Next #swad improvement: Make sure to #wipe #passwords from RAM directly after used. That's more of a #security precaution, because there *should* be no way how an attacker can access a running process' memory, but you never know which bugs surface .

Unexpectedly, that posed #portability issues. #C11 has #memset_s ... a pretty weird function, but suitable for wiping. It's there on #FreeBSD and on #OpenBSD. Not on #NetBSD though. But NetBSD offers the much saner #C23 function #memset_explicit. Looking at #Linux, there's neither. But there is the (non-standard!) #explicit_bzero .. and with glibc, it requires _DEFAULT_SOURCE to be defined as soon as you compile with a C standard version given to the compiler. This function exists on some other systems as well, but there's confusion whether it should be declared in string.h or strings.h.

Here's the full set of compile-tests I'm now doing, only to find the best way to really erase memory:
https://github.com/Zirias/swad/blob/master/src/bin/swad/swad.mk#L6

And if none of these functions is found, swad uses the "hacky" way that most likely works as well: Access the normal memset function via a volatile pointer.

#introduction

Our motto is »#Linux #OpenSource News & #KnowHow for #Office Tasks.«

Our posts are for #solopreneurs, #trainers, #facilitators, and everybody else who tackles their office tasks using open source software under Linux.

While we appreciate #portability, we're strictly Linux-only. With respect to other operating systems: no bashing, no praise, no comparisons. We've already made our choice.

Formerly @social.tchncs.de, 2021-09-01 to 2024-06-15; then @mastodon.de until 2025-04-17

@GossiTheDog "Mastodon" really needs to get cracking on full data portability, IMHO.

It's a shame this hasn't been pushed higher up on the list of things to do.

I think many people have invested quite a bit of time and effort into their posts and profiles, and moving all that data, or somehow managing a switch-over doesn't seem to be that simple, if at all possible.

Something I hadn’t considered about account #portability …

It will simplify initial user onboarding. Interested in XYZ software? Cool. Sign up now on xyz.social. You can move your account in a week or two once you have a lay of the land…

Resumed Technical Comparison: Linux vs. BSD

Linux and BSD are two influential families of open-source operating systems with distinct philosophies, architectures, and use cases. Although they share UNIX roots, their development paths, licensing models, and system design set them apart.

Read More: https://machaddr.substack.com/p/resumed-technical-comparison-linux

Can #C be liberated from its ultra-#portability fantasy? One #proposal at a time.

Two’s complement & IEEE-754 arithmetic next?

“P3477R0: There Are Exactly 8 Bits In A Byte”, JF Bastien (http://wg21.link/P3477r0).

On HN: https://news.ycombinator.com/item?id=41874394

New on blog: "Overview of cross-architecture #portability problems"

"""
Ideally, you'd want your program to work everywhere. Unfortunately, that's not that simple, even if you're using high-level "portable" languages such as #Python. In this blog post, I'd like to focus on some aspects of cross-architecture problems I've seen or heard about during my time in #Gentoo. Please note that I don't mean this to be a comprehensive list of problems — instead, I'm aiming for an interesting read.
"""

https://blogs.gentoo.org/mgorny/2024/09/23/overview-of-cross-architecture-portability-problems/

Against all odds, #32bit #time_t is sometimes helpful.

For example, yesterday I've found an interesting bug in the #Moto library. It was passing to botocore a date that resembled ISO-8601, except it did not use any separators, e.g. "20240907201715" — while botocore expected either numeric UNIX timestamp, or a more typical date format. As a result, the joined digits were incorrectly interpreted as a UNIX timestamp, giving a date in the year 643378.

I suspect that if not for 32-bit time_t failing on timestamps this large, for a long time nobody would have noticed the dates being misinterpreted.

https://github.com/getmoto/moto/pull/8095

I'm slowly working on a new blog post. In the meantime, I've looked closer at the #y2k38 problem, and I'd like to share some observations with you.

It seems that the problem is mostly considered from the "overflow" in 32-bit programs angle — i.e. that we're suddenly going to move back in time from 2038 to 1901, and there will be some "funny" effects of that. However, in reality we're probably going to see different kinds of problems.

Firstly, `stat()` stops working on files whose timestamps can't be expressed in 32-bit `time_t` (the files can still be opened, though). It is quite counterintuitive; we usually assume that opening files is more restrictive. In the most absurd case, a program would be able to use a file only once. Once used, timestamps will get updated and `stat()` will start failing.

Secondly, `time()` returns an error. Many developers (myself included) doesn't even consider that `time()` can fail. Yet after 2038, every single call is going to return `-1`. What does that mean? A "well-written" software will just fail with an error. Other programs will just be "stuck" 1 second prior to midnight of December 31, 1969. And I believe that could be worse than returning an "overflowed" time counter, as every call will return the same value.

What could the consequences be? Clocks showing the same date and time all the time. Waiting loops based on wall clock time hanging immediately. Events never getting triggered. Clock-seeded pseudorandom number generators (`srand(time(NULL))`) always returning the same sequence of numbers.

This will affect all proprietary software on 32-bit platforms. If we wanted to play an old game, we're going to have quite a fight ahead of us. What's even worse, even faketime doesn't suffice here — it will adjust the time returned by `time()` calls, but not file timestamps.

Our In-Process blog is out. Today we have a reminder of NVDA 2024.3, info on NVDA 2024.4 and our Beta / RC program, details of the upcoming SPEVI conference 2025 and a walkthrough of creating a portable copy and the highly anticipated change to the process which now creates a folder for you.

Read now at: https://www.nvaccess.org/post/in-process-5th-september-2024/

tori v0.6.0 is out with support for file management!

https://tori.jutty.dev/updates/file-management/

tori August 2024 monthly update

Mostly website changes, Matrix room, and the start of file management work

https://tori.jutty.dev/updates/2024-08-update/

Okay, im throughly confused. I try to improve my #speakerwire #20m 1/4 vertical #antenna. So first I calculated the best length (which is 506cm for 14.065 MHz), then I cut it to that length.

I added four radials which are about 1.5m because #portability.

My calibrated #nanoVNA shows an #swr of 1:40 and my Xiegu shows an SWR of 1:1.1.

I can receive fine, couldn’t try to transmit yet.

What could I do wrong? #hamradio #amateurradio

Ok, I have a #portability issue to fix in #Xmoji. As reported by @0x1eef, it does not build on #OpenBSD. Seems OpenBSD doesn't provide the "#POSIX interval timers":

https://github.com/Zirias/xmoji/issues/4

I guess that's possible to fix by writing code to multiplex the single timer offered by setitimer(). Of course, that's exactly what I wanted to avoid by using the POSIX interval timers.

Is there any good alternative for OpenBSD? What are other projects doing? @thomasadam, does #fvwm need timers and, if so, how is it solved there?

Last strategy for package conflict resolution ready!

tori can now handle conflicts between your configuration and the actual list of installed packages.

Check out the update for all details:

https://tori.jutty.dev/updates/package-conflict-resolution/

Kitten¹ update

Domain migrations are now live for your Kitten apps.

You can now point any custom domain to a deployed Kitten app. When the first Domain² instance goes live at small-web.org later this year, you’ll be able to deploy Kitten apps in ~10 seconds at <your domain>.small-web.org.

Then, if you want to, you can point any domain to it using any registrar.

¹ https://kitten.small-web.org
² https://codeberg.org/domain/app