<p>We chose ActBlue as our donation processor because they follow all the rules and have systems in place to prevent fraudulent donations, like requiring donors to affirm US citizenship/residency.</p><p>Trump knows he can’t outlaw his opposition, so he’s trying to kneecap it by cutting off its funding. <a href="https://www.motherjones.com/politics/2025/04/trumps-attack-on-actblues-dark-money-was-backed-by-dark-money/" target="_blank" rel="nofollow noopener" translate="no"><span class="invisible">https://www.</span><span class="ellipsis">motherjones.com/politics/2025/</span><span class="invisible">04/trumps-attack-on-actblues-dark-money-was-backed-by-dark-money/</span></a></p>

<p>one of my favorite stupid methods of reversing is &quot;break it&quot;</p><p>what&#39;s this function do? well, lemme disable it, and see what breaks.</p><p>Apparently this is the &quot;restore the image under the cursor&quot; function.</p>

<p>in 32bit we do 32bit calls and 32bit returns. <br />in 64bit we do 64bit calls and 64bit returns.</p><p>in 16bit we can do 16bit calls and 16 bits returns, 32bit calls and 32bit returns, and sometimes we do a 16bit call to a 32bit return because it&#39;s slightly fewer bytes</p>

<p>this is &quot;thing 9005 that you don&#39;t have to worry about anymore, thank fuck&quot;</p>

<p>so you&#39;ll see, for example, it decompiles a strlen as:</p><p>uint1 = strlen(0x1000, some_String);</p><p>which is less than useful</p>

<p>but ghidra doesn&#39;t understand that this is what&#39;s happening, so it hallucinates it as a parameter to the function that&#39;s CS.</p>

<p>I might have explained this before, but normally a near call to a far function will break, because it&#39;ll pop 4 bytes off the stack for the return address, when the near call only pushed 2. </p><p>So you fix this by doing push CS first, so it&#39;ll pop the 2 from the call, and then the 2 you placed before.</p>

<p>ugh. ghidra really doesn&#39;t understand that you can call far functions using near calls. </p><p>and the compiler for this LOVES using them.</p>

<p><span class="h-card" translate="no"><a href="https://toot.berlin/@krono" class="u-url mention">@<span>krono</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.social/@whitequark" class="u-url mention">@<span>whitequark</span></a></span> we are probably kind of bad at asyncio. We never had a great benchmark based on that, and thus never focused on it. Maybe I should find some program that relies heavily on async, and try to profile it.</p>