Anisse

@Aissen@treehouse.systems
686 Followers
415 Following
2.8K Posts

Linux dev. Android user. Security curious. Gopher hobbyist. Beginner rustacean. Casual hardcore gamer. โ€” French native, english toots โ€” Personal account โ€” He/him.

Posts in CC-BY-ND for a month, then CC-BY-NC-ND, contact me for other arrangements.

Profile picture is a line drawing caricature by french artist Frank Tizzoni of myself; I have a french-style flat cap and a light beard.

websitehttps://anisse.astier.eu
Kernel Recipes 2022 livebloghttps://kernel-recipes.org/en/2022/category/live-blog/
Kernel Recipes 2023 livebloghttps://kernel-recipes.org/en/2023/category/live-blog/
Message me on Signalhttps://signal.me/#eu/y7Yv18foRXDoXscEQlKOEY5G899AwTr8Mlp0wO0eU3hN3pSM3JtEWJpwudNLxfXz
Anisse16h ago

I love this research on schizophrenic files (and polyglots in general), but I feel that the scenario in the quoted post is maybe too convoluted to happen in real life.

It needs lots of recon to know which zip software each person in the chain will be using;โ€ฏand at this point, spear-phishing and others become lower cost than crafting custom files with the associated QA.

cc @Ange @gynvael

https://infosec.exchange/users/gynvael/statuses/114783517659300005
Anisse1d ago
Eric3d ago
I've referenced it enough that now it's all I can hear when I read it. Now you have to hear it too ๐Ÿ™‰ https://ericwbailey.website/published/you-must-listen-to-rfc-2119/
You MUST listen to RFC 2119

It turns out you can just pay people to do things.

Anisse6d ago

Classic enterprise: we saved money by moving from on-premise to Cloud.
Me:โ€ฏgo on...
Classic enterprise: yeah, when we saw the bill go up, we had an emergency task force to optimize usage.
Me: why didn't you do that before?

One of the strengths of the Cloud, not to be underestimated: immediate cost feedback.

#Cloud #Infrastructure

Anisse6d ago
Kilian EvangJun 19

'On November 28th, 2012, Randall Munroe published an xkcd comic that was a calendar in which the size of each date was proportional to how often each date is referenced by its ordinal name (โ€ฆ) "In months other than September, the 11th is mentioned substantially less often than any other date. It's been that way since long before 9/11 and I have no idea why." After digging into the raw data, I believe I have figured out why.'

https://drhagen.com/blog/the-missing-11th-of-the-month/

The Missing 11th of the Month - David R Hagen

Personal website of David R Hagen, scientific software engineer

AnisseJun 26
Christian Brauner ๐ŸฆŠ๐ŸบJun 26

I love how Apple will now be repeating every security mistake by writing their own container runtime. I thought we're past all that but hey, let's have some more path lookup CVEs. @cyphar

https://github.com/apple/containerization/pull/173

mount /dev/console by elijah-wright ยท Pull Request #173 ยท apple/containerization

fixes #145 this PR changes configureConsole() to bind mount /dev/console if process.terminal is true. I couldn't think of a better way to get the pty path so I used readlink. most OCI images do...

GitHub
AnisseJun 26
Show threadbert hubert ๐Ÿ‡บ๐Ÿ‡ฆ๐Ÿ‡ช๐Ÿ‡บ๐Ÿ‡บ๐Ÿ‡ฆJun 25
So, on average, poll respondents guessed that a Netflix Open Connect server uses ~2.3W per simultaneous user. Based on some real user feedback & https://openconnect.netflix.com/en/appliances/#the-hardware, the number is probably closer to 20mW. It could even be a lot lower. So the right answer is definitely "<0.5W"!
AnisseJun 26
Richard WeinbergerJun 25
Hunting down bugs on embedded systems is not always fun. That one was.

https://sigma-star.at/blog/2025/06/deep-down-the-rabbit-hole-bash-overlayfs-and-a-30-year-old-surprise/
Deep Down the Rabbit Hole: Bash, OverlayFS, and a 30-Year-Old Surprise

This blog post describes a recent debugging session that led through a surprising set of issues involving Bash, `getcwd()`, and OverlayFS. What started as a simple customer bug report turned into a deep dive worth sharing.

sigma star gmbh
AnisseJun 25
xyla ๐Ÿ€๐Ÿ“ˆJun 25
AnisseJun 23
Show threadThorsten Leemhuis (acct. 1/4)Jun 23
@vbabka what did you expect? Something like this? ๐Ÿ™ƒ
AnisseJun 20
Chris Nelder ๐Ÿค˜Jun 20
Hat tip to John Kemp for admitting that he was wrong to blame Spain's blackout on excessive reliance on inverter-based renewables and insufficient inertia, and ๐Ÿ‘ for his very decent explainer on what actually happened. https://jkempenergy.com/2025/06/19/spains-blackout-blamed-on-poor-voltage-control/
Spainโ€™s blackout blamed on poor voltage control

19 June 2025 Spainโ€™s massive blackout was caused by overvoltage on the transmission system and the failure of the countryโ€™s generators to compensate by absorbing more reactive power, according to tโ€ฆ

JKempEnergy.com
ร—
Show threadbert hubert ๐Ÿ‡บ๐Ÿ‡ฆ๐Ÿ‡ช๐Ÿ‡บ๐Ÿ‡บ๐Ÿ‡ฆJun 25
So, on average, poll respondents guessed that a Netflix Open Connect server uses ~2.3W per simultaneous user. Based on some real user feedback & https://openconnect.netflix.com/en/appliances/#the-hardware, the number is probably closer to 20mW. It could even be a lot lower. So the right answer is definitely "<0.5W"!
Show threadBenBenJun 25
@bert_hubert Economy of scale basically as the content isnโ€™t delivered individually until the last few miles basically
Show threadAnisseJun 26
@BenBen @bert_hubert open connect *is* the last mile server for this purpose.
Show threadChristian Berger DECT 9314Jun 25
@bert_hubert That is a bit misleading, since the servers are not really the energy intensive part of the operation. The network towards the user requires a lot more power... but that can wildly fluctuate depending on the last mile. So it's more for copper or radio because of the expensive signal processing, and much less for optical connections.
Show threadbert hubert ๐Ÿ‡บ๐Ÿ‡ฆ๐Ÿ‡ช๐Ÿ‡บ๐Ÿ‡บ๐Ÿ‡ฆJun 25
@casandro I worded it very specifically for people like you. Reread the poll if in doubt. It was about nothing other than the server.
Show threadChristian Berger DECT 9314Jun 26
@bert_hubert Yes, absolutely, but companies like Netflix commonly use such facts for Greenwashing. They are technically right, but create a wrong impression in the uncritical mind.
Show threadh3artbl33d  Jun 26

@casandro @bert_hubert

Imagine doing it at Netflix' scale - the OCA appliances are actually a pretty sustainable architecture.

The appliances are filled once and from there the content is available closer to the consumer.

Now, imagine that Netflix didn't have or used those appliances - how is that more sustainable?

Show threadh3artbl33d  Jun 26

@casandro @bert_hubert

Fortunately, Netflix isn't in charge of the last mile. They have quite optimized the content - their bitrate is lower than part of the competition.

Show threadChristian Berger DECT 9314Jun 26
@h3artbl33d @bert_hubert Well comparing that to normal satellite broadcast television. It's very unsustainable. There you can provide an area like Europe with a DRM-free copy of a movie or TV series... with just a few hundred watts in total.
Show threadAlex with the TemperJun 25

@bert_hubert I suspected. And we get shamed for streaming 4K (by whomever last bought into the carbon footprint nonsense).

Any TV screen (and audio amp) uses way more power than the network streaming does.

Show threadFrank HeijkampJun 26
@holsta @bert_hubert It is not only the server but also all the rest of the infrastructure between the server and the client. All in all there is quite a bit of overhead.
Show threadbert hubert ๐Ÿ‡บ๐Ÿ‡ฆ๐Ÿ‡ช๐Ÿ‡บ๐Ÿ‡บ๐Ÿ‡ฆJun 26
@alterelefant @holsta Which is why I worded the question very specifically.
Show threadFrank HeijkampJun 26

@bert_hubert @holsta I get that.

Most people just have no clue how much energy is used (or wasted) in networking, local and long distance.

Show threadMartin SeegerJun 26
@bert_hubert Unluckily I see everywhere a lack of knowledge and interest for such topics.