Kissaki

cross-posted from: https://programming.dev/post/37407248

Scrolling through this webpage is an adventure.

Scrolling through this webpage is an adventure.

Yesterday programming.dev was down for hours.

I checked https://status.programming.dev/ and it is indeed a working status page, but with no monitors added.
Which is already surprising.

But even more confusing is the consequential claim of "All Systems Operational", even when the instance is down/unreachable.

What's the state and plan for the status page?

cross-posted from: https://programming.dev/post/36983916

Freund wasn’t looking for a backdoor when he noticed SSH connections to his Debian testing system taking 500 milliseconds longer than usual. As a database engineer benchmarking PostgreSQL performance, he initially dismissed the anomaly. But the engineer’s curiosity persisted.

The backdoor’s technical sophistication was breathtaking. Hidden across multiple stages, from modified build scripts that only activated under specific conditions to obfuscated binary payloads concealed in test files, the attack hijacked SSH authentication through an intricate chain of library dependencies. When triggered, it would grant the attacker complete remote access to any targeted system, bypassing all authentication and leaving no trace in logs.

The backdoored versions 5.6.0 and 5.6.1 had been released in February and March 2024, infiltrating development versions of Fedora, Debian, openSUSE, and Arch Linux. Ubuntu’s upcoming 24.04 LTS release, which would have deployed to millions of production systems, was mere weeks away.

The technical backdoor was merely the final act of a three-year psychological operation that began not with code, but with studying a vulnerable human being.

Freund wasn’t looking for a backdoor when he noticed SSH connections to his Debian testing system taking 500 milliseconds longer than usual. As a database engineer benchmarking PostgreSQL performance, he initially dismissed the anomaly. But the engineer’s curiosity persisted.

The backdoor’s technical sophistication was breathtaking. Hidden across multiple stages, from modified build scripts that only activated under specific conditions to obfuscated binary payloads concealed in test files, the attack hijacked SSH authentication through an intricate chain of library dependencies. When triggered, it would grant the attacker complete remote access to any targeted system, bypassing all authentication and leaving no trace in logs.

The backdoored versions 5.6.0 and 5.6.1 had been released in February and March 2024, infiltrating development versions of Fedora, Debian, openSUSE, and Arch Linux. Ubuntu’s upcoming 24.04 LTS release, which would have deployed to millions of production systems, was mere weeks away.

The technical backdoor was merely the final act of a three-year psychological operation that began not with code, but with studying a vulnerable human being.

Over the years, our server has been racking up costs, and the now-unsupported software it was running on finally gave out.

All online services have now been migrated into permanent offline features. We made sure nothing was lost.

• The Level Editor now saves levels directly to your disk […]
• All community-created levels […]
• All-time high scores have been immortalized […]
• New high scores are saved locally […]

The game Dual Snake on Steam is free and was released in 2018.

Explores how the Lean programming language handles 2 + 2 = 4, which other programming languages collapse into a bool, but Lean considers a Proposition, and requires Proof.

How does provably correct programming look? This article seems to give a good introduction and example.

Explores how the Lean programming language handles 2 + 2 = 4, which other programming languages collapse into a bool, but Lean considers a Proposition, and requires Proof.

How does provably correct programming look? This article seems to give a good introduction and example.

Pike is a dynamic programming language with a syntax similar to Java and C. It is simple to learn, does not require long compilation passes and has powerful built-in data types allowing simple and really fast data manipulation.

int getDex()
{
  int oldDex = Dex;
  Dex = 0;
  return oldDex;
}

private void
show_user(int|string id, void|string full_name)
{
  write("Id: " + id + "\n");
  if (full_name)
    write("Full name: " + full_name + "\n");
}

The Go 1.18 release introduced generics and with that a number of new features, including type parameters, type constraints, and new concepts such as type sets. It also introduced the notion of a core type. While the former provide concrete new functionality, a core type is an abstract construct that was introduced for expediency and to simplify dealing with generic operands (operands whose types are type parameters). In the Go compiler, code that in the past relied on the underlying type of an operand, now instead had to call a function computing the operand’s core type. In the language spec, in many places we just needed to replace “underlying type” with “core type”. What’s not to like?

Quite a few things, as it turns out! To understand how we got here, it’s useful to briefly revisit how type parameters and type constraints work.

For the Go 1.25 release (August 2025) we decided to remove the notion of core types from the language spec in favor of explicit (and equivalent!) prose where needed. This has multiple benefits: …