Notices by pancake :radare2: (pancake@infosec.exchange)

Here we go! The first release of my native Delta Chat client for GNOME is out! https://github.com/trufae/deltachat-gnome/releases/tag/0.2.0 cc @delta @gnome i'm using it in daily basis, and it's quite stable right now, but still lacks many features from the official client, I would love to hear from your feedback if you try it!

How Axios was pwned. TLDR: capitalism. Anyway scary shit how well coordinated was this attack.

RE: https://infosec.exchange/@NowSecure/116251163921885755

Last wednesday I sat down at the #paulsecurityweekly podcast to talk about static analysis with @radareorg and mobile security. The video/audio is now online! https://www.scworld.com/podcast-segment/14644-hacking-ip-kvms-reversing-with-radare2-sergi-alvarez-psw-918

@dansup @cvap @nlnet @rstockm the instances i used were poorly maintained and finally closed, i couldnt transfer the account either and the ios app was updated 6 month ago. I was not following the commits but the experience from the mobile user perspective didnt felt like much active. Will the apps receive all those updates?

@cvap @dansup @nlnet @rstockm pixelfed has been always abandoned, poorly updated and lacking basic usability and photography friendly features. At this point i don’t see which userbase is trying to reach but defitively cloning bigtech social without ads is not my ideal either

Uhm

@dansup congrats for the merge! that's definitively a nice addition for pixelfed and may help on having more users joining in daily basis. Do stories can last more than one day?

It’s

Memory leaks be like

Turns out some stupid distros were shipping screen with suid bit 🤦♂️ https://security.opensuse.org/2025/05/12/screen-security-issues.html anyway, take care and update your screens

TIL Linux is not setting the POSIX TMPDIR environment variable anymore and it's just relying on the XDG_RUNTIME_DIR one. Kind of make sense to have and use a per-user tmpdir. It's not even safe to assume /tmp is a valid place because linux-based systems like android also have their random way to define this. #unixfun

@amszmidt @korreckj328 imho defining some sane restrictions on symbols is somehow cleaner. It’s like having emojis or spaces in filenames. Surely we can even make files with slashes but it feels wrong

Now #Swift permits functions with spaces in the name. TIL that Kotlin, Zig, Scala and other languages already supported this “feature”.., https://github.com/swiftlang/swift-evolution/blob/main/proposals/0451-escaped-identifiers.md

Fyi, the deprecated decorator has been deprecated

@delta im curious if there are stats about the amount of active users too

@dexternemrod @delta thats what i though, despite how nice would be to have such thing for statistical purposes I guess it’s fine to focus on amount of registered relays :) cool indeed

console.lol()

Seriously speaking, it’s 2025 and we are all still depending on monolitic kernels written in unsafe languages and hardware support is still exposing the same problem we had 30 years ago.

@argv_minus_one @wolf480pl @hunger imho the weak points or rust are:

- complex language
- moving and evolving target
- only one compiler exists
- heavy cpu and memory requirements
- added tech debt as custom wraps need to be handcrafted all the time

Gccrs is unfinished but i want to assume it solves some of these problems, what about the others? im trying to be constructive and not get into a flame. Im not a rust or a kernel dev, despite i wrote drivers, kernel patches and wrote some rust too, so im probably not seeing the whole picture.

PD: I would love this thread can become into a constructive discussion.

Rust was never designed to replace or interface with C. Despite its safety benefits, i think it was too early and probably a bad idea to make it into the Kernel. Despite the ego flames, all the dev conflicts prove that. But I guess that monster (the kernel) is too big to fall. #rust #kernel