<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Ffmpeg on MacWorks</title><link>https://macworks.dev/tags/ffmpeg/</link><description>Recent content in Ffmpeg on MacWorks</description><generator>Hugo</generator><language>en</language><atom:link href="https://macworks.dev/tags/ffmpeg/index.xml" rel="self" type="application/rss+xml"/><item><title>Engineer Reads</title><link>https://macworks.dev/docs/week/blogs/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>https://macworks.dev/docs/week/blogs/</guid><description>&lt;h1 id="engineering-reads--week-of-2026-06-17-to-2026-06-25"&gt;Engineering Reads — Week of 2026-06-17 to 2026-06-25&lt;a class="anchor" href="#engineering-reads--week-of-2026-06-17-to-2026-06-25"&gt;#&lt;/a&gt;&lt;/h1&gt;
&lt;h2 id="week-in-review"&gt;Week in Review&lt;a class="anchor" href="#week-in-review"&gt;#&lt;/a&gt;&lt;/h2&gt;
&lt;p&gt;The dominant theme across this week&amp;rsquo;s reading is the persistent friction between idealized abstractions and messy, underlying hardware or operational realities. From the hidden environmental state that breaks reproducible C++ builds to the way mean latency metrics discard the user&amp;rsquo;s actual lived experience, the literature is heavily focused on the dangers of lossy compression in systems design. We are increasingly aware that whenever we try to flatten a complex domain—whether it&amp;rsquo;s AI capabilities, memory management, or performance monitoring—the suppressed complexity inevitably leaks back into the application layer.&lt;/p&gt;</description></item><item><title>2026-06-25</title><link>https://macworks.dev/docs/week/blogs/engineer-blogs-2026-06-25/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>https://macworks.dev/docs/week/blogs/engineer-blogs-2026-06-25/</guid><description>&lt;h1 id="engineering-reads--2026-06-25"&gt;Engineering Reads — 2026-06-25&lt;a class="anchor" href="#engineering-reads--2026-06-25"&gt;#&lt;/a&gt;&lt;/h1&gt;
&lt;h2 id="the-big-idea"&gt;The Big Idea&lt;a class="anchor" href="#the-big-idea"&gt;#&lt;/a&gt;&lt;/h2&gt;
&lt;p&gt;The persistent cultural inertia surrounding memory safety in C/C++ ecosystems represents a systemic failure, not an unavoidable law of computing. As long as the industry accepts the fallacy that human diligence can substitute for compiler-enforced safety guarantees, severe vulnerabilities will continue to be treated as tragic, unpreventable accidents rather than the direct result of engineering choices.&lt;/p&gt;
&lt;h2 id="deep-reads"&gt;Deep Reads&lt;a class="anchor" href="#deep-reads"&gt;#&lt;/a&gt;&lt;/h2&gt;
&lt;p&gt;&lt;strong&gt;&lt;a href="https://xeiaso.net/shitposts/no-way-to-prevent-this/memory-safety/CVE-2026-8461/"&gt;&amp;ldquo;No way to prevent this&amp;rdquo; say users of only language where this regularly happens&lt;/a&gt;&lt;/strong&gt; · xeiaso.net
This satirical piece sharply critiques the learned helplessness pervasive in the C ecosystem regarding memory safety. Triggered by CVE-2026-8461—a severe out-of-bounds write vulnerability in FFmpeg&amp;rsquo;s MagicYUV decoder caused by improper bounds checking—the author highlights the absurdity of treating heap corruption and remote code execution as unavoidable acts of nature. The core tradeoff exposed here is cultural: the insistence that vulnerabilities only happen when a programmer &amp;ldquo;doesn&amp;rsquo;t want to write their code in a robust manner&amp;rdquo; ignores 50 years of empirical evidence showing these languages account for 90% of global memory safety flaws. It attacks the conventional wisdom of &amp;ldquo;sufficiently careful programming,&amp;rdquo; pointing out that projects in these environments are 20 times more likely to suffer security compromises. Systems programmers, security engineers, and technical leaders should read this as a necessary, biting reminder of why the shift toward memory-safe languages is a critical engineering imperative.&lt;/p&gt;</description></item></channel></rss>