profile
viewpoint
If you are wondering where the data of this site comes from, please visit https://api.github.com/users/AZ-X/events. GitMemory does not store any data, but only uses NGINX to cache data for a period of time. The idea behind GitMemory is simply to give users a better reading experience.
AZ-X A (business) trip camerist, thinker, software builder, lazyboots with some decent knowledge of reprogramming, design and zen

AZ-X/pique 7

An advanced DNS stub with Freedom, Privacy and Security --- THRICE UPON A TIME

AZ-X/docker-machine-driver-vmware 4

Yet Another Advanced Docker Machine VMware Driver

AZ-X/WPF-GO-dnscrypt-proxy-md 3

A GREAT GUI Offline Tool for manipulating/seeking resolver list of repique and dnscrypt proxy. Documentary work done. Read Wiki first.

AZ-X/An-exhibition-of-Ed25519-signature-to-both-ssh-and-dockerd-inside-of-an-advanced-boot2docker-disc 1

This respository does NOT contain detailed guides to the production, instead it begins with initiatory images

AZ-X/dns 1

The first slim version of miekg/dns for DNS forwarder/stub/analyzer

AZ-X/action-automatic-releases 0

READONLY: Auto-generated mirror for https://github.com/marvinpinto/actions/tree/master/packages/automatic-releases

AZ-X/aria2 0

aria2 is a lightweight multi-protocol & multi-source, cross platform download utility operated in command-line. It supports HTTP/HTTPS, FTP, SFTP, BitTorrent and Metalink.

AZ-X/botan 0

Cryptography Toolkit

AZ-X/Chaos.NaCl 0

Chaos.NaCl cryptography library

fork jsoref/libera-chat.github.io

The website of Libera Chat, providing documentation and news

https://libera.chat

fork in 2 hours

issue commenttlswg/draft-ietf-tls-esni

Reconsider non-HRR ECH acceptance signal

I think this is a question we might try to answer in the initial deployment. Something browsers might consider doing is exercise the ECH codepoint in the server's response by triggering HRR in the inner handshake for some fraction of connection attempts. If these handshake fail at a significantly higher rate then other handshakes, then we know we might have a problem.

chris-wood

comment created time in 4 hours

startedupros/mint

started time in 5 hours

startedupros/mint

started time in 9 hours

issue openedxueyuanl/daily-hackernews

Daily Hacker News 22-06-2021

Daily Hacker News

  1. Your CPU May Have Slowed Down on Wednesday travisdowns.github.io comments
  2. Pocketlang github.com comments
  3. Hyundai acquires stake in Boston Dynamics for $880M finbold.com comments
  4. The Fine Art of Combining Harmonics whatmusicreallyis.com comments
  5. Alpha-Gal Syndrome www.mayoclinic.org comments
  6. Kats: One stop shop for time series analysis in Python facebookresearch.github.io comments
  7. Cargo Is Piling Up Everywhere, and It's Making Inflation Worse www.npr.org comments
  8. GAN Theft Auto www.youtube.com comments
  9. SproutLife – Evolving version of Conway’s Game of Life github.com comments
  10. Visit Y Combinator.com for jobs at 800 high-growth YC startups www.ycombinator.com comments
  11. Tour of the server room in the Airbus 350 www.youtube.com comments
  12. Who owns the German DAX? [pdf] www.dirk.org comments
  13. Once Dataset: One Million Scenes for Autonomous Driving once-for-auto-driving.github.io comments
  14. Upgrade Your SSH Key to Ed25519 (2018) medium.com comments
  15. A popular algorithm to predict sepsis misses most cases and sends false alarms www.statnews.com comments
  16. Google’s Messaging Mess: A Timeline www.theverge.com comments
  17. Redis server side if-modified-since caching pattern using lua blog.r4um.net comments
  18. Server.casino – Random Servers Across the Internet server.casino comments
  19. A Public Registry for AWS CloudFormation aws.amazon.com comments
  20. Free Software and Freakonomics sambhav.saggis.com comments
  21. Rootless Sniffing lude.rs comments
  22. CMV: Tech monopolies should be banned as a class old.reddit.com comments
  23. Over 200 Patent Judges Were Improperly Appointed, Supreme Court Says www.nytimes.com comments
  24. Political trolling twice as popular as positivity, study suggests www.bbc.com comments
  25. Did Windows 10 slow down with each feature update? ntdotdev.wordpress.com comments

created time in 9 hours

issue commentburrowers/garble

typecheck error: RequestCtx not declared by package fasthttp

Please provide more details. How can I reproduce this? I can't just run the command because I don't have your code.

you can try this one. i believe it doesn't work too

package main

import (
	"flag"
	"fmt"
	"log"

	"github.com/valyala/fasthttp"
)

var (
	addr     = flag.String("addr", ":8080", "TCP address to listen to")
	compress = flag.Bool("compress", false, "Whether to enable transparent response compression")
)

func main() {
	flag.Parse()

	h := requestHandler
	if *compress {
		h = fasthttp.CompressHandler(h)
	}

	if err := fasthttp.ListenAndServe(*addr, h); err != nil {
		log.Fatalf("Error in ListenAndServe: %s", err)
	}
}

func requestHandler(ctx *fasthttp.RequestCtx) {
	fmt.Fprintf(ctx, "Hello, world!\n\n")

	fmt.Fprintf(ctx, "Request method is %q\n", ctx.Method())
	fmt.Fprintf(ctx, "RequestURI is %q\n", ctx.RequestURI())
	fmt.Fprintf(ctx, "Requested path is %q\n", ctx.Path())
	fmt.Fprintf(ctx, "Host is %q\n", ctx.Host())
	fmt.Fprintf(ctx, "Query string is %q\n", ctx.QueryArgs())
	fmt.Fprintf(ctx, "User-Agent is %q\n", ctx.UserAgent())
	fmt.Fprintf(ctx, "Connection has been established at %s\n", ctx.ConnTime())
	fmt.Fprintf(ctx, "Request has been started at %s\n", ctx.Time())
	fmt.Fprintf(ctx, "Serial request number for the current connection is %d\n", ctx.ConnRequestNum())
	fmt.Fprintf(ctx, "Your ip is %q\n\n", ctx.RemoteIP())

	fmt.Fprintf(ctx, "Raw request is:\n---CUT---\n%s\n---CUT---", &ctx.Request)

	ctx.SetContentType("text/plain; charset=utf8")

	// Set arbitrary headers
	ctx.Response.Header.Set("X-My-Header", "my-header-value")

	// Set cookies
	var c fasthttp.Cookie
	c.SetKey("cookie-name")
	c.SetValue("cookie-value")
	ctx.Response.Header.SetCookie(&c)
}
Numenorean

comment created time in 11 hours

fork jsoref/blitz

⚡️The Fullstack React Framework — built on Next.js

https://Blitzjs.com

fork in 15 hours

starteddirectus/directus

started time in 16 hours

startedserde-rs/serde

started time in 16 hours

issue commenttlswg/draft-ietf-tls-esni

Reconsider non-HRR ECH acceptance signal

Making ECH acceptance an extension instead of SH.random seems like a good idea if it'll reduce the likelihood of issues with HRR.

passively inferring whether a server is capable of ECH. (Note that whether or not a server is capable of ECH depends on the attacker’s ability to actively probe, and active attackers are consistent with the ECH threat model.)

I don't think this is a big deal since an attacker can always just try to get the HTTPS RR from DNS to see if the server supports ECH. It's not passive, but it's easy.

chris-wood

comment created time in 18 hours

issue commenttlswg/draft-ietf-tls-esni

Grease HRR acceptance signal?

I think not sticking out is a lost cause, so I don't think it matters whether any GREASE-ing is deterministic or random.

cjpatton

comment created time in 18 hours

issue commenttlswg/draft-ietf-tls-esni

Grease HRR acceptance signal?

Er, right, I always forget whether our phrasing believes it's the backend or client-facing server responding on ECH reject.

In order for ECH GREASE to work, we need ClientHelloOuter(ech=undecryptable, server_name=A) and ClientHelloOuter(ech=ClientHelloInner(server_name=A)) to result in equivalent handshakes. We could formulate that by saying the client-facing server is purely a ClientHello dispatcher and, reject or accept, it's a backend server you're talking to. Or we could say that, in ECH reject, you're talking to the client-facing server and we assume client-facing server and backend server respond equivalently to server_name=A. If it's the latter then, yeah, this should apply to the client-facing server as well.

It only makes sense to me for the client-facing server to be responding on ECH reject. If ECH is rejected, how can it even be expected to know what backend server the client is trying to talk to?

cjpatton

comment created time in 21 hours

fork jsoref/emil

Emil is a library for dealing with E-Mail in Scala.

https://eikek.github.io/emil/

fork in a day

issue commentburrowers/garble

typecheck error: RequestCtx not declared by package fasthttp

Please provide more details. How can I reproduce this? I can't just run the command because I don't have your code.

Numenorean

comment created time in a day

issue openedburrowers/garble

typecheck error: RequestCtx not declared by package fasthttp

Error itself: typecheck error: .\main.go:91:39: RequestCtx not declared by package fasthttp Build with command: garble build --ldflags "-s -w"

created time in a day

startedblitz-js/blitz

started time in a day

issue commentburrowers/garble

add an "export" command for libraries

Also, I think this command should be akin to garble build, in that packages should be built as they are obfuscated to ensure they haven't been broken in ways that trigger the parser or typechecker. We could later consider an option to skip building and just obfuscate.

mvdan

comment created time in a day

issue commentburrowers/garble

add an "export" command for libraries

It's unclear to me if this means we should keep GOPRIVATE or GOGARBLE support around.

On one hand, it makes sense to keep GOGARBLE as a configuration option, because garble export out my.corp/some/library/... is implicitly using GOGARBLE=my.corp/some/library. We'd need to keep support for only obfuscating some packages but not others, too.

On the other hand, would anyone ever set GOGARBLE directly? When building manually, one would (presumably) always want to obfuscate all packages. When exporting a library like the example above, one would just want to obfuscate the library's packages.

One possible use case for GOGARBLE would be to emulate the garble export configuration for other commands, like GOGARBLE=my.corp/some/library go test my.corp/some/library/.... However, note that obfuscation of binaries would be different, so this wouldn't be testing the same code that got exported. Perhaps we could add something like garble export-test in the future.

Right now, I'm still leaning towards phasing out GOGARBLE/GOPRIVATE support.

mvdan

comment created time in a day

issue openedburrowers/garble

add an "export" command for libraries

In the context of https://github.com/burrowers/garble/issues/276#issuecomment-864613749, I've been thinking that there are scenarios where one might want to obfuscate only some packages: when publishing or packaging an obfuscated library, to be consumed as regular Go packages via source code.

We do sort of support this already, via something like:

GOPRIVATE=my.corp/some/library garble -debugdir=out build my.corp/some/library/...

Then, the obfuscated source code will be under out/my.corp/some/library.

I think this use case is valid, given that it's not possible (or at least not easy) to distribute Go libraries without distributing source code too. One such example is unidoc, where its libraries like unipdf are obfuscated then pushed to GitHub.

We already have much of the machinery here, and garble is pretty advanced as a Go obfuscator, so I think it makes sense to take it one step further and make this easier to do. For example, via:

garble export out my.corp/some/library/...

Some key differences compared to how we currently obfuscate code:

  • Import paths should remain untouched, for the sake of keeping imports working.
  • Exported names should also remain untouched, such as types and functions.
  • Godoc comments of exported names should be left in place.
  • License comments should be left in place.

Internal packages such as my.corp/some/library/internal/foo would still be fully obfuscated, including changing their API names and import paths. That could be a way to tell what packages must remain importable and usable.

Otherwise, I think obfuscation could stay the same: stripping unexported names, position information, most comments, etc.

We might have to tweak our obfuscator to collapse newlines, too - right now, it does that via /*line comments for the compiler, but newlines in the printed source code remain, since those don't affect binaries. They affect published source code, though - and it's also likely that those compiler directives shouldn't be present in this new mode.

created time in a day

startedboschresearch/pq-wolfSSL

started time in a day

startedsafecrypto/libsafecrypto

started time in a day

startedboschresearch/pq-wolfSSL

started time in a day

created repositoryMichalStrehovsky/MichalStrehovsky

created time in a day

startedcodepiet/LogicSim3

started time in a day

issue commentburrowers/garble

build failures when converting to syscall struct types

Can you file that as a separate issue with details on how I can reproduce it? Ideally with a standalone example program.

jm33-m0

comment created time in a day

issue openedxueyuanl/daily-hackernews

Daily Hacker News 21-06-2021

Daily Hacker News

  1. Yggdrasil – an open source fully end-to-end encrypted IPv6 network github.com comments
  2. A dwarf planet coming within 11 AU of the sun over the next 10 years groups.io comments
  3. Nixos-unstable’s ISO_minimal.x86_64-Linux is 100% reproducible discourse.nixos.org comments
  4. The “API Mandate” memo at Amazon chrislaing.net comments
  5. USC professor’s DIY online teaching hack to engage students goes viral (2020) news.usc.edu comments
  6. Finding the Bottom Turtle blog.dave.tf comments
  7. Japan's government plans to encourage 4-day workweek, but experts split mainichi.jp comments
  8. Mindat.org, the largest open database of minerals, rocks, and meteorites www.mindat.org comments
  9. Enthusiastic amateurs advance science as they hunt for exotic mushrooms www.npr.org comments
  10. Turn your old, cracked Android phone into a backup server www.hannahtech.co comments
  11. The Lazarus heist: How North Korea almost pulled off a billion-dollar hack www.bbc.com comments
  12. Bee-friendly urban wildflower meadows prove a hit with German city dwellers www.theguardian.com comments
  13. OrganicMaps is Android and iOS offline maps for travel without trackers or ads organicmaps.app comments
  14. JPEG XL would be Turing-complete (via Rule 110) dbohdan.com comments
  15. Zero-Knowledge Proofs zkp.science comments
  16. A comparison between Rustam and Arjuna blogs.bl.uk comments
  17. Policies that make the poor less poor www.eclogiselle.com comments
  18. The Ice-V: a simple, compact RISC-V RV32I implementation in Silice github.com comments
  19. If the Moon Were Only 1 Pixel (2014) joshworth.com comments
  20. Don't Piss Off Bradley, the Parts Seller Keeping Atari Machines Alive www.vice.com comments
  21. What it was like to be peer reviewed in the 1860s (2017) physicstoday.scitation.org comments
  22. How does 'kubectl exec' work? (2019) erkanerol.github.io comments
  23. Gramps – Free Genealogy Software gramps-project.org comments
  24. Free Stuff for Developers freestuff.dev comments
  25. Upgrading Precursor’s TRNG www.bunniestudios.com comments

created time in a day

issue commentValdikSS/GoodbyeDPI

Крайне сильно тормозит Youtube при использовании GoodbyeDPI

Такая же фигня, но только с видео. Есть моменты, где они просто не грузятся пока не перезапустишь GoodbyeDPI. Проблема при этом есть не только с Youtube. Провайдер: Ростелеком северо-запад Параметры: -p --set-ttl 5 Добавил blacklist по рекомендации с форума, но это не помогло.

Manazius

comment created time in a day

startedRazrFalcon/resvg-test-suite

started time in a day

fork paulushub/webview2-control

.net controls for the Edge WebView2

fork in a day