#qsort — Public Fediverse posts

Чем отличается изобретатель вечного двигателя от просто изобретателя?

Если десятью словами: неумением ставить корректные эксперименты и экстремально гипертрофированным ощущением собственной важности. Я не буду описывать конкретный случай, с которым я столкнулся, а опишу выдуманный случай с такими же чертами. Предположим к вам обратился товарищ, который хочет чтобы вы дали ему контакты принимающих решения менеджеров и топ-алгоритмистов в условном Микрософте. Зачем? После обмена репликами, где он сначала сопротивляется, выясняется что он изобрел новый алгоритм сортировки. В качестве доказательства он показывает программу на питоне, которая, по его словам, сортирует 10 чисел быстрее чем сортировка по умолчанию на питоне.

https://habr.com/ru/articles/828652/

#вечный_двигатель #венчурные_капиталисты #изобретатели #qsort #sorting #школа_синтеза #Verilog #FPGA #asic #systemverilog

At the "Mediatization vs. #Datafication" conference in Lublin, we are discussing the use of #QSort in #mediatization research on the basis of a presentation by Szymon Zylinski. The possibilities here go far beyond #mediarepertoires and also concern the changing "structures of feeling" and #visualcommunication. We ourselves have developed MeSort, which is also #opensource: https://mesoftware.org/index.php/mesort/ This website is new to me: https://qmethod.org/resources/software/

I made a comment on the proposed #CVE program rules changes given the #glibc #qsort advisory from Qualys in January.

I want to make it clear that CVEs to identify defects of that sort should be allocated for each application defect, not the library side defect.

Am I in left field?

cc @codonell

#InfoSec #VulnCon
https://docs.google.com/document/d/12jf-CYn9fH2044YyF1fVf0pRaW4o48JVEKVCArEN5zU/edit?disco=AAABJExoyEA

Recent privilege escalation vulnerabilities in GNU C Library #glibc widely used in many #Linux distributions such as #Debian, #Ubuntu, #Fedora and others.

CVE-2023-6246 #privesc #vuln can be triggered via #syslog by using long program name or ident parameter in openlog().

Another vulnerability is in #qsort function. While real-world affected programs are currently not known, this vulnerability is pretty old - since 1992 until now.

Reference: https://blog.qualys.com/vulnerabilities-threat-research/2024/01/30/qualys-tru-discovers-important-vulnerabilities-in-gnu-c-librarys-syslog

This is just another reason to consider using Linux distribution without glibc, for example #Alpine Linux with #musl

Recent privilege escalation vulnerabilities in GNU C Library #glibc widely used in many #Linux distributions such as #Debian, #Ubuntu, #Fedora and others.

CVE-2023-6246 #privesc #vuln can be triggered via #syslog by using long program name or ident parameter in openlog().

Another vulnerability is in #qsort function. While real-world affected programs are currently not known, this vulnerability is pretty old - since 1992 until now.

Reference: https://blog.qualys.com/vulnerabilities-threat-research/2024/01/30/qualys-tru-discovers-important-vulnerabilities-in-gnu-c-librarys-syslog

This is just another reason to consider using Linux distribution without glibc, for example #Alpine Linux with #musl

Recent privilege escalation vulnerabilities in GNU C Library #glibc widely used in many #Linux distributions such as #Debian, #Ubuntu, #Fedora and others.

CVE-2023-6246 #privesc #vuln can be triggered via #syslog by using long program name or ident parameter in openlog().

Another vulnerability is in #qsort function. While real-world affected programs are currently not known, this vulnerability is pretty old - since 1992 until now.

Reference: https://blog.qualys.com/vulnerabilities-threat-research/2024/01/30/qualys-tru-discovers-important-vulnerabilities-in-gnu-c-librarys-syslog

This is just another reason to consider using Linux distribution without glibc, for example #Alpine Linux with #musl

Recent privilege escalation vulnerabilities in GNU C Library #glibc widely used in many #Linux distributions such as #Debian, #Ubuntu, #Fedora and others.

CVE-2023-6246 #privesc #vuln can be triggered via #syslog by using long program name or ident parameter in openlog().

Another vulnerability is in #qsort function. While real-world affected programs are currently not known, this vulnerability is pretty old - since 1992 until now.

Reference: https://blog.qualys.com/vulnerabilities-threat-research/2024/01/30/qualys-tru-discovers-important-vulnerabilities-in-gnu-c-librarys-syslog

This is just another reason to consider using Linux distribution without glibc, for example #Alpine Linux with #musl

Recent privilege escalation vulnerabilities in GNU C Library #glibc widely used in many #Linux distributions such as #Debian, #Ubuntu, #Fedora and others.

CVE-2023-6246 #privesc #vuln can be triggered via #syslog by using long program name or ident parameter in openlog().

Another vulnerability is in #qsort function. While real-world affected programs are currently not known, this vulnerability is pretty old - since 1992 until now.

Reference: https://blog.qualys.com/vulnerabilities-threat-research/2024/01/30/qualys-tru-discovers-important-vulnerabilities-in-gnu-c-librarys-syslog

This is just another reason to consider using Linux distribution without glibc, for example #Alpine Linux with #musl

Published #OpenAccess: Our paper "Let's build our tools together! Possibilities and limits of #CoCreation of research software for communication and media studies". In the paper we reflect on our experiences developing #MeSort and #MeTag, #mediarepertoire, #networkanalysis, #QSort with @hohse, @[email protected], @[email protected], @zemki, in German: https://link.springer.com/article/10.1007/s11616-023-00803-w

Published #OpenAccess: Our paper "Let's build our tools together! Possibilities and limits of #CoCreation of research software for communication and media studies". In the paper we reflect on our experiences developing #MeSort and #MeTag, #mediarepertoire, #networkanalysis, #QSort with @hohse, @[email protected], @[email protected], @zemki, in German: https://link.springer.com/article/10.1007/s11616-023-00803-w

Published #OpenAccess: Our paper "Let's build our tools together! Possibilities and limits of #CoCreation of research software for communication and media studies". In the paper we reflect on our experiences developing #MeSort and #MeTag, #mediarepertoire, #networkanalysis, #QSort with @hohse, @[email protected], @[email protected], @zemki, in German: https://link.springer.com/article/10.1007/s11616-023-00803-w

Published #OpenAccess: Our paper "Let's build our tools together! Possibilities and limits of #CoCreation of research software for communication and media studies". In the paper we reflect on our experiences developing #MeSort and #MeTag, #mediarepertoire, #networkanalysis, #QSort with @hohse, @[email protected], @[email protected], @zemki, in German: https://link.springer.com/article/10.1007/s11616-023-00803-w

Published #OpenAccess: Our paper "Let's build our tools together! Possibilities and limits of #CoCreation of research software for communication and media studies". In the paper we reflect on our experiences developing #MeSort and #MeTag, #mediarepertoire, #networkanalysis, #QSort with @hohse, @[email protected], @[email protected], @zemki, in German: https://link.springer.com/article/10.1007/s11616-023-00803-w

#OpenAccess erschienen: Unser Aufsatz "Lasst uns unsere Tools gemeinsam bauen! Möglichkeiten und Grenzen der #CoCreation von Forschungssoftware für die Kommunikations- und Medienwissenschaft". In dem Aufsatz reflektieren wir unsere Erfahrungen bei der Entwicklung von #MeSort und #MeTag, #Medienrepertoire, #Netzwerkanalyse, #QSort mit @hohse, https://twitter.com/AleBelli90, https://twitter.com/mesoftware_org, @zemki: https://link.springer.com/article/10.1007/s11616-023-00803-w

#OpenAccess erschienen: Unser Aufsatz "Lasst uns unsere Tools gemeinsam bauen! Möglichkeiten und Grenzen der #CoCreation von Forschungssoftware für die Kommunikations- und Medienwissenschaft". In dem Aufsatz reflektieren wir unsere Erfahrungen bei der Entwicklung von #MeSort und #MeTag, #Medienrepertoire, #Netzwerkanalyse, #QSort mit @hohse, https://twitter.com/AleBelli90, https://twitter.com/mesoftware_org, @zemki: https://link.springer.com/article/10.1007/s11616-023-00803-w

#OpenAccess erschienen: Unser Aufsatz "Lasst uns unsere Tools gemeinsam bauen! Möglichkeiten und Grenzen der #CoCreation von Forschungssoftware für die Kommunikations- und Medienwissenschaft". In dem Aufsatz reflektieren wir unsere Erfahrungen bei der Entwicklung von #MeSort und #MeTag, #Medienrepertoire, #Netzwerkanalyse, #QSort mit @hohse, https://twitter.com/AleBelli90, https://twitter.com/mesoftware_org, @zemki: https://link.springer.com/article/10.1007/s11616-023-00803-w

#OpenAccess erschienen: Unser Aufsatz "Lasst uns unsere Tools gemeinsam bauen! Möglichkeiten und Grenzen der #CoCreation von Forschungssoftware für die Kommunikations- und Medienwissenschaft". In dem Aufsatz reflektieren wir unsere Erfahrungen bei der Entwicklung von #MeSort und #MeTag, #Medienrepertoire, #Netzwerkanalyse, #QSort mit @hohse, https://twitter.com/AleBelli90, https://twitter.com/mesoftware_org, @zemki: https://link.springer.com/article/10.1007/s11616-023-00803-w