跳至主要内容

2023-06-02

Learn x86-64 assembly by writing a GUI from scratch

  • The article provides a tutorial on how to write an assembly program that opens a GUI window using X11 without external libraries, emphasizing the use of system calls and stack pointers.
  • It covers the basics of setting up the assembler, X11, and using standard function prologs and epilogs for safe assembly functions.
  • The article shows how to open a socket and connect to the server, generate ids, open a font, create a graphical context, and create a window in X11 with error-checking emphasized throughout.

Industry Reactions

  • Practical ways to learn assembly include writing a simple GUI from scratch, studying the 8086 manual, and translating machine code to assembly instructions.
  • Assembly language is still used in jobs such as compiler development, kernel development, and security research, as well as for small embedded systems and developing matrix and vector operation routines.
  • Assembly is needed for tasks such as emulators, bootloader development, game engine development, deep learning, and hypervisor work, but writing GUIs in assembly can be challenging and there is no straightforward way to create closures or handle exceptions.

I made CSS Pro, a re-imagined Devtools for web design

  • CSS Pro is a browser extension that allows for visual editing of CSS, generating code on-the-fly and allowing changes to any website's design with just a few clicks.
  • It includes color and font pickers, a background editor, and tools to measure distances and extract HTML and CSS code from elements.
  • The extension works on top of any website, without requiring code changes, and includes options for sharing, copying, and exporting changes made using the tool.

Industry Reactions

  • CSS Pro is a new design tool with real-time synchronization between the code and the browser, featuring useful features like a gradient/bkg generator and real-time measurements of image content.
  • Users criticize the pricing model as too expensive with suggestions to sell to businesses instead.
  • Developers express reluctance toward subscription-based tools due to the excessive number of subscriptions they manage, comparing it to the culture of startups flooding the market with subscription options.

Zig is hard but worth it

  • Zig programming language is considered challenging but rewarding to master for its unique features that contribute to writing performant software and learning memory management.
  • Learning Zig can be difficult due to its lack of documentation, mandatory choice of memory allocation strategy, and pedantic nature towards undefined behavior but it is worth the effort in the long run.
  • Another unique feature of Zig is its comptime, which executes portions of the program at compile time resulting in a runtime executable with pre-calculated values and unneeded code removed.

Industry Reactions

  • Zig, a new language, is easy to learn but hard to master, and some criticize the poor documentation and inconsistent stdlib.
  • A polished package manager, LSP, and standard code formatter are essential to a new language for large-scale use.
  • Zig is praised for its C interop, and its own C compiler, but lacks good IDE and debugger support.

Security.txt file now mandatory for Dutch government websites

  • The security.txt file on a web server contains the contact information for making contact if any vulnerabilities are found on that server.
  • The aim is that, for example, ethical hackers can immediately contact the right person or department to tackle the vulnerability.

Industry Reactions

  • The Dutch government has mandated the use of security.txt files on websites to improve cybersecurity and facilitate reporting of vulnerabilities.
  • Some argue that the GPG key is unfriendly and time-consuming to use, and doubt the effectiveness of encrypted messaging for reporting cybersecurity issues.
  • The security.txt file is a relatively new web feature that can be useful and easy to implement, and might be adopted by private companies if it becomes more widespread.

Who is hiring? (June 2023)

  • This post is a forum for job seekers in the tech industry to share information about job openings at their companies or to seek out job opportunities.
  • The comments section includes job postings from companies in various locations and industries, with positions ranging from software engineers to project managers.
  • Job seekers should review the comments section regularly to stay updated on available job opportunities.

Industry Reactions

  • "Ask Discussion Service" thread where companies can post job listings with various locations and roles- Notable companies include Minion.AI and Zulip- Positions available for software engineers, assistant directors, security engineers, full-stack developers, data engineers, NLP/ML engineers, product engineers, and more

Meta announces its Quest 3 VR headset

  • Meta has announced its Quest 3 VR headset, which will be released this fall and cost $499.99 for the 128GB version.
  • Compared to its predecessor, the Quest 2, the Quest 3 has a lighter and more comfortable design, with a new Snapdragon chip inside that has twice the graphics performance.
  • The Quest 3 is compatible with the Quest 2's games, and a software update for both the Quest 2 and the more expensive Quest Pro will increase their CPU and GPU performance and enable Dynamic Resolution Scaling.

Industry Reactions

  • Meta has announced the upcoming release of their new VR headset, the Quest 3, with improved performance and a slimmer design compared to its predecessor, although some users express concerns about potential drawbacks of the new design.
  • Some VR games such as Beat Saber, The Thrill of the Fight, and In Death: Unchained are highly recommended, and there are low-stress, fun, and immersive gaming experiences that can draw in casual players.
  • VR lacks a killer app, but some users find the technology exciting and hope for more immersive experiences, and there are speculations on the potential for Meta to explore technologies like Neuralink in creating fully immersive VR experiences for users.

I went down the rabbit hole of buying GitHub Stars, so you won't have to

  • The article explores the trend of buying GitHub stars as a marketing technique, and the author conducted an experiment of buying stars from different platforms.
  • Premium stars are expensive and have a higher chance of staying over the long term, while cheap stars with brand-new accounts are easily detected and banned by GitHub.
  • Instead of relying on the number of stars, the article recommends evaluating open-source projects based on factors such as long-term sustainability, community engagement, code quality, responsiveness, and reputation.

Industry Reactions

  • Purchasing GitHub stars with bots is a way to defeat abuse protection measures with legitimate-looking activity, which is an unfortunate side effect of online marketing.
  • GitHub stars can be purchased in bulk, leading to inflated numbers and false perceptions of project popularity, and fake stars can be used by fraudsters attempting to gain funding or control the direction of a project.
  • Developers should evaluate projects based on things like issue tracking, donation/sponsor information, code quality, and social proof from trusted community members, rather than relying solely on star count.

Lost John Coltrane recording, from experimental phase with Eric Dolphy, emerges

  • After being lost for over 60 years, a recording of John Coltrane and Eric Dolphy's experimental performance at the Village Gate in New York has been found and will be released by Impulse! Records on July 14.
  • The album showcases the deep musical rapport between Coltrane and Dolphy, as well as features performances by drummer Elvin Jones, pianist McCoy Tyner and bassist Reggie Workman.
  • Evenings at the Village Gate sheds light on an incipient phase in Coltrane's restless evolution and is an important archival release for jazz historians and fans.

Industry Reactions

  • "Lost" John Coltrane recording from experimental phase with Eric Dolphy emerges.
  • Jazz fans excited over previously unheard versions of "Impressions."
  • No meaningful tech news in this post.

Was modern art a CIA psy-op? (2020)

  • Modern art was a weapon of the Cold War, with both the State Department and CIA supporting exhibitions of American art all over the world.
  • American modern art was particularly effective in the battle for "hearts and minds" against Soviet Union propaganda.
  • The CIA created front organizations, such as the Congress for Cultural Freedom, to propagate the virtues of western democratic culture and to convince European intellectuals that the U.S. was home to the western cultural tradition, in the face of Soviet dogma.

Industry Reactions

  • The article raises the question of whether modern art, particularly abstract expressionism, was part of a CIA propaganda campaign during the Cold War era.
  • Some commenters argue that abstract expressionism was already popular before the CIA's supposed involvement, while others suggest that the funding may have been a way of laundering money.
  • The thread also touches upon other topics such as the web's reliance on JavaScript and Facebook's tracking practices, as well as the historical relationship between art, power, and politics.

Industry docs reveal makers of 'forever chemicals' covered up health dangers

  • Makers of the PFAS chemicals, also known as 'forever chemicals,' have covered up the health dangers of these chemicals, according to secret industry documents discovered in a lawsuit filed by attorney Robert Bilott.
  • These documents reveal how the chemical industry knew about the adverse effects of PFAS for decades but failed to report their findings to the public, regulators, and their own employees as per the analysis of the UCSF researchers.
  • The paper documents a timeline of what industry knew versus public knowledge, and it shows how polluting industries keep critical public health information private.

Industry Reactions

  • Industry documents reveal manufacturers of "forever chemicals" covered up health risks, leading to increased risk of cancer and other disorders.
  • DuPont paid $16.5m in 2005 to settle claims; 3M announced earlier this month it would cease production of the chemicals due to high levels found in water and blood supplies near military bases.
  • PFAS-linked health problems include cancer, thyroid disease, and high cholesterol, leading to renewed calls for corporate accountability and third-party safety testing of chemicals.