The Joys Of Programming

Interesting post on a bad rewrite of a DHCP client and the security vulnerabilities introduced.

https://blog.erratasec.com/2018/10/s...

This is why we can't have nice things.

Would anyone be interested in an info sec discussion thread? I get most of my news from the Risky Business podcast show notes.

I would. I know jack and would love to learn. I keep meaning to try Cryptomancer RPG (and SIGMATA: ThIs Signal Kills Fascists) which implements infosec concepts in a magic RPG system.

muraii wrote:

I would. I know jack and would love to learn. I keep meaning to try Cryptomancer RPG (and SIGMATA: ThIs Signal Kills Fascists) which implements infosec concepts in a magic RPG system.

Those are very, very cool looking. I can start a thread on the topic, but it may veer into D&D territory if we start talking about offensive cyber and the lack of international norms.

Speaking of which, go watch Zero Days on Hulu.

I truly loathe systemd. They took an easy thing (start programs at boot), and made it hard to administer, impossible to fully understand, and easy to exploit. It's a goddamn trashfire.

Screeps is an MMO RTS programming web game. You write code in one area that is run continuously even while you are offline to automate your units, and in another area you can write one-off commands like spawning new units and buildings. The default interface is Javascript, but the player community has written some third-party tools to support Typescript, Python, Rust, and Kotlin. You can run private servers, or join public shards. Pretty wild.

I played with it a while back. I didn't like that you had to pay to win (kind of). They gave you a certain amount of CPU time per tick for free, but then you had to pay a monthly fee to get more which limited what you could do. if the constraint was equal it would be ok since the best code would do the best.

I wouldn't mind if we setup a private server for gwjers to join if anyone is interested.