|
Wordle 1,091 4/6
⬜🟨🟨🟩⬜
🟨🟩⬜🟩⬜
⬜🟩🟩🟩🟩
🟩🟩🟩🟩🟩
|
|
|
|
|
Wordle 1,091 4/6
⬜🟨🟨🟨⬜
🟨⬜🟩🟩🟩
⬜🟩🟩🟩🟩
🟩🟩🟩🟩🟩
|
|
|
|
|
Wordle 1,091 4/6*
🟨⬜⬜⬜⬜
⬜🟨🟨⬜🟩
⬜🟩🟩🟩🟩
🟩🟩🟩🟩🟩
"I have no idea what I did, but I'm taking full credit for it." - ThisOldTony
"Common sense is so rare these days, it should be classified as a super power" - Random T-shirt
AntiTwitter: @DalekDave is now a follower!
|
|
|
|
|
Wordle 1,091 4/6
🟨⬜⬜⬜🟨
⬜🟨⬜🟨🟨
⬜🟨⬜🟩🟩
🟩🟩🟩🟩🟩
|
|
|
|
|
⬜⬜🟨⬜⬜
⬜⬜⬜🟨⬜
🟩🟩🟩🟩🟩
Good but lucky guess
In a closed society where everybody's guilty, the only crime is getting caught. In a world of thieves, the only final sin is stupidity. - Hunter S Thompson - RIP
|
|
|
|
|
Wordle 1,091 4/6*
🟨🟨🟨⬜⬜
🟨🟩🟨⬜⬜
🟨🟩⬜🟨⬜
🟩🟩🟩🟩🟩
Happiness will never come to those who fail to appreciate what they already have. -Anon
And those who were seen dancing were thought to be insane by those who could not hear the music. -Frederick Nietzsche
|
|
|
|
|
Wordle 1,091 5/6
🟨🟨⬛⬛⬛
⬛🟨🟨⬛⬛
⬛🟩⬛🟩⬛
⬛🟩🟩🟩🟩
🟩🟩🟩🟩🟩
Ok, I have had my coffee, so you can all come out now!
|
|
|
|
|
From the CP newsletter about how a new language will fix all problems that come from C++
Swift the best choice to succeed C++, Apple says | InfoWorld[^]
For a few years I was a principle security reviewer for a financial application. It wasn't written in C++ but that certainly didn't make me think that it wasn't possible to introduce security problems.
And I looked up top security problems in 2023. I only got above halfway down the list but I didn't see any that seemed to be caused by C++ pointer errors.
Qualys Survey of Top 10 Exploited Vulnerabilities in 2023 | Qualys Security Blog[^]
Matter of fact when I was a security reviewer I got to see a private study produced by a company that made quite a bit of money from cleaning up security problems that companies had.
And in that study something like 90% of the problems were caused by internal bad actors.
Rather pointless to obsess about whether your pointers are safe when the CEO is using internationally set up companies to ship fake orders and thus prop up the companies stock (real case.)
|
|
|
|
|
Back when I was a teenager and the Internet was a fresh thing to most people I spent my time getting into systems I didn't belong in.
And most of the time I got there by using buffer overrun attacks on services that should have never been Internet facing to begin with, like a network print daemon (citing a specific example that allowed me to identd on efnet as freshmeat@usda.gov )
My point is, this used to be common, at least in the wild west days of the Internet, so I wonder how much of the fact that it doesn't seem to be so common now has to do with better practices, better libraries, and such in C and C++. For example, Microsoft produced a bunch augmented functions to the C runtimes that take lengths which they check so you can't overrun them. Things like strcat_s? and stuff. I don't really use them because I don't do a lot of C++ on Microsoft's compiler, but it made me think of that.
Also, probably less services are written in C or C++ now that machines are cheaper and faster.
Check out my IoT graphics library here:
https://honeythecodewitch.com/gfx
And my IoT UI/User Experience library here:
https://honeythecodewitch.com/uix
|
|
|
|
|
I don't use the strcat_s family of functions either. I find that strncpy, strncat, and snprintf handle things quite well.
"They have a consciousness, they have a life, they have a soul! Damn you! Let the rabbits wear glasses! Save our brothers! Can I get an amen?"
|
|
|
|
|
TBH, so do I. If I was pressed I probably couldn't tell you what the actual benefit of the _s functions are - only what MS presented them as.
Check out my IoT graphics library here:
https://honeythecodewitch.com/gfx
And my IoT UI/User Experience library here:
https://honeythecodewitch.com/uix
|
|
|
|
|
I believe their claim is they use sizes that are automatic so you can't "lie" to them. My view is this is C/C++ and I trust myself. I wouldn't use the language if I didn't.
"They have a consciousness, they have a life, they have a soul! Damn you! Let the rabbits wear glasses! Save our brothers! Can I get an amen?"
|
|
|
|
|
Greetings Kind Regards char* ? wchar_t* ? Why not std::basic_string<char> std::basic_string<wchar_t> .
|
|
|
|
|
You'd be surprissed how many services are "internet" facing even though they should never be... not even basic security considered. Recently had an incident where a RDP connection was possible to a server holding / running finicial data for multiple companies... not even a FW or anything inbetween... scary sometimes
Who the f*** is General Failure, and why is he reading my harddisk?
|
|
|
|
|
I'm not surprised.
But you have understand that in 1994, almost everyone was vulnerable.
It's relative.
Check out my IoT graphics library here:
https://honeythecodewitch.com/gfx
And my IoT UI/User Experience library here:
https://honeythecodewitch.com/uix
|
|
|
|
|
I would say that you have a category error here. One must divide the security breaches into unauthorized access, and authorized access to perform unauthorized actions. The first encompasses all "hacking" attempts (buffer overruns, SQL injection, etc. etc.), while the second encompasses the "inside jobs".
Secure languages are an attempt to mitigate "hacking". Proper procedures are one way to mitigate "inside jobs" and designing them is at least as difficult as designing a secure language.
C++ already has the neccesary mechanisms for producing robust code - unique_ptr<>, shared_ptr<>, string, vector, etc. The problem IMO is the legacy code ported from C, and new code that uses ordinary pointers and buffers in a misguided attempt at optimization.
Freedom is the freedom to say that two plus two make four. If that is granted, all else follows.
-- 6079 Smith W.
|
|
|
|
|
Without pointers, programming languages are pointless.
"In testa che avete, Signor di Ceprano?"
-- Rigoletto
|
|
|
|
|
I was writing a lounge entry and the front door got slammed on me.
I tried getting to CP from two different networks so I'm pretty sure it weren't just me.
Ya'all saw that too, right?
I took a snapshot of it.
Here's what I saw[^] and it was instant.
I guess them hamsters is angry.
|
|
|
|
|
Wow, not even the stylized 404 error page. Something really choked. I didn't see anything, FWIW
Check out my IoT graphics library here:
https://honeythecodewitch.com/gfx
And my IoT UI/User Experience library here:
https://honeythecodewitch.com/uix
|
|
|
|
|
When did you see that ?
In a closed society where everybody's guilty, the only crime is getting caught. In a world of thieves, the only final sin is stupidity. - Hunter S Thompson - RIP
|
|
|
|
|
I believe it was around 5:45pm Eastern Standard Time on thursday, June 13.
I tried to ping the site to and couldn't get anything -- and it was such a huge disconnect that I thought it looked like a DNS issue.
I remoted to my work computer -- in a geographically different location (another city from me) and on an entirely different ISP and I got the same error from browser : 404.
|
|
|
|
|
I saw that. I guess a 404 is just enough to tell Down Detector and other such sites that "something" is coming back, so they all claimed it was up...
|
|
|
|
|
That's interesting, because for me it was instaneous and quite harsh: I mean I couldn't even ping codeproject.com at that time. It was literally like someone slammed the door on me.
I tried from an entirely different network and got the same thing.
Glad someone else confirmed seeing it to.
|
|
|
|
|
Oh it was instantaneous, nothing spent any time trying to resolve anything and then timing out. The 404 response was pretty much immediate.
I'd be curious to read any post-portem Chris would be willing to share.
|
|
|
|
|
Here's an additionally interesting thing: Today my work's ISP is having major issues.
Can't even ping our web site at this time.
Here at home and other coworkers spread through-out cities are working fine but none of us can get to our work machines via RDP and our company is virtually cut off from Internet.
I pinged our web site and got: Temporary failure in name resolution.
Oh, and we can't get to our company outlook, but we can all still chat via MS Teams.
|
|
|
|