Search

Windows dynamic libraries, calling conventions, and transmute

Sep 28, 2019

18 min #networking · #icmp · #win32 · #rust · #ffi

So, how does ping.exe actually send a ping? It seems unrealistic that ping.exe itself implements all the protocols involved in sending a ping. So it must be calling some sort of library. Also, since it ends up talking to the outside world via a NIC (network interface controller), the kernel is probably involved at some point.

In reading files the hard way - part 2, we learned about dynamic libraries (like libc), and the Linux kernel, and how syscalls allowed us to ask the Linux kernel to do our bidding. For this series, we’re going to have to look at the Windows equivalents.

Day 18 (Advent of Code 2022)

Jan 12, 2023

8 min #rust · #cpp · #advent-of-code

This time around, we’re porting a solution from C++ to Rust and seeing how it feels, how it performs, and what we can learn about both languages by doing that.

See Day 17 for the rationale re: porting solutions rather than writing my own from scratch. TL;DR is: it’s better than nothing, and we can still focus about learning Rust rather than spending entire days fighting off-by-one errors.

Day 2 (Advent of Code 2020)

Dec 13, 2020

10 min #rust · #advent-of-code

Day 2, Day 2! Woo!

The Advent of Code 2020, Day 2 problem talks about passwords. Sounds familiar.

Basically, our input looks like this:

1-3 a: abcde
1-3 b: cdefg
2-9 c: ccccccccc

Each line contains a “password policy” and a “password”. For the first line, the policy is that the password must contain between 1 and 3 (inclusive) times the letter “a”.

Loading multiple ELF objects

Jan 26, 2020

32 min #os · #assembly · #linux · #rust · #linkers

Up until now, we’ve been loading a single ELF file, and there wasn’t much structure to how we did it: everyhing just kinda happened in main, in no particular order.

But now that shared libraries are in the picture, we have to load multiple ELF files, with search paths, and keep them around so we can resolve symbols, and apply relocations across different objects.

color npm package compromised

Sep 08, 2025

4 min #npm

On September 8 2025, around 13:00 UTC, someone compromised Josh Junon’s npm account (qix) and started publishing backdoored versions of his package.

Someone noticed and let Josh know:

Hey. Your npm account seems to have been compromised. 1 hour ago it started posting packages with backdoors to all your popular packages. — Charlie Eriksen on BlueSky

Josh confirmed he’d gotten pwned by a fake 2FA (two-factor authentication) reset e-mail:

Yep, I've been pwned. 2FA reset email, looked very legitimate. Only NPM affected. I've sent an email off to @npmjs.bsky.social to see if I can get access again. Sorry everyone, I should have paid more attention. Not like me; have had a stressful week. Will work to get this cleaned up. — Josh Junon on BlueSky

The phishing e-mail came from npmsj.help (registered 3 days prior) and claimed users had to reset their 2FA:

Summer fasterthanlime update

Aug 15, 2025

8 min #meta

There are news!

Cool Bear's hot tip

TL;DR: If you’re a patron or sponsor, check your Profile page to get detailed explainers of every perk. You’ll need to log in. Duh.

Here are all the changes I’m implementing, summarized as a table:

Before	After
📚 Articles remain exclusive for 6 months	Early access (couple weeks) for Silver tier
🎞️ No early access for video

Recursive iterators in Rust

May 08, 2019

7 min #rust

I’ve been looking for this blog post everywhere, but it doesn’t exist, so I guess it’s my turn to write about Some Fun with Rust.

The task at hand

Let’s say you have a recursive, acyclic data structure, like so:

struct Node {
    values: Vec<i32>,
    children: Vec<Node>,
}

This allows you to represent a tree-like structure:

   [1, 2, 3]
       /\
      /  \
     /    \
    /      \
   /        \
[4, 5]    [6, 7]

Veronica Mars and NTLM password hashes

Oct 28, 2020

30 min #tv

Intro

When I started my Patreon, I had no idea if it would work at all. The whole thing seemed like a gamble: spend an inordinate amount of time writing quality articles, and hope that folks will like it enough to kick in 5, 10, or 50 bucks a month just to see more of them.

I’m happy to say the gamble paid off - literally. Take that, impostor syndrome!

Some mistakes Rust doesn't catch

Feb 07, 2022

51 min #rust · #golang · #concurrency

I still get excited about programming languages. But these days, it’s not so much because of what they let me do, but rather what they don’t let me do.

Ultimately, what you can with a programming language is seldom limited by the language itself: there’s nothing you can do in C++ that you can’t do in C, given infinite time.

As long as a language is turing-complete and compiles down to assembly, no matter the interface, it’s the same machine you’re talking to. You’re limited by… what your hardware can do, how much memory it has (and how fast it is), what kind of peripherals are plugged into it, and so on.

Huffman 101

Aug 09, 2019

15 min #compression · #golang · #entropy

Let’s play a game: your objective is to guess a word, but you can only ask yes or no questions. You should also aim to ask as few questions as possible.

You might have played a variant of this game before, guessing famous actors or musicians. You’d usually ask questions like “Are they alive?”, or “Have they won an Oscar”? And that would allow you to narrow down the possibilities, until you finally resort to a list of direct guesses (“Is it Amy Adams?”) or simply give up.