Same in Python, Rust, Haskell and probably many others.

But apparently JS does work that way, that is its filter always iterates over everything and returns a new array and not some iterator object.

It could also be this: Cheang, R. T., Skjevling, M., Blakemore, A. I., Kumari, V., & Puzzo, I. (2024). Do you feel me? Autism, empathic accuracy and the double empathy problem. Autism, 0(0). https://doi.org/10.1177/13623613241252320

It seems OP wanted to pass the file name to -k, but this parameter takes the password itself and not a filename:

       -k password
           The password to derive the key from. This is for compatibility with previous versions of OpenSSL. Superseded by the -pass argument.

So, as I understand, the password would be not the first line of /etc/ssl/private/etcBackup.key, but the string /etc/ssl/private/etcBackup.key itself. It seems that -kfile /etc/ssl/private/etcBackup.key or -pass file:/etc/ssl/private/etcBackup.key is what OP wanted to use.

Oracle trilateration refers to an attack on apps that have filters like "only show users closer than 5 km". In case of the vulnerable apps, this was very accurate, so the attacker could change their position from the victim (which does not require physical movement, the application has to trust your device on this, so the position can be spoofed) until the victim disappeared from the list, and end up a point that is almost exactly 5 km from the victim.

Like if it said the user is 5km away, that is still going to give a pretty big area if someone were to trilateral it because the line of the circle would have to include 4.5-5.5km away.

This does not help, since the attacker can find a point where it switches between 4 km and 5 km, and then this point (in the simplest case) is exactly 4.5 km from the victim. The paper refers to this as rounded distance trilateration.

:highlight Normal guifg=0 guibg=0 worked for me, at least when run interactively in a nvim -u NORC session.

My understanding is that all issues are patched in the mentioned releases, the config flag is not needed for that.

The config flag has been added because supporting clients with different endianness is undertested and most people will never use it. So if it is going to generate vulnerabilities, it makes sense to be able to disable it easily, and to disable it by default on next major release. Indeed XWayland had it disabled by default already, so only the fourth issue (ProcRenderAddGlyphs) is relevant there if that default is not changed.

I'm betting there's probably something that generates the key from a vastly smaller player input, i.e what gameobjects you interacted with, in what order, or what did you press/place somwhere. But that also means that the entropy is probably in the bruteforcable range, and once you find the function that decrypts the secrets, it should be pretty easy to find the function that generates the key, and the inputs it takes.

When handling passwords, it is standard practice to use an intentionally costly (in CPU, memory, or both) algorithm to derive the encryption key from the password. Maybe the dev can reuse this? The resulting delay could easily be masked with some animation.

I feel like the sentence also means "it's kinda obvious when you think about it, so we won't explain, but it's actually important, so you probably should make sure you agree".

The bootloader is stored unencrypted on your disk. Therefore it is trivial to modify, the other person just needs to power down your PC, take the hard drive out, mount it on their own PC and modify stuff. This is the Evil Maid attack the other person talked about.

Imagine a soccer ball. The most traditional design consists of white hexagons and black pentagons. If you count them, you will find that there are 12 pentagons and 20 hexagons.

Now imagine you tried to cover the entire Earth in the same way, using similar size hexagons and pentagons (hopefully the rules are intuitive). How many pentagons would be there? Intuitively, you would think that the number of both shapes would be similar, just like on the soccer ball. So, there would be a lot of hexagons and a lot of pentagons. But actually, along with many hexagons, you would still have exactly 12 pentagons, not one less, not one more. This comes from the Euler's formula, and there is a nice sketch of the proof here: https://math.stackexchange.com/a/18347.

Honestly I've unironically missed the entirety of the image at first, I went directly to the text. And probably a lot of internet-savvy people would, this kind of image is useless decoration 90% of the time and people are trained to not look at it. Same concept as in that research where they asked people to find the current population number on a webpage and they had a very hard time, despite the value being in big red digits or something equally distinctive.

That's because all the audio drama focused on PulseAudio.