The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

    Mastodon

  • Twitter Updates

  • My Flickr Stream

    20140508-Delphi-2007--Project-Options--Cannot-Edit-Application-Title-HelpFile-Icon-Theming20140430-Fiddler-Filter-Actions-Button-Run-Filterset-now20140424-VMware-Fusion-6.0.3.-no-reclaimable
    More Photos

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 4,262 other subscribers

Archive for the ‘C’ Category

« Previous Entries

Code Visualisation through Python Tutor – Visualise Python, Java, C, C++, JavaScript, TypeScript, and Ruby code execution

Posted by jpluimers on 2024/04/18

The final visualisation post of this week (themed Data Visualisation and Code Visualisation) is about [Wayback/Archive] Python Tutor – Visualize Python, Java, C, C++, JavaScript, TypeScript, and Ruby code execution.

Languages covered in these visualisers:

Earlier posts in the series:

–jeroen

Posted in C, C++, Development, Java, Java Platform, JavaScript/ECMAScript, Python, Ruby, Scripting, Software Development | Leave a Comment »

XZ 5.6.x are backdoored and present in many systems: downgrade to 5.4.x or earlier now; consider libarchive compromised until proven otherwise

Posted by jpluimers on 2024/03/30

Edit 20240331: because of

https://mastodon.social/@kobold@social.troll.academy/112183756981119562

Debian is working on reverting back to even earlier than 5.4.x

[Wayback/Archive] #1068024 – revert to version that does not contain changes by bad actor – Debian Bug report logs

> I'd suggest reverting to 5.3.1. Bearing in mind that there were security
> fixes after that point for ZDI-CAN-16587 that would need to be reapplied.

Note that reverted to such an old version will break packages that use
new symbols introduced since then. From a quick look, this is at least:
- dpkg
- erofs-utils
- kmod

Having dpkg in that list means that such downgrade has to be planned
carefully.

Original post:

Everything I know about the XZ backdoor

Note that because of the Wayback Machine limit of 5 archivals per URL per day, the archived versions are rapidly getting out-of-date.

It is way worse:

[Wayback/Archive] Thread by @_ruby on Thread Reader App – Thread Reader App

@_ruby: The setup behind the CVE-2024-3094 supply-chain attack is fascinating. I originally wanted to finish and share a tool to audit other OSS projects for anomalous contributor behavior, but I feel what I found tr……

How it was found:

Analogy on how it was found:

Via:

Related:

If you are running homebrew on a Mac, then update too:

Of course this “XKCD dependency” adoption applies:

Posted in C, Compression, Development, Infosec (Information Security), Power User, Security, Software Development, xz | Leave a Comment »

When Microsoft download URLs time out: check if it other IP addresses for the same host do work fine (it might be a regional Microsoft CDN issue)

Posted by jpluimers on 2024/03/28

A while back, early in the Wednesday morning after Patch Tuesday I performed regular updates of all the systems noticing some updates failed because timeouts on the Microsoft download servers.

Note I perform the manual steps on Wednesday as Patch Tuesday as it starts at 10:00 AM PST which is in the evening in Amsterdam. The automated steps are automated and kick in when Microsoft tells the Windows machines to update themselves.

See [Wayback/Archive] Security Update Guide FAQs

Microsoft schedules the release of security updates on “Patch Tuesday,” the second Tuesday of each month at 10:00 AM PST.

Depending on time zone(s) in which the organization operates, IT pros should plan their deployment schedules accordingly. Please note that there are some products that do not follow the Patch Tuesday schedule.

I posted a gist and a Tweet, but didn’t immediately thought of a good resolution so I postponed that until Thursday and found it:

Read the rest of this entry »

Posted in C, C++, Development, Power User, Software Development, Visual Studio and tools, Visual Studio C++, vscode Visual Studio Code, Windows, Windows Development | Leave a Comment »

BitSavers added some more Borland documentation in 2022 (most relevant for me: Assembler, Debugger, Profiler)

Posted by jpluimers on 2024/02/28

Below is a list of the Borland documentation that BitSavers added in 2022, ordered by relevance to me (and how I finally asked Peter Sawatzki if he still had the monochrome TDVIDEO.DLL he wrote for Turbo Debugger 3.0 for Windows):

Read the rest of this entry »

Posted in 8087, Algorithms, Assembly Language, Borland C++, C, C++, Debugging, Development, Floating point handling, Profiling, Software Development, Turbo Assembler, Turbo C, Turbo Debugger, Turbo Profiler, x86 | Leave a Comment »

That new Carbon language, it has a net zero footprint, right?

Posted by jpluimers on 2022/08/25

No, Carbon is not the same thing as the same named MacOS Carbon API it .

Someone had to make it: [Wayback/Archive] Jeroen Wiert Pluimers on Twitter: “@d_feldman That has a net zero Carbon footprint, right? (OK, I’ll show myself out)”.

Luckily Googlers themselves are joking about it as well:

Read the rest of this entry »

Posted in C, C++, Carbon, Development, Software Development | Leave a Comment »

« Previous Entries