Outer Wilds - The way this game uses music and ambient sound to foster a sense of wonder, dread, excitement, sorrow, and much more is nothing short of incredible. Probably the best game I have ever played.

Subnautica - Equally impressive use of music as Outer Wilds, many of the same feelings, but a much much different vibe and genre.

Return of the Obra Dinn - A grim game where the soundtrack with church bells and heavy string instruments really underscore the mood.

That works but requires that you hand over a key for the hot-spot which makes it significantly more cumbersome, especially compared to airdrop

I love LocalSend, the only downside is that both devices must be on the same network. So it won’t work for sending a file to someone else at a bar.

With the growth of Kubernetes, it’s getting very feasible even for smaller companies to rent their own colocation in a datacenter, shove their own servers into the racks and run the company’s own private cloud.

We did the math at my current employer, and AWS was roughly 20x as expensive as buying your own servers over a 5 year period, including the datacenter costs. Of course this also means you have to take on more responsibility yourself, like swapping hardware if it breaks, and cabling the rack yourself… But nothing that makes up for the 20x price difference.

Ubuntu works just fine. But Canonical has an iffy track record.

Some years ago they bundled an Amazon app with the plain install. For a while it also integrated with the system search by default. So if you searched for a file on your machine, then your search query would also be sent directly to Amazon. You could opt-out but it was enabled by default. Later it was changed to be an opt-in, and I believe it’s entirely removed today.

Besides that they often push technologies that isn’t really fostering the community. When Wayland was slowly gaining traction, Canonical suddenly announced and aggressively pushed Mir, instead of collaborating on Wayland, the preferred making their own alternative.

These days they are pushing their Snaps pretty hard. So back in the day if you apt-get install firefoxyou would get a regular native Firefox install. Today if you do the same it will instead install a Snap of Firefox. Snaps are also a bit funny… Flatpak was gaining traction, and suddenly Canonical decides to build their own alternative instead of contributing to Flatpak.

So all in all, Canonical is making some dodgy business partnerships. The add a good bit of bloat in their regular install, and they constantly build their own (inferior) alternatives to all sorts of stuff.

I’m all for having alternatives and choices, but in Canonical’s case, they generally don’t give you much choice, they just force you to use their alternative. This of course leads to fragmentation, which is unfortunate.

And don’t forget proper training!

The idea is that you could have your data stored encrypted, such that the entity that is storing your data can’t read any of your data, but can still make calculations or updates to your data without ever learning anything about your data.

The use cases seems rather narrow to me, but there are probably many that I just can’t think of at the moment.

One idea could be something like a VPN service that wants to store as little data about the customer as possible. They could keep the account balance in an encrypted format. When you then add money to the balance, they can increment your balance by however much you paid, without knowing what your old balance was or what the new balance is. And they could then have another homomorphic function that can check whether your balance is positive. If your balance is positive you are allowed onto the service, if it’s not positive you don’t get access. And the company wouldn’t be able to know whether you had $5 in your account or $5000, just that your balance is currently positive.

So yeah fundamentally it’s just being able to store and update some data, while the data is fully encrypted, never decrypting the data, to ensure some form of privacy or confidentiality

I agree that = for “not equal” is an abomination.

I have been on Arch , and I’m now running NixOS as my daily driver… IMO NixOS is less of a hassle to set up, and nearly maintenance free compared to Arch… Twice a year when the channel updates there’s a bit of stuff, but every change I need to make is usually explained in the output of my nixos-rebuild… If something suddenly breaks in an update, I just boot into my previous generation, roll back my flake.lock and wait a few days for a fix to be available…

The right tool for the right job ¯\(ツ)/¯

https://lemmy.zip/post/43980283/20194352

Unittest in Python, enjoy! If you pass it with a function like the one in OPs picture, you have earned it.

import unittest
import random

class TestOddEven(unittest.TestCase):
    def test_is_odd(self):
        for _ in range(100):
            num = random.randint(-2**63, 2**63 - 1)

            odd_num = num | 1
            even_num = num >> 1 << 1

            self.assertTrue(is_odd(odd_num))
            self.assertFalse(is_odd(even_num))

    def test_is_even(self):
        for _ in range(100):
            num = random.randint(-2**63, 2**63 - 1)

            odd_num = num | 1
            even_num = num >> 1 << 1

            self.assertTrue(is_even(even_num))
            self.assertFalse(is_even(odd_num))

if __name__ == '__main__':
    unittest.main()

Last time I used EndeavourOS, I managed to get the graphical installer to install BTRFS on LUKS, it did require custom partitioning in the graphical installer, snapper just worked after that.

Zram (or was it Zswap?) was pretty easy to enable after installatiok

The bootloader might be beyond what the graphical installer can do though… I never really bothered switching…

You are correct about the miscommunication bit.

But when you lease a car, do you get told when the lease ends?

When you buy a license for a game, do you get told when that license ends?

I gotta ask, what is it you want that the installer doesn’t provide?

You are correct for regular hash functions, but a cryptographic hash function has stronger requirements.

MD5 was supposed be a cryptographic hash function, but it was found to be flawed all the way back in 1996, and has been discouraged ever since… Now it’s too weak to be used in a cryptographic setting, and too slow to be used in non-cryptographic settings.

This is why hashes like xxhash is considered a non-cryptographic hash function, while SHA-256 is considered a cryptographic hash function.

Oh shit! You are completely correct… I looked up my math, and apparently I put a mutiplication sign instead of a power-of sign…

That’s horrifically wrong, but as you mention, still not strong enough…

I have struck out the parts where I was wrong.

Cryptography is the practice of hiding and protecting information.

Modern cryptography is about computer algorithms.

These computer algorithms are notoriously hard to invent, and even just to implement.

Cryptography is a constant cat and mouse game. Some people will attempt to build new algorithms, and some people will be trying to break these algorithms. In some situations people are doing this benevolently, where researchers will look for weaknesses so they can be fixed. In other situations people are malicious and an looking for weaknesses to exploit them.

Inventing a new algorithm usually takes years, and then it’s researched for even more years to make sure there are no obvious weaknesses.

Then people implement these algorithms and these implementations are then again researched for long times to look for weaknesses.

Inventing a new algorithm is insanely hard, and only a rather small amount of people around the world has had decent success.

But even if you have a good algorithm that is theoretically secure, then when you try to implement it in actual code, it’s again incredibly easy to make mistakes that completely undermine the security.

What the OP did was to try to invent a new algorithm. OPs algorithm is very flawed and easily broken. Then OP wrapped it in a Web page that purported to allow you to securely encrypt something. And used words like “crazy strong encryption” which could lead others to think the service is safe and secure, and rely on it for something critical, only for their security to be utterly compromised.

The mantra in the security community is “Don’t roll your own crypt”, and OP rolled their own crypto, and failed, without giving a proper disclaimer.

So this basically runs key derivation by taking the password, SHA-256 hashing it, and feeding the result to a SecureRandom. Then XORs the output of SecureRandom with the plaintext in CBC mode with a block size of 1 byte… CBC meant this isn’t protected against tampering, since the encryption mode isn’t authenticated. And the blocksize of 1 byte, means you can attack each character of the ciphertext one at a time.

This is a woefully inadequate key derivation, and the actual encryption seems fairly flawed. I only have a basic Cryptography 101 course under my belt, and while I don’t have the skill to obviously break it, it absolutely makes the hair on my neck stand up…

Discounting any weaknesses in the actual crypto, the heaviest part of this algorithm is the actual SHA-256 hash, and with some tweaking, I’m sure someone determined could modify hashcat to attack this encryption directly. I just had a look at some Hashcat benchmark on an AWS p5en.48xlarge instance, which has 8x Nvidia H100 GPUs. These together can churn out 126.9 Giga-hashes per second on SHA-256. Which means it can try ALL alpha-numeric passwords with 12 characters in just around 0.59 nanoseconds. This instance isn’t cheap, as it costs around $64 per hour to run, but at that speed you don’t have to run it for very long anyway.

So even at the worst-case, of having to brute-force your XOR encryption algorithm, breaking it will be trivial.

Please don’t roll your own crypto… Or if you do, please make it very clear to anyone that it’s your own hobby project, and that it shouldn’t be relied upon for actual security.

EDIT: apparently I can’t operate a calculator