I came across an interesting stack overflow that took input from scanf(“%lf”), and stored it into a buffer.Due to precision, you can’t simply encode an arbitrary unsigned integer into a float through decimal representation. Reading the source code of scanf, I came across an alternative encoding known as hex float. This encoding appeared to be…
All posts by justintaft
My Take On Stocks: Why They Are Bought
Disclaimer : The below is not financial advice. The following are my opinions, and may be factually incorrect and/or misleading. There’s four ways people can make money by owning a share in a company.: The second scenario is interesting, selling a stock. Remember there is always a buyer and a seller in a share transaction.…
Importing CSV Bank Statements in Manager.io
TLDR; if you CSV bank import feature with Manager.io, ensure their is a header row with only columns Date, Description, and Amount. The column Reference may exist too. Manager.io app has a bank statement import feature. When selecting CSV, you may get the error message “The file you are trying to import is invalid”. The bank statement import page at https://www.manager.io/guides/9240…
Using Emac’s Cider with Docker
If running cider-connect-cljs returns the following error: It means the port is open, but nrepl is failing to respond. Ensure nREPL is listening on the right port and address. Where your project is running, do netstat -nl. If nrepl is bound to 127.0.0.1 in a docker container, update it to 0.0.0.0.
Fun With Unsafe Rust
Business Types
Brain dump of how I think about businesses types. Some businesses package multiple types for their offering. Businesses not need to be complex, but only need to offer value. Content Aggregation – These businesses do not focus on creating new content, but rather collecting and aggregating. Examples include News websites, Social Media, Conferences,Blockbuster. Monetization comes…
Bug Hunting Tips
I really enjoy finding and exploiting critical findings. Following the below process helps me finding bugs consistently. 📚 Study Vulnerability Classes Familiarize yourself with different attacks, know when they apply, and understand their mitigations. This is key for three reasons: You increase your probabilities of finding good bugs. If you’re not aware of XXE, you would likely…
Typing Ergonomics – Modal editing, Sticky Keys, Voice Control
I’m a fan of pressing keys sequentially. Pressing multiple keys at the same time (key-chords) can cause unnecessary strain in my opinion. Emacs by default relies heavily on key-chords. Remapping common functions to Function Keys (F1-F12) can help. Personally, I install Evil Mode to use vim bindings within Emacs. Vim allows creating sequential keybindings quite…
How many people are writing memory corruption exploits?
I’ve wondered this for a while (especially when it comes to the private sector job market). Few Interesting Findings From Analyzing Data: ~1% of Global LinkedIn computer security related profiles mention memory corruption terms ( 22K/1.950M) ~1% of US LinkedIn computer security profiles mention memory corruption terms (11K/909K) ~501 Researches have submitted Memory Corruption bugs…
How To Break Into Application Security
So you want to be a white hat hacker? Computer Security is a fascinating field and can be quite rewarding. The work you do will protect people’s privacy, prevent fraud , and can even save people’s lives when working on critical systems. Having a college degree isn’t necessary. What’s more important is training yourself to…