getentropy() vs RAND_bytes()

The other day I learned about the Rust crate lexopt which describes itself as, A pathologically simple command line argument parser. Most argument parsers are declarative: you tell them what to parse, and they do it. This one provides you with a stream of options and values and lets you figure out the rest. For “pathologically simple” I still...

I commented on Lobsters that /tmp is usually a bad idea, which caused some surprise. I suppose /tmp security bugs were common in the 1990s when I was learning Unix, but they are pretty rare now so I can see why less grizzled hackers might not be familiar with the problems. I guess that’s some kind of success, but sadly the fixes have left behind...

Following my previous post on rate limiting with GCRA, leaky buckets without the buckets, I reviewed my old notes on rate limiting for Exim. I thought I should do a new write-up of the ideas that I hope will be more broadly interesting. Exponential rate limiting uses an exponentially-weighted moving average to measure the client’s rate. It is...

Yesterday I read an article describing the GCRA rate limiting algorithm. I thought it was really interesting, but I wasn’t entirely satisfied with Brandur’s explanation, and the Wikipedia articles on leaky buckets and GCRA are terrible, so here’s my version. what is GCRA? GCRA is the “generic cell rate algorithm”, a rate-limiting algorithm that...

Yesterday there was some discussion on the Orange Site about whether or not C is Turing complete. The consensus in the StackOverflow question is, no, because the C abstract machine is a (large) finite state machine, or maybe yes, if you believe that unaddressable local variables can exist outside the finite address space, and you can have an...