Everything Old is New Again: Binary Security of WebAssembly
"We find that many classic vulnerabilities which, due to common mitigations, are no longer exploitable in native binaries, are completely exposed in WebAssembly. Moreover, WebAssembly enables unique attacks, such as overwriting supposedly constant data or manipulating the heap using a stack overflow."
I'm shocked I tell you, shocked!
THIS IS EXACTLY WHAT I WAS LOOKING FOR:)
A search engine for #peertube
"PeerTube Index is a centralized search engine for PeerTube videos. We run a crawler that visits PeerTube instances to find videos and new instances. All found videos are made searchable by their name. We exclude videos marked as Not Safe For Work (NSFW) for now.
This site is not affiliated to Framasoft, the maintainer of the PeerTube software. "
We've been trying this web apps thing for over a decade, and a few things should be abundantly clear by now:
- Web apps will always have worse UX than nice native apps. The barrier to entry may be low, but so is the ceiling on what you can build
- The web fundamentally assumes a client-server paradigm no matter what you tack onto it, making it a bad fit if you care about privacy
- Anything we add to browsers can and will be used for adtech/surveillance
"Google is an organization that excels at taking individual, seemingly-benevolent units of work and then combining them into things that are anti-competitive or just plain evil"
Interesting AMA from a Mozilla employee
benice is a little project I have been working on in the latest month.
It applies CPU and I/O policies on system processes and uses the same ruleset from ananicy. However the bigger differences between them are that:
- benice do not periodically scan the system but only runs when needed.
- benice does not depend on systemd
It is also my first project written in zig, which is a new and interesting language.
Unfortunately, as of August 6, 2020, Executive Censorship Orders are now a reality in the United States of America.
This is a reminder that F-Droid.org was built to be an open, censorship-resistant alternative to the Google Play store for Android devices. It's easy to install, and it's an important way to protect your mobile devices against Executive Censorship Orders, for the free & open apps installed from there.
July was a month of broken records for Plausible Analytics:
Most traffic ever
Record traffic day
Most trials ever
Biggest day in terms of the number of new paying subscribers
And a lot of development work too! See the recap https://plausible.io/blog/july-2020-recap
TIL that italian I.T. subreddit r/ItalyInformatica has a monthly feature of users projects and they don't allow any repository that is not hosted on either Github, gitlab.com or BitBucket.
This is unacceptable in 2020 where many valid alternatives and different instances exist, like gitlab.freedesktop.org and the awesome git.sr.ht made by @sir.
🍂 I'm enhancing old artworks for a special artbook project: tweaking color for CMYK, adding bleeds, painting more details and resizing them for my desktop publishing in Scribus. It's a long process but very rewarding. Here is one of my fav with a new background:
Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.