निर्भीक चौहान

CPU designers intentionally hide instructions from the public documentation. They are called "non-standard instructions" and they exist in every modern CPU. A 2025 fuzzing tool called MystFuzz systematically hunts for these hidden opcodes to find security bugs before attackers do.

I've just realized what ARM64X and imo this is the nastiest PE extension Microsoft has ever shipped it's literally the most horrific fat binary mankind has ever invented because it contains two types of binaries one of which is a horrific hack: - native ARM64 code with ARM64 ABI - hybrid ARM64EC code which combines: + native x86_64 code + native ARM64 code gated with special relocation types, using a different ABI that mimics the Windows x86_64 one

Just saving this here to document a story and as a self reflection on whether AI is really making me more productive Yesterday morning I found a way to complete the new HVM approach, that is much faster than before. I spent a few hours writing a spec, and then used Opus to implement. About 3k lines of C code later, everything worked and performance was incredible: 5x faster than HVM4 (stable at ~10x now). So, in one day I had outclassed HVM4. Incredible. I'd never have implemented that so fast manually. Now, enter today. I want to turn this into a real thing, but I haven't fully read the 3k lines yet. So, how do I trust it? I spent the whole day auditing the code. With AI. Several bugs found, most minor like forgetting to collect() some argument. But then I stumble upon this: λ{ inl: 1 ; inr: 1 } This was a test. But wait. This is matching on inl/inr. So the branches should receive the value of the Either. But they were numbers instead. Numbers aren't functions. This makes no sense. So why this is a test? It then stuck me. The AI completely misunderstood how function arities work. It literally assumed for no good reason that HVM5 was supposed to handle under/over-applied functions. For no good reason. I never wrote that. It never asked either. It just kinda thought "HVM is weird in some aspects, this might be one of them..." - and then it went on to implement a massive system to handle cases that should never happen to begin with. And all of that code is obviously wrong because it should not even exist. It is wrong. It is damage. And it is there. But it isn't too bad either. I just told Opus that it was wrong. Perhaps not so politely. And it solved it just fine. But then this begs the question. I spent ~20 hours in this file, and it is STILL not done. I went from 0 to 95% in the first 5 hours. Yet, 15 hours later, it is still not 100%. I suppose that is the real effect of using AI. If I had just written the C file manually in the last two days, would I not be further than where I am *right now*? Surely, the first version would have taken much longer to drop. But when I'd finish writing all that code, there would be zero, literally zero retarded shit. And, just today, I caught 5 or 6 retarded shit. And the worst part is: I don't know what the number of retarded shit left is, but I'm afraid it is >0. So if I have to read it all, review it all to ensure there is no retarded shit... what did I achieve by using AI, other than that dopamine anticipation?

One paid full price for 9.9% of the company by re-appropriating a grant as a buy. The other wants to use the govt's monopoly on violence to seize 50% of the company without paying anything. Re-appropriating grant money as a purchase was a great idea, and that should've been the plan from the start. Rare Trump W.

A researcher found critical Windows zero-days. Reported them to Microsoft. Microsoft denied the bug bounty. Deleted their account. Banned them from GitHub. Then threatened criminal charges. The researcher dropped six zero-days in six weeks. Three got used in real attacks within days. Other researchers are now handing them free vulnerabilities as a gift. Microsoft’s Digital Crimes Unit is considering legal action. Against the person whose bugs they refused to pay for. This is Microsoft’s bug bounty program.

Two years ago I was 20 min late for an appointment for my Canadian visitor visa. They told me I had to rebook because the system would not let them sign me in. They also told me I could get a fresh appointment immediately if I went to the premium lounge. No other VFS centre has ever told me that I can't enter if I'm late.