I gave a talk in coscup 2011. My topic is about using openframeworks in mobile application. :)
You can download the demo code from github. https://github.com/janetyc/CosBird
A Unicorn Seeking Extraterrestrial Life: Analyzing SETI@home's Source CodePVS-Studio
Debates on whether or not we are alone in the Universe have been exciting our minds for many decades. This question is approached seriously by the SETI program whose mission is to search for extraterrestrial civilizations and ways to contact them. It is the analysis of one of this program's projects, SETI@home, that we are going to talk about in this article.
ITGM #9 - Коварный CodeType, или от segfault'а к работающему кодуdelimitry
Доклад с ITGM #9 рассказывающий про реальный пример поиска и исправления Segmentation fault при генерации функции на Python в одном проекте
(Доклад вместе с http://www.slideshare.net/AndreyZakharevich)
An approach for load-time hacking using LD_PRELOAD is presented.
We discuss a simple, yet intriguing, strategy for overcoming the limitations discussed in Part 1 (i.e., the first publication given in the reference) of reverse engineering and exploitation using LD_PRELOAD, a dynamic linking technique. In particular, we relax the need for exit(1) in the main function. The essence of the technique is that both the stack pointer (esp) and the base frame pointer (ebp) are carefully adjusted when the wrapper to the library function is called. The proposed solution allows us to safely return to libc after dynamically modifying the control flow in the wrapper to (library) functions.
Ensemble: A DSL for Concurrency, Adaptability, and Distributionjhebus
This is a talk which describes an overview of the research for my PhD thesis. It covers a basic description of the language, and an application of it to WSN and GPGPU programming.
A Unicorn Seeking Extraterrestrial Life: Analyzing SETI@home's Source CodePVS-Studio
Debates on whether or not we are alone in the Universe have been exciting our minds for many decades. This question is approached seriously by the SETI program whose mission is to search for extraterrestrial civilizations and ways to contact them. It is the analysis of one of this program's projects, SETI@home, that we are going to talk about in this article.
ITGM #9 - Коварный CodeType, или от segfault'а к работающему кодуdelimitry
Доклад с ITGM #9 рассказывающий про реальный пример поиска и исправления Segmentation fault при генерации функции на Python в одном проекте
(Доклад вместе с http://www.slideshare.net/AndreyZakharevich)
An approach for load-time hacking using LD_PRELOAD is presented.
We discuss a simple, yet intriguing, strategy for overcoming the limitations discussed in Part 1 (i.e., the first publication given in the reference) of reverse engineering and exploitation using LD_PRELOAD, a dynamic linking technique. In particular, we relax the need for exit(1) in the main function. The essence of the technique is that both the stack pointer (esp) and the base frame pointer (ebp) are carefully adjusted when the wrapper to the library function is called. The proposed solution allows us to safely return to libc after dynamically modifying the control flow in the wrapper to (library) functions.
Ensemble: A DSL for Concurrency, Adaptability, and Distributionjhebus
This is a talk which describes an overview of the research for my PhD thesis. It covers a basic description of the language, and an application of it to WSN and GPGPU programming.
Asterisk: PVS-Studio Takes Up TelephonyAndrey Karpov
Asterisk is a software implementation of a telephone private branch exchange (PBX); it was created in 1999 by Mark Spencer of Digium. Like any PBX, it allows attached telephones to make calls to one another, and to connect to other telephone services, such as the public switched telephone network (PSTN) and Voice over Internet Protocol (VoIP) services. Its name comes from the asterisk symbol, *.
Asterisk is released under a dual license model, using the GNU General Public License (GPL) as a free software license and a proprietary software license to permit licensees to distribute proprietary, unpublished system components.
In this article, we are going to discuss the results of the check of the Asterisk project by PVS-Studio 5.18.
The project seems to be regularly checked by the Coverity analyzer, which is indicated by comments like this one:
/* Ignore check_return warning from Coverity for ast_exists_extension below */
However, I still found some disappointing typos in the code. Let's try to figure them out as well as other potential issues. The source code was downloaded from the project's SVN repository.
A lot of you may have seen “Futurama” and remember the main characters - Bender, Fry, Leela and others, who are constantly getting in some troubles and find creative ways to get out of them. Interestingly, the software that was used for creation of this cartoon is now available in the net. The developers from PVS-Studio team couldn’t miss a chance to check this project. And they were really lucky – the project had a large variety of bugs of medium and high severity.
Talk at PyCon Spain 2013 about async I/O in python using the new library created by Guido: asyncio (best known as tulip).
Video (spanish): https://www.youtube.com/watch?v=BlOSvIVSe_w
Code: https://github.com/igalarzab/pycones2013
Java is a mature programming language that is suitable to write reliable large programs. But Java hides also many traps. This talk summarizes experience from code quality review of a large enterprise application with over 1.5 million lines of code - problems and hidden bugs in code, and how to solve them.
Option, Either, Try and what to do with corner cases when they ariseMichal Bigos
Part of mini-series of talks about gems in Scala standard library. Used for education of junior developers in our company. This pare is about Option, Either, Try and error handling in Scala in general.
One definition rule - что это такое, и как с этим житьPlatonov Sergey
В докладе будет разобрано, что-же такое ODR, какие ошибки могут быть из-за нарушения этого правила. Также будет представлен Proof-of-concept утилиты на базе clang tooling по автоматическому поиску таких ошибок.
Asterisk: PVS-Studio Takes Up TelephonyAndrey Karpov
Asterisk is a software implementation of a telephone private branch exchange (PBX); it was created in 1999 by Mark Spencer of Digium. Like any PBX, it allows attached telephones to make calls to one another, and to connect to other telephone services, such as the public switched telephone network (PSTN) and Voice over Internet Protocol (VoIP) services. Its name comes from the asterisk symbol, *.
Asterisk is released under a dual license model, using the GNU General Public License (GPL) as a free software license and a proprietary software license to permit licensees to distribute proprietary, unpublished system components.
In this article, we are going to discuss the results of the check of the Asterisk project by PVS-Studio 5.18.
The project seems to be regularly checked by the Coverity analyzer, which is indicated by comments like this one:
/* Ignore check_return warning from Coverity for ast_exists_extension below */
However, I still found some disappointing typos in the code. Let's try to figure them out as well as other potential issues. The source code was downloaded from the project's SVN repository.
A lot of you may have seen “Futurama” and remember the main characters - Bender, Fry, Leela and others, who are constantly getting in some troubles and find creative ways to get out of them. Interestingly, the software that was used for creation of this cartoon is now available in the net. The developers from PVS-Studio team couldn’t miss a chance to check this project. And they were really lucky – the project had a large variety of bugs of medium and high severity.
Talk at PyCon Spain 2013 about async I/O in python using the new library created by Guido: asyncio (best known as tulip).
Video (spanish): https://www.youtube.com/watch?v=BlOSvIVSe_w
Code: https://github.com/igalarzab/pycones2013
Java is a mature programming language that is suitable to write reliable large programs. But Java hides also many traps. This talk summarizes experience from code quality review of a large enterprise application with over 1.5 million lines of code - problems and hidden bugs in code, and how to solve them.
Option, Either, Try and what to do with corner cases when they ariseMichal Bigos
Part of mini-series of talks about gems in Scala standard library. Used for education of junior developers in our company. This pare is about Option, Either, Try and error handling in Scala in general.
One definition rule - что это такое, и как с этим житьPlatonov Sergey
В докладе будет разобрано, что-же такое ODR, какие ошибки могут быть из-за нарушения этого правила. Также будет представлен Proof-of-concept утилиты на базе clang tooling по автоматическому поиску таких ошибок.
stackconf 2021 | Fuzzing: Finding Your Own Bugs and 0days!NETWAYS
This presentation has as objective to explain how 0day are found through Fuzzing technique. I’ll be explaining how you can create a fuzzer, what are types of fuzzing and types of targets. And how you can find a Buffer Overflow vulnerability and write your own exploit. PoC demos included, of course! (include 2 movies PoC).
An introduction to the motivation behind the ooc project.
In a nutshell: software sucks, tools sucks, languages sucks - examples of what not to do. How ooc allows you to do pretty much aything with a few building blocks. An overview of the advantages/strong points of ooc.
Core Audio in iOS 6 (CocoaConf Portland, Oct. '12)Chris Adamson
Core Audio gets a bunch of neat new tricks in iOS 6, particularly for developers working with Audio Units. New effect units include an improved ability to vary pitch and playback speed, a digital delay unit, and OS X's powerful matrix mixer. There's now a new place to use units too, as the Audio Queue now offers developers a way to "tap" into the data being queued up for playback. To top it all off, a new "multi-route" system allows us to play out of multiple, multi-channel output devices at the same time.
Want to see, and hear, how all this stuff works? This section is the place to find out.
Core Audio in iOS 6 (CocoaConf Chicago, March 2013)Chris Adamson
Core Audio gets a bunch of neat new tricks in iOS 6, particularly for developers working with Audio Units. New effect units include an improved ability to vary pitch and playback speed, a digital delay unit, and OS X's powerful matrix mixer. There's now a new place to use units too, as the Audio Queue now offers developers a way to "tap" into the data being queued up for playback. To top it all off, a new "multi-route" system allows us to play out of multiple, multi-channel output devices at the same time.
Want to see, and hear, how all this stuff works? This section is the place to find out.
An unconventional tutorial to basic socket.io features. Socket.io basic features are explained first of all taking a look directly at the browser (hacker approach) and then taking a look at the documentation (and some code examples).
printf("%s from %c to Z, in %d minutes!\n", "printf", 'A', 45);Joel Porquet
Guest-lecture given at UC Davis during my interview day in May of 2018.
Description: Using the printf() function is one of the very first steps every beginner learns when taking a programming class. It is also one of the most ubiquitous functions in software programs, across the many languages that define it. But how many programmers actually know how this common function works behind the scenes?
During this lecture, I will trace a brief history of printf(), delve into the nuts of bolts of a simple implementation through interactive coding, and branch out into interesting facts related to this function.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Welcome to the first live UiPath Community Day Dubai! Join us for this unique occasion to meet our local and global UiPath Community and leaders. You will get a full view of the MEA region's automation landscape and the AI Powered automation technology capabilities of UiPath. Also, hosted by our local partners Marc Ellis, you will enjoy a half-day packed with industry insights and automation peers networking.
📕 Curious on our agenda? Wait no more!
10:00 Welcome note - UiPath Community in Dubai
Lovely Sinha, UiPath Community Chapter Leader, UiPath MVPx3, Hyper-automation Consultant, First Abu Dhabi Bank
10:20 A UiPath cross-region MEA overview
Ashraf El Zarka, VP and Managing Director MEA, UiPath
10:35: Customer Success Journey
Deepthi Deepak, Head of Intelligent Automation CoE, First Abu Dhabi Bank
11:15 The UiPath approach to GenAI with our three principles: improve accuracy, supercharge productivity, and automate more
Boris Krumrey, Global VP, Automation Innovation, UiPath
12:15 To discover how Marc Ellis leverages tech-driven solutions in recruitment and managed services.
Brendan Lingam, Director of Sales and Business Development, Marc Ellis
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Enhancing Performance with Globus and the Science DMZGlobus
ESnet has led the way in helping national facilities—and many other institutions in the research community—configure Science DMZs and troubleshoot network issues to maximize data transfer performance. In this talk we will present a summary of approaches and tips for getting the most out of your network infrastructure using Globus Connect Server.
16. How to start ?
1. create a copy of emptyExample in apps folder
2. rename the folder and .xcodeproj file
3. open the project
4. rename target
5. make sure it builds and runs