Hey, if you're bored I'm having a weird #segfault problem in some #c unit tests. tl;dr: if I build under Ubuntu it crashes with a segfault; if I build under Fedora it works (when run under either Fedora or Ubuntu). There are only static strings involved; no pointers.

I posted the details at https://stackoverflow.com/q/76880064/147356.

DevLog 010: Debugging MLT/GTK segfault

I try to edit some footage with my video editor. Everything is going quite well. After I add a split-cut-at-playhead operation to the editor, in addition to the previously added ripple delete, I am actually able to do some useful edits.

However, after a while I notice that a cut does not seem to render the correct frame. I decide to restart the application, and then it happens.

Segfault!

http://rickardlindberg.me/writing/devlog-010-debugging-mlt-gtk-segfault/

#python #mlt #segfault

#Segfault.fm: 0x24 Monthly (2023-07)

Die Juni-Episode! Diesmal mit wenigen Themen, die dafür aber sehr problematisch sind: #AMD kaputt, #Microsoft kaputt, Cloud's #singlepointoffailure, also schon immer kaputt. Immerhin berichtet Florian von der erfolgreichen PETs Konferenz. Viel Spaß beim Zuhören!

Shownotes:

Tavis Ormandy: Zenbleed

How #Cloudflare is staying ahead of the AMD vulnerability known as Zenbleed

#PETS 2023

The Use of Push Notification in Censorship Circumvention

Everybody’s Looking for SSOmething:

Understanding Person Identification Through Gait

Examining the #Hydra: Simultaneously Shared Links in #Tor and the Effects on its Performance

#Proteus: Programmable Protocols for Censorship Circumvention

heise.de: Microsofts gestohlener Schlüssel mächtiger als vermutet

Google’s nightmare “Web Integrity API”

Webseite der Episode: https://segfault.fm/episode/0x24-monthly-jul/

Mediendatei: https://segfault.fm/assets/podcasts/0x24-monthly-episode.mp3

#Privatsphäre
#Datenschutz

#Segfault.fm: 0x24 Monthly (2023-07)

Die Juni-Episode! Diesmal mit wenigen Themen, die dafür aber sehr problematisch sind: AMD kaputt, Microsoft kaputt, Cloud's single point of failure, also schon immer kaputt. Immerhin berichtet Florian von der erfolgreichen PETs Konferenz. Viel Spaß beim Zuhören!

Shownotes:

Tavis Ormandy: Zenbleed

How #Cloudflare is staying ahead of the AMD vulnerability known as Zenbleed

#PETS 2023

The Use of Push Notification in Censorship Circumvention

Everybody’s Looking for SSOmething:

Understanding Person Identification Through Gait

Examining the #Hydra: Simultaneously Shared Links in #Tor and the Effects on its Performance

#Proteus: Programmable Protocols for Censorship Circumvention

heise.de: #Microsofts gestohlener Schlüssel mächtiger als vermutet

Google’s nightmare “Web Integrity API”

Webseite der Episode: https://segfault.fm/episode/0x24-monthly-jul/

Mediendatei: https://segfault.fm/assets/podcasts/0x24-monthly-episode.mp3

#Privatsphäre
#Datenschutz

#Segfault.fm: 0x23 Monthly

Die Episode zum letzten Quartal !
Diesmal mit ein paar Updates zu vorherigen Themen, .zip Domains, #ChatGPT, leakenden Power LEDs und Fingerabdruckscannern

Viel Spaß beim Hören!

Shownotes:

#Mullvad #VPN was subject to a search warrant. Customer data not compromised - Blog - Mullvad VPN

Deploying key transparency at #WhatsApp - Engineering at Meta

Web fingerprinting is worse than I thought - Bitestring’s Blog

The Dangers of Googles #zip TLD

Hackers can steal cryptographic keys by video-recording power LEDs

New Type of Attack: BrutePrint Can Breach Your Smartphone’s #Fingerprint #Security

Belgium legalises ethical hacking: a threat or an opportunity for cybersecurity? - CITIP blog

#Threema

Potentially millions of Android TVs and phones come with malware preinstalled - Ars Technica

Webseite der Episode: https://segfault.fm/episode/0x23-monthly/

Mediendatei: https://segfault.fm/assets/podcasts/0x23-monthly.mp3

#sicherheit
#Datenschutz
#Privatsphäre
#Meta

#Segfault.fm: 0x23 Monthly

Die Episode zum letzten Quartal !
Diesmal mit ein paar Updates zu vorherigen Themen, .zip Domains, #ChatGPT, leakenden Power LEDs und Fingerabdruckscannern. Viel Spaß beim Hören!

Shownotes:

#Mullvad #VPN was subject to a search warrant. Customer data not compromised - Blog - Mullvad VPN

Deploying key transparency at #WhatsApp - Engineering at Meta

Web fingerprinting is worse than I thought - Bitestring’s Blog

The Dangers of Googles zip TLD

Hackers can steal cryptographic keys by video-recording power LEDs

New Type of Attack: BrutePrint Can Breach Your Smartphone’s #Fingerprint #Security

Belgium legalises ethical hacking: a threat or an opportunity for cybersecurity? - CITIP blog

Dangers of Google’s zip TLD

Potentially millions of Android TVs and phones come with malware preinstalled - Ars Technica

Webseite der Episode: https://segfault.fm/episode/0x23-monthly/

Mediendatei: https://segfault.fm/assets/podcasts/0x23-monthly.mp3

#sicherheit
#Datenschutz
#Privatsphäre
#Meta

#Segfault.fm: 0x23 Monthly

Die Episode zum letzten Quartal !
Diesmal mit ein paar Updates zu vorherigen Themen, .zip Domains, #ChatGPT, leakenden Power LEDs und Fingerabdruckscannern. Viel Spaß beim Hören!

Shownotes:

Web fingerprinting is worse than I thought - Bitestring’s Blog

The Dangers of Googles zip TLD

Even Google warns its own

Hackers can steal cryptographic keys by video-recording power LEDs

New Type of Attack: BrutePrint Can Breach Your Smartphone’s #Fingerprint Security

Belgium legalises ethical hacking: a threat or an opportunity for cybersecurity? - CITIP blog

Dangers of Google’s zip TLD

Potentially millions of Android TVs and phones come with malware preinstalled - Ars Technica

SupplyChainAttacks/MSI/MsiImpactedDevices.md at main · binarly-io/SupplyChainAttacks · GitHub

Intel investigating leak of Intel Boot Guard private keys after MSI breach

Webseite der Episode: https://segfault.fm/episode/0x23-monthly/

Mediendatei: https://segfault.fm/assets/podcasts/0x23-monthly.mp3

@neverpanic @harrysintonen

I have added a Portfile with a potential remediation here:

https://trac.macports.org/attachment/ticket/67539/Portfile.openssh9.3.p1_rev2

(Descriptive comment here:

https://trac.macports.org/ticket/67539#comment:44 )

Admittedly, I am not sure if that will do the trick and I do not have a system which was impacted by this to test personally at the moment, so others letting me know whether that was effective or not in fixing it are most welcome to provide their perspective!

#MacPorts #OpenSSH #LLVM #CLANG #SegFault

Wow! Long time passed since last time I was able to trigger a GCC #compilererror with #segfault, during a #kernel build. This is on #bullseye with gcc 10.2.1-6 and kernel 6.1.27

#TIL: Wenn influx2cortex beim Start deterministich einen #Segfault wirft, dann ist wahrscheinlich ein Port bereits belegt, auf dem es lauschen will. Das ist ja mal echt gute #UX... Das kommt dann wohl davon, wenn so Zeug #Docker by Design entwickelt wird

Consider that you burned your hand:

1. Apply lotion to the hand - okay
2. Wash your hands. Uh oh
3. After 5 minutes, carefully wipe the lotion? But the lotion is already gone! IRL #segfault.

Die Folge zu Januar und Februar! Diesmal mit ein paar Updates zu vorherigen Themen, Android, Autos und Telefonbanking. Schwachstellen, Schwachstellen und Schwachstellen. Viel Spaß beim Hören!

Shownotes:

Three Lessons from #Threema

Paper: Three Lessons from Threema

John Deere erlaubt Reparaturen nach Hacks

FOSDEM 2023 - #Matrix 2.0

#Tor is slow right now. Here is what is happening. - The Tor Project

#NSA: Software Memory Safety

Bjarne Stroustrup reagiert auf NSA

A call to action: Think seriously about safety

#Google Online Security Blog: Hardening Firmware Across the Android Ecosystem

Spreading #Malware via Google Ads

#grawity: ‘PuTTY on my Win98 VM crashes OpenSSH and I’m some’

oss-sec: Re: double-free vulnerability in OpenSSH server 9.1 (CVE-2023-25136)

CVE-2022-24990: Getting Password via a specific User-Agent String

....

#Segfault.fm: 0x22 Monthly (2023-02)

Webseite der Episode: https://segfault.fm/episode/0x22-monthly-feb/

Mediendatei: https://segfault.fm/assets/podcasts/0x22-monthly.mp3

›They Have Played Us #Programmer|s for Absolute #Fool|s‹

🧷 https://www.youtube.com/watch?v=QTiAWZ1YfzI&t=217s

🌺

🏷️ #Lisp #Scheme #CommonLisp #CPP #Rust #DennisRitchie #BrianKernighan #BjarneStroustrup #CLang #Rustacean #MetaProgramming #Risitas #JohnMcCarthy #Unix #Pipes #Segfault #NullPointer #UndefinedBehaviour #GarbageCollection #MemoryManagement #BellLabs #ObjectSystem #FunctionalProgramming #Syntax #Rustaceans #MemorySafety #ElRisitas #CLOS #AMOP

#ThatMomentWhen a library creates an object. The library uses the object moments later. The library triggers a #segfault because it didn't properly initialise everything in the object.

#C #ProgrammingInC #Vala

# php -v
free(): invalid pointer
Abandon

Merci PHP, c'était vraiment très utile. 👍

#Debian #Linux #Segfault

#c #coding #developement #segfault @xpil

@framasky Le mien est bien plus #puissant : il me mange un #doigt à chaque #segfault :

#AusweisApp2 installiert. Wie werde ich begrüßt? Richtig. #segfault

AusweisApp2 installiert. Wie werde ich begrüßt? Richtig. #segfault

Wir behandeln heute Oktober und November.
Es gab #Microsoft, #Twitter, #OpenSSL, den #Pixelphone lock screen #bypass, #Tailscale
#Signal und vieles mehr.
Viel Spaß beim Hören!

https://segfault.fm/episode/0x20-monthly-nov/

Mediendatei:
https://segfault.fm/assets/podcasts/0x20-monthly-urlscan.mp3

#Segfault