“Rowhammer” is a problem with some recent DRAM devices in which repeatedly accessing a row of memory can cause bit flips in adjacent rows. We tested a selection of laptops and found that a subset of them exhibited the problem. We built two working privilege escalation exploits that use this effect. One exploit uses rowhammer-induced bit flips to gain kernel privileges on x86-64 Linux when run as an unprivileged userland process. When run on a machine vulnerable to the rowhammer problem, the process was able to induce bit flips in page table entries (PTEs). It was able to use this to gain write access to its own page table, and hence gain read-write access to all of physical memory. ...

Ever wondered why programmers are known as nightbirds? Why we stay up all night? Because it allows us to get into the zone, it allows us to focus on one thing and not have to worry about being interupted by someone - because they are all asleep. It’s a long stretch of the day where no one is up and no one is calling or trying to talk to us. It’s a great time to program, and think. ...

If you’ve played games that have breast physics, you’ve probably seen how uncommon it is for games to show breasts that move like what they actually are: bags of fat affected by gravity. Instead, it’s more likely for a game to depict breasts as helium balloons that have minds of their own. Certain games have failed at rendering realistic breasts so widely that some people seem convinced that bad breast physics are the result of sexism, or of an industry that likes to objectify women. I’ve seen unfair conjecture about whether or not developers have ever interacted with real-life breasts. I’ve seen people imply that developers simply don’t know how to properly characterize women in games, and that gaming’s ocean of unrealistic breasts is what happens when we have so few women developing games. ...

I’m a programmer. I write games. Games programmers get a lot of respect, but none of them, not me, not Carmak, and not Abrash. None of them deserve the honour which I want to bestow on David Horne. This is because David Horne wrote the greatest program ever written: 1k chess on the ZX81. David Horne is not an urban myth. David Horne achieved what many would even now consider impossible. He wrote a chess game, with AI, that ran on a poorly documented, buggy machine that contained only 1k of memory. ...

So you want to write a Lisp interpreter? Welcome! The goal of the Make-A-Lisp project is to make it easy to write your own Lisp interpreter without sacrificing those many ”Aha!” moments that come from ascending the McCarthy mountain. When you reach the peak of this particular mountain, you will have an interpreter for the mal Lisp language that is powerful enough to be self-hosting, meaning it will be able to run a mal interpreter written in mal itself. ...

A group of cryptographers at INRIA, Microsoft Research and IMDEA have discovered some serious vulnerabilities in OpenSSL (e.g., Android) clients and Apple TLS/SSL clients (e.g., Safari) that allow a ’man in the middle attacker’ to downgrade connections from ’strong’ RSA to ’export-grade’ RSA. These attacks are real and exploitable against a shocking number of websites – including government websites. » Matthew Green | blog.cryptographyengineering.com

Gracias a la desbordante imaginación de una dama victoriana del siglo XIX pudimos dar el salto del cálculo a la computación. Ada creó el primer programa de ordenador en su mente, simulando una máquina que nunca existió. La informática nació dentro del cerebro de una mujer. » txipi | blog.txipinet.com

Tim Peters developed the Timsort hybrid sorting algorithm in 2002. It is a clever combination of ideas from merge sort and insertion sort, and designed to perform well on real world data. TimSort was first developed for Python, but later ported to Java (where it appears as java.util.Collections.sort and java.util.Arrays.sort) by Joshua Bloch (the designer of Java Collections who also pointed out that most binary search algorithms were broken). TimSort is today used as the default sorting algorithm for Android SDK, Sun’s JDK and OpenJDK. Given the popularity of these platforms this means that the number of computers, cloud services and mobile phones that use TimSort for sorting is well into the billions. Fast forward to 2015. After we had successfully verified Counting and Radix sort implementations in Java (J. Autom. Reasoning 53(2), 129-139) with a formal verification tool called KeY, we were looking for a new challenge. TimSort seemed to fit the bill, as it is rather complex and widely used. Unfortunately, we weren’t able to prove its correctness. A closer analysis showed that this was, quite simply, because TimSort was broken and our theoretical considerations finally led us to a path towards finding the bug (interestingly, that bug appears already in the Python implementation). This blog post shows how we did it. ...

I extracted the certificate from the SuperFish adware and cracked the password (”komodia”) that encrypted it. I discuss how down below. The consequence is that I can intercept the encrypted communications of SuperFish’s victims (people with Lenovo laptops) while hanging out near them at a cafe wifi hotspot. Note: this is probably trafficking in illegal access devices under the proposed revisions to the CFAA, so get it now before they change the law. ...

Other users are reporting that the adware actually installs its own self-signed certificate authority which effectively allows the software to snoop on secure connections, like banking websites as pictured in action below. This is a malicious technique commonly known as a man-in-the middle attack, where the certificate allows the software to decrypt secure requests, yet Lenovo appears to be shipping this software with some of its products out of the box. ...