Lists some meta information related to the blog itself for easy reference.

2023/12/28 - 2026/4/10

Some LLM-oriented IQ evaluations are already available on the Internet. For example, https://trackingai.org/home lists IQ-test results for well-known domestic and international LLMs, including the public Mensa Norway test and a private question set from a Mensa member. However, the Mensa Norway test is largely focused on visual reasoning. It may therefore also be useful to understand how LLMs perform on numerical reasoning.

Ever since I rapidly got into vibe coding last December, I wanted to try installing the Codex extension on every machine that could run VSCode. So my next target was that abandoned Android phone. In theory, Android (before Google hadn't yet done all the bad things it could) can install Termux, and the latter even has a script to nest Ubuntu inside it. So in theory, installing Remote SSH and Codex on that Android phone should be possible. But in practice...

Recently, while working through the exercises in Chapter 6 of Silverman's Abstract Algebra: An Integrated Approach, I came across the following challenge problem.

6.16 (d): Challenge Problem. Construct a non-abelian group of order $p^3$ for every prime $p$.

Background

Notation: Let $\lambda$ be the security parameter, and the length of the secret-shared integer be $l$-bits.

Assume having the following basic knowledge in Multi-Party Computation:

• 1-out-of-$k$ ${\text{OT}}_l$ can be implemented using public-key cryptography or similar methods, with a communication cost of $2\lambda +kl$ per instance; using IKNP, this can be reduced to $\lambda +kl$.
• Addition and scalar multiplication based on 2-party additive secret sharing are almost free (no communication overhead).
• Secure multiplication operations for 2-party computation can be implemented using Beaver triples. One secure multiplication operation requires a total communication cost of $2l$.

For floating-point storage, we use IEEE 754 Float32 (single-precision standard):

• $(-1{)}^S\times (1.M)\times 2^{E-bias}$

• Sign bit $S$ 1 bit, exponent $E$ 7 bits, mantissa $M$ 23 bits, $bias=127$

• Round-to-nearest-ties-to-even

Two days ago, I stood still and realized: Every path leads to an end. Every action yields the same result. Every message receives the same response. Eventually, the very decision to move became the problem.

Still, I went to the library and borrowed an worn copy of The Myth of Sisyphus. On page two, there was a phone number. I messaged it. Confused, the woman on the other side asked which library. I answered. She said: "I don't remember. It's been too long."

I feel like my current life is like a PRNG lacking an entropy source, trapped in a loop called "scientific research," but the one advantage is the rare sense of "peace."

After getting a new phone again, and after a week of persistent effort, I finally managed to flash Lineage onto my previously unlocked bootloader phone (STF-AL10).

Here's a description of the complete flashing process.

This article introduces the proof of the associativity law for elliptic curve point addition, as well as the stronger 9-point theorem. Additionally, it covers three corollaries of this theorem: Pascal's theorem, Pappus' theorem, and the polar principle of pole and polar for conic sections.

Because my under-18-year-old nephew was playing TikTok videos out loud too noisily and was addicted to online games, I decided to take some measures within my capabilities.

For example, I attempted to edit the firewall settings of the telecom router to block access to the domain names associated with the games.

I'll document the exploration process here, with the correct solution provided in the last section.

My blog turns four this year, and this year also marks my graduation from undergraduate studies. Therefore, the theme of this anniversary is to reflect on the domestic education that has accompanied me for the past fifteen years.

This is a heavy topic, but I don't intend to delve into lengthy discussions. Instead, I've chosen a lighter approach: by evaluating the teachers I've encountered from elementary school to university, I hope to sketch a rough outline of education from my perspective.

TL;DR of "The Tau Manifesto."

The original text defines $\tau =2\pi =6.283\cdots$ to replace the current circle constant $\pi$ and lists several reasons for doing so. In addition, I have also included one more reason.

In the previous post, we introduced the Weil pairing and Tate pairing on elliptic curves. In this article, we explore some applications of elliptic curves in Diophantine equations.

To better understand the Weil pairing and the Miller algorithm, I implemented them from scratch in Python here.

The only dependencies used are the pow function, math.inf, and the deep copy function copy.deepcopy. I also adopted the OOP programming paradigm, which I'm not entirely comfortable with.

Although after writing this, my understanding of both the Weil pairing and OOP has improved (

Let's first look at the problem statement. You can think about it before clicking in:

Given an array of integers nums containing $n+1$ integers where each integer is in the range $[1,n]$ inclusive, $n\le {10}^5$.

There is only one repeated number in nums, return this repeated number.

You must solve the problem without modifying the array and using only constant extra space.

In elementary school, my father proudly showed me how he had learned to manually calculate square roots during his school days, saying it might come in handy for showing off among friends someday. I probably learned it back then, but later, this method seemed to disappear from math textbooks. All I could recall was the mnemonic: "twenty times the initial quotient plus the next quotient." The main purpose of this article is to recount the process of how I managed to recall it.

Introduction

In the previous article "Building a Fast and Secure VNC Service from Scratch", we achieved a connection from a non-public network machine to a public network machine using DDNS and set up a VNC service on the public machine. In the mid-series article "Learn Intranet Penetration the Hard Way", we used the DDNS-enabled public machine as a jump server to connect to another non-public network machine, thus realizing the dream of working from home. The goal of this follow-up article is to build a web service (specifically Overleaf) on that other non-public network machine based on the mid-series article, allowing local access and ultimately saving the annual $89 subscription fee.

With the release of DeepSeek and ChatGPT o3-mini, we are delighted to see that LLMs are continuously striving toward either "cost reduction" or "efficiency improvement." However, given that LLM training also carries a paper-oriented nature, we must remain vigilant. If development continues in this direction, LLMs might become the next "exam-smart but impractical experts."

Of all the goals I set in 2023, it seems only passing the IELTS exam went as planned—everything else turned out unexpectedly.

Here's a month-by-month recap of what happened in 2024.

As the end of the year approaches, it suddenly occurred to me that 2024 actually marks the 10th anniversary of the once wildly popular game, 2048.

However, few may know that 2048 is actually a copycat of the truly brain-burning game, Threes!

Three years ago in July, I wrote my first blog post and set a goal to publish 100 articles before finishing my undergraduate studies. Unexpectedly, I achieved this goal about half a year ahead of schedule.

Since "one hundred" is a special number, I believe the content of this blog should be related to the blog itself—otherwise, it wouldn't reflect the significance of this "special" post.

We congratulate the official release of ChatGPT O1 for taking a historic step forward.

It has correctly calculated the indefinite integral of $\sqrt{\tan x}$, and more.

Background

Since I previously left my contact information on relevant forums while setting up a jump server environment for a Risc-V development board, someone reached out to me today. They believed that the Ubuntu image was running on the big core (1.6 GHz) of the CanMV-K230, whereas I had previously emphasized it was on the small core (800 MHz), and they wanted me to take a look.

First, lscpu and cat /proc/cpuinfo are definitely not usable. Also, /sys/bus/cpu/devices/cpu0/cpufreq/ does not exist, so the only option was to try writing code manually to measure the CPU frequency.

Notes from Dan Boneh's online cryptography course.

Please note that this article is not a tutorial for readers who are new to intranet penetration, but rather a follow-up to the article "Building a Fast and Secure VNC Service from Scratch."

This is my third article in the "Goodbye" series, following the previous two about ACM and Baidu.

This piece objectively documents my financial journey over the past few years, along with some personal reflections.

Here, "red" represents gains, and "green" represents losses.

The content of this article does not constitute any investment advice and represents only personal opinions. The stock market involves risks; invest with caution.

Since my dorm room computer has a public IP address, and commercial remote desktop software often suffers from high latency due to relay servers, coupled with my personal distrust of their security, I decided to set up my own VNC service.

This allows me to connect back to my dorm room computer from the lab with low latency while ensuring a certain level of security.

At the very least, TigerVNC should recognize the "Connection is secure" without any exemption.

Recently, I moved to a new workstation with a new computer and two monitors. I am well aware of the importance of system backups, but due to sunk cost, I never fully implemented btrfs backup and recovery. Since the new system has nothing on it yet, I can experiment freely. Here's a record of how I set up Timeshift.

This article focuses on practicality and does not delve into the underlying principles.

This article will conduct several small experiments to verify the randomness and fairness of Mahjong Soul.

If Heaven has feelings, Heaven too grows old; I'll grant Akyuu one more second of life.

SagumeKishin https://thbwiki.cc/Akyuu_Hieda

/* multiplication in galois field with reduction */
#ifdef __x86_64__
__attribute__((target("sse2,pclmul")))
#endif
inline void gfmul (__m128i a, __m128i b, __m128i *res){
	__m128i tmp3, tmp6, tmp7, tmp8, tmp9, tmp10, tmp11, tmp12;
	__m128i XMMMASK = _mm_setr_epi32(0xffffffff, 0x0, 0x0, 0x0);
	mul128(a, b, &tmp3, &tmp6);
	tmp7 = _mm_srli_epi32(tmp6, 31);
	tmp8 = _mm_srli_epi32(tmp6, 30);
	tmp9 = _mm_srli_epi32(tmp6, 25);
	tmp7 = _mm_xor_si128(tmp7, tmp8);
	tmp7 = _mm_xor_si128(tmp7, tmp9);
	tmp8 = _mm_shuffle_epi32(tmp7, 147);

	tmp7 = _mm_and_si128(XMMMASK, tmp8);
	tmp8 = _mm_andnot_si128(XMMMASK, tmp8);
	tmp3 = _mm_xor_si128(tmp3, tmp8);
	tmp6 = _mm_xor_si128(tmp6, tmp7);
	tmp10 = _mm_slli_epi32(tmp6, 1);
	tmp3 = _mm_xor_si128(tmp3, tmp10);
	tmp11 = _mm_slli_epi32(tmp6, 2);
	tmp3 = _mm_xor_si128(tmp3, tmp11);
	tmp12 = _mm_slli_epi32(tmp6, 7);
	tmp3 = _mm_xor_si128(tmp3, tmp12);

	*res = _mm_xor_si128(tmp3, tmp6);
}

Backup of an unpublished talk on 4/25/2024.

Backup of talk on 3/22/2024 from https://ccsgeeks.github.io/

This story starts with this piece of code:

// gcc test.c -o test -fwrapv
int64_t multimod_fast(int64_t a, int64_t b, int64_t m) {
    int64_t t = (a * b - (int64_t)((double)a * b / m) * m) % m;
    return t < 0 ? t + m : t;
}

Last night, someone sent me this code, claiming it could serve as a replacement for fast multiplication, and asked me to explain its correctness. This code supposedly reduces the time complexity from $O(\log (n))$ to $O(1)$. Obviously, we all know that casting between int64_t and double can lead to loss of precision, so I became skeptical about the correctness of this code.

https://github.com/junyu33/GMW-python

My topic in a seminar at a ramdom time in the future.

Also, HAPPY PI DAY!

Final Overall Score: 7
Listening: 8.0
Reading: 7.5
Writing: 6.5
Speaking: 6.0

I find that I've nearly forgot to write this summary. So, in accordance with IELTS writing requirements, I'll try to write this in 40 minutes.

The content is excerpted from the instructor's PPT. Apart from correcting obvious factual errors (such as changing /etc/password to /etc/passwd), it does not represent personal opinions.

For self-study during final exams.

After several days of effort, I successfully compressed the program to 99 bytes.

> xxd addition-ver24
00000000: 7f45 4c46 0100 0000 0000 0000 0000 0005  .ELF............
00000010: 0200 0300 1b00 0005 1b00 0005 0400 0000  ................
00000020: 4889 e1b2 05cd 8090 81e3 2000 0100 8a01  H......... .....
00000030: 2c60 0241 0366 6bc0 0a02 4101 0241 042c  ,`.A.fk...A..A.,
00000040: 60b2 03b3 64f6 f304 3088 0141 c1e8 08b3  `...d...0..A....
00000050: 0af6 f366 0530 3066 8901 4966 b804 00b3  ...f.00f..If....
00000060: 01cd 80                                  ...

In the previous essay, I mentioned that I bought a Google Pixel 7a in Singapore. A while ago, Android 14 was released, and my phone received the update notification, so I upgraded.

Of course, the first thing I did after upgrading was to check out the Easter egg, just to confirm whether the upgrade was merely a version number change. (Actually, it's been almost a month since the upgrade, and out of sheer boredom, I remembered that I could play around with the Easter egg.)

A Simple Introduction to CMake

First, build an intuition: CMake is platform-independent. You won't specify which compiler or linker to use, nor will you write shell commands. It's best to think of it as a new object-oriented language.

Just without vmware-guest-additions support, so there is no Internet.

Last time, in April of last year, I migrated from Windows 11 + VS + VSCode to Ubuntu 22.04 + VSCode + NeoVim. Now, I've switched to Arch Linux + NeoVim.

Later, for the conclusion of the university innovation project, I might have to set up a Windows driver development environment again, which could be quite a hassle.

During my time in Singapore, to achieve a cashless experience, my all-currency credit card did not support UnionPay QuickPass, so I had to use a third-party platform to link my bank card.

Grab only provided BOC (Bank of China) as a third-party platform for mainland users, but after opening the link, I found that the verification code on BOC's login page couldn't be displayed.

My task was to try and troubleshoot why the verification code wasn't showing—at the very least, I needed to reproduce this URL on a computer.

Time flies; it's already been two years.

2023/4/20 ~ 2024/5/4

6705 commits (2 commits per compilation and execution)

A year of persistence has finally come to an end.

It's time to see the power of GPT-4.

The first annotation is the question, the body is the answer, and the next annotation is the evaluation.

The remarks of different modules of nand2tetris, and my workout.

43 hours (approximately) for part1 (module1-6) in December 28, 2022, grade 100%.

89 hours (approximately) for part2 (module7-12) in April 17, 2023, grade 96.8%.

Simple yet still engaging.

Original URL: There were too many keywords, and the original author's server was under review, so I posted it on their behalf.

Only the theoretical portion is provided for final exam review.

Abbreviated as "Big Network Security and Data".

Due to the excessively high Node.js version on my Windows system, I was unable to deploy my Hexo blog. I spent yesterday afternoon doing some maintenance on the blog.

The last maintenance was to deploy the Twikoo comment section, which involved upgrading the NexT theme from version 7 to 8.1.0. It was quite a hassle and took a considerable amount of time.

I can only say that after numerous trials of configuring environments, my efficiency has improved significantly compared to before.

Due to limitations of time and financial resources, I have only played the main game (I didn't bother with that computer either).

Version number: 2.2.9d (BetaV86)

Under the pressure of the University Innovation Program, I started learning environment setup for Windows driver development. All I can say is:

• Due to the timeliness of information, it's better to refer to MSDN (even machine-translated versions) rather than relying solely on online tutorials.
• Because of open-source advantages, developing drivers for Windows might not be as appealing as doing so for Linux.

The year 2022 is mainly for accumulating basics. Nothing extraordinary happened.

Excerpt from the web project report, to be open-sourced at an appropriate time.

To ensure security, on December 23, 2022, I redeployed babyweb.py using Docker, replacing the original Nginx server.

It seems pretty good, though not as versatile as I'd hoped.

Note: The original formatting is retained and no modifications are made to the output.

Although I managed to pwn all challenges, the pwn player still lost badly.

The Ops level is quite frustrating; please stop putting files on Baidu Netdisk in the future.

This is a SageMath client deployed on a Tencent Cloud server using Docker.

The password is provided in the main text.

Recalling the memories of chasing those three little sheep from my childhood—it's been ten years already.

Don't ask me if I remembered this game because "Sheep a Sheep" went viral.

"Mathematical Girl 5" is a "mathematics book disguised as a novel" that I came across while reading articles about elliptic curves over $\mathrm{GF}(p)$. Back in high school, ymq had mentioned Galois, the mathematician who died young. Coincidentally, while buying textbooks for the new semester, I spotted this book at a second-hand bookstore (the earlier volumes of the series were also there, but when I checked the next day, they were gone—quite a fateful encounter). The original price was 69, but with a discount, it came down to 15, so I bought it without hesitation.

In response to the college leadership's "call to enhance programming skills," a problem-solving platform has recently been added to the freshman programming course (so now they have four assignments, game projects, security projects, and programming exercises—quite a heavy load indeed). Originally, the platform featured relatively basic language-specific problems, but yyx added data structure problems and large-scale simulations, significantly increasing the difficulty of the assignments. I decided to incorporate some thinking-oriented problems to balance the innate coding advantage of younger students.

University Physics is essentially calculus, but with more careful selection of differential variables.

Also using this as $LATEX$ practice.

I've gone through all the simple problems in every direction.

Of course, this approach won't work.

Since my original blog domain name was too long and had slow resolution speeds domestically, I decided to take advantage of the GitHub Student Pack to get a free domain and point it to Netlify's DNS. Eventually, the domain was successfully changed from junyu33.github.io to junyu33.me.

It's just the same material covered in class, even simpler than what I studied a year ago for the school entrance exam.

Actually, it's about my experience applying for the GitHub Student Developer Pack.

Point to https://dojo.pwn.college/challenges

As per the website requirements, only the solution ideas and exploits for the first two challenges are provided here.

Installing Ubuntu 20.04 on a physical machine and configuring common software and a kernel pwn environment.

My English presentation on 4/14/2022.

A website for practicing basic Linux commands, part of the foundational levels in the OverTheWire.org challenge series.

In this article, "level" refers to the latter part in the website's guide level n -> level (n+1).

Website link: https://overthewire.org/wargames/bandit/

Learning databases isn't actually that hard—it's just that my head feels a bit cold.

Now the question is, if you temporarily go home without your computer, but still want to control the computer at school, what should you do?

Result Preview:

We assume the reader has completed the configuration from the previous session and ensured they have a public IP.

If only we could focus our energy on writing shellcode instead of constantly switching back and forth between the virtual machine and VSCode—what a delight that would be.

Let's assume the reader has just installed VSCode with no plugins whatsoever, starting from scratch.

The entire process will likely take half a day to a full day.

Result preview:

Divided into three parts: re, crypto, and misc, used to record ideas and useful gadgets.

The following second-level headings without a specified site default to the corresponding partition topics on buuoj.

Divided into four parts: stack, fmtstr, heap, and misc, used to record ideas and useful gadgets.

The following second-level headings without a website specified default to the corresponding topic section on buuoj.

updated on 2022/10/23:

The first five pages of buu have been completed, and this column will no longer update specific ideas and exploits.

Next, I may study kernel and high-version house series. Writeups for competition problems will be published in separate articles, with links added in the corresponding sections.

Note: This article only analyzes the algorithm of WeChat's "Lucky Money" red packets and identifies the optimal position for grabbing them. It does not aim to help readers profit from WeChat red packets.

Problem Description

Given 10 parameters $N,M,A,U,S,B,T,C,L,F$ from mt19937, along with the first $N$ just-generated pseudorandom numbers, determine the seed corresponding to these pseudorandom numbers.

This tutorial only introduces the basic knowledge points required to use Python as a scripting language. Its purpose is not for machine learning or data analysis, but to help you write short, maintainable, and never-overflowing scripts.

Readers with a solid foundation in C can master these concepts in an afternoon.

This tutorial partially references Liao Xuefeng's blog and is based on Python 3.

Compared to CSAPP, "Encryption and Decryption" leans more towards practical application, with rich but somewhat scattered content. The assembly code syntax differs from CSAPP, using Intel syntax.

(This article's assembly code uniformly adopts AT&T syntax)

Friendly reminder:

When reading this book, notes, exercises, and experiments are all indispensable.

If you feel the quality of the Chinese translation is subpar and prefer to read the original English version, do not choose the Global Edition! The Global Edition is riddled with errors in the exercise section, with many answers not matching the questions at all, severely impacting the reading experience and understanding of the material! (I ended up using free resources from GitHub—though not photocopied versions, and the main text quality is high, this issue with the exercises overshadows all other advantages). I now have to read the English original while doing the exercises from the Chinese version (lll￢ω￢).

The year 2021 is another extraordinary year for me. Many shining and gloomy moments happened. To sum up, I still believe my year of 2021 goes smoothly.

This project is a game project in the programming course.

GitHub link: https://github.com/junyu33/MineSweep/

Welcome to submit issues and pull requests.

There were two ACM selection contests at my school last weekend and this weekend. I missed the one last weekend because I went home. So, today I decided to give it a try to see whether I should pick up algorithmic competitions again—something I haven't touched in a year—while continuing to play CTF.

The contest was held from 1:30 PM to 5:00 PM on December 26, with a total of 10 problems. As is well known, ACM contests don't award partial points, and rankings are determined by the number of problems solved along with penalty time. This afternoon, I solved 4 problems and ranked 16th out of 35 participants. Unfortunately, only the top 14 advanced.

So, this was my first ACM contest in university, and it will probably be my last.

solution

A nice reverse-engineering challenge: seven subtasks that gradually increase in difficulty, making it very suitable for beginners.

The quality of this freshman contest was pretty good. Every member of our team “Youhuang Zhong Jian Tian” played to their strengths, and we had a great time during the competition. Below are a screenshot of the rankings and our team's writeup:

Followed by my last English post "bewilderment", I'm thrilling to find the right path to go on. I suddenly realized that during my high school times, one of my roommates recommended me to watch CLANNAD (short for CL later). I refused for overwhelming pressure several months before college entrance examination. But now I'm free but depressed, I think it's just the time to watch it in order to guide my heart.

This is the 3rd anime I watched besides Working Cells and Future Diary. After ten days striving not to weep, I succeeded. Unlike others said that the anime brings you tears, I prefer it gives you warmth and courage during rough times. (Maybe I haven't been struggling in a hard situation so there's no empathy for me to cry.) CL, as is shown in title, tells a story of several families, the transformation through time. It's just a brief summary of life, although kind of idealized.

I'm here to talk about some profound sentences and try to seize the essence of the story, otherwise they would be erode by time again.

solution

I used the TDM-GCC 4.9.2 32-bit Debug compiler in Dev-C++. Newer versions of the compiler have added security optimizations, and since I couldn't outsmart them, I simply gave up.

This is my first time to write a post in English. There are three advantages.

• I can deliver my message to whom I really want to tell.

• It's a way to prepare for my CET4 exam.

• Jumping between two input methods is annoying.

In the future, there will be more and more posts like this. Due to my poor writing vocabulary (less than 4000, while my reading & listening is nearly 15000), readers who have passed the CET4 exam might be enough to read the following text.

Last night I learned that my high school classmate ymq won Noether Award, a math prize for female enthusiasts in high school. I'm really grateful for her achievement and winning the glory for cdqz. However, it is her first sentence that stimulates me and makes me in deep thought.

solution

(Note: This key may yield different results on different systems, or even across different IDEs within the same system, so the answer is for reference only.)

Introduction

In order to improve work efficiency and out of concern for my wrist health (already showing some swelling and wear), on this special day, as my mouse's last bit of battery ran out, I decided to abandon the mouse and move almost all operations entirely to the keyboard.

I noticed an interesting phenomenon: the first place online scored zero offline; while the first place offline barely made it into the finals online.

Our team more or less followed this same pattern. What does this indicate?

After the last failed experience, I expected the upcoming Qiangwang Cup Youth CTF to be much more straightforward, but reality proved otherwise.

Below is the write-up in the order I solved the problems (this time, I was the only one to solve them, not bad!):

Not long after entering school, we were encouraged by our teacher to participate in the first Longjian Cup. When I saw the exam scope described in the contest guidelines, I realized the coverage had no overlap at all with the knowledge I had studied.

It was a free day again, so I dug out the number guessing game code that I wrote during the high school. I didn't improve it, but combined the popular online version with elementary school mathematics to form the following code.

From June 26, when I registered at the driving school, to August 12, when I got my license, learning to drive basically spanned my entire summer vacation. Except for a business trip that delayed me for nearly ten days, it took me almost 40 days in total to complete the training. Overall, the process went quite smoothly—I passed all the exams on the first try—and the enjoyable summer driving experience has now become a sweet memory.

After getting a new phone, after two days of disdainful efforts (and the stupidity tax of 50 yuan to unlock the bootloader?), I finally gained full control of my Huawei phone.

With some free time, I dug out the 2048 code written in mathematica that I copied and pasted from the internet ten years ago and modified it, combining 2048 with Threes!:

(Due to keyboard manipulation, the web-based compiler won't work. Please download mathematica version 8.0 or higher.)

First meeting

Hello, classmate! Welcome to the blogging system based on the Next theme built with Hexo.

About Markdown

By the time you're able to access this page, you're already aware that blog posts will be written using Markdown syntax. Please familiarize yourself with it.

Good luck