Ship of Theseus 條目的趣事

Hacker News Daily 上看到「0% of the phrases of the original Wikipedia "Ship of Theseus" article remain (twitter.com/depthsofwiki)」這篇,引用的是這則 tweet:

一開始掃過「Ship of Theseus」這個條目還沒有感覺,想偷懶發現有中文版的條目「忒修斯之船」:

1世紀時的希臘作家普魯塔克提出了這個問題:如果忒修斯的船上的木頭逐漸被替換,直到所有的木頭都不是原來的木頭,那這艘船還是原來的那艘船嗎?這類問題現在被稱做「忒修斯之船」。

回到原來的 tweet 上看才笑了出來。

另外補充一下,「」這個字念「特」,應該會有人想查,這邊附上連結。

搞爆 Python 的各種姿勢

Hacker News 首頁上看到「no-op statements syntactically valid only since Python X.Y」這個專案,搞爆各個版本 Python 的各種方式,從 Python 2.4+ 一路到 3.11+ (不過中間有少了 3.2 與 3.4)。

專案要求的條件是 no-op,所以像是 import 這種行為都會產生 side effect,所以就不能用 sys.version_info 這個變數了:

This is a collection of no-op statements that are syntactically valid only since Python X.Y, for most X.Y ≥ 2.4.

看了一下裡面的例子,反而看到一些有趣的東西,像是原來這種語法在 Python 2.3 是不能跑的:

(0 for x in [])  # Python >= 2.4 is required

然後 0_0 這種方便表示數字的寫法在 Python 3.6+ 才能動:

0_0  # Python >= 3.6 is required

有些東西真的是用習慣就忘記了,遇到一些古董環境可能會中獎然後在那邊疑惑半天 XD

看起來這個專案應該比較偏娛樂性質?實際應用上有很多其他比較常見的方式檢查環境才對 XD 但馬上想到,在打黑箱的時候可以用這個方法判斷 Python 的環境版本?

C 語言的兩個笑話 (以及他的惡搞原理)

Twitter 上看到兩則 C 語言的笑話:

第一個的 "-0.5"char[],補了 + 1 會往後一格,所以會變成移到 "0.5" 的部份。

所以如果改成 -0.6,你會發現輸出變成 0.6

第二個的 50 ** "2" 則是利用了 2 的 ascii code 是 0x32,換成十進制剛好是 50,然後中間的 ** 其實是一個乘號與一個 pointer 的用法,實際上剛好會是 50*50=2500 的運算。

如果你改成 "3" 的話會輸出 2550

作者在 Twitter 的後續有提到,這些都是特別挑過的數字所造成的「巧合」,你換掉這些數字的話通常會爛掉
(除非你也很精心挑過),不要誤解亂用 XDDD

Kagi 的宗教戰爭:Emacs 與 Vi

目前都是用 Kagi 當作預設的搜尋引擎,然後 Kagi 習慣每個禮拜會給一個 Changelog... 而這個禮拜的 Changelog 是這樣:

我好像看到了什麼不得了的東西:

Searching for emacs redirects to vi #327 @yjp20

然後 bug report 裡面提到了他會在搜尋 Emacs 時提示 Vi

然後搜尋 Vi 時提示 Emacs:

這是想要掀起什麼宗教戰爭嗎 XDDD

Cloudflare R2 Storage 的插曲...

Hacker News 首頁上看到「Cloudflare's Disruption (stratechery.com)」這篇,文章「Cloudflare’s Disruption」這篇其實還好,主要就是分析一下 Cloudflare R2 Storage 在下的棋,真的讓我想寫的是反而是 Hacker News 上的討論...

首先是提到了 S3 -> R2 -> Q1 -> P0 這個:

ksec 36 minutes ago | unvote [–]

^gt; The service will be called R2 — “one less than S3,” quipped Cloudflare CEO Matthew Prince in an interview with Protocol ahead of Cloudflare’s announcement

Oh I never thought of that. So the next one is Q1 and final one would be P0.

另外下面有也提到 IBMHAL

piaste 33 minutes ago | unvote [–]

And it is likely inspired by the old joke that 2001: A Space Odyssey's HAL was one less than "IBM".

下一個 Q1 是明年了,來看看 2022Q1 會不會有 P0 issue XDDD

StackOverflow 開賣 Ctrl、C、V 的鍵盤

StackOverflow 今年愚人節的鍵盤真的開賣了:「No joke—you can buy our copy/paste keyboard right now」。

愚人節的文章在「Introducing The Key」,這次開賣的網站是跟 Drop 合作:「Stack Overflow The Key Macropad | Mechanical Keyboards | Mini Mechanical Keyboards | Drop」,可以看到是機械鍵盤,但要 US$29 一隻...

鍵盤是凱華 BOX 黑軸:

They’re also outfitted with Kailh Box Black switches to deliver an ultra-smooth linear feel.

然後可程式化定義 XDDD

Fully programmable, these three keys can do much more than copy and paste. In fact, you can configure them to perform virtually any key command you want.

不過想要的人也得注意一下,目前看到的 ship date 是年底了:

Estimated ship date is Dec 13, 2021 PT.

然後目前已經賣出 2.6k 件了?XDDD

2.6k Sold

Brendan Gregg 遇到的 An Unbelievable Demo

Hacker News Daily 上看到的熱門話題,Brendan Gregg 是效能分析領域的大老,現在在 Netflix 工作,在維基百科的條目「Brendan Gregg」上也有提到他的一些知名發明,像是 Flame Graphs:

He has also created visualization types to aid performance analysis, including latency heat maps, utilization heat maps, subsecond offset heat maps, and flame graphs.

昨天他發了一篇文章在講之間他遇到的事情,原文把過程寫的很有戲劇性,值得去看一看:「An Unbelievable Demo」,而 Hacker News 上的討論也很精彩:「An Unbelievable Demo (brendangregg.com)」,還引出了 Colin Percival 也分享他的經驗。

快速講 Brendan Gregg 遇到的事情,2005 年時 Brendan Gregg 因為業務上的需要 (他當年是效能分析的顧問),幫 Sun 推出的 DTrace 寫了一包工具,叫做 DTraceToolkit,用 GPLv2 或是 CDDL 釋出。

這包工具被 Sun 的人拿去用,並且拔掉作者與授權資訊,然後還被拿去「世界巡迴」介紹這個工具,最後在雪梨的時候居然是拿來介紹給 Brendan Gregg,然後被原作者打臉。

不過他後來還是加入了 Sun... XDDD

Colin Percival 的故事則沒有牽扯到 copyright issue,不過也很有趣,這邊提到的是 bsdiff,也是個經典的工具:

Reminds me of when Apple started providing "smaller size updates" to OS X. I was curious about the details since my doctorate had touched on the topic, so I worked my contacts (I had a few in Apple engineering from the FreeBSD / OS X relationship) and after a few months I got back as answer: "We're using a tool called bsdiff, are you familiar with it?" I was indeed, since I was the author of said tool.

(Just to be clear, there was no license violation involved in this case; just a lack of awareness of the provenance of the open source software they were using.)

另外在其他的 thread 裡面,可以看到 Brendan Gregg 也有浮上來回應 (可以直接字串搜尋 brendangregg),裡面也提到了有趣的故事,像是他另外一個發明 latency heat map 在一些會場上的交流,以及自己也有遇到其他工具的作者:

Thanks. There was a time when many observability products were adding latency heat maps, and at one conference expo floor there were three companies with latency heat maps on their screen at the same time, pitching them as a flagship feature. If I walked near them they'd start trying to explain them to me, and I never figured out an appropriate response. If I said "hey, great to see you added them, I invented these back at Sun" I'd get funny looks.

I think it's a small world, and everything is software, so the chance you'll bump into someone who wrote software you are using I think is pretty high. I was once trying to get my head around Andi Kleen's pmu-tools, and I had the github repo open in my browser on my laptop I was carrying, when the guy sitting next to me on a bus says he's Andi Kleen. (Ok, it was a bus taking Linux conference attendees to an event, not a random bus, but I still found it remarkable timing -- I was studying pmu-tools at that exact time!)

拿來配啤酒的文章 XD

CVE-2021-32471 發了一個 1967 年電腦的安全性漏洞?

Hacker News 首頁上看到好幾則都在講 CVE-2021-32471

Insufficient input validation in the Marvin Minsky 1967 implementation of the Universal Turing Machine allows program users to execute arbitrary code via crafted data. For example, a tape head may have an unexpected location after the processing of input composed of As and Bs (instead of 0s and 1s). NOTE: the discoverer states "this vulnerability has no real-world implications."

等下,今天不是四月第一天啊,現在已經五月多了啊...

泡茶方式的 ISO 標準:ISO 3103

Twitter 上看到這個太哭腰了,泡茶也有 ISO 標準:

在中文維基百科內也有條目可以看:「ISO 3103」,裡面有提到這是從 BSI 6008:1980 來的:

ISO 3103是一項由國際標準組織(通稱ISO)所制訂的標準,其中詳細說明了一種標準化的泡茶方法,源自於1980年由英國標準協會(BSI)所制定的標準BS 6008:1980。此標準是由ISO的第34技術委員會(食品)中的第8子委員會(茶)所制定。

1999年搞笑諾貝爾獎將文學獎授予BS 6008標準。

這個真的是太哭腰了...

繞過 Screensaver Lock 的有趣話題...

Hacker News Daily 上看到「Screensaver lock by-pass via the virtual keyboard」這篇,裡面這邊題到了 screensaver lock 的有趣話題。

先講嚴肅一點的,這個 bug 被編號為 CVE-2020-25712,問題出在 xorg-x11-server 上:

A flaw was found in xorg-x11-server before 1.20.10. A heap-buffer overflow in XkbSetDeviceInfo may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

比較有趣的事情是,這個 bug 是小朋友在亂玩時拉出 virtual keyboard 觸發的:

A few weeks ago, my kids wanted to hack my linux desktop, so they typed and clicked everywhere, while I was standing behind them looking at them play... when the screensaver core dumped and they actually hacked their way in! wow, those little hackers...

然後他說他自己搞不出來:

I tried to recreate the crash on my own with no success, maybe because it required more than 4 little hands typing and using the mouse on the virtual keyboard.

另外一個人也說他家小朋友也弄出 segfault 了:

My kids came upon a similar cinnamon-screensaver segfault! I've emailed details of how to reproduce the problem to root@linuxmint.com.

小朋友超強 XDDD