====================================================================

Today's Sponsor: Telerik DevCraft

Build feature-rich, modern experiences for Web, Mobile and Desktop, faster than ever with Telerik and Kendo UI components.

====================================================================

Abusing Exceptions for Code Execution, Part 2

Published: 30 January 2023
Tags: infosec, windows

Bill Demirkapi explores how the concepts behind Exception Oriented Programming can be abused when exploiting stack overflow vulnerabilities on Windows.
Some highlights:

• Exception Oriented Programming (EOP) is a method of executing arbitrary operations by chaining together code from legitimate modules
• An attacker can use a return-to-dl-resolve attack to dynamically calculate the security cookie
• Similar vulnerabilities also exist in Linux

====================================================================

Saving Memory Subsystem Bandwidth

Published: 30 January 2023
Tags: c, c++, memory, optimization

Ivica Bogosavljević discusses ways to make software run more efficiently, with a focus on using less memory resources.
Some highlights:

• The goal is to make programs that are "frugal" in their use of resources, in contrast to programs that are focused on speed
• There are two ways to make programs more frugal: CPU policies and modifying the program
• Ivica explores both

====================================================================

Making an Asynchronous Breakfast in .NET

Published: 10 January 2023
Tags: c#, dotnet, sponsored

In this article, breakfast is used to demonstrate how asynchronous programming works in .NET and what its advantages are over synchronous programming.
Some highlights:

• Comparison of a synchronous and asynchronous implementation
• Highlights native .NET methods for async programming
• Underlines the drawbacks of using async programming

====================================================================

Horizontally Scaling PostgreSQL

Published: 5 January 2023
Tags: distributed systems, postgres

The author of this article covers the different approaches to using postgres as a distributed database.
Some highlights:

• Horizontal scaling is the art and science of distributing data across multiple servers without compromising data integrity, transaction safety and query performance
• Physical replication aims to replicate the “physical”, on-disk layout of the primary server’s data files by relaying WAL records that essentially encode the deltas of the file contents
• Logical replication works by recording and replaying the SQL-level transactions, rather than copying the final data directly

Your referrals: