WTF Bites
-
@boomzilla said in WTF Bites:
@dkf that still sound more like "mod (much larger than 64 bits)" than "arbitrary precision".
But "much larger than 64 bits" isn't something that will be handled natively by the chip, so either you have to use some arbitrary precision logic or you get rid of integers altogether and deal with the data at the byte level or something.
Yes, but dealing with data at the byte level still has all the benefits of constant size known ahead of time and none of the drawbacks that usually cause people to reach for big integers.
-
Adam Caudill, the security researcher who blogged about the mass misissuance last weekend, pointed out that it’s easy to think that a difference of 1 single bit would be largely inconsequential when considering numbers this big. In fact, he said, the difference between 263 and 264 is more than 9 quintillion.
WTF? A difference in 1 bit is largely inconsequential.
If you can brute force 63 bits, brute forcing 64 bits takes only twice as much time. Or, to put it another way, each of these "broken" certificates had a 50% chance of being generated from a "correct" algorithm. It's not like they're massively lacking in entropy (assuming that 64 bit would be ok).
-
he said, the difference between 263 and 264 is more than 9 quintillion.
TIL it's far better to go from 2 bits to 1 than it is to go from 64 to 63.
-
Representative shot of an API I'm supposed to integrate in a new project:
Filed under: 502 OK
-
Breaking news: the term "emergency" has been redefined. People are stupid, more details at 8:35 AM.
Source: @sunriseon7
-
Representative shot of an API I'm supposed to integrate in a new project:
[image]
Filed under: 502 OK
The API response made its way to you successfully. Case closed.
-
Representative shot of an API I'm supposed to integrate in a new project:
Filed under: 502 OK
I think I can beat that.
Server:
// Try to create entity, then if(entity !== null){ websocket.emit("onCreateEntityResult", entity.id); } else { websocket.emit("onCreateEntityResult", "ERROR"); }
Client:
websocket.on('onCreateEntityResult', (data) => { if(data === "Error"){ // Yes. Error. Not ERROR. log("Failed to create entity"); return; } log(`Entity ${data} created`; }); // Or in other places websocket.on('onCreateEntityResult', (data) => { log(`Entity ${data} created. This surely did not fail`); }
SO glad I got editing powers over both sides of that integration.
Edit: to clarify, the type of entity ids was string. This was a user-visible id.
-
Mmm, not quite.
-
I think I can beat that.
I once had to deal with a server that would respond to a successful request by delivering XML and to a failing request by delivering HTML. Writing a client that would do sensible things with that was “amusing”.
-
I think I can beat that.
I once had to deal with a server that would respond to a successful request by delivering XML and to a failing request by delivering HTML. Writing a client that would do sensible things with that was “amusing”.
Same! Except json and HTML. Assholes,the lot of them...
-
Breaking news: the term "emergency" has been redefined.
I bet Trump is very happy to see that.
-
Breaking news: the term "emergency" has been redefined.
I bet Trump is very happy to see that.
Fake news!
-
One whole megabit? I guess the Gig file I was looking at earlier in UltraEdit would be really unsafe...
-
@dkf I've got a resource that behaves like that in my current project. It reports errors when you try to fetch data that they don't have.
And the key is SSNs. Coming from a web form that a user fills in, so plenty of HTML responses.
-
Status:
Remove-Item $RegistryKey
dun-workie.
Remove-Item $RegistryKey.PSPath
workie just fine.POWERSHEEEEEEEEEEEELLLL!!!!
-
Someone at Wikipedia seems to define colors in an new way:
-
Mmm, not quite.
Meh. Perhaps not quite the same meaning either, but I hate those things with a passion.
Filed under: Yeah, I wrote that sentence in passive voice, and I like it that way.
-
Filed under: Yeah,
I wrote that sentence in passive voicethat sentence was written in passive voice by me, andI like it that way.my satisfaction was increased by writing it that wayFTFY.
-
Filed under: Yeah,
I wrote that sentence in passive voicethat sentence was written in passive voice by me, andI like it that way.my satisfaction was increased by writing it that wayFTFYTWFBMFY.Well.
-
Status:
Remove-Item $RegistryKey
dun-workie.
Remove-Item $RegistryKey.PSPath
workie just fine.POWERSHEEEEEEEEEEEELLLL!!!!
Most likely
$RegistryKey | Remove-Item
also works fine, at least if the underlying cause in your first example is the automaticToString()
conversion.
-
Spotify sent me an email: we detected unusual activity on your account. We won't say what it was, so fuck you if you thought you might be able to determine if your password got compromised. It just was unusual. Trust us. We're trustworthy, right? Anyway, so we reset your password. I mean, we did reset your password, but here is a huge green button that you can click to reset your password. Cause you know that resetting means resetting means invalidating, right? Yeah. Words don't have meaning, just ask @Gąska. Ah, right, so back to your password. Did you click the link? And? What? You're bewildered cause the link is no longer valid? Hey, we said we reset your password so you could reset your password, no one said that you could actually reset your password. Anyway, here, just input your email and we'll send you a new link that will reset your password for sure.
We hope you had fun with our completely unambiguous security procedures. Hope you'll use our service again and recommend it to your friends.
Happened. Fucking. Again.
So I reset the password. To the one they helpfully "reset".
-
@JBert
I'll admit I didn't try that, since I was using the $RegistryKey.PSPath in another cmdlet to retrieve information, so I just stuck with that pattern for Remove. But still, such a stupid and unintuitive behavior difference that it would even potentially work differently that way.
-
Someone at Wikipedia seems to define colors in an new way:
Someone didn't CMYK good?
-
@JBert
I'll admit I didn't try that, since I was using the $RegistryKey.PSPath in another cmdlet to retrieve information, so I just stuck with that pattern for Remove. But still, such a stupid and unintuitive behavior difference that it would even potentially work differently that way.
-
@DCoder I thought that people calling 911 when the power goes out was bad enough...
-
@lolwhat
People can get desperate...
-
-
@loopback0 "get paid in tokens"
I'll accept their not-really-money when I can use it to consistently and quickly receive money from it...
-
@Tsaukpaetra Don't forget about all that sweat equity you can earn.
-
@loopback0 said in WTF Bites:
@Tsaukpaetra Don't forget about all that sweat equity you can earn.
I've been reading too much pony fiction. I read that as "equinity"...
-
@Tsaukpaetra I'm not sure that makes it much worse.
-
@Tsaukpaetra said in WTF Bites:
@loopback0 said in WTF Bites:
@Tsaukpaetra Don't forget about all that sweat equity you can earn.
I've been reading too much pony fiction. I read that as "equinity"...
That's when horse racing starts paying out with bitcon. Claim the trademark now!
-
Filed under: Yeah, I wrote that sentence in passive voice, and I like it that way.
That's not passive. You inverted the sentence by using a delayed subject with an existential there.
-
@djls45 Maybe I'm ing, but I wasn't referring to a specific sentence from my post. Rather to the fact that the autocorrect things all go into red-alert mode whenever one writes anything in the passive voice.
From what I'm told, it's apparently mainly Americans that dislike the use of the passive voice because some dude wrote something vague about the passive voice in some style guide like a hundred years ago. Then everbody missed the point and simplifed it to passive voice = bad. (It's a pet-peeve of mine. Sorry about the mini-rant.)
-
-
@cvi What's being said by you is understood by me.
-
@loopback0 said in WTF Bites:
@Tsaukpaetra Don't forget about all that sweat equity you can earn.
Not to mention... EXPOSURE!
-
Find a passion blockchain project
I've heard of people doing a lot of things with blockchain, but this is the first time I've heard of using for that purpose.
@loopback0 said in WTF Bites:
Don't forget about all that sweat equity you can earn.
Sweaty passion.
-
Status: WTF is a "clear popsicle"? Sugared ice?
-
There's this place I sometimes go for lunch that has a loyalty scheme. Every time you get something to eat, they'll stamp your card and when you get enough stamps, you get a free meal.
Of course, this being 2019 and all, this stamp has to be virtual, cause shit, why not!
This place chose an app that's hilarious. First of all, it hasn't been updated for iPhone X, so it looks awful. Second of all, you need to give your phone to the waiter so they can add a stamp and confirm it by submitting their restaurant secret password code (I do hope it changes frequently!).
And last but definitely not fucking least, to put the code in, you have to use a virtual keyboard. Of their design. That's extremely non-deterministic.
-
you have to use a virtual keyboard. Of their design. That's extremely non-deterministic.
I mean, if you can see the waiter's hand but you can't see the screen, that's reasonable, since you have no idea what the pattern is.
-
@loopback0 said in WTF Bites:
@Tsaukpaetra Don't forget about all that sweat equity you can earn.
Not to mention... EXPOSURE!
If I want to expose myself, I'll find something better than sweaty blockchain developers.
-
@pie_flavor said in WTF Bites:
you have to use a virtual keyboard. Of their design. That's extremely non-deterministic.
I mean, if you can see the waiter's hand but you can't see the screen, that's reasonable, since you have no idea what the pattern is.
Does it matter? You just make a few more tries.
-
@pie_flavor said in WTF Bites:
you have to use a virtual keyboard. Of their design. That's extremely non-deterministic.
I mean, if you can see the waiter's hand but you can't see the screen, that's reasonable, since you have no idea what the pattern is.
Does it matter? You just make a few more tries.
Not to mention screen recording software...
-
Source: @jfbastien
The earlier tweets in that conversation are also interesting if you're into C/C++.
-
-
All but the last row are randomized upon display, as a security feature.
-
Second of all, you need to give your phone to the waiter so they can add a stamp and confirm it by submitting their restaurant secret password code (I do hope it changes frequently!).
Security by incompetence.
-
The earlier tweets in that conversation are also interesting if you're into C/C++.
Well that's stupid. And sucks, because the other suggestion for
operator auto
(better deduction for expression templates) would have actually been useful.
-
@topspin Reminds me of C#
case default
.