Python context managers somewhat require it. You have to create an object on which you can call `__enter__`.
You can make globals thread safe by using thread locals. You can make methods using them reentrant by carefully saving and restoring state. What about exceptions? Any exception from `process()` is going to leave this…
100% agree with the AI on @cache decorator. It's a footgun and should never be recommended without a proper disclaimer. Unless it's a simple "single shoot" script, you really do not want the cache global like that.
Zotero Flatpak comes with 4 year old Firefox binary and full access to your home directory. The compromise currently being made here is your security.
This is how all undefined behavior works. It seems to be working now but breaks with new CPU, GCC version or on wrong moon phase. "-Wcast-align=strict" will work in this but not all cases - that's why we have UBSAN: $…
You can pin your JVM process to a single core and will effectively get Python multithreading model.
Defining string as a sequence of unicode codepoints is the mistake. Nobody ever cares about unicode codepoints. You either want the number of bytes or the width of the string on screen. UTF-32 codepoints waste space and…
Object oriented programming is not about defining classes. It's about using objects. You don't have to define new classes to do OOP. Just use existing classes and objects polymorphically! url_layout.format()…
First issue mentioned: CVE-2019-6111 is an example of such attack.
The problem with scp is that the trust also needs to go the other way. There is a lot of ways ssh server can trick the client into doing bad things on your local machine.
Mocks have to be updated and fixed every time you do any meaningful changes in production code. Good fake can be reused in many tests and will keep behaving like a real thing with minimum maintenance. Much less complex…
Extra bytes at end of file will be ignored by most formats. You generally don't want to depend on file length.
There is nothing you can do with text file with unknown encoding but treat it as an array of bytes. If you start guessing the encoding, at best it won't work in some cases, at worst you are introducing security…
MPEG4 the video codec is https://en.wikipedia.org/wiki/MPEG-4_Part_2 mp4 the media container is https://en.wikipedia.org/wiki/MPEG-4_Part_14 MPEG-2 part 4 is some conformance testing specification.
What kind of business is that? How are you funding it? 18000 euros is rather insignificant on business scale.
> For example, under a proper UBI I’d quit my job and start a business. Under this time limited experiment I never would have. What business would you start that takes more than 2 years to validate but takes basically…
Constant expressions are evaluated at compile time. Compilation would suffer any eventual performance penalties. This probably makes the compiler simpler - no need to implement different arithmetic for different types &…
If you do SCTP in user space with UDP encapsulation, most of its benefits disappear (and you have to do that - also because of Windows). It's standard only on paper. There is only one significant user space…
PEP-393 is a stupid compromise. They couldn't choose between UCS-2 and UCS-4, so they are using both. They are wasting tons of CPU cycles converting between them and single character outside of range doubles the size of…
Even outside Web, you still have mostly-ASCII: * filenames * identifiers * config files * text protocols * host names, email addresses * embedded scripts (including SQL and OpenGL shaders) * command line interfaces *…
I've used both LD_PRELOAD and Detours and I like LD_PRELOAD so much better. LD_PRELOAD just needs single standard shared library and one environment variable. With Detours you have to: inject code into executable, stop…
I'm guessing this mostly happens during serialization to and from strings. One programmer does String.valueOf(x) instead of x.toString() to prevent NullPointerExceptions. This works pretty well until the next guy does x…
From: https://github.com/aosabook/500lines/blob/master/ci/code/hel... s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.connect((host, port)) s.send(request) response = s.recv(1024) s.close() Is that correct use…
Are you talking about changing source address in IP header? Most ISPs will drop such packets: https://tools.ietf.org/html/rfc3013#section-4.3
That's onion -> web. If you are connecting to onion address, your packets do not enter plain text internet. Unless you are using some sort of "enter node".
Python context managers somewhat require it. You have to create an object on which you can call `__enter__`.
You can make globals thread safe by using thread locals. You can make methods using them reentrant by carefully saving and restoring state. What about exceptions? Any exception from `process()` is going to leave this…
100% agree with the AI on @cache decorator. It's a footgun and should never be recommended without a proper disclaimer. Unless it's a simple "single shoot" script, you really do not want the cache global like that.
Zotero Flatpak comes with 4 year old Firefox binary and full access to your home directory. The compromise currently being made here is your security.
This is how all undefined behavior works. It seems to be working now but breaks with new CPU, GCC version or on wrong moon phase. "-Wcast-align=strict" will work in this but not all cases - that's why we have UBSAN: $…
You can pin your JVM process to a single core and will effectively get Python multithreading model.
Defining string as a sequence of unicode codepoints is the mistake. Nobody ever cares about unicode codepoints. You either want the number of bytes or the width of the string on screen. UTF-32 codepoints waste space and…
Object oriented programming is not about defining classes. It's about using objects. You don't have to define new classes to do OOP. Just use existing classes and objects polymorphically! url_layout.format()…
First issue mentioned: CVE-2019-6111 is an example of such attack.
The problem with scp is that the trust also needs to go the other way. There is a lot of ways ssh server can trick the client into doing bad things on your local machine.
Mocks have to be updated and fixed every time you do any meaningful changes in production code. Good fake can be reused in many tests and will keep behaving like a real thing with minimum maintenance. Much less complex…
Extra bytes at end of file will be ignored by most formats. You generally don't want to depend on file length.
There is nothing you can do with text file with unknown encoding but treat it as an array of bytes. If you start guessing the encoding, at best it won't work in some cases, at worst you are introducing security…
MPEG4 the video codec is https://en.wikipedia.org/wiki/MPEG-4_Part_2 mp4 the media container is https://en.wikipedia.org/wiki/MPEG-4_Part_14 MPEG-2 part 4 is some conformance testing specification.
What kind of business is that? How are you funding it? 18000 euros is rather insignificant on business scale.
> For example, under a proper UBI I’d quit my job and start a business. Under this time limited experiment I never would have. What business would you start that takes more than 2 years to validate but takes basically…
Constant expressions are evaluated at compile time. Compilation would suffer any eventual performance penalties. This probably makes the compiler simpler - no need to implement different arithmetic for different types &…
If you do SCTP in user space with UDP encapsulation, most of its benefits disappear (and you have to do that - also because of Windows). It's standard only on paper. There is only one significant user space…
PEP-393 is a stupid compromise. They couldn't choose between UCS-2 and UCS-4, so they are using both. They are wasting tons of CPU cycles converting between them and single character outside of range doubles the size of…
Even outside Web, you still have mostly-ASCII: * filenames * identifiers * config files * text protocols * host names, email addresses * embedded scripts (including SQL and OpenGL shaders) * command line interfaces *…
I've used both LD_PRELOAD and Detours and I like LD_PRELOAD so much better. LD_PRELOAD just needs single standard shared library and one environment variable. With Detours you have to: inject code into executable, stop…
I'm guessing this mostly happens during serialization to and from strings. One programmer does String.valueOf(x) instead of x.toString() to prevent NullPointerExceptions. This works pretty well until the next guy does x…
From: https://github.com/aosabook/500lines/blob/master/ci/code/hel... s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.connect((host, port)) s.send(request) response = s.recv(1024) s.close() Is that correct use…
Are you talking about changing source address in IP header? Most ISPs will drop such packets: https://tools.ietf.org/html/rfc3013#section-4.3
That's onion -> web. If you are connecting to onion address, your packets do not enter plain text internet. Unless you are using some sort of "enter node".