home tags events about rss login

Somewhere in time and space, things are happening.

tedu honked 03 Jul 2025 15:17 -0400

HN: we need to rewrite tmux in rust so the scroll wheel works.

HN: we need to rewrite tmux in rust so the scroll wheel works.

Me: set-option -g mouse on

tedu honked 02 Jul 2025 18:48 -0400

Time to mute the wayback thread.

tedu honked 02 Jul 2025 16:50 -0400

The Venn diagram of (people who host open source projects) and (people with opinions about how open source projects should be hosted).

tedu honked 02 Jul 2025 16:40 -0400

Honk user trying to view an animated gif meme.

court sketch of diddy banging head on chair

tedu honked 02 Jul 2025 15:39 -0400

Happy honk release day to all those who celebrate.

1.5.2 Gorgeous Gorilla

  • Some UI tweaks and fixes.
  • Apply filters to pages to ontologies and search.
  • Have xzone import refetch objects.
  • Fix debug logging.
  • Add back syslog logging.
  • Show inline video tags

tedu honked 01 Jul 2025 17:34 -0400

It's 4:00, I fix a five minute bug, it's 5:30.

tedu honked 01 Jul 2025 12:31 -0400

Should a crawler request a paid URL, Cloudflare returns an HTTP 402 Payment Required response, accompanied by a crawler-price header. This signals that payment is required for the requested resource.

HTTP 402 Payment Required
crawler-price: USD XX.XX

Yo, cloudflare thinks crawlers are going to pay dollars per page?

tedu honked 01 Jul 2025 12:19 -0400

The emerging literary genre of curlslop.

tedu honked 30 Jun 2025 19:08 -0400

#define unt (unsigned int)

tedu bonked 30 Jun 2025 18:57 -0400
original: evv42@donotsta.re

to disarm the bomb, simply enter the arguments of the "ln" command in the right order on your first try. no googling. you have ten seconds.

tedu honked 30 Jun 2025 17:12 -0400

Deleted all the glMemoryBarrier calls from my code because gatekeeping is wrong.

tedu honked 30 Jun 2025 15:19 -0400

The function allocates a 2048-byte buffer named temp on the stack:

unsigned char temp[2048];

Just the prose and way it talks about variables is so "sloppy".

tedu honked 30 Jun 2025 14:38 -0400

DZ: cones

DZ: cones

The manhole that may or may not be an elevator is consuming cones at an alarming rate.

Cones stuffed in open manhole

tedu honked 30 Jun 2025 14:35 -0400

Anker recall.

Check product model number.

Model number is printed black on black in six point font.

"I'm probably not affected."

tedu honked 30 Jun 2025 12:43 -0400

Running a chatbot on my GPU to generate insults. So now my compute shader is a shade computer.

tedu honked 29 Jun 2025 17:05 -0400

It's fascinating that the waybro reaction to wayback is "see, you can switch to Wayland and everything will just work" because that's exactly what they were saying one month ago, and one year ago, and before that. Why would I ever believe this? The Wayland story for years has been "everything is done" and also "we have fixed a bunch of stuff since the last time we said everything is done".

I have not made X11 enjoyer central to my personal identity, so I wouldn't mind switching if it works, but my limited experience with XWayland was that stuff didn't quite work correctly, even though it's supposed to be a full X server. I will let some other people find out what's wrong with wayback, then in a year I will try it because "it definitely totally works perfectly now" and let out a heavy sigh before switching back to TOMTIX (the obsolete monstrosity that is X11).

tedu honked 29 Jun 2025 15:25 -0400

Somebody, somewhere, is ganjing in the park, but I can't see who it is.

tedu honked 29 Jun 2025 13:13 -0400

Mentally translating "Alles was war" is proving unexpectedly difficult.

tedu honked 28 Jun 2025 23:14 -0400

"This is not a paywall."

And yet you demand that I submit something of value. Curious.

tedu honked 28 Jun 2025 17:07 -0400

So if a movie is advertised as a "high octane" thriller, that means it's pretty chill, right? Like if it were an explosive movie, it'd be a low octane thriller.

tedu honked 28 Jun 2025 15:58 -0400

I've fallen into the weird German music rabbit hole.

The weird German music: Die Toten Hosen.

tedu bonked 28 Jun 2025 15:11 -0400
original: k3ym0@infosec.exchange

. Just In: For the 5th year in a row, Cloudflare has been rated highest in Completeness of Vision and Ability to Execute in the Gartner Magic Quadrant for Malware Delivery Infrastructure.

Unmatched scalability. Global reach. Seamless deployment.

The preferred platform for payload delivery—at any scale.

Read full Press Release here: https://paste.lol/k3ym0/cloudflare-recognized-for-fifth-consecutive-year-in-gartner-magic-quadrant-for-malware-delivery-infrastructure

#Cloudflare #GartnerMQ #CyberInfrastructure #ThreatOps #Crimeflare

tedu honked 28 Jun 2025 12:57 -0400

I like that macos keeps the ps source in the advanced commands repo.

tedu bonked 27 Jun 2025 20:35 -0400
original: opa334@infosec.exchange

Some random rambling about a Windows / AMD software bug:

Ever since I built my new PC, I always had the issue that sometimes at midnight, a blank "AMDAutoUpdate.exe" cmd window would open and do absolutely nothing. (See picture 1)

Googling it, I found a lot of people complaining about it. The exe is part of AMDs "Ryzen Master" utility that my motherboards "GCC" tool installed for me. The commonly accepted solution is to just disable the auto update service through the windows task scheduler. But that sounded too easy for me, tonight I actually went through the efforts of finding the root cause.

My first thought was: What is so broken about my hardware / setup that this random tool is just broken, it surely can't just be broken for everyone... right?

Right?....

Well... The tool in question is written in .net, this is very good because

A) .net is easy to decompile / reverse

B) I have written .net code a few years ago

So I went ahead and reversed what the tool does (or at least, what it is supposed to do).

The tool will attempt to download the file "VersionInfo.xml" from some URL that's stored within it's .exe.config file. Looking into that, hilariously enough there are two URLs, one being labeled "Production", the other being labeled "Develpment" (not a typo on my end), you can guess which of the two is commented out :P. However, this does not appear to be the issue, since both files appear to be the same in practice, let's dig deeper.

I noticed the downloaded file ends up being 0kb, so obviously something went wrong.

For downloading they use the "WebClient" class, they set a completion callback in which they call a different method to parse the file and display update option based on it's content. They also wrap the whole "WebClient" invocation into a try/except block, but since no error is being logged, it doesn't seem there is an exception happening. (See picture 2)

However, I noticed the callback is being fired with an object of the type "AsyncCompletedEventArgs" and looking at the documentation, this object has an "error" property that they unfortunately do not check for, nor log it. Instead, if there is an error, the program will simply try to open the 0kb xml, fail and deadlock forever, with absolutely nothing being done in the background.

Using a .NET debugger, I was able to retrieve the error:

ERROR: The request was cancelled: A protected SSL/TLS channel could not be created

Long story short, it turns out that WebClient by default sends a TLS 1.0 request to the server and the server at some point was updated to only support TLS 1.2 and 1.3.

This also means, it is in fact, BROKEN FOR EVERYONE. IN PRODUCTION. FOR POSSIBLY YEARS...

Using a .net recompiler (man .net really has some fancy tooling...), I was able to add the line
ServicePointManager.SecurityProtocol = (SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12);
which fixes the issue and I'm probably the first person in probably years to see the proper "update available" dialog (see picture 3), lmao.

So who's to blame here?
AMD? Microsoft?

I really don't know why this .net API doesn't try newer TLS versions if the older fail and instead requires an explicit flag to be set. On the other hand, AMDs tool is really shitty, doesn't do proper error checking and I would argue this cmd window should never open to begin with, which it wouldn't if they configured the task correctly.

tedu honked 27 Jun 2025 16:30 -0400

We don't need MacOS Tahoe. We have Tahoe at home.

tedu honked 27 Jun 2025 13:28 -0400

Haha, found a cursed X11 input bug. With a second monitor, my touchscreen inputs are now relative to the virtual desktop. So I can tap the right half of the laptop screen, and it clicks on the external monitor, and tapping the left half is way out of alignment. (Just need to rerun xtsscale, but it's kinda awkward at the moment.)