A malicious code string that eventually gets logged by Log4j version 2.0 or higher allow an attacker to load arbitrary Java code on a server and take control of it.
https://www.wired.com/story/log4j-flaw-hacking-internet/
https://redd.it/rdmus2
@programmingreddit
https://www.wired.com/story/log4j-flaw-hacking-internet/
https://redd.it/rdmus2
@programmingreddit
WIRED
‘The Internet Is on Fire’
A vulnerability in the Log4j logging framework has security teams scrambling to put in a fix.
How Cloudflare security responded to log4j2 vulnerability
http://blog.cloudflare.com/how-cloudflare-security-responded-to-log4j2-vulnerability/
https://redd.it/rdyjq2
@programmingreddit
http://blog.cloudflare.com/how-cloudflare-security-responded-to-log4j2-vulnerability/
https://redd.it/rdyjq2
@programmingreddit
The Cloudflare Blog
How Cloudflare security responded to Log4j 2 vulnerability
Yesterday, December 9, 2021, when a serious vulnerability in the popular Java-based logging package log4j was publicly disclosed, our security teams jumped into action to help respond to the first question and answer the second question. This post explores…
Super Mario Brothers Tile collision checks flowchart
https://twitter.com/dansalvato/status/1469576958241492993/photo/1
https://redd.it/rdvy23
@programmingreddit
https://twitter.com/dansalvato/status/1469576958241492993/photo/1
https://redd.it/rdvy23
@programmingreddit
Twitter
Dan Salvato
Just for fun, I put together this flowchart detailing how Super Mario Bros. 1 checks for (and handles) player collisions with tiles. Good game design can be deceivingly complicated. Credits to the SMB1 Disassembly.
For anyone who's curious about graphics and shader programming, this goes over how the GPU turns triangles and textures into pixels on the screen. It clarifies what the system does for you and at what point it calls the shader code you write. It should be useful no matter what language you're using.
https://youtu.be/UVNnkDqcTGE
https://redd.it/rdm98j
@programmingreddit
https://youtu.be/UVNnkDqcTGE
https://redd.it/rdm98j
@programmingreddit
YouTube
Shader Basics Tutorial (no code)
I go over the background knowledge you should really understand before checking out other shader tutorials. This information is relevant to most 3D rendering applications like Blender, Unity, Unreal, etc...
Even if you're just curious about how 3D graphics…
Even if you're just curious about how 3D graphics…
Logout4Shell: Use Log4Shell vulnerability to vaccinate a victim server against Log4Shell
https://github.com/Cybereason/Logout4Shell
https://redd.it/relul8
@programmingreddit
https://github.com/Cybereason/Logout4Shell
https://redd.it/relul8
@programmingreddit
GitHub
GitHub - Cybereason/Logout4Shell: Use Log4Shell vulnerability to vaccinate a victim server against Log4Shell
Use Log4Shell vulnerability to vaccinate a victim server against Log4Shell - Cybereason/Logout4Shell
kitty - the fast, featureful, GPU based terminal emulator
https://sw.kovidgoyal.net/kitty/
https://redd.it/rehc6x
@programmingreddit
https://sw.kovidgoyal.net/kitty/
https://redd.it/rehc6x
@programmingreddit
kitty
If you live in the terminal, kitty is made for YOU! The fast, feature-rich, GPU based terminal emulator. Fast Uses GPU and SIMD vector CPU instructions for best in class performance, Uses threaded ...
Chrome Users Beware: Manifest V3 is Deceitful and Threatening
https://www.eff.org/deeplinks/2021/12/chrome-users-beware-manifest-v3-deceitful-and-threatening
https://redd.it/rf0on5
@programmingreddit
https://www.eff.org/deeplinks/2021/12/chrome-users-beware-manifest-v3-deceitful-and-threatening
https://redd.it/rf0on5
@programmingreddit
Electronic Frontier Foundation
Chrome Users Beware: Manifest V3 is Deceitful and Threatening
Like FLoC and Privacy Sandbox before it, Google Chrome’s Manifest V3 is another example of the inherent conflict of interest that comes from Google controlling both the dominant web browser and one
Professional maintainers: a wake-up call
https://blog.filippo.io/professional-maintainers/
https://redd.it/remizd
@programmingreddit
https://blog.filippo.io/professional-maintainers/
https://redd.it/remizd
@programmingreddit
Filippo Valsorda
Professional maintainers: a wake-up call
Open Source software runs the Internet, and by extension the economy. This is an undisputed fact about reality in 2021. And yet, the role of Open Source maintainer has failed to mature from a hobby into a proper profession.
A JavaAgent based hotpatch for fixing live JVMs with the log4shell vulnerability
https://github.com/corretto/hotpatch-for-apache-log4j2/
https://redd.it/retkne
@programmingreddit
https://github.com/corretto/hotpatch-for-apache-log4j2/
https://redd.it/retkne
@programmingreddit
GitHub
GitHub - corretto/hotpatch-for-apache-log4j2: An agent to hotpatch the log4j RCE from CVE-2021-44228.
An agent to hotpatch the log4j RCE from CVE-2021-44228. - corretto/hotpatch-for-apache-log4j2
He Wrote a High-Frequency Trading Platform In D
https://dlang.org/blog/2021/12/11/i-wrote-a-high-frequency-trading-platform-in-d/
https://redd.it/re075b
@programmingreddit
https://dlang.org/blog/2021/12/11/i-wrote-a-high-frequency-trading-platform-in-d/
https://redd.it/re075b
@programmingreddit
Intel seems awfully scared about Graviton2. Why pay for this ad on Google?
https://www.intel.com/content/www/us/en/products/performance/cloud-facts.html
https://redd.it/rf0ygw
@programmingreddit
https://www.intel.com/content/www/us/en/products/performance/cloud-facts.html
https://redd.it/rf0ygw
@programmingreddit
Intel
AWS Graviton vs Intel for Cloud Computing
Comparing AWS Graviton vs Intel in the AWS cloud? AWS Intel instances deliver better performance, cost, and flexibility with great user experiences.
Log4Shell log4j vulnerability (CVE-2021-44228) - cheat-sheet reference guide
https://www.techsolvency.com/story-so-far/cve-2021-44228-log4j-log4shell/
https://redd.it/rfrlxo
@programmingreddit
https://www.techsolvency.com/story-so-far/cve-2021-44228-log4j-log4shell/
https://redd.it/rfrlxo
@programmingreddit
Techsolvency
Tech Solvency: The Story So Far: CVE-2021-44228 (Log4Shell log4j vulnerability).
Summary of CVE-2021-4228 (Log4Shell), trivial RCE in log4j, a common Java logging framework. Includes list of affected platforms.
Marketing is scary for a solo developer
https://raumet.com/marketing
https://redd.it/rfq0r8
@programmingreddit
https://raumet.com/marketing
https://redd.it/rfq0r8
@programmingreddit
Roblox Pressured Us to Delete Our Video. So We Dug Deeper.
https://www.youtube.com/watch?v=vTMF6xEiAaY
https://redd.it/rg1hgj
@programmingreddit
https://www.youtube.com/watch?v=vTMF6xEiAaY
https://redd.it/rg1hgj
@programmingreddit
YouTube
Roblox Pressured Us to Delete Our Video. So We Dug Deeper.
Following our last video on Roblox, players and creators began getting in touch with their own stories to share. Here are some of those stories.
Support us on Patreon: https://www.patreon.com/PeopleMakeGames
Original video: https://www.youtube.com/watc…
Support us on Patreon: https://www.patreon.com/PeopleMakeGames
Original video: https://www.youtube.com/watc…
I blew $720 on 100 notebooks from Alibaba and started a Paper Website business
https://daily.tinyprojects.dev/paper_website
https://redd.it/rg68tv
@programmingreddit
https://daily.tinyprojects.dev/paper_website
https://redd.it/rg68tv
@programmingreddit
daily.tinyprojects.dev
I blew $720 on 100 notebooks from Alibaba and started a Paper Website business | Tiny Projects
I started a business that lets you build websites using pen and paper. In the process I went viral on Twitter, made $1,000 in two days, and blew $720 on 100 paper notebooks from Alibaba.
Bulgaria's new eGov minister is a software developer, ranked #40 all time on Stack Overflow and the founder of a blockchain-based cyber security startup.
https://stackoverflow.com/users/203907/bozho
https://redd.it/rg99vy
@programmingreddit
https://stackoverflow.com/users/203907/bozho
https://redd.it/rg99vy
@programmingreddit
Stack Overflow
User Bozho
Stack Overflow | The World’s Largest Online Community for Developers