2024-10-11T19:31:50+02:00 #sydbox-3.27.0 has been released! This release adds support to set secure-execution mode (aka AT_SECURE) and IP blocklists which can be used to build application level firewalls. #sydbox is a rock-solid #unikernel to #sandbox apps on #Linux >=5.19 written in #rustlang: https://is.gd/syd_3_27_0 #exherbo 2024-10-10T01:37:03+02:00 Features cooking in #sydbox #git: Syd is going to set AT_SECURE by default! 2024-10-10T01:36:08+02:00 Features cooking in #sydbox #git: IP Blocklists and Application Level Firewalling! 2024-09-10T19:24:05+02:00 Another difference of #sydbox' append-only paths from chattr +a and CAP_LINUX_IMMUTABLE: Append-only implies immutability. Append-only files cannot be renamed or deleted. 2024-09-10T19:22:15+02:00 Another difference of #sydbox' append-only paths from chattr +a and CAP_LINUX_IMMUTABLE: You can mark non-existing files as append-only and the file creation will work just fine. This is useful for log files 2024-09-10T19:16:28+02:00 #sydbox git has support for append-only paths, e.g. "append+/home/*/.bash_history*". Unlike chattr +a & CAP_LINUX_IMMUTABLE this works as regular user, does not require root-like privileges, and truncating writes, e.g. "echo hello > ~/.bash_history", will append to the file all the same rather than returning permission denied, read more here: http://man.exherbolinux.org/syd.2.html#append 2024-08-18T09:06:29+02:00 #sydbox uses #landlock, however we're not affected by CVE-2024-42318 because we deny the keyctl system call by default, secure defaults #ftw: https://www.cve.org/CVERecord/?id=CVE-2024-42318 #sandbox #break 2024-07-08T06:05:03+02:00 #wisdom of the day: if you're manually dropping in #rustlang, you're most likely doing it wrong. 2024-06-26T21:48:50+02:00 Announcing #sydbox 3.23.0 with Time namespace support and new security options! Highlights: set clock offset in Time namespace, deny namespace creation by default and new Ioctl sandboxing to contain GUIs and AI/ML workloads. Fixes: Crypt sandboxing race condition resolved and better handling of memory file descriptors. Features: new option to Force Close-on-Exec and Netlink support. #sydbox is a rock-solid #unikernel to #sandbox apps on #Linux >=5.19 written in #rustlang: https://is.gd/x4xtkD 2024-06-15T11:42:01+02:00 Announcing #sydbox 3.22.0 with Proxy sandboxing! Introducing syd-tor, a secure SOCKS proxy forwarder, set to 127.0.0.1:9050 by default, perfect for #Tor. Syd-tor features #seccomp filters and #Landlock (if available) for strict confinement, and offers full #async operations with edge-triggered epoll and zero-copy data transfer using splice. #sydbox is a rock-solid user-space #kernel to #sandbox apps on #Linux >=5.19 written in #rustlang: https://is.gd/w9LqZS 2024-06-13T00:14:28+02:00 today i've packaged #podman v5.1.1 for #exherbo. 2024-06-08T09:25:58+02:00 Announcing #sydbox 3.21.0 with Trusted Path Execution (TPE) sandboxing and stricter symlink handling. Key updates: improved umask handling honouring POSIX ACLs, new sidechannel mitigations, SafeSetID improvements, better symlink handling, and upgraded #mimalloc library. We've also published our #CTF profile for transparency. #sydbox is a rock-solid user-space #kernel to #sandbox apps on #Linux >=5.19 written in #rustlang: https://is.gd/iOWnNi 2024-06-02T10:38:08+02:00 #TIL: OFD locks are not preserved through #seccomp addfd which is so very sad. #linux 2024-05-30T22:55:56+02:00 Announcing #sydbox 3.20.0 which includes Crypt Sandboxing for transparent #AES-CTR file #encryption and Ghost Mode for enhanced confinement like #Seccomp Level 1. Fixes include proper read-write open sandboxing and #youki updates which fix #podman exec for syd-oci. New utilities: syd-key for AES-CTR keygen, syd-cp for efficient file copying, and syd-aes for {en,de}cryption. #sydbox is a rock-solid user-space #kernel to #sandbox apps on #Linux >=5.19 written in #rustlang: https://is.gd/2tczYu 2024-05-28T05:42:55+02:00 no matter who you are, no matter what you do, you can't seek a pipe #poem #unix 2024-05-26T20:56:47+02:00 I want to do #async with you cause you're ma blocking #love! #rustlang 2024-05-20T17:33:02+02:00 Try to write the rule "allow/read,stat,exec+/{etc,dev,proc,usr,var,lib*}/***", by your favourite #sandbox, be it #selinux or #apparmor or #firejail, you'll quickly notice what #sydbox saves you from ;). #sydbox is a rock-solid user-space #kernel to #sandbox apps on #Linux >=5.19 written in #rustlang: https://crates.io/crates/syd 2024-05-19T01:41:06+02:00 I've written an #article titled "TOCTOU||GTFO: State of Sandboxing in Linux" where I shared my thoughts on the current state of user-space sandboxing on #Linux based on my observations on two prime examples of sandbox: #Gentoo's #sandbox and #Exherbo's #sydbox. I appreciate and welcome all kinds of feedback, be it in the form of patches, comments, or even poems. Please be so kind to boost for reach: https://git.sr.ht/~alip/syd/tree/main/item/doc/toctou-or-gtfo.md 2024-05-19T01:29:48+02:00 #sydbox 3.19.0 released! Highlights include the new syd-poc utility to demonstrate #sandbox break vectors, improved #paludis profile, and safe #KVM ioctls for #QEMU. Enhanced debugging and tracing options, unified trace/allow_unsafe_debug, and mitigated O_PATH TOCTOU. Enhanced namespace and sandboxing type controls, plus more. #sydbox is a rock-solid user-space #kernel to #sandbox apps on #Linux >=5.19 written in #rustlang: https://is.gd/l7QUE1 2024-05-12T17:49:40+02:00 #sydbox v3.18.13 is out which doesn't permit execution of libraries: It's no longer possible to bypass Exec #sandboxing with e.g. /lib/ld-linux.so.1 /deny/listed/binary. Note, this breaks ldd which is an insecure tool. syd-elf utility is provided as a safe alternative to ldd which reads only and the option trace/allow_unsupp_exec:1 is provided to relax the restriction. #sydbox is a rock-solid user-space #kernel to #sandbox apps on #Linux >=5.19 written in #rustlang: https://crates.io/crates/syd 2024-05-07T12:02:14+02:00 #cmake depends on #libssh2 unconditionally even when bootstrapping and #libssh2 uses #cmake to build. What could possibly go wrong? #exherbo 2024-05-05T02:25:23+02:00 With version 3.18.0 released today, #sydbox joins the family of #OCI container runtimes! The new syd-oci utility is largely based on #youki and provides a thin layer between the Syd #sandbox and #containers. It supports all the common commands and is compatible with both #Docker and #Podman. #sydbox is a rock-solid user-space #kernel to #sandbox apps on #Linux >=5.19 written in #rustlang. Read more about syd-oci here: https://man.exherbolinux.org/syd-oci.1.html 2024-05-03T19:35:45+02:00 #sydbox 3.17.4 is out! This release focuses on improved #security by denying access to paths containing control characters and sanitizing these characters when #logging paths. These enhancements enhance the #security of #logging activities and prevent #exploitation of terminal-based vulnerabilities. #sydbox is a rock-solid user-space #kernel to #sandbox apps on #Linux >=5.19 written in #rustlang. Read more here: http://man.exherbolinux.org/syd.7.html#Enhanced_Path_Integrity_Measures 2024-05-03T12:18:27+02:00 Version 3.17.3 of #sydbox is released, adding a #vim syntax script for syd profiles: #sydbox is a rock-solid user-space #kernel to #sandbox apps on #Linux >=5.19 written in #rustlang: https://crates.io/crates/syd 2024-05-02T02:58:34+02:00 Version 3.17.0 of #sydbox is released, introducing Enhanced Execution Control (EEC) to block critical syscalls after exec, refining default locking to auto-enable for increased #security. Updates include advanced syscall #hardening, #kernel-level #seccomp enhancements, and #performance optimizations in #locking mechanisms. #sydbox is a rock-solid user-space #kernel to #sandbox apps on #Linux >=5.19 written in #rustlang: https://crates.io/crates/syd 2024-04-22T16:41:00+02:00 The recent GSM #Linux kernel exploit does not work under #sydbox because the GSM* ioctls are not in syd's default ioctl allowlist which is a fairly restricted subset. Read more on how #sydbox restricts ioctl request space here: http://man.exherbolinux.org/syd.7.html\#Restricting_ioctl_request_space_and_trace/allow_unsafe_ioctl #exherbo #rustlang 2024-04-18T18:37:10+02:00 #sydbox 3.16.3 is released. Fixes: plug a fd leak, enhance stealth against ptrace-detectors by making PTRACE_TRACEME a no-op. New features: syd-elf, a minimal ldd(1) alternative, deny mount after bind & PTRACE_SEIZE for security, restrictions on binary executions (deny 32bit, static/dynamic linked bins & scripts), and a SegvGuard impl inspired by #HardenedBSD. #sydbox is a rock-solid user-space #kernel to #sandbox applications on #Linux >= 5.19, written in #rustlang: https://crates.io/crates/syd 2024-04-14T10:28:28+02:00 #sydbox hit 300k downloads @ https://crates.io/crates/syd today! Thanks everyone for the interest! #sydbox is a #seccomp and #landlock based application #sandbox with support for namespaces written in #rustlang! 2024-04-12T20:08:20+02:00 nice writeup on #Linux capabilities: https://book.hacktricks.xyz/linux-hardening/privilege-escalation/linux-capabilities 2024-04-10T17:53:33+02:00 Upcoming #sydbox 3.16.0 has an effective mitigation for exec(2) TOCTOU, making binary verification and exec sandboxing secure. Binary verification, aka force sandboxing, is similar to #netbsd's veriexec and #hardenedbsd's integriforce. Read more here: http://man.exherbolinux.org/syd.7.html#TOCTOU #exherbo #rustlang 2024-03-29T13:39:27+01:00 #security is mostly an illusion without W^X for memory and filesystem 2024-03-29T13:37:51+01:00 #HardenedExherbo desktop profile will ship #Firefox with JIT disabled so that it works under #MDWE protections. When there is a choice between secure vs fast, we prefer secure. 2024-03-29T10:46:32+01:00 #sydbox is not affected by CVE-2024-1086 because we prevent user subnamespaces: https://github.com/notselwyn/cve-2024-1086 #sydbox is a #seccomp and #landlock based application sandbox with support for namespaces written in #rustlang. 2024-03-17T21:46:51+01:00 I've just added a section to syd.7 manual page comparing #sydbox to other sandboxing solutions like #gvisor, #bubblewrap and #firejail: http://man.exherbolinux.org/syd.7.html#Comparison_with_Other_Sandboxing_Solutions #sydbox is a #seccomp and #landlock based application #sandbox with support for #namespaces written in #rustlang. 2024-03-10T14:24:39+01:00 syd-3.15.2 comes with two useful utilities: syd-lock and syd-mdwe to run commands under #Landlock and #MDWE protections respectively. #sydbox is a #seccomp and #landlock based application #sandbox with support for namespaces written in #rustlang. syd comes with dozens of useful utilities, check out: http://man.exherbolinux.org/ #exherbo 2024-03-09T23:14:29+01:00 Coming up soon with syd-3.15.1, you can load a dynamic library instead of running a command under the sandbox, combine this with bind+/:/:noexec to prevent all other execution, and the new trace/deny_dotdot:1 to deny .. in path components of open(2) calls to mitigate directory traversal attacks. #sydbox is a seccomp and landlock based application sandbox with support for namespaces. Check out our #CTF: https://ctftime.org/event/2178 #exherbo #rustlang 2024-03-03T17:41:21+01:00 Announcing syd-fork: Elevate your forking game beyond the basic #bash fork bomb. Crafted with precision in inline #assembly for #x86, #x86_64 and #aarch64, it's not just fast—it's a revolution. But heed the warning: it's meant for stress-testing the pid limiter, not for mischief. Use it wisely or not at all. Seriously, maturity is key. #TechHumor #ForkResponsibly: http://man.exherbolinux.org/syd-fork.1.html 2024-03-03T16:09:15+01:00 Introducing #sydbox 3.15.0: A leap in #sandboxing with force sandboxing for pre-exec binary checks, akin to #HardenedBSD's #integriforce. Highlights: syd-hex for hex encoding/decoding, syd-path for writing Integrity Force rules, syd-sha for checksums, improved error handling, and extended system call sandboxing (adding statfs, fstatfs, ftruncate and fallocate). Enhanced environment variable safety and profile hardening. Check out https://crates.io/crates/syd #security 2024-02-29T13:32:33+01:00 Celebrating 15 years of #sydbox with release π (v3.14.1): Enhanced security with MDWE protections, advanced bind mounts for tmpfs, use of mimalloc[secure] as the default allocator, plus various fixes! #sydbox is a #seccomp and #landlock based application #sandbox with support for namespaces written in #rust: https://crates.io/crates/syd 2024-02-27T17:32:40+01:00 Open message to who is DOS'ing #sydbox #ctf server #https interface atm: I stopped the #node #backend until you get bored. To people who still want to play the #CTF: use ssh syd.chesswob.org with user/pass: syd and try to read the file /etc/CTF! #rust #exherbo #linux 2024-02-18T16:22:19+01:00 I opened a #linux #kernel feature request, https://bugzilla.kernel.org/show_bug.cgi?id=218501, to overcome the current shortcomings of #seccomp to provide a full toctou-free sandbox in userspace without elevated privileges. #syd #exherbo 2024-02-08T19:34:44+01:00 all the #carokann players of the world must unite against white aggression! #antifa #chess 2024-02-08T11:04:08+01:00 til, you can't use #seccomp addfd on #Linux to plant O_PATH file descriptors to target process. When emulating open, continuing calls with O_PATH seems relatively innocent at first sight, but e.g. it can be used to "unhide" paths that are hidden and without addfd there's obviously no toctou-free way to emulate them. 2024-02-08T10:46:35+01:00 Deniz Gezmiş, Mahir Çayan #devrim için öldüler. Devrimciler ölür ama devrimler durmaz sürer. #revolution 2024-01-30T19:18:23+01:00 SydB☮x-3.11.1 has been released: new syd-run tool to run commands inside syd containers, hardening of sandbox process environment, and many minor fixes. syd-ldd - syd's secure alternative to ldd(1) - now uses the stricter 'immutable' profile rather than the 'container' profile ... see: https://sydbox.exherbolinux.org #sydbox #exherbo #gnu #linux #seccomp #landlock #container #rust #rustlang 2024-01-25T15:47:50+01:00 SydB☮x-3.10.0 has been released: trace mode to automatically generate sandboxing profiles, support for immutable containers and private /tmp, ... see: https://sydbox.exherbolinux.org #sydbox #exherbo #gnu #linux #seccomp #landlock #container #rust #rustlang 2024-01-22T19:53:33+01:00 hola world, since dev.exherbo.org is down, i've moved my twtxt to https://alip.srht.site/twtxt.txt #exherbo #twtxt 2021-08-31T18:55:25+02:00 The hblock tracker list is slowly converging... syd-addr: Sorted »130368« IP address hashes in »0.019322« seconds. #sydb☮x 2021-07-29T12:14:47+02:00 The hblock tracker list is slowly converging... syd-addr: Sorted »67360« IP address hashes in »0.003125« seconds. 2021-07-25T18:42:29+02:00 welcome to the machine @caissa, happy birthday https://caissa.ai 2021-07-23T01:24:33+02:00 Bïr çïçeğïm hⒶlk ☮rmⒶnındⒶ, Fışkırdım, bⒶşkⒶldırıy☮rum! Ben bïr bıçⒶk ucuyum, KⒶvgⒶ vermïş hⒶlkınⒶ, BⒶşkⒶldırıy☮rum ïşte, VⒶrın benïm fⒶrkımⒶ ! #sydb☮x 2021-07-22T19:33:11+02:00 bilirim, yakacaksın meydanları zorla, seviyorsan, inanıyorsan... #sydb☮x #duman 2021-07-22T19:28:23+02:00 başladım bir isyâna, bir de baktım kï daha baştayım... #sydb☮x 2021-07-22T07:45:36+02:00 Please boycott chessbase: Due to Chessbase’s repeated license violations, leading developers of Stockfish have terminated their GPL license with ChessBase permanently. However, ChessBase is ignoring the fact that they no longer have the right to distribute Stockfish, modified or unmodified, as part of their products. https://stockfishchess.org/blog/2021/our-lawsuit-against-chessbase/ 2021-07-04T01:38:16+02:00 sydb☮x moved to sourcehut! https://sr.ht/~alip/sydbox/ #sydb☮x #exherb☮ 2021-07-04T01:36:12+02:00 sydb☮x changes PN for peace: https://dev.exherbo.org/~alip/images/sydbox-changes-PN-for-peace-2021-07-04.png #sydb☮x #exherbo 2021-06-05T20:20:39+02:00 sydb☮x-1.2.1 released with the new --dry-run mode to run programs with no restriction but inspection and the new option -d fd[0-9]|tmp option to dump system call arguments including dereferenced pointers for strings and socket addresses in JSON lines. Pand☮ra is a the new Rust tool which is a helper for sydb☮x to make sandboxing practical.https://crates.io/crates/pandora_box . See https://sydbox.exherbo.org https.//pinktrace.exherbo.org and https://pandora.exherbo.org 2021-06-05T20:20:27+02:00 PinkTrace-1.0.0 released with AArch64 (arm64) architecture support with a few important bug fixes. See the new homepage at https://pinktrace.exherbo.org and browse the c api documentation at https://dev.exherbo.org/~alip/pinktrace/api/c/ and python bindings documentation at https://dev.exherbo.org/~alip/pinktrace/api/python/ #exherbo #sydb☮x #pinktrace #aarch64 #arm64 2021-06-05T20:19:59+02:00 added note about sydb☮x, Pand☮ra & PinkTrace to Seccomp Wikipedia page under software using seccomp-bpf: https://en.wikipedia.org/wiki/Seccomp #exherbo #sydb☮x #pandora 2021-06-05T20:19:45+02:00 sydb☮x-1.2.0 is released with seccomp allowing readonly open{,at} w/o trace-stop, stricter defaults for all default sandbox modes but read, seccomp & ptrace seize usage defaulting to on & the shared memory writable restriction defaulting to on. Finally, this version implements an improved & simpler dump interface which the helper Pand☮ra can read to generate profiles for practical, daily applications such as mail client, browser etc. A sample profile for Firefox is added too! #exherbo #sydb☮x 2021-06-05T20:19:34+02:00 Pand☮ra's Box: A helper for sydb☮x, a ptrace & seccomp based sandbox to make sandboxing practical. This makes it easy for the end user to use secure computing for practical, daily purposes. https://crates.io/crates/pandora_box #exherbo #sydb☮x #pandora 2021-06-05T20:19:20+02:00 sydb☮x-scm improves seccomp for read only open calls which is a noticable optimization considering the overall count of trace stops, see details here: https://commits.exherbo.org/sydbox-1:8bc285f which shows remarkable improvements of reduction in open{,at} calls and build times. Apart from the commit message there's the benchmark https://git.exherbo.org/sydbox-1.git/tree/bench/2021.05.30-paludis-seccomp-open.txt on my build host which has the timing to build the current paludis-3.0.0 (scm). Help test sydb☮x-scm, report back and enjoy! #exherbo #sydb☮x 2021-03-24T18:18:44+01:00 We are calling for Richard M. Stallman to be removed from all leadership positions, including the GNU Project. https://rms-open-letter.github.io/ 2021-03-20T11:03:11+01:00 Newroz pîroz be! 2021-03-14T22:04:57+01:00 sydb☮x-1.1.0 & pinktrace-0.9.6 released! https://dev.exherbo.org/~alip/sydbox/sydbox-1.1.0.tar.bz2 & https://dev.exherbo.org/~alip/pinktrace/release/pinktrace-0.9.6.tar.bz2 This release fixes build on armv7 & x86 and slightly optimizes data structures for improved memory usage. Thanks to tombriden for the help! 2021-03-14T22:03:57+01:00 sydb☮x-1.0.9 is released: https://dev.exherbo.org/~alip/sydbox/sydbox-1.0.9.tar.bz2 This release adds support for new system calls execveat, newfstatat, openat2, faccessat2 and renameat2; fixes IPv6 network sandboxing, a hang with Linux kernels >=5.10, a time-of-check-time-of-use in handling paths longer than PATH_MAX, many memory leaks including a major one about process inheritance and many minor issues identified by #coverity. Thanks to everyone who took part in testing, particularly eternaleye, heirecka and tgurr. 2021-03-01T18:08:44+01:00 Lev Polugaevsky vs Rashid Nezhmetdinov 18th RSFSR-ch (1958), Sochi URS, an attacking masterpiece: https://www.chessgames.com/perl/chessgame?gid=1111459 2021-03-01T18:01:50+01:00 sydb☮x.git supports sandboxing new system calls evecveat, openat2, faccessat2 and renameat2. A release is coming soon. Please help test sydb☮x-scm. Links: (execveat) https://git.exherbo.org/sydbox-1.git/commit/?id=23e36e1e0571faa1ffc2d12064f577f836d473e9 (openat2) https://git.exherbo.org/sydbox-1.git/commit/?id=d445b411c1c1f946a79cc84fb22554dbbe91a113 (faccessat2) https://git.exherbo.org/sydbox-1.git/commit/?id=a0c9fceedb390cff892327d18372cb2823cfbb7d (renameat2) https://git.exherbo.org/sydbox-1.git/commit/?id=b73d0c0d7b2c0b76bc536ab9411018c745fd5b60 2021-03-01T18:01:35+01:00 Fix for another known hang with sydb☮x under certain conditions. Thanks eternaleye for all the help. A release is coming soon. Please test sydb☮x-scm: https://git.exherbo.org/sydbox-1.git/commit/?id=68f650726ed970c6a0b0a4b5272da333f783e36e 2021-03-01T18:01:22+01:00 Fix for problems with sandboxing and glibc-2.33 was to implement support for newfstatat for magic commands. Thanks to tgurr for all the help! A release is coming soon. Please test sydb☮x-scm: https://git.exherbo.org/sydbox-1.git/commit/?id=2aa17a233d8d2796fcda7895e21d87e55993dc3b 2021-03-01T18:01:07+01:00 Fix for the one of long-standing memory leaks in #sydb☮x, https://git.exherbo.org/sydbox-1.git/commit/?id=1e8bc796f94af3117b0ac16dd81aaab05dd1aad5 2021-03-01T18:00:39+01:00 pinktrace-0.9.5 released. Download: https://dev.exherbo.org/distfiles/pinktrace/pinktrace-0.9.5.tar.bz2 Documentation: https://dev.exherbo.org/~alip/pinktrace/api/c/ 2021-02-22T21:23:26+01:00 A true masterpiece, Lc0-Stockfish 1-0 TCEC Season 18, Game 65: The critical moment is 20. Ne4!! when Leela Zero prepares a fantastic queen sacrifice which Stockfish misses: https://tcec-chess.com/#div=sf&game=65&season=18 2021-02-21T19:33:35+01:00 lichess for shogi! https://lishogi.org 2021-02-21T13:22:49+01:00 Translations of Yu Nasu's NNUE paper from Japanese to English and German are here: https://github.com/asdfjkl/nnue (mirrored under doc/) 2020-03-16T22:33:35+01:00 I'd rather be hated for who I am, than loved for who I am not. -- Kurt Cobain 2020-03-16T22:29:54+01:00 I managed to misconfigure laptop-mode-tools such that plugging a usb-drive sets screen brightness to maximum. #wtf 2019-09-29T22:19:40+02:00 my unconscious self loves running dmesg for reasons beyond me. 2019-08-27T18:54:27+02:00 rip benko, https://chess24.com/en/read/news/pal-benko-dies-aged-91 2019-08-26T14:58:10+02:00 “It is sometimes an appropriate response to reality to go insane.” ― Philip K. Dick, VALIS 2017-12-16T10:04:46+01:00 Je mehr Leute es sind, die eine Sache glauben, desto größer ist die Wahrscheinlichkeit, daß die Ansicht falsch ist. Menschen, die Recht haben, stehen meistens allein. -- Søren Kierkegaard 2017-12-15T02:54:13+01:00 The only problem with seeing too much is that it makes you insane. -- Phaedrus 2017-12-13T14:31:56+01:00 A male scorpion is stabbed to death after mating. In chess, the powerful queen often does the same to the king without giving him the satisfaction of a lover. -- Gregor Piatigorsky 2017-12-09T11:30:51+01:00 It is precisely because it is fashionable for Americans to know no science, even though they may be well educated otherwise, that they so easily fall prey to nonsense. They thus become part of the armies of the night, the purveyors of nitwittery, the retailers of intellectual junk food, the feeders on mental cardboard, for their ignorance keeps them from distinguishing nectar from sewage. --asimov, "the armies of the night" 2017-11-24T07:33:13+01:00 Geschichte handelt fast nur von schlechten Menschen, die später gutgesprochen worden sind. --nietzsche 2017-11-21T23:16:16+01:00 Das Wirkliche liegt immer ein wenig weiter als das Aktuelle. --böll 2017-10-31T08:39:08+01:00 doubt is not a pleasant condition, but certainty is absurd. --voltaire 2017-07-29T08:43:48+02:00 God is omnipotent, omniscient, and omnibenevolent - it says so right here on the label. If you have a mind capable of believing all three of these attributes simultaneously, I have a wonderful bargain for you. No checks, please. Cash and in small bills. R, Heinlein: Notebooks of Lazarus Long 2017-01-15T09:04:28+01:00 Yalnız Sürekli dinleyendir Söylenmemiş bir sözü #yalnızlıkpaylaşılmaz #asaf 2017-01-13T21:28:11+01:00 while true; do (( z = ${RANDOM} % 100 )); (( a = $z % 10 )); mpc seek $z% & ; sleep $a; kill $!; wait; done #shell #meditation 2017-01-08T19:37:51+01:00 İçimizde şeytan yok… İçimizde aciz var..Tembellik var.. İradesizlik, bilgisizlik ve bunların hepsinden daha korkunç bir şey: hakikatleri görmekten kaçmak itiyadı var. #sabahattinali 2017-01-02T08:52:29+01:00 union for activerecord: https://gorails.com/blog/activerecord-merge #activerecord #sql #union 2017-01-02T08:51:34+01:00 null relation: http://guides.rubyonrails.org/active_record_querying.html#null-relation #rails #activerecord 2017-01-02T08:51:01+01:00 recursive sql & activerecord trees: https://hashrocket.com/blog/posts/recursive-sql-in-activerecord #rails #activerecord #postgresql 2017-01-02T08:44:12+01:00 how sf works: http://rin.io/chess-engine/ #stockfish #chess 2016-12-26T14:49:50+01:00 added myself to twtxt directory: http://twtxt.reednj.com/user/af0d8f3bfcb9e7b02053ad7038e15c1501d0f966 2016-12-26T14:31:10+01:00 envtag-0.5 released: https://dev.exherbo.org/~alip/envtag/ 2016-12-24T18:04:28+01:00 nice presentation on socat, http://www.dest-unreach.org/socat/doc/linuxwochen2007-socat.pdf, mirrored under doc/ #socat #linux 2016-12-05T23:44:17+01:00 legions (war), zoe keating: https://www.youtube.com/watch?v=AlhkwHSZMyg #dystopia #psy #chess 2016-12-05T23:43:14+01:00 monsters, angus powell: https://www.youtube.com/watch?v=9WHh8SDSTwM #dystopia 2016-10-07T17:44:24+02:00 white to play and mate in 1: 1Bb3BN/R2Pk2r/1Q5B/4q2R/2bN4/4Q1BK/1p6/1bq1R1rb w - - 0 1 2016-10-07T17:39:22+02:00 linux-4.8/seccomp[1]: https://github.com/torvalds/linux/commit/ce6526e8afa4b6ad0ab134a4cc50c9c863319637 2016-10-07T17:39:07+02:00 linux-4.8/seccomp[0]: https://github.com/torvalds/linux/commit/93e35efb8de45393cf61ed07f7b407629bf698ea 2016-10-07T02:24:56+02:00 sydb☮x[seccomp] works fine with linux-4.8 now: https://git.exherbo.org/sydbox-1.git/commit/?id=7fb3d95aee2c31a0fb04af851a9ec5563d0c3200 2016-08-25T08:57:18+03:00 You know you're OCD when you have to sort C includes first by line length then alphabetically. 2016-08-14T18:04:57+03:00 en: I often play a move I know how to refute. tr: Sıklıkla çürüten yanıtlarını bildiğim hamleleri oynarım. - Bent Larsen 2016-07-03T08:18:18+03:00 this cheered me up despite every shit on the planet: https://www.youtube.com/watch?v=EFDFpS9_ZWY #sultans-of-swing #sos 2016-07-02T20:47:01+03:00 tr: audio/1993-07-02 dizininde Sivas katliamı hakkındaki şarkıların bir derlemesi vardır, https://tr.wikipedia.org/wiki/Sivas_Katliamı 2016-07-02T20:46:58+03:00 en: audio/1993-07-02 directory contains a compilation of songs on Sivas massacre, https://en.wikipedia.org/wiki/Sivas_massacre 2016-07-02T19:15:33+03:00 hello world, this is alip's twtxt feed, https://dev.exherbo.org/~alip/twtxt.txt