I just stole this from Twitter. https://twitter.com/jpmens/status/1356986273001521156
There's nothing louder that screams "90's design" than MP4.
"Let's put the seek table at the end!". "Fuck, let's add an optional extension to put it up front that breaks everything.". "Negative timestamps can't exist! This makes everything easier, doesn't it.". "Let's make it a NLE video editing project file that breaks everything!". "Video and audio are offset by a few tens of milliseconds and we can't fix that without negative timestamps. Let's force everyone to half-ass the NLE extension support to hammer this nail with a nuke!". "Subtitles? So you can watch your Indian cinema? No, watch Hollywood stuff, you don't need subtitles then. Oh, fine, have some DVD shit subtitles.". "Someone wanted to give talks with MP4! Let's have a PowerPoint MP4 extension! No, we don't care about the other way around, that's Microsoft's problem, we're Apple!". "We wanna support web streaming shit. Let's make another hack and make the files fragmentable, so you need to bloat and hack your demuxer even more!". "Oh, we need some sort of format for our MP4 player, let's hack a separate format out of it called IPAD but still call it MP4 even though it isn't.". "But we want some more normal MP4 with audio-only support too, so let's spin off _another_ format called M4A out of it!". "HDR support? Nah, let codecs manage that. How that interacts with the cOLR atom? Fuck knows.". "By the way, you know what MP4 is PERFECT for? IMAGES! Let's not engineer another image format for HEVC, let's just put them in fucking MP4! Oh, but a special version that hacks around tiles by having each tile be a separate video stream! Oh, and let's add support for JPEG and MP4 for thumbnails or downscales or alternative versions, dunno.". "Our format is so flexible, let's standardize it to show how we do things!"
OK, I'm done for today:
"Nostalgia Drives Users to ICQ"
CVE ID : CVE-2021-3156
The Qualys Research Labs discovered a heap-based buffer overflow vulnerability in sudo, a program designed to provide limited super user privileges to specific users. Any local user (sudoers and non-sudoers) can exploit this flaw for root privilege escalation.
Most programming languages have IF/ELSE and WHILE statements. Some also have (redundantly) UNLESS and UNTIL. To be more expressive, I want a language that additionally has a WHEREAS/HOWEVER statement as well as BECAUSE. REGARDLESS would also be a good addition. Anyone who implements such a languages gets to decide what these constructs actually do.
TIL: There's a wormhole protocol app for Android and it's open-source!
Useful for directly shuffling a file from one device to another. Be it server, phone, or laptop.
How "fun" a RemoteCodeExecution vulnerablity in DNSmasq. That thing is probably present on every network worldwide either just in the router or in many embedded devices, phones, id-IoT stuff…
Mimimi, we've always wanted that people are using our open source product in such a restrictive way that as with proprietary software, but now we blame Amazon for our proprietary re-licensing.
From the tales of 'nobody expected the numbers would get so high':
"SUBLEVEL only has 8 bits of space, which means that we'll overflow it once it reaches 256" – which for #Linux #Kernel 4.4.x & 4.9.x is soon. Proposed fix, v1:
I love open source. Information Security is important to me. I work on Icecast in my free time.
A nice little Mastodon instance. Mild trolling encouraged (keep it local), but not required. Malicious behaviour is not tolerated. Follow Wheaton's law and you'll be fine.