<?xml version="1.0" encoding="UTF-8"?>
 <rdf:RDF xmlns="http://purl.org/rss/1.0/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:taxo="http://purl.org/rss/1.0/modules/taxonomy/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:cc="http://web.resource.org/cc/" xmlns:syn="http://purl.org/rss/1.0/modules/syndication/" xmlns:admin="http://webns.net/mvcb/">
  <channel rdf:about="http://pinboard.in">
    <title>Pinboard (jm)</title>
    <link>https://pinboard.in/u:jm/public/</link>
    <description>recent bookmarks from jm</description>
    <items>
      <rdf:Seq>	<rdf:li rdf:resource="https://kirancodes.me/posts/log-who-watches-the-watchers.html"/>
	<rdf:li rdf:resource="https://furry.engineer/@niko/113728467796605323"/>
	<rdf:li rdf:resource="http://research.swtch.com/zip"/>
	<rdf:li rdf:resource="http://googledevelopers.blogspot.ie/2013/02/compress-data-more-densely-with-zopfli.html"/>
	<rdf:li rdf:resource="http://skife.org/java/unix/2011/06/20/really_executable_jars.html"/>
	<rdf:li rdf:resource="https://wiki.archlinux.org/index.php/Lrzip"/>
	<rdf:li rdf:resource="http://www.zlib.net/pigz/"/>
      </rdf:Seq>
    </items>
  </channel><item rdf:about="https://kirancodes.me/posts/log-who-watches-the-watchers.html">
    <title>Lean proved this program was correct; then I found a bug</title>
    <dc:date>2026-04-14T13:08:07+00:00</dc:date>
    <link>https://kirancodes.me/posts/log-who-watches-the-watchers.html</link>
    <dc:creator>jm</dc:creator><description><![CDATA[This is IMO very exciting.  Formal verification and formally-proven correctness in code using Lean, which was in turn exercised heavily using Claude, which managed to turn up a totally unexpected runtime bug:

<blockquote>The positive result here is actually the remarkable one. Across 105 million executions, the application code (that is, excluding the runtime) had zero heap buffer overflows, zero use-after-free, zero stack buffer overflows, zero undefined behaviour (UBSan clean), and zero out-of-bounds array reads in the Lean-generated C code. [...]

The two bugs that were found both sat outside the boundary of what the proofs cover. The denial-of-service was a missing specification. The heap overflow was a deeper issue in the trusted computing base, the C++ runtime that the entire proof edifice assumes is correct (and now has a PR addressing).

Overall verification resulted in a remarkably robust and rigorous codebase. AFL and Claude had a really hard time finding errors. But they did still find issues. Verification is only as strong as the questions you think to ask and the foundations you choose to trust. </blockquote>

]]></description>
<dc:subject>programming coding future lean formal-methods correctness linting bugs zip verification testing</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:jm/b:c1237ac77bc9/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:programming"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:coding"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:future"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:lean"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:formal-methods"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:correctness"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:linting"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:bugs"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:zip"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:verification"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:testing"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://furry.engineer/@niko/113728467796605323">
    <title>Zip bombs to frustrate AI crawlers</title>
    <dc:date>2025-03-25T10:08:23+00:00</dc:date>
    <link>https://furry.engineer/@niko/113728467796605323</link>
    <dc:creator>jm</dc:creator><description><![CDATA[Nifty trick; redirecting abusive AI crawlers to a gzipped file containing 100GB of zeros with a few lines of nginx config:

<pre>
set $redir_to_gz 1;
if ($host = gz.niko.lgbt) {
    set $redir_to_gz 0;
}
if ($http_user_agent !~* (claudebot|ZoominfoBot|GPTBot|SeznamBot|DotBot|Amazonbot|DataForSeoBot|2ip|paloaltonetworks.com|SummalyBot|incestoma)) {
    set $redir_to_gz 0;
}
if ($redir_to_gz) {
    return 301 https://gz.niko.lgbt/;
}

as for the actual stuff behind gz.niko.lgbt

server {
    # SSL and listen -- snipped

    # static files
    root /var/www/gz.niko.lgbt;
    location / {
        add_header Content-Encoding gzip;
        try_files /42.gz =404;
        gunzip off;
        types { text/html gz; }
    }

    # gunzip off is very important because if the client doesn't support gzip encoding nginx will blow its foot off without that
    # 42.gz is generated with dd if=/dev/zero bs=1M count=102400 | gzip -c - > 42.gz

    # additional config -- snipped
}
</pre>

Nice one @niko, I'm definitely going to use that :)]]></description>
<dc:subject>gzip zip zip-bombs defence bots crawling scraping crawlers dev-zero abuse</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:jm/b:5738846805e9/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:gzip"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:zip"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:zip-bombs"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:defence"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:bots"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:crawling"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:scraping"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:crawlers"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:dev-zero"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:abuse"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://research.swtch.com/zip">
    <title>research!rsc: Zip Files All The Way Down</title>
    <dc:date>2016-02-05T15:26:51+00:00</dc:date>
    <link>http://research.swtch.com/zip</link>
    <dc:creator>jm</dc:creator><description><![CDATA[quine.zip, quine.gz, and quine.tar.gz.  Here's what happens when you mail it through bad AV software: https://twitter.com/FioraAeterna/status/694655296707297281]]></description>
<dc:subject>zip algorithms compression quines fun hacks gzip</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:jm/b:4ad60171c630/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:zip"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:algorithms"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:compression"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:quines"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:fun"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:hacks"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:gzip"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://googledevelopers.blogspot.ie/2013/02/compress-data-more-densely-with-zopfli.html">
    <title>Compress data more densely with Zopfli - Google Developers Blog</title>
    <dc:date>2013-03-02T23:10:18+00:00</dc:date>
    <link>http://googledevelopers.blogspot.ie/2013/02/compress-data-more-densely-with-zopfli.html</link>
    <dc:creator>jm</dc:creator><description><![CDATA[New compressor from Google, gzip/zip-compatible, slower but slightly smaller results]]></description>
<dc:subject>compression gzip zip deflate google</dc:subject>
<dc:identifier>https://pinboard.in/u:jm/b:d686d96bb5ec/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:compression"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:gzip"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:zip"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:deflate"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:google"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://skife.org/java/unix/2011/06/20/really_executable_jars.html">
    <title>Making Really Executable Jars</title>
    <dc:date>2013-03-01T22:36:52+00:00</dc:date>
    <link>http://skife.org/java/unix/2011/06/20/really_executable_jars.html</link>
    <dc:creator>jm</dc:creator><description><![CDATA[Who knew? you can make a runnable JAR file!

<blockquote>There has long been a hack known in some circles, but not widely known, to make jars really executable, in the chmod +x sense. The hack takes advantage of the fact that jar files are zip files, and zip files allow arbitrary cruft to be prepended to the zip file itself (this is how self-extracting zip files work).</blockquote>

]]></description>
<dc:subject>jars via:netflix shell java executable chmod zip hacks command-line cli</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:jm/b:706bb7fc507a/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:jars"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:via:netflix"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:shell"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:java"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:executable"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:chmod"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:zip"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:hacks"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:command-line"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:cli"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="https://wiki.archlinux.org/index.php/Lrzip">
    <title>lrzip</title>
    <dc:date>2012-02-07T17:31:53+00:00</dc:date>
    <link>https://wiki.archlinux.org/index.php/Lrzip</link>
    <dc:creator>jm</dc:creator><description><![CDATA['Lrzip uses an extended version of rzip which does a first pass long distance redundancy reduction. The lrzip modifications make it scale according to memory size. [...] The unique feature of lrzip is that it tries to make the most of the available ram in your system at all times for maximum benefit. It does this by default, choosing the largest sized window possible without running out of memory.']]></description>
<dc:subject>zip compression via:dakami gzip bzip2 archiving benchmarks</dc:subject>
<dc:source>https://pinboard.in/</dc:source>
<dc:identifier>https://pinboard.in/u:jm/b:1981f4f7ea0d/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:zip"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:compression"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:via:dakami"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:gzip"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:bzip2"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:archiving"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:benchmarks"/>
</rdf:Bag></taxo:topics>
</item>
<item rdf:about="http://www.zlib.net/pigz/">
    <title>pigz</title>
    <dc:date>2009-10-21T10:09:18+00:00</dc:date>
    <link>http://www.zlib.net/pigz/</link>
    <dc:creator>jm</dc:creator><description><![CDATA['A parallel implementation of gzip for modern multi-processor, multi-core machines', by Mark Adler, no less]]></description>
<dc:subject>adler pigz gzip compression performance concurrency shell parallel multicore zip software</dc:subject>
<dc:identifier>https://pinboard.in/u:jm/b:3488243c8811/</dc:identifier>
<taxo:topics><rdf:Bag>	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:adler"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:pigz"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:gzip"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:compression"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:performance"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:concurrency"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:shell"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:parallel"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:multicore"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:zip"/>
	<rdf:li rdf:resource="https://pinboard.in/u:jm/t:software"/>
</rdf:Bag></taxo:topics>
</item>
</rdf:RDF>