abadideanever let it be said that Microsoft wasn’t very ahead of the curve! they had their .gitignore neatly set up in the 70s
| Joined | Oct 27, 2022 |
| Pronouns | she/her |
Alyssa the Kate
- 118 Followers
- 288 Following
- 53 Posts
Rust firmware security at big G 🦀 | opinions are her own | makes code smol | talks about weird stuff | 🏳️🌈🏳️⚧️
✧✦Catherine✦✧
Björkus "No time_t to Die" Dorkus
Thomas Depierre@mirabilos we do and we prefer to have nice things that we can actually use.
And spend the time fixing old code
Aria DesiresMy baby is stable in Rust!!! Strict Provenance BAYBEEEE
https://doc.rust-lang.org/std/ptr/index.html#strict-provenance
Will DormannAnd here we have it.
CVE-2025-0282 and CVE-2025-0283
https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-CVE-2025-0282-CVE-2025-0283
CVE-2025-0282 (CVSS 9.0 stack buffer overflow) is being exploited in the wild.
Spring Jo 🥚 
🍀
"Jesse what the fuck are you talking about"
void purr(int n, int arr[]);
void purr(int n, int arr[*]);
void purr(int n, int arr[static 1]);
void purr(int n, int arr[n]);
void purr(int n, int arr[static n]);
void purr(int n, int arr[1]);
void purr(int n, int* arr);
These are all identical, compatible declarations. That means all of these are just a fancy way of passing a pointer to a function, modulo your compiler implementer giving an iota of a damn and doing some type checking for you.
That means if you wanted to use ANY of the above syntaxes for anything else, the minute you tried to use it for a parameter it would once again become a pointer. Not just at the API level because of C's rules, but the ABI level.
It means you have to choose a sufficiently fucked up notation if you wanted to get built-in language spans or a built-in "any VLA" type, forcing C to choose weirder things just to have syntax for something actually useful and not just a shitty compiler hint.
Matthew GarrettPLEASE check your kids' Halloween candy. Just found an Okta admin access token in a Snickers bar.
When someone decides to make up entire bungles of horse shit in their "explanation" and "apology" ( https://archive.ph/Utaz1 ) about the weird shit they did.
I want off this fucking ride.
"Postpone to 2024"? Present at a "tier 2 conference"? My reasoning is contained directly in my blog post ( https://thephd.dev/i-am-no-longer-speaking-at-rustconf-2023#-huh ). If you're going to fucking lie about me at least try and be fucking accurate about it:
“It is also deeply confusing and ultimately insulting for them not to contact me beforehand and simply ask me if I would disclaimer my work to make it clear that they did not explicitly endorse this direction. Multiple times before the RustConf schedule and program was released, I made it obscenely clear that there was not going going to be an RFC for the work I was talking about (“Pre-RFC” is the exact wording I used when talking to individuals involved with Rust Project Leadership), that this might bias folks, and whether or not it would be okay to do this. Individuals in contact with me both inside and outside RustConf leadership made it abundantly clearly that this topic was perfectly fine. Furthermore, they had already met to discuss my work before hand, so at no point should anyone be confused about what my intentions and goals are.”
That someone would try to use game-of-telephone bullshit to make it seem like I deserved to have my keynote outright removed (which was the ACTUAL SUGGESTION given to RustConf, and they changed it to a DOWNGRADE to prevent bigger fallout from Triplett and Tolnay's CLEAR oversteps and, apparently, outright lies here!), or that I was in agreement with such a removal, when I literally took the required time to make a proper assessment of the situation and respond like an ADULT, is some WILD nonsense!
Is this a common Rust Project occurrence? Do people just do this ALL THE TIME? WHAT IS GOING ON OVER THERE?!
Edit: added some fucking alt-text because I'm so fucking annoyed at this bullshit.
