Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us money per month for bills, and since we don't believe in showing ads to our users, we try to make the money back through forum registrations.
 
  • Post
  • Reply
evil_bunnY
Apr 2, 2003

webp is to compensate for ads tripling the size of every page, obviously

Adbot
ADBOT LOVES YOU

Carthag Tuek
Oct 15, 2005

Tider skal komme,
tider skal henrulle,
slægt skal følge slægters gang



Truga posted:

what was the point of webp anyway? for modern bandwidth jpegs seem perfectly fine? it's not like the 3kb/page saved even did anything longterm because loving javascript averages to like 500kb now and keeps growing uncontrolably lmao

i suppose javascript is cached more often than images, at least for some types of sites

SIGSEGV
Nov 4, 2010


Truga posted:

what was the point of webp anyway? for modern bandwidth jpegs seem perfectly fine? it's not like the 3kb/page saved even did anything longterm because loving javascript averages to like 500kb now and keeps growing uncontrolably lmao

lol
like ten years ago facebook had some third world internet initiative because it wanted to sell ads and genocide encouragements campaigns all over the globe and they had a fancy website and on that fancy website they talked about the dangers of the website obesity crisis and that site had a video in the background and that video showed the earth rotating and at the end of each rotation the video didn't loop, it would ask the server to download itself again

anyway, that's my website obesity crisis story

shame on an IGA
Apr 8, 2005

lol

haveblue
Aug 15, 2005



Toilet Rascal
from what I recall webp was launched to address various beefs google had with png and jpeg

being open standards run by committees rather than corporate IP may have been one of those beefs

haveblue fucked around with this message at 15:39 on Sep 15, 2023

Shame Boy
Mar 2, 2010

SIGSEGV posted:

like ten years ago facebook had some third world internet initiative because it wanted to sell ads and genocide encouragements campaigns all over the globe and they had a fancy website and on that fancy website they talked about the dangers of the website obesity crisis and that site had a video in the background and that video showed the earth rotating and at the end of each rotation the video didn't loop, it would ask the server to download itself again

anyway, that's my website obesity crisis story

I remember that lol

The video itself was like 600 megs or something too

Grace Baiting
Jul 20, 2012

Audi famam illius;
Cucurrit quaeque
Tetigit destruens.



SIGSEGV posted:

like ten years ago facebook had some third world internet initiative because it wanted to sell ads and genocide encouragements campaigns all over the globe and they had a fancy website and on that fancy website they talked about the dangers of the website obesity crisis and that site had a video in the background and that video showed the earth rotating and at the end of each rotation the video didn't loop, it would ask the server to download itself again

anyway, that's my website obesity crisis story

real World Baby moves by zucc

Subjunctive
Sep 12, 2006

✨sparkle and shine✨

webp came out of the VP8 work that Google did after acquiring On2 and realizing how much of a mess that codebase was. it’s intended to provide a better lossy format than JPEG in terms of decode by just using VP8 keyframes and their fancy block prediction stuff. there are extensions for better colour encoding and so forth too, but I don’t know who supports what

I think it’s a fine format, really, and we saw material user-side performance improvements when we rolled it out in the FB apps and sites, but lol that it’s of course another memory unsafety vector. it’s a mild miracle that they were able to make VP8 safe—that’s a hairy C code base, or at least was, but I guess the miracle didn’t extend to WebP wrapping the keyframes in RIFF

time to rewrite it in rust! 🦐

Grace Baiting
Jul 20, 2012

Audi famam illius;
Cucurrit quaeque
Tetigit destruens.



armpit_enjoyer posted:

security fuckup megathread: loving .webp I swear to god

lol

Carthag Tuek
Oct 15, 2005

Tider skal komme,
tider skal henrulle,
slægt skal følge slægters gang



Subjunctive posted:

webp came out of the VP8 work that Google did after acquiring On2 and realizing how much of a mess that codebase was. it’s intended to provide a better lossy format than JPEG in terms of decode by just using VP8 keyframes and their fancy block prediction stuff. there are extensions for better colour encoding and so forth too, but I don’t know who supports what

I think it’s a fine format, really, and we saw material user-side performance improvements when we rolled it out in the FB apps and sites, but lol that it’s of course another memory unsafety vector. it’s a mild miracle that they were able to make VP8 safe—that’s a hairy C code base, or at least was, but I guess the miracle didn’t extend to WebP wrapping the keyframes in RIFF

time to rewrite it in rust! 🦐

rewriting in rust twice is overkill imo

Subjunctive
Sep 12, 2006

✨sparkle and shine✨

did someone already do a rust rewrite of libwebp? I’m impressed

ymgve
Jan 2, 2004


:dukedog:
Offensive Clock
I just checked some days ago and there doesn't seem to be a native rust library for jbig2, so everyone yelling at apple to just use rust are dumb

Shame Boy
Mar 2, 2010

ymgve posted:

I just checked some days ago and there doesn't seem to be a native rust library for jbig2, so everyone yelling at apple to just use rust are dumb

it's pronounced "jpeg"

Rufus Ping
Dec 27, 2006





I'm a Friend of Rodney Nano
It's pronounced thermometer

Shaggar
Apr 26, 2006

Truga posted:

what was the point of webp anyway? for modern bandwidth jpegs seem perfectly fine? it's not like the 3kb/page saved even did anything longterm because loving javascript averages to like 500kb now and keeps growing uncontrolably lmao

lol

the point of web p is the same as we bm/vp8/9. goog didnt want to pay licensing for the good codec so they made their own and thru browser/video monopoly got it adopted

Shame Boy
Mar 2, 2010

Rufus Ping posted:

It's pronounced thermometer

i'm glad someone got it :unsmith:

4lokos basilisk
Jul 17, 2008


who knew .webp was stored in the owasp top 10?

Vanadium
Jan 8, 2005

Vapor Moon posted:

Everyone's favourite image format, .webp was being actively exploited.

https://stackdiary.com/critical-vulnerability-in-webp-codec-cve-2023-4863/

What do they mean by "The issue highlighted isn't something that just using a memory-safe language could prevent."? As a Rust zealot I am concerned.

rjmccall
Sep 7, 2007

no worries friend
Fun Shoe
it sounds like bullshit. bounds-checking the array access would have turned this into a predictable crash — that is, of course, still a dos vector, but that is much, much better than a heap overflow

i do not see anything about this which makes it a “unique scenario where avoiding overflow checks is desired”. avoiding overflow checks is always desired, for the very simple and obvious reason that they’re slow — if you do a bunch of accesses to the same array in a tight loop, you will probably find that bounds checks are a major drag on performance. nonetheless, you should not talk yourself into disabling bounds checks like these idiots did, because bounds checks are critically important for not having these security bugs

hobbesmaster
Jan 28, 2008

I think their point should’ve been more along the lines of “this is where people turn off bounds checking if able for performance even in languages with automatic bounds checking”

Achmed Jones
Oct 16, 2004



man those guard rails we keep running into are slowing us down, if we take em out i bet we can go way faster! :iiaca:

flakeloaf
Feb 26, 2003

Still better than android clock

dpkg chopra posted:

jesus .webpt

Twerk from Home
Jan 17, 2009

This avatar brought to you by the 'save our dead gay forums' foundation.

raminasi posted:

a couple of jobs ago one of the staff engineers started a voluntary salary survey and shared it to the entire company as his hackathon project. he was smart enough to only do it after he'd made himself unfireable, which was good, because the c-suite was incensed.

Stuff like this doesn't get anyone raises it just accelerates turnover

Which also helps workers!

NFX
Jun 2, 2008

Fun Shoe
we wanted to move fast, sorry if you can't handle a few broken things

rjmccall
Sep 7, 2007

no worries friend
Fun Shoe

hobbesmaster posted:

I think their point should’ve been more along the lines of “this is where people turn off bounds checking if able for performance even in languages with automatic bounds checking”

yeah and then the adults in the room do not let them release the software like that

there are cases for disabling bounds checks, they involve proofs, not always the most rigorous of proofs but definitely more than “our algorithm won’t look better enough than its competitors if we don’t cheat”

Subjunctive
Sep 12, 2006

✨sparkle and shine✨

rjmccall posted:

these idiots

it’s interesting how “I have average intellect but think I am uniquely smart” leads to results as bad as “I have below-average intellect but think I am normal”

OR SO I HAVE HEARD

Powerful Two-Hander
Mar 10, 2004

Mods please change my name to "Tooter Skeleton" TIA.


from the Bad With Money thread

https://twitter.com/TikTokInvestors/status/1701407766899044624?s=20

don't forget your SSH keys!

4lokos basilisk
Jul 17, 2008


disabling bounds checking may own a lot of machines, but it also helps a lot of websites load on time, so, it;s impossible to say if its bad or not,

dpkg chopra
Jun 9, 2007

Fast Food Fight

Grimey Drawer

look at me. I’m the captain of industry, now.

mystes
May 31, 2006

I think if you're going to hack into the somali pirates' computers you're probably better off just cutting out the middle man and stealing their money

Powered Descent
Jul 13, 2008

We haven't had that spirit here since 1969.

Bloodthirsty pirates fear my ssh keys

4lokos basilisk
Jul 17, 2008


yeah this will get you out of suburbia and into rural adx florence

post hole digger
Mar 21, 2011

why does the pitch of his voice increase over the course of the video

Agile Vector
May 21, 2007

scrum bored



post hole digger posted:

why does the pitch of his voice increase over the course of the video

high pitch high reward

Volmarias
Dec 31, 2002

I'm sure I'll think of something.

post hole digger posted:

why does the pitch of his voice increase over the course of the video

Doing a reverse Elizabeth Holmes

Carthag Tuek
Oct 15, 2005

Tider skal komme,
tider skal henrulle,
slægt skal følge slægters gang



Agile Vector posted:

high pitch high reward

Quackles
Aug 11, 2018

Pixels of Light.


Truga posted:

what was the point of webp anyway?

better animated gifs

post hole digger
Mar 21, 2011

Agile Vector posted:

high pitch high reward

lol

Subjunctive
Sep 12, 2006

✨sparkle and shine✨

Quackles posted:

better animated gifs

did they add animation to webp? that’s hilarious

Adbot
ADBOT LOVES YOU

Shame Boy
Mar 2, 2010

Quackles posted:

better animated gifs

you're thinking of webm

  • 1
  • 2
  • 3
  • 4
  • 5
  • Post
  • Reply