i miss those times, somewhat

new blogpost: we’ve been doing #SERVFAIL for 100 days now! Here’s a progress update, as well as some plans for the future.

https://sdomi.pl/weblog/22-servfail-the-first-100-days/

IP version 4, or as I’ve recently taken upon calling it, the certified IP Classic

Second MR with our work on the IPv6 stack for #SerenityOS just landed!

This means that on the master branch, you can already IPv6 ping a SerenityOS host, and it will handle a neighbor solicitation (equivalent to ARP) and actual ICMPv6 Echo Request packets :blobcat3c:

Next up: refactoring IPv4 sockets to make them generic by @filmroellchen, and then we can add some more glue code for handling TCP/UDP. Really really excited for this :ablobcatbongo:

matrix experience, 2024, colorized

the only takeaway anyone should have from the Crowdstrike incident today is that running a poorly-managed rootkit on all of your machines for “vulnerability management” maaaaaybe isn’t the brightest idea.

reading through some printer-adjacent microperl scripts and my brain started autocompleting passwordStr to Password Straße

PSA: Backdoor in latest version of xz: https://openwall.com/lists/oss-security/2024/03/29/4

Downgrade if you’re running one of the latest xz versions, it has been compromised. If you’re using mainstream distros, you may be fine (as they lag with versions a bit behind master). If you’re running Alpine or any other non-gnu or non-systemd distro, you should be fine too (the exploit checks for GNU, and also probably won’t work with distro-unpatched sshd)

a tc39 member came to my browser and broke js ,_, can’t have shit in this economy /s

wireshark

PRESENT DAY

PRESENT TIME

there’s something beautifully chaotic about decrypting the iPod firmware by sending it to the iPod, 0x30 bytes at a time, really slowly

Witchcraft: I made a Minecraft server in Bash and I survived it

(this is a very technical post, going really in-depth. if that’s not your jam, check out the source code)