Hasnain says:

Let’s all agree to condemn the deaths of innocent civilians everywhere, please. Regardless of which side of the conflict they’re on.

“This is demoralizing work, to have to speak constantly in the vernacular of tragedies and atrocities, to say: Look, look. Remember? That other suffering that was eventually deemed unacceptable? Let me hold it up to this one. Let me show you proportion. Let me earn your outrage. Absent that, let me earn your memory. Please.

I don’t hesitate for a second to condemn the killing of any child, any massacre of civilians. It is the easiest ask in the world. And it is not in spite of that but because of that I say: Condemn the brutalization of bodies. By all means, do. Condemn murder. Condemn violence, imprisonment, all forms of oppression. But if your shock and distress comes only at the sight of certain brutalized bodies? If you speak out but not when Palestinian bodies are besieged and murdered, abducted and imprisoned? Then it is worth asking yourself which brutalization is acceptable to you, even quietly, even subconsciously, and which is not.

Name the discrepancy and own it. If you can’t be equitable, be honest.”

Hasnain says:

Felt myself nodding along the whole time - Elie always puts thoughts to paper way better than I can. Worth a read.

“I am neither Israeli or Palestinian, nor am I an expert on Middle Eastern geopolitics, terrorism, security, or colonization. I am an expert in American constitutional law, which, in this situation, is as useful as being an expert in sand-castle construction during a tsunami. As such, I have little to add to the current international conflagration and the foreign policy discourse around it. Instead, I have tried to read, listen, learn, and generally not say anything that could be used by the most morally bankrupt people to justify the murder of children.”

Hasnain says:

“So how far did we come? The original Python program was going to take 2.9 years to complete at k=5. Our final Rust program only takes 8 minutes on the same dataset. That is roughly a 180,000x speedup. A summary of the key optimizations:

Use Rust’s compiler optimizations.
Hash numbers instead of strings.
Use (indexed) vectors instead of hashmaps.
Use bit-sets for efficient membership tests.
Use SIMD for efficient bit-sets.
Use multi-threading to split the work over many cores.
Use batching to avoid a bottleneck at work distribution.”

Hasnain says:

Yikes.

“All jabber.ru and xmpp.ru communications between these dates should be assumed compromised. Given the nature of the interception, the attacker have been able to execute any action as if it is executed from the authorized account, without knowing the account password. This means that the attacker could download account's roster, lifetime unencrypted server-side message history, send new messages or alter them in real time.

End-to-end encrypted communications, such as OMEMO, OTR or PGP, are protected from the interception only if both parties have validated the encryption keys. The users are asked to check their accounts for new unauthorized OMEMO and PGP keys in their PEP storage, and change passwords.

We tend to assume this is lawful interception Hetzner and Linode were forced to setup based on German police request.
Another possible, although much more unlikely scenario is an intrusion on the internal networks of both Hetzner and Linode targeting specifically jabber.ru — much harder to believe but not entirely impossible.

As of 20 Oct 2023, we’re still waiting for the adequate reply from Hetzner and Linode to our inquiries.”

Hasnain says:

:(

Hasnain says:

“To find this – and similar vulnerability is OSS-Fuzz – would require a redesign of how OSS-Fuzz and especially Clusterfuzz work to allow for more diverse target instrumentation, fuzzer orchestration and correct corpus merging.

The lesson that can be learned from this is that some bugs can not be effectively found with CI based fuzzing, and instead need a long running fuzzing campaign, using different techniques to solve path constraints: CMPLOG, COMPCOV, libfuzzer's value profile and in small and medium projects maybe even one or two concolic execution frameworks.”

Hasnain says:

Love the visualizations here.

"We've covered a lot in this post, and if it has left you yearning for more you won't be disappointed. I've specifically avoided the topics of virtual memory, brk vs mmap, the role of CPU caches, and the endless tricks real malloc implementations pull out of their sleeves. There's no shortage of information about memory allocators on the Internet, and if you've read this far you should be well-placed to dive in to it."

Hasnain says:

Rampant Islamophobia and anti-semitism on the rise again globally. Let’s not do this please :(

“According to written text messages sent to the father of the boy by the mother from the hospital and shared with CAIR-Chicago, the landlord who had been angry with what he was seeing in the news knocked on their door, and when she opened, he tried to choke her and proceeded to attack her with a knife, yelling "you Muslims must die!"

When she ran into the bathroom to call 911, she came out to find that he had stabbed her six-year-old son to death.”

Hasnain says:

This was a lot of fun to read and play around with

"This works as expected, everybody survives with a very low average QoL of 3. This one last constraint counteract nearly all capitalist constraints we added since the beginning. It prevents people from over consuming, even though we made public servants numerous and quite rich in the process. This is a communist dream."

Hasnain says:

This piece is much less emotional than a lot of others I’ve seen (emotions are totally warranted though). Which makes the fact that it still makes a strong compelling argument even more important. I wish for peace and hope world leaders (especially in the US) urge it.

“And the potential gains—beyond satisfying demands for revenge—are remarkably low. Not since the American invasion of Iraq has there been such clarity in advance about the fiasco to come.

Nor have the moral issues been so clear. There is no question that Hamas committed grave war crimes in its brutal attacks on Israeli citizens, and it should be held accountable. But there is also no question that the collective punishment of Gaza, through blockades and bombing and the forced displacement of its population, represents grave war crimes. Here, too, there should be accountability—or, better yet, respect for international law.”

Hasnain says:

"At Qonto, the billing project was supposed to be completed by a single backend engineer in only two months. One year later, two backend engineers were still working on it full time.

Then the team of two backend engineers grew into a team of 20 people, including product managers, backend engineers and frontend engineers as well. Hiring, onboarding and retaining people to take care of our billing system was a constant challenge. They would have preferred to work on our core product, and our management team also wanted to downsize the team."

Hasnain says:

I’ve been seeing a lot of news lately and it’s so depressing. I wonder how history will judge everyone’s actions (or lack there of) in this moment.

“In messages circulated on Friday, State Department staff wrote that high-level officials do not want press materials to include three specific phrases: “de-escalation/ceasefire,” “end to violence/bloodshed” and “restoring calm”

Hasnain says:

How is this not illegal?

“The leaked documents show what customer service reps are being trained to tell users. Instead of saying the price is going up, reps will say, "We are not raising the price of any of our plans; we are moving you to a newer plan with more benefits at a different cost." That's the talking point customer service reps are supposed to use if a customer mentions that they saw commercials "about how T-Mobile won't raise the price of my plan."

Customers will be switched to a newer plan if they're on any of the following packages offered in previous years: Simple Choice/Select Choice, Magenta, Magenta 55, ONE Plan, and Simple Choice Business.”

Hasnain says:

“Whether it’s at work or in my open source travels, I routinely come across developers who are the real deal: they’re conscientious and judicious in an unwavering way. They set a standard for themselves and do not compromise on it. Whether that’s a deliberate thing or whether they’re just built that way, it’s humbling to witness. If there’s a flaky test, they investigate it and fix it. If there’s a bug they spot in the wild, they make a ticket, and maybe even fix it then-and-there. If a new feature doesn’t gel well with the existing code, they refactor the code first rather than hacking the feature in. They’ll dive as far down the stack as necessary to get to the bottom of something. None of these things are necessary but great developers know that if they don’t address a problem early, and properly, it will only cost them more time in the long run.”

Hasnain says:

“Still, Ben-Zvi planned to use his 2018 sabbatical visit to the IAS for research squarely on the geometric side of the Langlands program. His plan was disrupted when he went to listen to a talk by Venkatesh.

“My son and Akshay’s daughter were playmates, and we were friends socially, and I thought I should go to some of the talks Akshay gave at the beginning of the semester,” Ben-Zvi said.”

Hasnain says:

Yay open source.

“Looking back at what got us to this point, it seems that almost every single thing we did in running this contest so far has been load-bearing. We’re not quite sure what to make of this! Perhaps that progress is more fragile and success is more contingent than it often seems in retrospect.”

Hasnain says:

I hate this hostile design. I hit this myself in a webapp the other day where I couldn’t scroll right on a wide table because chrome doesn’t show the scroll bar unless you’re already scrolling… until someone taught me shift + scroll wheel scrolls right on a Mac. Just give me a scroll bar!

““The simple fact that these skinny scroll bars exist are evidence that designers do not sit with non technical users to conduct usability testing. Because if they did that they would immediately discover the problem.

People with dexterity and hand control challenges have a difficult time with these skinny scroll bars.

People with eye sight challenges suffer with these skinny scroll bars.””

Hasnain says:

“But that reality of the job can also colour the way veterinarians view human lives – including their own – and for those already experiencing suicidal ideation, it can provide a simple justification: death is preferable to suffering. In a 2021 survey by pharmaceutical company Merck, 12.5% of the veterinarians surveyed said they were "suffering". And nearly half of the respondents were not receiving mental health care.

"There's an idea that veterinarians work on the belief that it's right to euthanise a hopeless case," says Volk, "and we are seeing ourselves, emotionally, as hopeless cases."

Death is a routine and repeated part of the job, and while it's never easy to end a life, Volk adds that it is easy to start seeing it as an option to alleviate their own distress.”

Hasnain says:

“The IRS says Microsoft owes an additional $28.9 billion in tax for 2004 to 2013, plus penalties and interest. “

Hasnain says:

“and eventually peaked just above 201 million requests per second. This was nearly 3x bigger than our previous biggest attack on record.

Concerning is the fact that the attacker was able to generate such an attack with a botnet of merely 20,000 machines. There are botnets today that are made up of hundreds of thousands or millions of machines. Given that the entire web typically sees only between 1–3 billion requests per second, it's not inconceivable that using this method could focus an entire web’s worth of requests on a small number of targets.”

Hasnain says:

I felt this in my bones (the whole piece, not just the quote - though the quote made me chuckle). Great piece as always from Julia on how to learn and share information and how we can make tech simpler.

“There's this "today I learned" person who's into sharing cool new tools they learned about, a bug that they ran into, or a great new-to-them library feature.

There's the person who has read the entire Internet and has 700 tabs open. If you want to know where to find something, there's a good chance they already have it open in their browser.”

Hasnain says:

Great post. Revised some virtual memory knowledge, learnt a lot more about kernel internals and performance optimizations.

“In our case, this concludes our optimization journey for our little synthetic benchmark, from 3.5GiB/s to 65GiB/s.”

Hasnain says:

Been following the news over the last day and it’s so depressing. Such a complex situation and so hard to put my feelings and opinions into just a few words. I hope there is an end to the senseless suffering and violence inflicted upon innocent civilians. Right now it doesn’t sound like that is going to happen anytime soon :(

“The United States will move an aircraft carrier strike group to the eastern Mediterranean Sea while providing munitions and other equipment to help Israel in its newly declared war against Hamas. U.S. officials expect the Israeli government to launch a ground incursion into the densely populated Gaza Strip in the next 24 to 48 hours. Israel has been pounding Gaza with strikes, promising retaliation for an unprecedented attack by the militant group that took Israeli security forces by surprise. The death toll has risen to 700 in Israel and thousands have been injured, according to local media, while Palestinian authorities said at least 413 were killed and about 2,300 injured in Gaza. At least 260 bodies were recovered at the site of a music festival near the Gaza border in southern Israel, which was attacked by Hamas on Saturday, Israeli media reported. Fears of a regional spillover grew after Lebanese militant group Hezbollah said it attacked Israeli targets near the border “in solidarity” with Hamas and Israel said it struck back.”

Hasnain says:

Found myself nodding and chuckling.

“From the Tao of Programming:

A novice asked the Master: "In the East, there is a great tree-structure that men call 'Corporate Headquarters'. It is bloated out of shape with vice presidents and accountants. It issues a multitude of memos, each saying 'Go Hence!' or 'Go Hither!' and nobody knows what is meant. Every year new names are put onto the branches, but all to no avail. How can such an unnatural entity exist?"

The Master replied: "You perceive this immense structure and are disturbed that it has no rational purpose. Can you not take amusement from its endless gyrations? Do you not enjoy the untroubled ease of programming beneath its sheltering branches? Why are you bothered by its uselessness?"”

Hasnain says:

“I have now run out of layers: before this point, clocks were set more straightforwardly by watching stars cross the sky

so, to summarise my talk, where does my computer get the time from?

it does not get it from the Royal Greenwich Observatory!”

Hasnain says:

“I can see both side of the arguments on many topics, such as vim vs. emacs, tabs vs. spaces, and even much more controversial ones. Though in this case, the costs are so low compared to the benefits that I just don't understand why anyone would ever choose not to use types.

I'd love to know what I'm missing, but until then: Strong typing is a hill I'm willing to die on.”

Hasnain says:

“The Rust compiler is pedantic. It is the most obsessive code reviewer you have worked with5. If you pass a 32-bit integer to a function that expects a 64-bit integer, it will not let you. If you try to share a non-threadsafe data structure across threads your compile will fail. Ignore the fact that filesystem paths may be arbitrary bytes and try to use them as UTF-8 strings? Straight to compiler jail.

Some people will love this about Rust. Others—who just want to get something working dammit—will hate it.

Put me in the first camp. I've spent enough time in my career debugging hard-to-reproduce bugs in production. This involves more upfront design work, and some frustration fighting with the compiler. But once you've satisfied it, the code ends up being correct an astonishingly high fraction of the time.”

Hasnain says:

““My paternal grandmother’s legacy lives on in the khatta-meeta nimbu achar [salty-sweet lemon pickle] she made a month before she passed away in September 2001,” said Vernika Awal, a food writer based in the Delhi National Capital Region who has only 250 grammes (8.8oz) left in a 1kg (2.2lb) bottle that is now 22 years old.

From what Vernika recalls of the process, her Punjabi family uses lemons with a slightly hard peel. They are mixed with ajwain, khand (powdered jaggery), black salt and table salt. Mustard oil, heated to smoking point, is added. The mix is then put out in the sun.

“We eat this sparingly … and through it recall the memory my grandmother, feeling her presence even after two decades. … It’s a physical form of memory, savouring something made so long ago,” she added.”

Hasnain says:

“This means that a court can be satisfied that a relevant fact can be established just by computer records, unless there is evidence that the computer is not working properly.

And so when the computer record shows, for instance, a financial shortfall by postmaster or postmistress, the court will accept that as evidence of an actual shortfall - unless the defendant can show that the computer was not operating correctly.

In short, when the computer record is the essence of a prosecution case: computer says guilty.”