Honestly I warn: take this text with a certain amount of skepticism. I just recently started to get acquainted with the internals of PHP, but I would like to tell you about what is happening behind the scenes bug # 75237 .
Is the rabbit hole deep?
How many minutes do you need to understand what the chip is?
Francis Bacon in 1620 divided the sources of human error in the way of cognition into four groups, which he called "ghosts" or "idols" (Latin idola).
"Ghosts of the genus" stem from human nature itself, they do not depend on either culture or individuality of a person. "The human mind is like an uneven mirror, which, mixing the nature of things, reflects things in a distorted and disfigured form."
"Ghosts of a cave" are individual errors of perception, both congenital and acquired. "After all, in addition to the mistakes inherent in the human race, there is a special cave that weakens and distorts the light of nature."
"The ghosts of the square (market)" - a consequence of the social nature of man, - communication and use of language in communication. "People unite with speech. Words are established according to the understanding of the crowd. Therefore, the bad and ridiculous establishment of words surprisingly precipitates the mind. "
"Ghosts of the theater" - this is a person's assimilated from other people false ideas about the structure of reality. "At the same time, we understand here not only the general philosophical teachings, but also the numerous principles and axioms of sciences that have gained strength due to tradition, faith and carelessness." [ Wikipedia ]
Under the cut - a visual demonstration of the vulnerability of our brains to attacks through visual input. I present to you the translation of the article of the product designer and front-end developer Balraj Chana, about how you can use / neutralize the effect of optical illusions.
The inspiration for writing this article was obtained after reading a similar publication for the x86 architecture .
This material will help those who want to understand how the programs are built from the inside, what happens before entering the main and why all this is done. Also I'll show you how to use some of the features of the glibc library. And in the end, as in the original article , the traversed path will be visually represented. Most of the article is a parsing of the glibc library.
So, let's start our trip. We will use Linux x86-64, and as a debugging tool - lldb. Also sometimes we will disassemble the program with objdump.
The source text is normal Hello, world (hello.cpp):
std::cout << "Hello, world!" << std::endl;
Something is happening. People are unhappy. The specter of civil unrest is pursued by our programming communities.
For the first time a significant number of web developers openly question the web platform. Here is a typical article and discussion of . I could list more, but if you are sufficiently interested in programming to read this article, you probably already read this year at least one pompous recitation about the current state of web development. This article is not one of those. I can not compete in bullying the existing status quo with people who have to deal with web development every day. This is another article.
It's you, the front end hacker
Slightly less than the fastest, portable, 64-bit hash function, with decent quality.
Yes, in the air and in the king, about like that. Read on?
Instead of Disclaimer We drop the definition of hash functions along with a detailed listing of properties and requirements for their cryptographic application, assuming that the reader either owns the necessary knowledge minimums, or will make up for them . Also we agree that here and further we mean non-cryptographic (cryptographically non-persistent) hash functions, unless otherwise specified.
In fact, it's been two days already, but no one has yet written an article on Habr, so I will have to eliminate this omission, which I do with pleasure.
So, what's new in this version of PostgreSQL?
First, the versioning itself has changed. Prior to the "dozens", we observed a lot of minor versions of 9.x that came out about once a year and at the same time introduced serious, far from minor changes. Therefore, since version 10, it has been decided to number 10, 11, 12, etc. By the way, MySQL seems to have gone the same way, jumped from 5.7 to 8.0
Okay, it's all trivia, let's move on to the essence of the question
As a continuation of the research publications of our company on the internal mechanisms of the world's largest messengers. Today we will look at WhatsApp in its current state. In fact, the insides have not changed much over the past three years, the changes there are rather cosmetic.
In this article we will look in detail how to study the protocol of the messenger, answer the question "Can WhatsApp read our correspondence?" And I will attach all the necessary code in PHP.
I really liked the discussion thread on Quora.com: What is the hardest part about learning to program? All 87 responses I did not read, but liked, I singled out a separate article of 10 items. It's a free retelling of the opinions of many different people. If readers are interested, I will continue.
1. The difference between high standards and their low skillsIn the article "No one talks about it to newcomers" tells about the common problem of people engaged in creative or intellectual work. Programming is a complex subject, and usually for it are capable, ambitious and prone to perfectionism people. At the initial stage, they will not work well. Accustomed to a high bar, they will be upset. The inner voice will constantly whisper: "You never will, it's better to leave this matter." At such moments, think that your self-criticism is a sign of your extraordinary nature, and believe that you will overcome this "incompetent period".
As for the extraordinary advantages of programming, here they are:
<i> Whatever your dragon told you, he lied. Dragons are deceitful. You do not know what awaits you on the other side. <Tgsri>Not so long ago on Habr a post was published under the name "<a rel="nofollow" href="https://habrahabr.ru/company/infopulse/blog/338812/"> How can the function never called be called? <Tgsrcut>". The conclusion from the article is simple: in the case of undefined behaviour, the compiler has the right to take any actions, even if they are completely unexpected. However, I was interested in the very mechanism of this optimization. The result of my small research I want to share with the distinguished community of the hubra.
Michael Swanvik. "The daughter of an iron dragon"
The group of researchers found serious shortcomings in the WPA2 protocol, which provides protection for all modern Wi-Fi networks. An attacker who is in the victim's area can use these shortcomings using Key Reinstallation Attacks. Attackers can use this new attack method to read information that was previously considered to be encrypted.
UPD: the post was updated with partial details of the attack and the list of vendor updates.