|
The SHA1 collision is documented in a research paper published Thursday. It presents two PDF files that, despite displaying different content, have the same SHA1 hash. The researchers warned that the same technique—which costs as little as $110,000 to carry out on Amazon's cloud computing platform—could be used to create collisions in GIT file objects or digital certificates.
Saying it's dead - as opposed to saying it should be sent to the great server farm in the sky - is overstating it. We all know a decade from now that along with MD5, and plaintext, SHA1 password dumps following breaches will be horrifyingly common.
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, waging all things in the balance of reason?
Is not rather the genius of history like an eternal, imploring maiden, full of fire, with a burning heart and flaming soul, humanly warm and humanly beautiful?
--Zachris Topelius
Training a telescope on one’s own belly button will only reveal lint. You like that? You go right on staring at it. I prefer looking at galaxies.
-- Sarah Hoyt
|
|
|
|
|
Next time, they should warn us with a files count limit as well, not just the bits it uses.
The sh*t I complain about
It's like there ain't a cloud in the sky and it's raining out - Eminem
~! Firewall !~
|
|
|
|
|
Not a problem.
I'm building a new encryption module that will completely throw everyone for a loop.
I call it ROT-14.
I wanna be a eunuchs developer! Pass me a bread knife!
|
|
|
|
|
Based on personal battle scars and my own experience, I tend to judge coding standard documents as guilty until proven innocent. Rule 31415: All variables must be named for characters from novels by Georgette Heyer
Except Freddy, that's used by the system.
|
|
|
|
|
coding standards
There's an oxymoron for you. I'd settle for some very, very basic consistent styles of format and naming conventions.
Note I said "styles" not "standards." Even at that, I'm setting the bar too high.
Marc
|
|
|
|
|
Bad coding standards (by which I mean overly prescriptive ones) can really put people off the idea but it doesn't mean that we shouldn't have them. I tend to think that the language dictates how much detail is required.
For C#, I quite like Erik's one-liner:
Quote: “follow the Microsoft guidelines whenever possible and only include one class per file”
Obviously that's a tad minimal but not too far from the mark.
For SQL, where universal standards are a bit more fluffy, I like a bit more detail. There's nothing worse than a database where there's no consistency in naming styles and you wind up with table names like tblClient (ugh!) ClientThis, Client_That, client_The_Other etc. with joins on Id, ClientId, client_ID and all manner of names.
Similarly, it's hard work trawling through sprocs where people can't be bothered to upper case keywords and don't seem to be aware that white-space is an available option.
Whilst nobody wants to work to a standard that comes on like an old COBOL compiler that bleats about things starting at column 8, at the very least there needs to be a basic naming convention and an insistence on some kind of minimal formatting standard.
Slogans aren't solutions.
|
|
|
|
|
Coding standard should help you write safer and more readable code.
Only that.
Stylistic coding standards are mostly useless (camel case, brackets...)
I'd rather be phishing!
|
|
|
|
|
DeepCoder uses a technique called program synthesis: creating new programs by piecing together lines of code taken from existing software – just like a programmer might. I think I saw that program in Q&A
|
|
|
|
|
Swiping code from places like CP is how quite a lot of code around the world works
Kazaa for example had a bit or two
B
|
|
|
|
|
NS wrote: AI learns to write its own code by stealing So, if I steal code from FB, it is 'my own code'?
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|
|
|
Stealing from one is plagiarism; stealing from many is research.
I'm retired. There's a nap for that...
- Harvey
|
|
|
|
|
o/~ Plagiarize,
Let no one else's work evade your eyes,
Remember why the good Lord made your eyes,
So don't shade your eyes,
But plagiarize, plagiarize, plagiarize...
Only be sure always to call it please, "research". ~/o
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, waging all things in the balance of reason?
Is not rather the genius of history like an eternal, imploring maiden, full of fire, with a burning heart and flaming soul, humanly warm and humanly beautiful?
--Zachris Topelius
Training a telescope on one’s own belly button will only reveal lint. You like that? You go right on staring at it. I prefer looking at galaxies.
-- Sarah Hoyt
|
|
|
|
|
Plagiarized from Tom Lehrer - Lobachevsky
If you have an important point to make, don't try to be subtle or clever. Use a pile driver. Hit the point once. Then come back and hit it again. Then hit it a third time - a tremendous whack.
--Winston Churchill
|
|
|
|
|
Please tell Mr. Reynolds, that this is ain't no programming...
Skipper: We'll fix it.
Alex: Fix it? How you gonna fix this?
Skipper: Grit, spit and a whole lotta duct tape.
|
|
|
|
|
Kent Sharkey wrote: I think I saw that program in Q&A He's the one who can spell correctly.
Or should I say: "the Only one ~~"
I wanna be a eunuchs developer! Pass me a bread knife!
|
|
|
|
|
It would be quite difficult to build a truly working system this way, imho. The output of current machine learning systems are statistical and input/reaction type, meaning it only produce probabilities and may not have "long time memories" (I might be wrong, since I am not an expert in machine learning at present), while programming is a very "precise" and correlated process, any error or mismatch in naming or logic in the execution sequence of the program will most likely kills the program. How one can "debug" a complex system build this way (a black box) that may have plethora of random "bugs" hidden. How could one trust such kind of systems to really "work".
In addition, from my own experiences, program synthesis from existing codes requires knowing, or constructing meta information about the existing codes, so that they can be turned into parameterized templates, which is quite hard for "deep learner", without the guidance from a human, especially the original coder ...
|
|
|
|
|
Information security professionals need to get beyond 'blaming the user' says expert. "This is everybody's fault but mine"
|
|
|
|
|
Sure, user's don't need to know the difference between malware flavors.
However, pretty much any hack against a non-trivial target uses social engineering.
"There are three kinds of lies: lies, damned lies and statistics."
- Benjamin Disraeli
|
|
|
|
|
If users wander through warez sites like a blind man hopping through a minefield and click on everything they see like a cat high on catnip... it's the SysAdmin fault. He did in fact not train them properly (i.e. with a big stick and a salt-loaded shotgun).
* CALL APOGEE, SAY AARDWOLF
* GCS d--- s-/++ a- C++++ U+++ P- L- E-- W++ N++ o+ K- w+++ O? M-- V? PS+ PE- Y+ PGP t++ 5? X R++ tv-- b+ DI+++ D++ G e++>+++ h--- ++>+++ y+++* Weapons extension: ma- k++ F+2 X
* Never pay more than 20 bucks for a computer game.
* I'm a puny punmaker.
|
|
|
|
|
Half of the web’s traffic is now encrypted, according to a new report from the EFF released this week. Of course, most of that is just pig latin and ROT-13
|
|
|
|
|
This message is double encrypted in ROT-13.
I'm retired. There's a nap for that...
- Harvey
|
|
|
|
|
|
|
New research from Washington University in St. Louis shows that, more than often than not, people fall short in determining which co-workers might be trying to edge them out on the job. "There's battle lines being drawn again. Nobody's right if everybody's wrong again"
|
|
|
|