Monero logs

09:46:43 321bob321: https://www.reddit.com/r/selfhosted/comments/1po9cx1/vps_hacked_over_and_over_what_am_i_doing_wrong/

09:46:43 321bob321: Lol

09:51:36 BlueyHealer: What you're doing wrong is using Reddit in the clunkier UI

09:52:18 BlueyHealer: oh no it's THAT cve

10:23:32 DataHoarder: 10:51:57 <BlueyHealer> What you're doing wrong is using Reddit in the clunkier UI

10:23:37 DataHoarder: the www here go to proper old :')

10:23:55 DataHoarder: www is also the only domain that has working title resolution now (others end up doing browser side checks)

10:24:12 DataHoarder: your domain not being old* doesn't mean it's not using old ui

10:29:17 BlueyHealer: Oh, really?

10:54:07 shadowatlas:matrix.org: Hello. Does someone know if there's a Monero community in London? The last meetup was over 7 years ago: https://icoholder.com/en/events/monero-london-meetup-22255

10:55:23 Cindy: that site is a fucking eyesore

11:00:35 sech1: https://www.youtube.com/watch?v=acq2MvoSkJI

21:33:00 basses:matrix.org: https://kellett.im/a/keeping-secrets

21:33:01 basses:matrix.org: cool irc info

21:35:48 Cindy: that's libera specific

21:41:08 basses:matrix.org: https://www.phoronix.com/news/First-Linux-Rust-CVE

21:52:01 321bob321: Memory safe that corrupts memory

21:52:07 321bob321: Fail safe

21:56:29 gan:skhron.org: Unsafe code results in unsafe behavior, who could thought of it

21:58:50 Cindy: they tried to outsmart the compiler

21:59:45 Cindy: by locking, copying the pointer, and unlocking

22:04:24 torir:matrix.org: Rust needs to copy the Tor warning: "Rust can't help you if you use it wrong"

22:05:34 Cindy: i think that's obvious if you're using "unsafe {}"

22:05:49 Cindy: when you're using the unsafe block, most of it is literally up to you

22:06:07 Cindy: the compiler won't hold your hand when you're using it

22:06:31 torir:matrix.org: You don't need the unsafe keyword to write unsafe Rust code: https://github.com/Speykious/cve-rs/tree/main

22:07:38 Cindy: i doubt someone will accidentally write code that looks like that

22:07:52 Cindy: that project is obviously taking advantage of some compiler bugs or something lol

22:09:18 torir:matrix.org: Yeah, my point is that using unsafe should be accompanied by code reviews or some process to ensure you didn't create a vulnerability.

22:10:00 gan:skhron.org: wait for https://github.com/rust-lang/rust/issues/25860 to be closed

22:11:03 Cindy: looks like the null pointer access part of cve-rs is abusing enums

22:11:30 Cindy: https://github.com/Speykious/cve-rs/blob/main/src/transmute.rs