EFTA00400459 has been cracked, DBC12.pdf liberated

Posted on by Mahmoud Al-Qudsi
Reply

Three days ago, I wrote a post about stumbling across uncensored/unredacted plain-text content in the DOJ Epstein archives that could theoretically be reconstructed and reversed to reveal the uncensored originals of some of the files. Last night, I succeeded in doing just that, and was able to extract the DBC12 PDF file from the Epstein archive EFTA00400459 document. Don’t get too excited: as expected, the exfiltrated document (available for download here) turned out to be nothing too juicy and is “just” another exemplar of the cronyism and the incestuous circles of financial funding that Epstein and his colleagues engaged in.

There is a lot I could say in this post about the different approaches I took and the interesting rabbit holes I went down in trying to extract valid base64 data from the images included in the PDF; however, I am somewhat exhausted from all this and don’t have the energy to go into it all in as much detail as it deserves, so I’ll just post some bullet points with the main takeaways:

Continue reading

Recreating uncensored Epstein PDFs from raw encoded attachments

Posted on by Mahmoud Al-Qudsi
35

Heads-up: An update to this article has been posted.

There have been a lot of complaints about both the competency and the logic behind the latest Epstein archive release by the DoJ: from censoring the names of co-conspirators to censoring pictures of random women in a way that makes individuals look guiltier than they really are, forgetting to redact credentials that made it possible for all of Reddit to log into Epstein’s account and trample over all the evidence, and the complete ineptitude that resulted in most of the latest batch being corrupted thanks to incorrectly converted Quoted-Printable encoding artifacts, it’s safe to say that Pam Bondi’s DoJ did not put its best and brightest on this (admittedly gargantuan) undertaking. But the most damning evidence has all been thoroughly redacted… hasn’t it? Well, maybe not.

I was thinking of writing an article on the mangled quoted-printable encoding the day this latest dump came out in response to all the misinformed musings and conjectures that were littering social media (and my dilly-dallying cost me, as someone beat me to the punch), and spent some time searching through the latest archives looking  for some SMTP headers that I could use in the article when I came across a curious artifact: not only were the emails badly transcoded into plain text, but also some binary attachments were actually included in the dumps in their over-the-wire Content-Transfer-Encoding: base64 format, and the unlucky intern that was assigned to the documents in question didn’t realize the significance of what they were looking at and didn’t see the point in censoring seemingly meaningless page after page of hex content!

Continue reading

Sharding UUIDv7 (and UUID v3, v4, and v5) values with one function

Posted on by Mahmoud Al-Qudsi
Reply

UUIDv7 (wiki link) is seeing strong and eager adoption as a solution to problems that have long plagued the tech industry, providing a solution for generating collision-free IDs on the backend that could still be sorted chronologically to play nicer with database indexes and other needs.1 As a quick briefer, a UUIDv7 is essentially composed of two parts: a timestamp half and a randomized bytes half, and they’re sorted by the timestamp:

Continue reading

  1. Of course, non-standardized solutions abound and UUIDv7 itself takes a lot of inspiration from predecessors like Ulid and others. 

How to (safely) swap the contents of two files opened in (neo)vim buffers

Posted on by Mahmoud Al-Qudsi
Reply

Raise your hand if you’ve been here before: you have file1 open in a vim or neovim buffer and you want to “fork” its contents over to file2, but you need to reference file1 while you do so. So you do the obvious: you open a split buffer with :sp or :vsp, run a quick :saveas file2 then hack away at the file to make the changes you want followed by :w (or whatever shortcut you have mapped to the same) and call it a day… only to realize that you were in the wrong split and that you’ve accidentally switched file1 and file2 around?

Continue reading

Portable (Cartesian) brace expansion in your shell

Posted on by Mahmoud Al-Qudsi
Reply

Cartesian expansion, also known as brace expansion, is an incredibly powerful feature of most unixy shells, but despite being fundamentally simple and incredibly empowering, it’s been traditionally relegated to the dark and shadowy corners of command line hacking, employed only by greybeards looking to avoid repeating themselves at any cost. And, boy, does it really cut down on repetition.

Take for example this snippet from a Dockerfile that sets up permissions on certain directories:

mkdir -p /var/log/php /var/log/unitd /var/log/mysql
chown -R user:user /var/log/php /var/log/unitd /var/log/mysql
chmod ug+rw /var/log/php /var/log/unitd /var/log/mysql

Continue reading

Namecheap takes down domain hosting video archives of Israeli war crimes

Posted on by Mahmoud Al-Qudsi
4

Namecheap.com, the popular domain name and webhosting platform, has disabled the Genocide.live domain name, which was home to a publicly accessible archive of over 16,000 videos documenting alleged Israeli war crimes, the vast majority of which were recorded since the onset of the war on Gaza in late 2023. The archive, formerly known as TikTokGenocide, was previously submitted as “evidence on the State of Israel’s acts of genocide against the Palestinians in Gaza” by the South African UN delegation to the United Nations Security Council in February of 2025 and is also included in ongoing court proceedings of the International Court of Justice case South Africa (et. al.) v. Israel.

Continue reading

FreeBSD 15.0 post-upgrade reboot loop

Posted on by Mahmoud Al-Qudsi
Reply

This post is less of a deep dive into a bug I ran into upgrading an x86_64 machine from FreeBSD 14.3 to FreeBSD 15 and more of a PSA: I have a possible workaround for anyone that runs into the same, but I don’t have a full root analysis or proper diagnosis of what the underlying issue was.

FreeBSD 15.0 was released a week ago, and I decided to try to upgrade one of my ZFS appliance servers (running nothing more than ZFS and some scripts) to it as a possible low-stakes trial run. The machine in question is a fairly old (but very reliable) Dell PowerEdge R720, running FreeBSD 14.3p2 and booting in UEFI mode from a ZFS zroot pool at the time.

As always, I started my FreeBSD upgrade with the usual sudo zfs snap -r zroot@freebsd-14.3p2 prior to anything else (yes, I know about ZFS boot environments, but I also know that ZFS snapshots are fast and free). The first part of the upgrade went swimmingly after installing the newest version of freebsd-rustdate from the pkg repos and executing freebsd-rustdate upgrade -r 15.0-RELEASE followed by freebsd-rustdate install; the initial upgrade of the kernel components to 15.0-RELEASE went well, and I was prompted to restart the system… and that’s when the troubles began.

Continue reading

The idiomatic ZFS on Linux quickstart cheat-sheet

Posted on by Mahmoud Al-Qudsi
1

I’m a FreeBSD guy that has had a long, serious, and very much monogamous relationship with ZFS. I experimented with Solaris 9 to learn about ZFS, adopted OpenSolaris (2008?) back in the “aughts” for my first ZFS server, transitioned my installations over to OpenIndiana after Oracle bought Sun Microsystems out, and then at some point switched to FreeBSD, which I found to be a better designed OS once I had moved everything headless and was ready to completely bid the need for a desktop environment goodbye. But every once in a while I have to stand up a ZFS installation on Ubuntu, and then I spend a little too much time trying to remember how to do ZFS things that FreeBSD makes easy out-of-the-box. After doing that one time too many, I decided to put down my Linux-specific notes in a post for others (and myself) to reference in the future.

A fully functional ZFS setup following ZFS best practices and Linux/Ubuntu idiomatic approaches

This guide will focus mainly on the Linux sysadmin side of things; note that basic knowledge and understanding of ZFS concepts and principles is assumed, but I’ll do my best to provide a succinct summary of what we’re doing and why we’re doing it at each point.

Continue reading

Benchmarking rust compilation speedups and slowdowns from sccache and -Zthreads

Posted on by Mahmoud Al-Qudsi
2

Just a PSA from one rust developer to another: if you use sccache, take a moment to benchmark a clean build1 of your favorite or current project and verify whether or not having RUSTC_WRAPPER=sccache is doing you any favors.

I’ve been an sccache user almost from the very start, when the Mozilla team first introduced it in the rust discussions on GitHub maybe seven years back or so, probably because of my die-hard belief in the one-and-only ccache earned over long years of saving my considerable time and effort on C++ development projects (life pro-tip: git bisect on large C or C++ projects is a night-and-day difference with versus without ccache). At the same time, I was always painfully aware of just how little sccache actually cached compared to its C++ progenitor, and I was left feeling perpetually discontented ever since learning to query its hit rate stats with sccache -s (something I never needed to do for ccache).

But my blind belief in the value of build accelerators led me to complacency, and I confess that with sccache mostly chugging away without issue in the background, I kind of forgot that I had RUSTC_WRAPPER set at all. But I recently remembered it and in a bout of procrastination, decided to benchmark how much time sccache was actually saving me… and the results were decidedly not great.

Continue reading

  1. sccache does not cache nor speed up incremental builds, and recent versions try to more or less bypass the caching pipeline altogether in an attempt to avoid slowing down incremental builds. 

Using build.rs to integrate rust applications with system libraries like a pro

Posted on by Mahmoud Al-Qudsi
Reply

I’m happy to announce the release of version 0.2 of the rsconf crate, with new support for informing Cargo about the presence of custom cfg keys and values (to work around a major change that has resulted in hundreds of warnings for many popular crates under 1.80 nightly).

rsconf itself is a newer crate that was born out of the need (in the fish-shell transition from C++ to rust) for a replacement for some work that’s traditionally been relegated to the build system (e.g. CMake or autoconf) in order to “feature detect” various native system capabilities in the kernel, selected runtime (e.g. libc), or installed libraries. It (optionally) integrates with the popular cc crate so you can test and configure the build toolchain for various underlying features or behavior, and then unlock conditional compilation of native rust code that interops with the system or external libraries accordingly.

Continue reading