00:07 <+bridge> @learath2 I'm confused. I observed in demos that the tick in a charactercore can sometimes decrease(!). I'm confused by that, wouldn't that suggest that the server keeps more than one core for reckoning? 00:12 <+bridge> the decreasing tick is just the reckoning being rewound to stay accurate 00:13 <+bridge> I'd assume the decreasing tick is just the reckoning being rewound to stay accurate 00:15 <+bridge> `m_ReckoningTick` gets reset to `Server()->Tick()` at the moment of the snap, so it being lower happens when the core had been running ahead 00:15 <+bridge> ~~I'd assume~~ the decreasing tick is just the reckoning being rewound to stay accurate 00:24 <+bridge> i wonder how that could happen tho, a stale instance maybe? 01:01 <+bridge> I don't understand, when and how would it be rewound? 02:02 <+bridge> thats what i'm curious about too, probably a way how demos interpolate/record the snap? 02:04 <+bridge> i assume Learath/Roby may know this ^^ 06:00 <+bridge> Robyt 06:00 <+bridge> Robyt 06:00 <+bridge> Robyt 06:00 <+bridge> ... 06:00 <+bridge> 06:00 <+bridge> xd 06:00 <+bridge> https://cdn.discordapp.com/attachments/293493549758939136/1511580298104672457/image.png?ex=6a20f85a&is=6a1fa6da&hm=3ffaf22596d8637744414eb7b118369703230779fcbfe65d47ab55e3834c4e48& 06:48 <+bridge> what's new? 06:48 <+bridge> he is the goat 07:03 <+bridge> scary https://blog.ammaraskar.com/github-token-stealing/ 07:05 <+bridge> it says "1 click" but any website you visit can steal your full access github token if you're not paying attention to your browser for ~30 seconds 07:06 <+bridge> probably patched in a few hours 07:14 <+bridge> tldr: navigate to dev.github.com vscode page for a malicious repo, the repo runs a script that tries to install an extension, with some vscode bugs you can click the "trust publisher and install" without any user input, then the extension steals your github token from the vscode environment 07:18 <+bridge> tldr: navigate to github.dev vscode page for a malicious repo, the repo runs a script that tries to install an extension, with some vscode bugs you can click the "trust publisher and install" without any user input, then the extension steals your github token from the vscode environment 07:36 <+bridge> Hm so extensions just have access to your token? I would have hoped that required user action with a popup that says „login with GitHub“ or something like that 07:53 <+bridge> there is a popup, but vscode is buggy javascript so you can bypass it 07:55 <+bridge> it's also not actual vscode, it's the one that opens in your browser when you press . on a github page 07:56 <+bridge> idk why github just gives it your token but I guess they have full trust in the vscode security features to work, but the consequences are much bigger when it's in a browser 08:00 <+bridge> https://youtu.be/0DK1zwDAUcg 08:46 <+bridge> fortunately this only works if you used the github dot dev webapp before 08:47 <+bridge> I had 08:47 <+bridge> yeah if you had previously used it, this is quite terrible 08:47 <+bridge> also if you're not aware of this it would be so trivial to social engineer you into accepting the one time prompt 08:48 <+bridge> there is a reason a lot of projects are leaving Github 08:48 <+bridge> to be fair it's a vscode vuln technically, but that's still microsoft 08:49 <+bridge> the same thing would work if you opened a folder in vscode on your PC 08:49 <+bridge> I guess but they implemented it 08:49 <+bridge> Thanks tater for spreading awareness and saving us all 08:50 <+bridge> I am not clicking on the blog! I am sure it would hack me hehe 08:50 <+bridge> lol 08:50 <+bridge> it could! 08:50 <+bridge> possibly the highest risk website because that guy knows how to do it 08:50 <+bridge> If I understood correctly the untrusted publisher thing will pop up locally? 08:50 <+bridge> Yes fr 08:51 <+bridge> whenever you open a folder in vscode it asks this 08:51 <+bridge> https://cdn.discordapp.com/attachments/293493549758939136/1511623335400964157/image.png?ex=6a21206f&is=6a1fceef&hm=2da3f425341239388bd3cf7bfe3cb3a1320329644c2f53793f93fa11d713c28d& 08:52 <+bridge> clicking that button was always scary lol 08:52 <+bridge> yes but the exploit actually bypasses 3 different buttons 08:52 <+bridge> vscode extensions/themes have been a malware hub recently 08:52 <+bridge> it bypasses the "trust repo" the "trust extension publisher" and the "install extension" 08:53 <+bridge> it bypasses the "trust repo" the "trust extension publisher" and the "install extension" popups 08:53 <+bridge> ```As long as you are inside of a trusted workspace (which github.dev/web workspaces always are), then it’s possible to install an extension directly present in .vscode/extensions.``` 08:53 <+bridge> doesn't this mean this doesn't work locally? 08:54 <+bridge> hmm maybe 08:54 <+bridge> I'm too scared to try lol 08:54 <+bridge> but I would assume it shouldn't be able to locally 08:55 <+bridge> doesn't make this story an better 08:55 <+bridge> tbh the bug itself is not all that interesting, and will probably not be used. the amusing part is that it was published in full, with POC, without notifying microsoft, because they previously scammed the researcher in the past 08:56 <+bridge> this happened quite a lot recently with microsoft 08:56 <+bridge> :poggers2: 08:56 <+bridge> yes it's related to those incidents 08:56 <+bridge> :feelsbadman: 08:57 <+bridge> I would say this is the most exploitable one I've seen yet tho, by far. If you used this on someone without publishing it you could steal all the private repos of any company 08:58 <+bridge> they did mention in the past that the inital github dev webapp login prompt did not exist so that was indeed possible 08:58 <+bridge> windows privilege escalation is boring and not impressive, which is the worst thing that was published from the other incidents 08:59 <+bridge> you could also try to supply chain attack some npm libraries and then rat thousands of PCs like what happened a month ago 09:00 <+bridge> so many possibilities 09:01 <+bridge> there seems to be no stopping the supply chain attacks 09:01 <+bridge> meh 09:01 <+bridge> I think delay all library updates + scan them with ai will fix it 09:01 <+bridge> atleast for npm 09:02 <+bridge> I've seen a scanner getting compromised in the past lol 09:02 <+bridge> the fact that installing a library gives it permission to run scripts during the install process by default is crazy for an ecosystem where you have to download thousands of libraries for a single project 09:03 <+bridge> the idea is that many different companies with different AI scanners can look at the published update before anyone downloads it. I think it would work 09:03 <+bridge> they are already doing the scanning, they just aren't doing the delay part 09:04 <+bridge> oh yeah if third parties reliable scan and then report those updates it could work but even stuff can get past 09:05 <+bridge> delaying updates could also expose you to vulnerabilities 09:06 <+bridge> but it's basically mandatory to delay now 09:06 <+bridge> vibe coded vibes 09:41 <+bridge> aaa i want dis in ddnet 09:53 <+ChillerDragon> woah where my message go? 09:54 <+ChillerDragon> `ExecSql("SELECT * FROM users;").then([](const auto& /*rows*/) {}).error([](const auto& /*err*/) {});` 09:54 <+ChillerDragon> or here a more teeish example https://paste.zillyhuhn.com/9V 09:55 <+bridge> @Zwelf pls add :) 10:09 <+bridge> can I rely on this printing 20 instead of 0? 10:09 <+bridge> https://paste.zillyhuhn.com/t0 10:09 <+bridge> i smh thought the brace initializer {} is the same as mem zero xd 10:43 <+bridge> yes it prints 20 10:43 <+bridge> and is guaranteed to 10:44 <+bridge> hmk thanks 10:44 <+bridge> i went with constructor already and removed {} xd 10:46 <+bridge> i needed a Reset() method anyways to clear out the data on logout without having to do destructor hacks or memory management 10:52 <+bridge> >destructor hacks 10:53 <+bridge> is that not what a destructor is for 11:44 <+bridge> yea if the object goes out of scope or gets freed 11:44 <+bridge> but that is not happening 11:45 <+bridge> https://github.com/ddnet/ddnet/blob/5d39cf8d5f4f6c113ace283e803612784c98794c/src/game/server/gamecontext.cpp#L179-L180 11:45 <+bridge> this is kinda nasty imo xd 12:30 <+bridge> what the fuck 12:30 <+bridge> is that even defined 12:35 <+bridge> jupii/@robyt3 how do we avoid bleeding in the font atlas? can we just expect all glyphs to leave padding when it gets rasterized? 12:47 <+bridge> oh god the standard even explicitly allows this https://timsong-cpp.github.io/cppwp/n4950/basic.life#example-2 14:02 <+bridge> what is the purpose of TileExists() I am quite annoyed by it every time i add a new tile 14:02 <+bridge> https://github.com/ddnet/ddnet/blob/5d39cf8d5f4f6c113ace283e803612784c98794c/src/game/collision.cpp#L848-L868 14:02 <+bridge> its used in GetMapIndex() 14:02 <+bridge> 14:02 <+bridge> https://github.com/ddnet/ddnet/blob/5d39cf8d5f4f6c113ace283e803612784c98794c/src/game/collision.cpp#L912-L922 14:03 <+bridge> and GetMapIndices() and thats all 14:04 <+bridge> I guess I can just call GetPureMapIndex() and be done with it hm xd 14:04 <+bridge> kinda sus that they use different rounding 14:05 <+bridge> GetPureMapIndex does `int Nx = std::clamp(round_to_int(x) / 32, 0, m_Width - 1);` 14:05 <+bridge> and GetMapIndex does `int Nx = std::clamp((int)Pos.x / 32, 0, m_Width - 1);` 14:07 <+bridge> oh hm i cant 14:24 <+bridge> bro 14:24 <+bridge> https://cdn.discordapp.com/attachments/293493549758939136/1511707132771434666/1.jpg?ex=6a216e7a&is=6a201cfa&hm=d3291a781d27c3852a85e2e56d0d0ff748d55fe38855d8626880b2f1988f51c4& 14:24 <+bridge> https://cdn.discordapp.com/attachments/293493549758939136/1511707133287206922/2.jpg?ex=6a216e7a&is=6a201cfa&hm=60981d476aaa0468150a27d7991ad9b0dcfa0c12516d9a3aec85554e59811cbc& 14:24 <+bridge> https://cdn.discordapp.com/attachments/293493549758939136/1511707133769416714/3.jpg?ex=6a216e7a&is=6a201cfa&hm=7765e6e13ba4bb579b84fdf85aa3b8a831b55e1a5f6d4725a171bec708d8b2d1& 14:24 <+bridge> https://cdn.discordapp.com/attachments/293493549758939136/1511707134285451364/4.jpg?ex=6a216e7a&is=6a201cfa&hm=efbddbcb2a9fb8578ec5fe197a4b3b14d317bbadd202815c5db3b5ec0efbd917& 14:56 <+bridge> @melon when fix `mysql: can't free last result (free_result:stmt:5025): Statement has no result set` 14:57 <+bridge> actually i might have an idea 14:57 <+bridge> i do a bunch of ExecuteUpdate() calls that arent sql UPDATE statements 15:40 <+bridge> bro 15:40 <+bridge> https://cdn.discordapp.com/attachments/293493549758939136/1511726338430599320/1.jpg?ex=6a21805d&is=6a202edd&hm=bfe36b067a9a4fd7427d138080827b26b7fb99b704bd07a9b39e552da896140d& 15:40 <+bridge> https://cdn.discordapp.com/attachments/293493549758939136/1511726338837315734/2.jpg?ex=6a21805d&is=6a202edd&hm=87a8827dd9051a8a8c2c1251abbe3e1663a2ea57cd02bc7fcdaeda3fae2f2b64& 15:40 <+bridge> https://cdn.discordapp.com/attachments/293493549758939136/1511726339307343983/3.jpg?ex=6a21805d&is=6a202edd&hm=22b8146a18da10c98d03aec8fc2602593f6c5de8603a547ce00ab6aa8c822d43& 15:40 <+bridge> https://cdn.discordapp.com/attachments/293493549758939136/1511726339705667584/4.jpg?ex=6a21805d&is=6a202edd&hm=8e905e052032fa8420c33a1dde7d70e15ede117d235eb598af058c8945affa09& 15:52 <+bridge> I wasted so much time trying to figure it out :justatest: :justatest: