tdtd (u/tdtd) - Readit News

tdtd commented on The state of GNU/Linux and a case against shared object libraries mitjafelicijan.com/the-ab... · Posted by u/kaladin-jasnah

odo1242 · a year ago

Something worth noting with shared dependencies is that yes, they save on disk space, but they also save on memory. A 200MB non-shared dependency will take up 600MB across three apps, but a 200MB shared dependency can be loaded on it's own and save 400 megabytes. (Most operating systems manage this at the physical page level, by mapping multiple instances of a shared library to the same physical memory pages.)

400 megabytes of memory usage is probably worth more than 400 megabytes of storage. It may not be a make-or break thing on it's own, but it's one of the reasons Linux can run on lower-end devices.

tdtd · a year ago

This is certainly true on Windows, where loaded DLLs share the base addresses across processes even with ASLR enabled, but is it the case on Linux, where ASLR forces randomization of .so base addresses per process, so relocations will make the data in their pages distinct? Or is it the case that on modern architectures with IP-relative addressing (like x64) that relocations are so uncommon that most library pages contain none?

tdtd commented on Hotel WiFi JavaScript Injection (2012) justinsomnia.org/2012/04/... · Posted by u/redbell

lmz · 2 years ago

This would break the chain of trust (you wouldn't trust the network's key signing the address for that zone).

tdtd · 2 years ago

The attacker doesn’t resign the DNS record with their own key, they just let the legitimately signed record though and use the IP address in that legitimate record themselves. If someone owns the network (or is an active MitM) they can control where IP addresses route to.

tdtd commented on Hotel WiFi JavaScript Injection (2012) justinsomnia.org/2012/04/... · Posted by u/redbell

labcomputer · 2 years ago

> Plenty of hotels (and other places) misdirect your DNS queries so that your machine will connect to the hotel's captive portal where you need to accept the terms and conditions for using the wifi.

And for all the whining about how "but DNSSEC doesn't do anything!", this is exactly an attack scenario which DNSSEC protects, and which it has protected since the very first RFC describing it. The client can check for itself whether the IP address in the response has been correctly signed by the (sub-)domain owner (and recursively whether the (sub-)domain has been signed by the parent domain, all the way back to the root).

As for "but how will I redirect hosts to my captive portal?", that's what DHCP option 114, DHCPv6 option 103 and IPv6 Router Advertisement option 37 are for. https://developer.apple.com/news/?id=q78sq5rv

tdtd · 2 years ago

If the network’s owner was the one doing DNS redirects, couldn’t they just instead use the IP address in the DNSSEC-signed record themselves? I don’t think DNSSEC is a robust protection if you don’t trust the network you’re connected to.

tdtd commented on Historical maps probably helped cause World War I resobscura.substack.com/p... · Posted by u/benbreen

boxfire · 2 years ago

Ugh the first paragraph kicks off with a missing bit of information. Min Nan has at least 5 subvarieties. In my spouse's it's pronounced "de" not "te" (and she is Min Nan as a first language). She laughed and said there's no way the people in Xiamen said "te", or any of the subvarieties she is familiar with within coastal fujian where she spent the first 25 years of her life.

So failed look at archaic miss transliterations, kind of reminiscent of the entire theme of the article. The example map being built on an argument from a bad assumption (a historical error as a pretext for argument).

Perfect irony.

tdtd · 2 years ago

The "te" transliteration for 茶 in Min Nan comes from the Pe̍h-ōe-jī romanization system (https://en.wikipedia.org/wiki/Pe%CC%8Dh-%C5%8De-j%C4%AB), which doesn't use the letter 'd' at all.

As was common for Chinese romanization systems from before the 20th century, it used 't' for unaspirated /t/ (which we would use use 'd' for today in systems like Pinyin for Mandarin or Peng'im for Teochew), and used 'th' for aspirated /tʰ/ (which we sould use 't' for today in systems like Pinyin or Peng'im).

This isn't an archaic miss transliteration, it's just an alternative transliteration strategy. In many languages that primarily use the latin alphabet, the phonemes associated with 't' and 'd' are /t/ and /d/, primarily distinguished by voice instead of aspiration (where aspiration is allophonic), so it's logical that the creators of earlier romanization systems focused on preserving that voice distinction, even if it's less common today for a variety of reasons.