And MATLAB appears to produce 51, wtf idk
The numeric value of the ‘1’ character (the ASCII code / Unicode code point representing the digit) is 49. Add 2 to it and you get 51.
C (and several related languages) will do the same if you evaluate '1' + 2.
Fun fact: apparently on x86 just MOV all by itself is Turing-complete, without even using it to produce self-modifying code (paper, C compiler).
If there happens to be some mental TLS handshake RCE that comes up, chances are they are all using the same underlying TLS library so all will be susceptible…
Among common reverse proxies, I know of at least two underlying TLS stacks being used:
crypto/tls from the Go standard library (which has its own implementation, it’s not just a wrapper around OpenSSL).
Small correction: Pi lies between 2^1 and 2^2, so its floating-point exponent is 1. With all the mantissa bits cleared you’d be left with 1 * 2^1, not 1 * 2^0.
Have you considered putting alias htop=btop (or equivalent) in your shell profile?
It’s nice in theory, but I’ve had very little luck using it for the last few days.
I wouldn’t be surprised if whatever instances it picks to send people to are soon afterwards rate limited because demand is too high relative to supply.
Somehow my .gitconfig seems to have grown by about 20 lines after reading this article. How mysterious…
If this is something you run into often, it’s likely still only for a limited number of servers? ssh and scp both respect .ssh/config, and I suspect (but haven’t tested) that sftp does too. If you add something like this to that file:
Host host1 host2
Port 8080
then SSH connections to hosts named in that first line will use port 8080 by default and you can leave off the -p/-P when contacting those hosts. You can add multiple such sections if you have other hosts that require different ports, of course.
Aurora is no longer maintained, but it still works just fine. It’s a Windows app, so not web-accessible or anything, but it’s free. It only contains the SRD content by default (probably for legal reasons), but there’s at least one publicly-accessible elements repository for it that you can find using your favorite search engine.
Assuming they went to signed 64-bit time, it should be about 3:28:32 pm UTC on Sunday, December 4, 292277026596. Yes, that last number is a year.
If they have the root access typically needed to reboot a server1 they could also just wipe the logs without rebooting.
1: GUIs typically have a way to reboot without such privileges, but those are typically not installed on machines just used as servers.
[email protected] - no posts yet though.
That domain currently hosts a “this domain may be for sale” page, but it’s been registered since 2005 so it’s definitely not because of this post.
In fact, unless you post your domain somewhere online or its registration is available somewhere, it’s unlikely anyone will ever visit your server without a direct link provided by you or someone else who knows it.
If you use HTTPS with a publicly-trusted certificate (such as via Let’s Encrypt), the host names in the certificate will be published in certificate transparency logs. So at least the “main” domain will be known, as well as any subdomains you don’t hide by using wildcards.
I’m not sure whether anyone uses those as a list of sites to automatically visit, but I certainly would not count on nobody doing so.
That just gives them the domain name though, so URLS with long randomly-generated paths should still be safe.
I’m pretty sure they lost that at least 4 years earlier, assuming they ever had it in the first place.
Two words: underfloor heating.
When walking around barefoot, warm tiles are so much nicer than cold ones.
Is that why I haven’t had any problems? I thought it was either Google A/B testing again or my ad blocker updating often enough to keep up, but I do have a user-agent changer installed in Firefox that’s configured to tell YouTube I’m on Chrome…
They have a tag in the main page to point to it but browsers don’t really surface that anymore I guess?
There’s a Firefox addon to fix that. It’s called RSSPreview, but besides providing previews it also adds a little button to the address bar on sites that have tags like that so you can find the feeds in the first place.
If a deaf person decides to get an implant, or their (hearing?) parents decide for them, and later decides they no longer want it then it’s pretty much reversible, right? They can just not turn it on, or perhaps even have it removed again?
This article is talking about gene therapy, not an assistive device. It’s probably a much more permanent decision.
For TLS-based protocols like HTTPS you can run a reverse proxy on the VPS that only looks at the SNI (server name indication) which does not require the private key to be present on the VPS. That way you can run all your HTTPS endpoints on the same port without issue even if the backend server depends on the host name.
This StackOverflow thread shows how to set that up for a few different reverse proxies.