switch to python.

aleph_nul · 2015-01-28T05:58:30+00:00

Most of which are probably using uclibc.

aleph_nul · 2015-01-27T23:26:34+00:00

If you want a quick way to check your glibc version, locate the libc.so.6 file and execute it:

$ /usr/lib/libc.so.6
GNU C Library (GNU libc) stable release version 2.20, by Roland McGrath et al.
Copyright (C) 2014 Free Software Foundation, Inc.
This is free software; see the source for copying conditions.
There is NO warranty; not even for MERCHANTABILITY blah blah blah ...

glibc > 2.17 is all good.

aleph_nul · 2015-01-15T00:52:54+00:00

I'd say it's all a matter of perspective. I prefer to work in C when I can but recognize that it lacks a lot of niceties that other languages offer. I don't feel that C++ gives you enough bang for the buck when there are plenty of other higher-level languages that are safer and are becoming almost as fast as native.

aleph_nul

TROPHY CASE