Agreed

Not really, but I’d probably try to organize those into sub structures where it made sense. A data structure holding the UI state and FFT data all flat is kinda messy imo since it becomes unclear what is actually required where.

Alternatively, use your shell however you want. And which isn’t POSIX so I wouldn’t use that in a shell script you intend to share.

I have no skin in this game, but IPs are definitely not anonymous data. Also there is a lot of great info out there about de-anonymizing seemingly random data. Interestingly enough, this is similar to the Netflix prize dataset that was one of the more famous ones. Maybe a good introduction to that would be https://www.schneier.com/blog/archives/2007/12/anonymity_and_t_2.html

Nobody is gonna be using a quantum computer to “crack email hashes” of Plex users in a few years… I’m not even sure there is a speedup to hash cracking with quantum computers.

But depending on the hashing algorithm used, it’s likely pretty easy to crack hashes of email addresses today with a normal computer. They’re not particularly high entropy.

QEMU makes it pretty painless to hook up gdb just FYI; you should look into that. I think you can also have it provide a memory mapped UART for I/O which you can use with newlib to get printf debugging

I feel seen

Pretty much everyone I work with uses vim, emacs, sublime, or vscode. I like IDEs and use them for… well Java, but I wouldn’t argue that they’ve made the other tools obsolete or you’re a fool for sticking with the old ones. If it ain’t broke and all that. It actually seems like more people are moving back to pluggable text editors over IDEs

I’ve used AI tools a bit. They’ve really helped drop in code that would previously just be a bunch of TODOs; they get you up and writing the core parts much faster to see if the idea even works. They’ve also really helped answer specific questions or lead me towards the answer. They’ve also straight up lied to me quite a bit. It’s a weird tool.

I think the OP image is pretty wrong with the comparison it makes. LLMs/AI are a class of technology that are most definitely not going anywhere unless something dramatic happens. Some people, myself included, feel uneasy about the way they’re created and the fact that people in powerful positions completely misunderstand them, and I think that leads to the hope that they’re just a fad.

Yea, it sounds pretty nice actually. I’m considering doing that as well. Makes it obvious when you’re running in a root shell too which is nice. I’d probably still keep sudo around though.

With a programmable keyboard it can just be one button too!

Oops

Another potential option here is https://www.kernel.org/doc/html/latest/networking/ip-sysctl.html

ip_unprivileged_port_start - INTEGER

    This is a per-namespace sysctl. It defines the first unprivileged port in the network namespace. Privileged ports require root or CAP_NET_BIND_SERVICE in order to bind to them. To disable all privileged ports, set this to 0. They must not overlap with the ip_local_port_range.

    Default: 1024

This is also per namespace so you could use it in combination with network namespaces if you really wanted to keep privileged ports.

Could be a variable from somewhere else in the code. It should throw type error of some sort if it’s not going to handle a float correctly

I travel a bunch and have lived abroad and I always consistently only ever miss breakfast restaurants/diners and breakfast foods.

TIL I didn’t realize Java used UTF16 for its internal representation. Looks like it’s a bit more complicated than that after Java 9 too

Android defaults to UTF16

It is a fantastic way to make sure things work across a team. We use Linux (bunch of different distro) and macOS at my company and once I started packaging things with nix environment related issues mostly went away. It’s not perfect and it’s not necessarily easy to learn nix, but I prefer it to sharing docker containers or other alternatives.

In some build modes clang will simply put a trap where it sees undefined behavior. https://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html

Not saying your wrong, just a fun fact I guess

Sorry I didn’t mean to imply they don’t use shared libs, they definitely do, but they have to integrate them into the larger system still and put consistent interfaces over them.

I suppose we need to make definitions clearer.

The definition of “a memory safe programming language” is not in debate at all in the programming community. I have no idea why you’re trying to change it.

I’d argue those weren’t the best developers then

This is incredibly arrogant, and, tbh, ignorant.

You missed the point of the examples: those aren’t necessarily “easy mistakes” to make and of course a UAF is easy to spot in a 4 line program, the point is that there is no language construct in place to protect from these trivial memory safety issues. With respect to the “obviousness” of the std::string mistake, if you instead consider an opaque interface that requires a const char* as an input, you have no idea if it is going to try to reference of that pointer or not past the lifetime of the std::string. If you can’t see past the simplicity of an example to the bigger picture that’s not on me.

I disagree with the blanket statement “C++ isn’t memory safe”. C++ provides the tools for writing memory-safe code, but it does not enforce it by default.

This is such a weird take. C++ isn’t memory safe. The blanket statement is… true. You say as much in the second sentence.

With C++, you retain full control over memory management and can choose the best tool for the job. You’re not boxed into a strict ownership model that may force refactoring or add extra layers of abstraction.

You have full control in Rust too, at least to the same extent as C++. Rust isn’t memory safe either. Rust is just the opposite of C++ in the approach to safety: you opt in to being unsafe with the unsafe construct instead of being unsafe by default. They’re just different paradigms. I’d actually argue that you don’t have full control in either language unless you opt in to it, modern C++ tries very hard to abstract away memory management. You can write an entire program without a single new or malloc, which is pretty great.

Sure, mistakes can happen, but with proper practices and modern C++ features you can achieve a level of safety that meets most needs without sacrificing the expressiveness and efficiency you might require in complex systems.

This is just simply not true and is consistently proven incorrect every time an aspect of C++'s memory unsafety is exploited. I work in security and I still, in 2025, exploit memory corruption. The best developers money can buy still make mistakes with C and C++.

Besides that: which conventions do you mean?

The way you have to interact with smart pointers for example:

#include <memory>

int main(int argc, char** argv)
{
    std::unique_ptr<int> a = std::make_unique<int>(1);
    std::unique_ptr<int> b(a.get());
}

Double free, but compiles without warning. It’s convention to not use unique_pointer’s constructor, not enforced.

#include <iostream>
#include <string>

int main(int argc, char** argv)
{
    const char* c;
    {
        std::string a("HelloThisIsAHeapString");
        c = a.c_str();
    }
    std::cout << c << std::endl;
}

Use after free. No compiler error or warning, it’s convention to not maintain references to C++ string data, not enforced.

That’s all fine, whatever, but these are conventions. We’ve shot ourselves in the foot a million times and come up with our own guard rails, but the developer needs to know all of them to not make the mistake.