Hasnain says:

:(

Hasnain says:

“To find this – and similar vulnerability is OSS-Fuzz – would require a redesign of how OSS-Fuzz and especially Clusterfuzz work to allow for more diverse target instrumentation, fuzzer orchestration and correct corpus merging.

The lesson that can be learned from this is that some bugs can not be effectively found with CI based fuzzing, and instead need a long running fuzzing campaign, using different techniques to solve path constraints: CMPLOG, COMPCOV, libfuzzer's value profile and in small and medium projects maybe even one or two concolic execution frameworks.”

Hasnain says:

Love the visualizations here.

"We've covered a lot in this post, and if it has left you yearning for more you won't be disappointed. I've specifically avoided the topics of virtual memory, brk vs mmap, the role of CPU caches, and the endless tricks real malloc implementations pull out of their sleeves. There's no shortage of information about memory allocators on the Internet, and if you've read this far you should be well-placed to dive in to it."

Hasnain says:

Rampant Islamophobia and anti-semitism on the rise again globally. Let’s not do this please :(

“According to written text messages sent to the father of the boy by the mother from the hospital and shared with CAIR-Chicago, the landlord who had been angry with what he was seeing in the news knocked on their door, and when she opened, he tried to choke her and proceeded to attack her with a knife, yelling "you Muslims must die!"

When she ran into the bathroom to call 911, she came out to find that he had stabbed her six-year-old son to death.”

Hasnain says:

This was a lot of fun to read and play around with

"This works as expected, everybody survives with a very low average QoL of 3. This one last constraint counteract nearly all capitalist constraints we added since the beginning. It prevents people from over consuming, even though we made public servants numerous and quite rich in the process. This is a communist dream."

Hasnain says:

This piece is much less emotional than a lot of others I’ve seen (emotions are totally warranted though). Which makes the fact that it still makes a strong compelling argument even more important. I wish for peace and hope world leaders (especially in the US) urge it.

“And the potential gains—beyond satisfying demands for revenge—are remarkably low. Not since the American invasion of Iraq has there been such clarity in advance about the fiasco to come.

Nor have the moral issues been so clear. There is no question that Hamas committed grave war crimes in its brutal attacks on Israeli citizens, and it should be held accountable. But there is also no question that the collective punishment of Gaza, through blockades and bombing and the forced displacement of its population, represents grave war crimes. Here, too, there should be accountability—or, better yet, respect for international law.”

Hasnain says:

"At Qonto, the billing project was supposed to be completed by a single backend engineer in only two months. One year later, two backend engineers were still working on it full time.

Then the team of two backend engineers grew into a team of 20 people, including product managers, backend engineers and frontend engineers as well. Hiring, onboarding and retaining people to take care of our billing system was a constant challenge. They would have preferred to work on our core product, and our management team also wanted to downsize the team."

Hasnain says:

I’ve been seeing a lot of news lately and it’s so depressing. I wonder how history will judge everyone’s actions (or lack there of) in this moment.

“In messages circulated on Friday, State Department staff wrote that high-level officials do not want press materials to include three specific phrases: “de-escalation/ceasefire,” “end to violence/bloodshed” and “restoring calm”

Hasnain says:

How is this not illegal?

“The leaked documents show what customer service reps are being trained to tell users. Instead of saying the price is going up, reps will say, "We are not raising the price of any of our plans; we are moving you to a newer plan with more benefits at a different cost." That's the talking point customer service reps are supposed to use if a customer mentions that they saw commercials "about how T-Mobile won't raise the price of my plan."

Customers will be switched to a newer plan if they're on any of the following packages offered in previous years: Simple Choice/Select Choice, Magenta, Magenta 55, ONE Plan, and Simple Choice Business.”

Hasnain says:

“Whether it’s at work or in my open source travels, I routinely come across developers who are the real deal: they’re conscientious and judicious in an unwavering way. They set a standard for themselves and do not compromise on it. Whether that’s a deliberate thing or whether they’re just built that way, it’s humbling to witness. If there’s a flaky test, they investigate it and fix it. If there’s a bug they spot in the wild, they make a ticket, and maybe even fix it then-and-there. If a new feature doesn’t gel well with the existing code, they refactor the code first rather than hacking the feature in. They’ll dive as far down the stack as necessary to get to the bottom of something. None of these things are necessary but great developers know that if they don’t address a problem early, and properly, it will only cost them more time in the long run.”