- Install Docker Desktop.
- Open a Terminal (Windows / Mac / Linux) and maximise it to the full size of your screen.
-
$ docker run --rm -it bcbcarl/hollywood
- To exit: Try mashing
Ctrl-D
andCtrl-C
. If you get to a terminal you can typeexit
to close the container.If this fails, just quit your terminal. 😁
package com.company; | |
import javax.crypto.Cipher; | |
import javax.crypto.Mac; | |
import javax.crypto.spec.IvParameterSpec; | |
import javax.crypto.spec.SecretKeySpec; | |
import java.security.MessageDigest; | |
import java.security.SecureRandom; | |
public class Main { |
Let's say somebody temporarily got root access to your system, whether because you "temporarily" gave them sudo rights, they guessed your password, or any other way. Even if you can disable their original method of accessing root, there's an infinite number of dirty tricks they can use to easily get it back in the future.
While the obvious tricks are easy to spot, like adding an entry to /root/.ssh/authorized_keys, or creating a new user, potentially via running malware, or via a cron job. I recently came across a rather subtle one that doesn't require changing any code, but instead exploits a standard feature of Linux user permissions system called setuid to subtly allow them to execute a root shell from any user account from the system (including www-data
, which you might not even know if compromised).
If the "setuid bit" (or flag, or permission mode) is set for executable, the operating system will run not as the cur
def bellman_ford(graph, source): | |
# Step 1: Prepare the distance and predecessor for each node | |
distance, predecessor = dict(), dict() | |
for node in graph: | |
distance[node], predecessor[node] = float('inf'), None | |
distance[source] = 0 | |
# Step 2: Relax the edges | |
for _ in range(len(graph) - 1): | |
for node in graph: |
All programmers are API designers: | |
Good programs are modular, and intermodular boundaries define APIs. Good modules get reused. | |
APIs can be among your greatest assets or liabilities: | |
Good APIs create long-term customers; bad ones create long-term support nightmares. | |
Public APIs, like diamonds, are forever: | |
You have one chance to get it right so give it your best. | |
APIs should be easy to use and hard to misuse: |
Latency Comparison Numbers (~2012) | |
---------------------------------- | |
L1 cache reference 0.5 ns | |
Branch mispredict 5 ns | |
L2 cache reference 7 ns 14x L1 cache | |
Mutex lock/unlock 25 ns | |
Main memory reference 100 ns 20x L2 cache, 200x L1 cache | |
Compress 1K bytes with Zippy 3,000 ns 3 us | |
Send 1K bytes over 1 Gbps network 10,000 ns 10 us | |
Read 4K randomly from SSD* 150,000 ns 150 us ~1GB/sec SSD |
#!/usr/local/bin/python | |
import select | |
from select import kqueue, kevent | |
import os | |
import sys | |
filename = "access.log" | |
fd = os.open(filename,os.O_RDONLY) | |
kq = kqueue() |