↳
In-reply-to
»
Do I buy a new monitor or do I live with the burn-ins all the time? Itβs getting annoying. When I edit images in GIMP, I have to double check if something is a pixel or a burn-in.
β€ Read More
@lyse@lyse.isobeef.org To be fair, I did first notice this a while ago. But no monitor I ever had showed burn-ins like this (be it TFT or CRT), so I didnβt know that I should have sent it back. And then it got worse over time and now I see ghost images after 20-30 minutes. :(
wrote a script to make epic aesthetic half tone images and i was impressed with myself how fast i did it but to be fair i already had the commands noted down and i just had to script it lmfao
Do I buy a new monitor or do I live with the burn-ins all the time? Itβs getting annoying. When I edit images in GIMP, I have to double check if something is a pixel or a burn-in.
Hereβs an example of X11/Xlib being old and archaic.
X11 knows the data type βcardinalβ. For example, the window property _NET_WM_ICON (which holds image data for icons) is an array of βcardinalβ. I am already not really familiar with that word and Iβm assuming that it comes from mathematics:
https://en.wikipedia.org/wiki/Cardinal_number
(It could also be a bird, but probably not: https://en.wikipedia.org/wiki/Cardinalidae)
We would probably call this an βintegerβ today.
EWMH says that icons are arrays of cardinals and that theyβre 32-bit numbers:
https://specifications.freedesktop.org/wm-spec/latest-single/#id-1.6.13
So itβs something like 0x11223344 with 0x11 being the alpha channel, 0x22 is red, and so on.
You would assume that, when you retrieve such an array from the X11 server, youβd get an array of uint32_t, right?
Nope.
Xlib is so old, they use char for 8-bit stuff, short int for 16-bit, and long int for 32-bit:
That is congruent with the general C data types, so it does make sense:
https://en.wikipedia.org/wiki/C_data_types
Now the funny thing is, on modern x86_64, the type long int is actually 64 bits wide.
The result is that every pixel in a Pixmap, for example, is twice as large in memory as it would need to be. Just because Xlib uses long int, because uint32_t didnβt exist, yet.
And this is something that I wouldnβt know how to fix without breaking clients.
↳
In-reply-to
»
@kat why does ffmpeg always freeze the video in the first five seconds after a cut lmfao
β€ Read More
@kat@yarn.girlonthemoon.xyz I have absolutely no idea, but I wouldnβt be surprised if it uses the closest full image after your cut point and not the one before. Hence, the deltas between the two full images have nothing to really refer to. So, the video player just shows the first full image it finds and βfreezesβ the image until the video stream actually hits it.
Let me try to visualize it, | represent full images, . just subsequent deltas:
Original start of video
β
|......|.....|........|......|..
β β
Cut point Cut point
Resulting video:
....|.....|........|....
ββββ
This is where it freezes
Could be complete bullshit, though. Wouldnβt be the first time that Iβm wrong. :-)
Iβm just curious, what exact command line do you use to cut the video?
ProcessOne: ejabberd 25.07
Release Highlights:
This release focus on integration in a wider federated network, with support for spam fighting features, better compliance with Matrix network and native support for PubSub Server Information to have your server count as part of the wider XMPP network (for example, you can register your server on XMPP Network Graph).
- **Spam filter β¦ β Read more
↳
In-reply-to
»
The lack of suckless-like simple, hackable software these days is appalling.
β€ Read More
@prologic@twtxt.net Yeah, this really could use a proper definition or a βmanifestβ. π Many of these ideas are not very wide spread. And I havenβt come across similar projects in all these years.
Letβs take the farbfeld image format as an example again. I think this captures the βspiritβ quite well, because this isnβt even about code.
This is the entire farbfeld spec:
farbfeld is a lossless image format which is easy to parse, pipe and compress. It has the following format:
ββββββββββ€ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β Bytes β Description β
β βββββββββͺββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ£
β 8 β "farbfeld" magic value β
ββββββββββΌββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ’
β 4 β 32-Bit BE unsigned integer (width) β
ββββββββββΌββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ’
β 4 β 32-Bit BE unsigned integer (height) β
ββββββββββΌββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ’
β [2222] β 4x16-Bit BE unsigned integers [RGBA] / pixel, row-major β
ββββββββββ§ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
The RGB-data should be sRGB for best interoperability and not alpha-premultiplied.
(Now, I donβt know if your screen reader can work with this. Let me know if it doesnβt.)
I think these are some of the properties worth mentioning:
- The spec is extremely short. You can read this in under a minute and fully understand it. That alone is gold.
- There are no βknobsβ: Itβs just a single version, itβs not like thereβs also an 8-bit color depth version and one for 16-bit and one for extra large images and one that supports layers and so on. This makes it much easier to implement a fully compliant program.
- Despite being so simple, itβs useful. Iβve used it in various programs, like my window manager, my status bars, some toy programs like βtuxeyesβ (an Xeyes variant), or Advent of Code.
- The format does not include compression because it doesnβt need to. Just use something like bzip2 to get file sizes similar to PNG.
- It doesnβt cover every use case under the sun, but it does cover the most important ones (imho). They have discussed using something other than RGBA and decided itβs not worth the trouble.
- They refrained from adding extra baggage like metadata. It would have needlessly complicated things.
https://omnitools.app/ Access thousands of user-friendly utilities for editing images, text, lists, and data, all directly from your browser.
FreeBSD 14.3 released
FreeBSD 14.3 has been released, an important point release for those of us using the FreeBSD 14.x branch. This release brings 802.11ac (Wi-Fi 5) support to many modern laptop wireless chips, OCI container images are now available in Docker and GitHub repositories, and a number of cornerstone packages have been updated to their latest versions. β Read more
GraphQL Gatecrash: When an Introspection Query Opened the Whole Backend οΈ
Free Link π
[Continue reading on InfoSec Write-ups Β»](https://infosecwriteups.com/graphql-gatecrash-when-an-intro β¦ β Read more
Could XSS Be the Hidden Key to Account Takeover
What if I told you that a simple Cross-Site Scripting (XSS) vulnerability could be the golden ticket to a full Account Takeover (ATO)? Noβ¦
[Continue reading on InfoSec Write-ups Β»](https://infosecwriteups β¦ β Read more
Crafting Standalone Python Proof of Concept Exploits
Creating standalone proof of concept exploits implementing a zero-to-hero method, requiring a single action to run.
[Continue reading on InfoSec Write-ups Β»](https://infosecwriteups.com/craf β¦ β Read more
$560 Bounty: How Twitterβs Android App Leaked User Location
A Silent Broadcast That Let Any App Spy on You Without Asking
[Continue reading on InfoSec Write-ups Β»](https://infosecwriteups.com/560-bounty-how-twitters-android-app-leaked- β¦ β Read more
Radxa UFS/eMMC Module Reader and Storage Solution Enables Fast Flashing and Scalable Embedded Storage
Radxaβs UFS/eMMC Module Reader is a compact USB 3.0 adapter for flashing OS images, accessing firmware, and transferring large files. It supports both eMMC v5.0 and UFS 2.1 modules with speeds up to 5β―Gbps The adapter is compatible with eMMC and UFS modules from Radxa, and also works with modules from platforms like PINE64 and [β¦] β Read more
The XMPP Standards Foundation: The XMPP Newsletter May 2025
XMPP Newsletter Banner
Welcome to the XMPP Newsletter, great to have you here again!
This issue covers the month of May 2025.
Like this newsletter, many projects and their efforts in the XMPP community are a result of peopleβs voluntary work. If you are happy with the services and software you may be using, please consider saying thanks or help these projects! Int β¦ β Read more
Satellite images show damaged North Korean warship moved to drydock near Russian border | CNN β Read more
50 Command Line Tools You Wish You Knew Sooner
Master the terminal with these essential commands that will transform your Linux experience from novice to power user.
[Continue reading on InfoSec Write-ups Β»](https://infosecwriteups.com/50-command-line-tools-you-wis β¦ β Read more
Nintendo Switch 2 Hacked in 48 HoursβββBut Hereβs Why Itβs Just the Beginning
A harmless green line on the screen may have just opened the floodgates for hackersβββinside the first real exploit on Nintendoβ β¦ β Read more
When you play the Game of RBAC, You either validate, or the world denies your existenceβββlike a King behind the wall.
OIDC: The Digitally signed Pinky Swear βItβs Meβ (Part I)
Whenever an Elbow-Shake Protocol is being established, thereβs always Users try to communicate safely during Corona pandemic!
[Continue reading on InfoSec Write-ups Β»](https://infosecwrit β¦ β Read more
WebSocket Wizardry: How a Forgotten Channel Let Me Sniff Private Chats in Real-Time οΈββοΈ
Hey there!π
[Continue reading on InfoSec Write-ups Β»]( β¦ β Read more
π βI wasnβt an adminβ¦ until I became one with just a JSON object.β
Business logic allows any user to be blocked from creating an account
FREE READ
[Continue reading on InfoSec Write-ups Β»](https://infosecwriteups.com/business-logic-allows-any-user-to-be-blocked-from-creating- β¦ β Read more
Understanding Misconfiguration Exploits: A Beginnerβs Guide to Offensive Security Thinking.
Misconfigurations are among the most commonβββand most dangerousβββvulnerabiliti β¦ β Read more
**Abuse-ception: How I Turned the Abuse Report Feature Into a Mass Email Spammer **
Hey there!π
[Continue reading on InfoSec Write-ups Β»](https://infosecwriteups.com/abuse-ception-how-i-turned-the- β¦ β Read more
$1,000 Bug: Firefox Account Deletion Without 2FA or Authorization
How a Missing Backend Check Let Attackers Nuke Accounts With Just a Password
[Continue reading on InfoSec Write-ups Β»](https://infosecwriteups.com/1-000-bu β¦ β Read more
The 5 Cybersecurity Roles That Will Disappear First
Think your job is safe from AI? Think again. These are the first cybersecurity roles AI will eat.β
[Continue reading on InfoSec Write-ups Β»](https://infosecwriteups.com/the-5-cybersecurity-role β¦ β Read more
Current toy project: an image feed generated by mk(1). Still some edges to clean up but itβs nice: http://a.9srv.net/img/_readme.html
21 Secret Linux Commands Hackers and Sysadmins Donβt Want You to Know About
Not your usual βlsβ and βpwdββββthese are the real tools used by professionals.
[Continue reading on InfoSec Write-ups Β»](https://info β¦ β Read more
From Classic SOC to Autonomous SOC: The Future of Cyber Defense
Modernize your SOC into an Autonomous Security Operations (ASO) model. what it means, why it matters, and how to prepare your team.
[Continue reading on InfoS β¦ β Read more
How I Captured a Password with One Command
Many beginner-friendly sites or older web applications still use HTTP, which transmits data without encryption.
[Continue reading on InfoSec Write-ups Β»](https://infosecwriteups.com/why-htt β¦ β Read more
$7,500 Bug: Exposing Any HackerOne Userβs Email via Private Program Invite
How One GraphQL Query Turned Private Invites into Public Data Leaks
[Continue reading on InfoSec Write-ups Β»](https://infosecwrite β¦ β Read more
OIDC: Integrate Kubernetes authentication with Azure AD via OIDC (Part IV)
You want to authenticate Kubernetes users by integrating it with Azure AD using OIDC. This setup involves configuring the following β¦ β Read more
Create own Hacking SERVER Instead of Portswigger exploit server
This article describes about to create your own server that helps to exploit CORS vulnerability or more.
[Continue reading on InfoSec Write-ups Β»](https://i β¦ β Read more
OIDC: The Fellowship of the Token (Part III)
One token to rule them all, one token to find them, One token to bring them all, and in the cluster spawn them (I meant the pods.).
[Continue reading on InfoSec Write-ups Β»](https://infosecwriteups.com/oidc-the-fellowsh β¦ β Read more
How I Hacked 100+ Accounts Using Just XSS
One Small Flaw, 100+ Accounts StolenβββHereβs How It Happened
How a Welcome Email Can Be Used for Malicious Redirection
Free Article Link: Click for free!
[Continue reading on InfoSec Write-ups Β»](https://infosecwriteups.com/how-a-welcome-email-can-be-used-for-malicious-redirection-fd833ec71550? β¦ β Read more
A Step-by-Step Plan to Secure Web Backends with XAMPP (Part 1/3)
Installing and Configuring XAMPP
[Continue reading on InfoSec Write-ups Β»](https://infosecwriteups.com/a-step-by-step-plan-to-secure-web-backends-with-xampp-p β¦ β Read more
** Broken Object Fiesta: How I Used IDOR, No Auth, and a Little Luck to Pull User Data **
Hey there!π
[Continue reading on InfoSec Write-ups Β»](https://infosecwriteups.com/broken-object-fiest β¦ β Read more
**β οΈ CORS of Destruction: How Misconfigured Origins Let Me Read Everything **
Free Link π
[Continue reading on InfoSec Write-ups Β»](https://infosecwriteups.com/%EF%B8%8F-cors-of-destruction-how-m β¦ β Read more
** Cookie AttributesβββMore Than Just Name & Value**
Understanding the Security & Scope Behind Every Cookie
[Continue reading on InfoSec Write-ups Β»](https://infosecwriteups.com/cookie-attributes-more-than-just-name-value-a95591be6fba?source=rssβ-7b722bfd1b8dβ4 β¦ β Read more
DOM XSS Exploit: Using postMessage and JSON.parse in iframe Attacks
[Write-up] DOM XSS Using Web Messages and JSON.parse.
[Continue reading on InfoSec Write-ups Β»](https://infosecwriteups.com/dom-xss-exploit-using β¦ β Read more
Bypassing HackerOne Report Ban Using API Key
How a Banned Researcher Could Still Submit Reports Using the REST API
[Continue reading on InfoSec Write-ups Β»](https://infosecwriteups.com/bypassing-hackerone-report-ban-using-api-key-061711e873c6?source=rssβ-7b β¦ β Read more