Go Changed Forloop Semantics Inconsistencies


Binding a local variable in the scope of a go routine in a for-loop used to have unexpected semantic behaviour: you wouldn’t get the value of the variable at the moment of the iteration, but the actual last value (but not always! It depends on when the go routine actually runs) package main import ( "fmt" "time" ) func main() { for i := 0; i < 2; i++ { go func() { fmt.…
Read more ⟶

Improve your shell skills with Clai


I created a very simple command line utility in go that helps you create non-trivial command line / shell commands. It’s actually just a thin wrapper around the openai API’s, but it can be pretty usefull and saves you from switching to a chatgpt session or stackoverflow. E.g. $ clai "group a tab separated file by first column, sum them by third column" awk -F'\t' '{sum[$1] += $3} END {for(group in sum) print group, sum[group]}' file.…
Read more ⟶

When Good Intentions Go Unanswered: The Frustrations of Reporting an Open Redirect Vulnerability


A few weeks ago, after tinkering a bit with the url in my location bar while navigating around ziggo.nl I noticed an Open Redirect Vulnerability. I checked for the proper procedure to report this to Ziggo, not actually expecting any reward, so the report was a really low effort one. But it was sufficent for Ziggo to assess the impact and address the issue. I found Ziggo’s Meldpunt beveiligingslekken which contained an email address and sent them my report.…
Read more ⟶