Hahaha

It was disclosed in 2022 and it is part of the SHA-3 design.

The python code

import hashlib
h = hashlib.sha3_224()
h.update(b"\x00" * 1)
h.update(b"\x00" * 4294967295)
print(h.hexdigest())

generates a segmentation fault. The scripts will attempt to write more data to a buffer than it can hold. A small variant cause an infinite loop.

This can be used to violate the cryptographic properties of the hash function to create preimages, second preimages and collisions.

Ainsi, sa « première analyse indique que [les données personnelles de ses clients] ont été consultées, et peuvent inclure :

• Informations d’identité : prénom, nom, date de naissance, sexe ;
• Coordonnées : adresse e-mail, adresse postale, numéro de téléphone, le cas échéant;
• Informations sur le passeport: numéro de passeport, pays d’émission et date d’expiration ».

1. Keyboard accessibility
2. Accessible design tokens
3. Named control
4. Zoom and user preferences
5. Screen reader compatibitlity

Rust is the best language so far to replace today's most used crypto libraries: OpenSSL, BoringSSL and libsodium.

C libraries often contain a lof of assembly code making them really fast, but potentially unsafe.
pure-Rust libraries benefit from Rust strong typing and generally offer a better API, compile for all platforms including WebAssembly.

It's important to note that pure-Rust libraries might be slightly slower than C and assembly wrappers, but still fast enough for most use cases.

• aws-lc-rs is a cryptograhy create
• libcrux is a Rust wrapper for formally verified C, Assembly and Rust code.
• ring is focused on the implementation, testing, and optimization of a core set of cryptographic operations exposed via an easy-to-use (and hard-to-misuse)
• boring is a safe wrapper around google's boringssl
• dalek-cryptography is a Github organization about pure-Rust elliptic curve cryptography, used by Signal and Diem
• graviola is promising because it's faster than other projects, but not mature enough yet.

There is also blake3

In short, RustCrypto to get pure-Rust implenentations, or aws-lc-rs for linux-servers and best perforamances with FIPS certification.

There are multiple examples of database schema

A Rick-roll in the source code

The script is available at https://raw.githubusercontent.com/corbindavenport/just-the-browser/main/main.sh

Reading a file is actually slow.

getCurrentThreadUserTime() uses many syscalls because it reads from /proc.
clock_gettime(CLOCK_THREAD_CPUTIME_ID) has only one syscall and a direct function call chain.

The optimisation can be done, but:

1. The kernel policy is clear: don't break userspace
2. It's undocumented anywhere!
3. Author's take: if glibc depends on it, it's not going away.

This is why I like browsing commits of large open source projects. A 40-line deletion eliminated a 400x performance gap. The fix required no new kernel features, just knowledge of a stable-but-obscure Linux ABI detail.

The lessons:

• read the kernel source. POSIX tells what's portable; the kernel source code tells what's possible.
• check the old assumptions: revisiting them occasionally pays off.

Soit en moyenne 1€ par contrat

l'autorité a constaté en faisant son contrôle que l'entreprise « n'avait pas mis en place de mesure permettant de trier les données des anciens abonnés qu’elle entendait conserver à des fins comptables durant dix ans » et « qu’une fois cette durée de dix ans atteinte, le mécanisme de purge des données n’était pas complètement opérationnel, de sorte que les données n’étaient jamais supprimées ».