I’ve recently come back to an older project of mine (that powers this website), and as I did some maintenance work: upgrade to newer crates, upgrade to a newer rustc, I noticed that my build was taking too damn long!

For me, this is a big issue. Because I juggle a lot of things at any given time, and I have less and less time to just hyperfocus on an issue, I try to make my setup as productive as possible.

Hey internet! So, someone broke into some of my accounts.

I’m taking entire responsibility for this - there’s the part where I fucked up, and if I didn’t fuck up, then none of this would’ve happened.

But there’s also the part where a series of design decisions from various vendors combined into the perfect storm for me.

And we’re going to talk about both! Separately! And calmly.

On September 8 2025, around 13:00 UTC, someone compromised Josh Junon’s npm account (qix) and started publishing backdoored versions of his package.

Someone noticed and let Josh know:

Josh confirmed he’d gotten pwned by a fake 2FA (two-factor authentication) reset e-mail:

The phishing e-mail came from npmsj.help (registered 3 days prior) and claimed users had to reset their 2FA:

Addressing the rumors

There have been rumors going around, in the Reddit thread for facet, my take on reflection in Rust, which happened a bit too early, but here we are, cat’s out of the bag, let’s talk about it!

Rumors that I, podcaster/youtuber fasterthanlime, want to kill serde, serialization / deserialization framework loved by many and which contributed greatly to Rust’s success, and I just wanted to address those rumors and say that…

In the day 8 problem, our input is a height map:

30373 25512 65332 33549 35390

This is a 5x5 grid, and every number denotes the height of a tree. For part 1, we must find out how many trees are visible from the outside of the grid.

If we consider the first row, from the left: only the 3 is visible: it obscures the 0. From the right, 3 and 7 are visible.

It’s refactor time!

Our complete program is now about a hundred lines, counting blank lines (see the end of part 3 for a complete listing).

While this is pretty good for a zero-dependency project (save for pretty-hex), we can do better.

First off, concerns are mixed up. In the same file, we:

• Expose LoadLibraryA / GetProcAddress
• Expose the Win32 ICMP API

Last week-end, I participated to Ludum Dare for the fourth time in a row!

Downloads: Linux (64) | OS/X | Windows

Story

So here is our entry: Legithief. The backstory is simple, yet cunning: you are an ordinary thief practicing ordinary acts of thievery in the houses of ordinary people to make a living. But one day.. you are quietly robbing yet another home, when you are suddenly smashed in the head with a bat.

I do not come to you with answers today, but rather some observations and a lot of questions.

The weird glitch

Recently I was editing some video and I noticed this:

Not what the finger is pointing at — the dots.

Here are the separate layers this image is made up of: the background is a stock image I’ve licensed from Envato Elements:

Because I use it as a background image, I’ve cranked down the exposition in the Color tab:

Day 9’s problem statement is convoluted - the “ah maybe that’s why I don’t usually do Advent of Code” kind of convoluted, but let’s give it a go anyway.

So, we have a series of numbers, like so:

35 20 15 25 47 40 62 55 65 95 102 117 150 182 127 219 299 277 309 576

And uh the first N numbers are a “preamble” and every number that comes after that must be the sum of any two of the numbers that come before it.