PopSci

Всех приветствую, читатели Хабра! В сегодняшней статье я поделюсь примерами поиска возможных уязвимостей (и соответственно эксплоитов под уязвимости), причем, постараюсь проводить поиск по программному обеспечению от корпорации Apple.

Среди моих коллег, друзей, товарищей, знакомых, соседей и близких бытует мнение о том, что платформы macOS и iOS неуязвимы, несокрушимы. Это не совсем так. В начале моей сегодняшней статье я немного развею это утверждение, просто обнаружив в базах эксплоитов примеры возможных эксплоитов под эти системы. Причем покажу я примеры использования не только веб-приложения базы, но и программ, таких как searchsploit и metasploit.

Но на этом я не стану ограничиваться и покажу приблизительное количество известных эксплоитов (и соответсвенно уязвимостей) и под другие ОС и проведу некоторую статистику. Публикация ориентирована на практические примеры поиска эксплоитов, но важную теорию я буду объяснять походу.

I’ve recently been playing with Agent Mode in VS Code, which looks promising. If you’re using VS Code and want to give your development a turbo boost, you’ll want to hear about this.

We at Verilog Meetup constructed an exam/interview problem that has an interesting property: if a student tries to figure out a solution by thinking by himself, he usually succeeds; however if he dumps the problem on ChatGPT, the solution fails (does not pass the automated test), and the student goes into a death spiral of futility, kicking ChatGPT to get the solution right.

There is nothing weird about the problem, we do this in the industry all the time:

In this tutorial, I’ll explain in simple terms what AI, AI agents, and workflows are, and then I’ll walk you through building your very first AI agent in Python using Google’s Agent Development Kit (ADK). By the end, you’ll understand the differences between these concepts and have a working content-assistant agent you can run from your terminal or a web interface.

The whimsical image of a chess knight in profile among the stars is perhaps the most recognizable among deep space objects. It can be said that the Horsehead Nebula tops the recognition rankings among nebulae and galaxies. Perhaps the Andromeda and Orion Nebulae resonate more with the general public, but only specialists and advanced amateurs know what they look like. Even among them, there are often cases when the famous Andromeda Galaxy is confused with another galaxy, even by experienced popularizers of astronomy. The Orion Nebula, too, can look different in pictures taken with various filters. Yet, the profile of the chess knight allows every inhabitant of Earth to recognize that in front of them is the one-of-a-kind and completely unique Horsehead Nebula.

Let's begin by noting that when we talk about the Horsehead Nebula, we refer to two fundamentally different formations in this region of our Galaxy. Only together do they create this memorable visual image. Moreover, what we see—the glowing diffuse background—is not the Horsehead Nebula. It is a dark silhouette against a light background—a bizarrely shaped dust cloud opaque to the visible radiation of stars and nebulae. If there were no relatively bright emission nebula behind it, we might not even know about any dark gas-dust cosmic horse.

The background for the recognizable horse profile is created by the hydrogen nebula IC 434, discovered by William Herschel in the late 18th century. However, Herschel did not notice any amusing details in the outline of this nebula, although he was an excellent observer—much more keen-sighted and attentive than most of his followers. There are also objective reasons for this—telescopes in Herschel's era were imperfect, and their dark metal mirrors lost from 50% to 80% of the light that entered them.

The large but sparsely populated constellation Monoceros, barely visible to the naked eye, can take pride in hosting an extraordinary treasure: the Rosette Nebula. Monoceros is a relatively recent addition to the star map. Lacking bright stars, astronomers of the pre-telescope era deemed this region unworthy of a constellation. After all, how could a constellation exist without luminous stars? A few 4th-magnitude stars hardly suffice to form a recognizable figure. Consequently, old star maps depicted nothing within the Winter Triangle — formed by Betelgeuse, Sirius, and Procyon (between the constellations Orion, Canis Major, and Canis Minor. Only with the telescope’s invention did it become clear that this region contained notable objects, necessitating a name. Johannes Hevelius, creator of a stunning star atlas, coined the name in the early 18th century. Thus, astronomers gradually accepted a mythical, horse-like beast with a sharp horn — located where the third eye might be — among the winter constellations.

The term "Carina Nebula" is sometimes translated as "Nebula of Carina," evoking the image of a beautiful female name. However, this is a misinterpretation. "Carina" is Latin for "keel," referring to the keel of a ship—not just any ship, but the Argo, depicted on ancient star maps. Over time, the Argo constellation was divided into several modern constellations: Carina, Puppis, Vela, and Pyxis (Compass). The stars of the Argo are invisible from mid-northern latitudes. Even in the best seasons (winter and spring), Carina, Puppis, and Vela remain below the horizon. They can be observed from the northern tropics and farther south. However, in ancient times, when Greek astronomers imagined the Argo in the sky, the Earth's rotational axis was positioned differently due to precession. This allowed the Argo to be visible from Mediterranean shores. Precession, a gradual shift in the Earth's axis, completes a full cycle every 26,000 years. Over three millennia, the stars of the Argo gradually disappeared from the northern sky.

Admit it, how many times have you wanted to quickly create an image for a post or presentation, but instead got stuck in an editor or endless searches for a suitable image on Google? Wouldn't it be great if the picture in your head could just appear instantly? Time is money, inspiration is on pause, and that's where AI comes to the rescue. Neural networks can generate anything you want, including the craziest ideas. No need to spend hours searching when, with a few clicks, you can see what was in your thoughts just a second ago.

By the way, notice the cover with the dinosaur? Let's call him Rex. Rex is himself a product of neural network creation. Today he'll be the main star of our experiments. But what will we do? Remember I mentioned crazy ideas? Well, to understand all the possibilities of generation, let's give AI a difficult task. We'll send Rex somewhere in space, for example to the Moon, let him put on a spacesuit and and have him grill some barbecue with Earth in the background. Interested? Then buckle up, we're heading into the world of image generation.

I recently tried using Firebase Studio, and it has been an interesting experience that I want to share with you. It's a free, browser-based tool from Google that allows you to build full-stack web apps with AI assistance. Want to know more? Then read this article until the end.

Armenia is a lucky country. Back in the 1990s somebody lobbied Synopsys, the #1 leader in the Electronic Design Automation market, to create a division there. It was joined by Mentor Graphics / Siemens EDA, another EDA leader, then NVidia. Synopsys Armenia became the largest Synopsys division outside the US Silicon Valley and Boston, although the Taiwanese may tell you otherwise. Since Synopsys and Mentor make software used by chip designers in Apple, Samsung, AMD and all other electronic companies, Armenia has an unfair advantage over all their neighbors in Caucasus and Central Asia.

In addition, Armenia has friendly relations with Russia, and most Armenians speak Russian as well. This has facilitated the move of many Russian companies to Armenia, for example, a RISC-V semiconductor IP provider Syntacore. Finally, as we can see from the recent conference EDA Connect, Armenia is attracting the attention of electronic and EDA companies from China.

EDA Connect featured not only academic and industrial papers but also a hackathon on FPGA design, attended by local students from Yerevan State University, the American University of Armenia, the Russian-Armenian University, the French University in Armenia and others.

The Cisco IOS/IOS-XE operating system is a source of inspiration for many other vendors. The internet is full of guides on how to configure a typical Cisco router for SOHO scenarios. However, unlike consumer-grade routers, configuring something like Cisco IOS requires caution. If you don’t think things through, the router may start "living its own life" and end up, for instance, as a DDoS amplification tool.

Since sharing my initial thoughts on Google's Gemini 2.5 Pro, I've dug even deeper and gathered answers to many common questions developers like us might have. This AI model is making waves, so let's break down everything you need to know – from its groundbreaking features to the practical stuff like cost and limitations.

Google has introduced Gemma 3, a collection of lightweight, open-source AI models designed for efficient performance across various devices, from smartphones to workstations. Building upon the technology of the Gemini 2.0 models, Gemma 3 supports over 140 languages and offers advanced text and visual reasoning capabilities. What's to know more? Then, read this article until the end.

The world of AI is constantly evolving, and it feels like every week brings a new tool promising to revolutionize how we work and create. I recently got a chance to try out Gemini Canvas, a new interactive space built into Google’s Gemini app. If you want to know what I discovered and how you might use it, read this article until the end.

Hey everyone! I'm super excited to share something cool I've been playing around with: Google AI Studio. It's like a playground where you can build stuff with Google's AI models. So, if you're curious and want to dip your toes into the world of AI, follow along! I'll show you the basics.

Author: Sergey Lukyanchikov, C-NLTX/Open-Source

Disclaimer: The views expressed in this document reflect the author's subjective perspective on the current and potential capabilities of jBPM.

This text presents jBPM as a platform for orchestrating external AI-centric environments, such as Python, used for designing and running AI solutions. We will provide an overview of jBPM’s most relevant functionalities for AI orchestration and walk you through a practical example that demonstrates its effectiveness as an AI orchestration platform:

How did engineers in the past manage to measure electrical power without modern microchips and DSPs? This article explores the Energomera CE6806P, a device created in 2006 for verifying electricity meters, yet built using 1980s-era technology.

We’ll take a closer look at its design, principles of operation, and how discrete-analog solutions were used to achieve high accuracy. The Energomera is a fascinating example of engineering and ingenuity, giving us a unique perspective on the evolution of electrical measurement devices.

A lot of people around me spend time trading on the stock market. Some trade crypto, some trade stocks, others trade currencies. Some call themselves investors, others call themselves traders. I often see random passersby in various cities and countries checking their trading terminals on their phones or laptops. And at night I sometimes write analytical or backtesting software—well, I did up until recently. All these people share a common faith and a set of misconceptions about the market.

In this article, I'll take you through everything you need to know about Hugging Face—what it is, how to use it, and why it's a game-changer in the ever-evolving landscape of artificial intelligence. Whether you're a seasoned data scientist or an enthusiastic beginner eager to dive into AI, the insights shared here will equip you with the knowledge to Hugging Face's full potential.

Have you ever heard of Gemini Code Assist? It’s an AI-powered coding assistant from Google that helps with writing, completing, and debugging code. The best part? It’s now free for individuals, freelancers, and students!

In this article, I’ll show you how to set up and use Gemini Code Assist inside VS Code. Whether you’re new to coding or an experienced developer, this tool can save you time and make coding easier. Let’s get started!