Especially the first link explains the algorithm very well and is similar to links referred to from the Stack Overflow question as it is based on counting ones (and leading ones are basically leading zeros but bit-inverted).
It also explains a cool thing for leading zeros: modern CPU have instructions which .NET Core.
I wrote a two earlier blog posts around puns in programming book indices before:
the 1992 Turbo Pascal 7.0 Language Guide having both entry in the manual about Recursion (“recursive loop, see recursive loop”) which of course is similar to “infinite loop” and entries for “infinite loop See loop, infinite” and “loop, infinite See infinite loop”.
In the last one, I promised to list more occurrences which I now finally had time for to do.
But let me first elaborate more on the observation that modern computer books (like for instance on C# and Delphi beyond version 1) lack these kinds of index pun.
On the Delphi side, the index entry joke for recursion got removed no later than Delphi 3 (I am still looking for a Delphi 2 version of the Object Pascal Language Guide, see further below) even before the book being fully redone electronically and the index pages generation being automated in
I think I even understand why that is: the process of creating of indices. By the start of this century, more and more indices were automatically being generated and for the last 2 decades or so, all of them are. Back in the days however, indices were mostly done by hand. Nowadays, with everything automated, it is actually pretty tricky in most environments to add such an “infinite loop” index entry like in the Turbo Pascal book, as it would require two things at once:
The result C macros having become more lenient on the types they expect, is that they can become very large expansions. This not only causes long expanded code lines, but also
> I'd suggest reverting to 5.3.1. Bearing in mind that there were security > fixes after that point for ZDI-CAN-16587 that would need to be reapplied.
Note that reverted to such an old version will break packages that use new symbols introduced since then. From a quick look, this is at least: - dpkg - erofs-utils - kmod
Having dpkg in that list means that such downgrade has to be planned carefully.
@_ruby: The setup behind the CVE-2024-3094 supply-chain attack is fascinating. I originally wanted to finish and share a tool to audit other OSS projects for anomalous contributor behavior, but I feel what I found tr……
How it was found:
FWIW, I didn't actually start looking due to the 500ms – I started looking when I saw failing ssh logins (by the usual automated attempts trying random user/password combinations) using a substantial amount of CPU. Only after that I noticed the slower logins.
— Andres Freund (Tech) (@AndresFreundTec) March 30, 2024
Interesting! The xz backdoor code was so unperformant under normal SSH password grinding on the public Internet, @AndresFreundTec noticed and dug in. Thanks for your discovery Andres! https://t.co/Ee5xm8kWJj
what I wanna know is what was up with the other repos on Jia Tan’s GitHub. Has anyone looked at *those* commits and libraries? Because there was a lot of other stuff on there I haven’t seen mentioned
"don't run xz –version to check if you're compromised"
haha, too late
If you have infected version of liblzma in your system, it's already loaded into EVERY process that depends on libsystemd. systemd's dependency on liblzma *was literally* the attack vector. pic.twitter.com/TsaH7d20r7
A while back, early in the Wednesday morning after Patch Tuesday I performed regular updates of all the systems noticing some updates failed because timeouts on the Microsoft download servers.
Note I perform the manual steps on Wednesday as Patch Tuesday as it starts at 10:00 AM PST which is in the evening in Amsterdam. The automated steps are automated and kick in when Microsoft tells the Windows machines to update themselves.
Microsoft schedules the release of security updates on “Patch Tuesday,” the second Tuesday of each month at 10:00 AM PST.
Depending on time zone(s) in which the organization operates, IT pros should plan their deployment schedules accordingly. Please note that there are some products that do not follow the Patch Tuesday schedule.
I posted a gist and a Tweet, but didn’t immediately thought of a good resolution so I postponed that until Thursday and found it:
The Wiert Corner - irregular stream of stuff 