oleg_log

Hm, all this 'IT sucks', 'coding is a horrible thing to do in life', 'i hate my life because of programming' yada yada yada. Is this just a CIS thing or also popular in a western culture? (EU and USA as you can guess) (CIS == Commonwealth of Independent States)

New format: Monday rant or #monrat Rust 🤦‍♂️ I got a mention in one Rust PR, and oh, these imports (use keyword). See the screenshot in the next post. Someone smart said that type-driven programming is another dimension of programming (orthogonal to code). For me, Rust's imports add one more dimension (see pic). I just don't get this unneeded complexity and 40 ways of doing obvious AND SIMPLE stuff. IDE can hide, it buuuut isn't this a way to solve a problem that shouldn't exist at all, mm? Lovely (even by crustaceans) mod/crate topic I will leave for another Monday 😥

On test reproducibility or again about xz backdoor. > 2024-02-23: Jia Tan merges hidden backdoor binary code well hidden inside some binary test input files. The README already said (from long before Jia Tan showed up) “This directory contains bunch of files to test handling of .xz, .lzma (LZMA_Alone), and .lz (lzip) files in decoder implementations. Many of the files have been created by hand with a hex editor, thus there is no better "source code" than the files themselves.” Having these kinds of test files is very common for this kind of library. Jia Tan took advantage of this to add a few files that wouldn't be carefully reviewed. (from https://research.swtch.com/xz-timeline) Horseshit: > Many of the files have been created by hand with a hex editor, thus there is no better "source code" than the files themselves.” Bullshit: > Having these kinds of test files is very common for this kind of library. Well, you decided to test something. You wrote a binary file and a test. Great. Fast-forward 3mo and give this test to someone else (future you, by example). Guess what? You have no freaking idea what you did 3mo ago! If you are the smartest peasant on this planet and can recall all the steps in hex-editor in 30 minutes, that's cool, but you are lying to yourself. Of course, xz-attack isn't just a 1 commit and sneaky code. It's also social engineering (kinda). Anyway, such dirty commits should not be accepted with "easier to write manually" argument. (TBH AFAIR, I might have commits where I have a hex-string to test un/marshal, but I'm not from CIA or another gov-team😢)

Not sure but feels like this channel will be back, I mean IT-related shitposting. En Inglés 💃 As you can guess comments MUST be in English (see RFC 2119).

Эстетика 👌

What Rust Foundation spend all their budget on https://twitter.com/tsoding/status/1780848764665688503

шо думаете про дурова?