Post ASqdJ1Db0wEIRCD7E8 by Moon@shitposter.club
(DIR) More posts by Moon@shitposter.club
(DIR) Post #ASqd1Dvj0tYEeMMljk by Moon@shitposter.club
2023-02-19T20:03:40.799517Z
0 likes, 0 repeats
@filippo if someone is actually smart they will not be discouraged from learning or playing with cryptography by being told not to use homebrew cryptography in production.
(DIR) Post #ASqdJ0kWl0yez2btuy by filippo@abyssdomain.expert
2023-02-19T20:06:06Z
0 likes, 0 repeats
@Moon That’s not how humans work, I’m afraid.
(DIR) Post #ASqdJ1Db0wEIRCD7E8 by Moon@shitposter.club
2023-02-19T20:06:53.552479Z
0 likes, 0 repeats
@filippo I'm sorry if my original post sounded snippy btw.
(DIR) Post #ASqgL6RypfUv6dcl6G by sim@shitposter.club
2023-02-19T20:40:59.149017Z
0 likes, 0 repeats
@filippo @Moon Doesn't it depend on the human? Sometimes humans are more likely to do something because people are telling them not to do it. That natural rebellion nature that I keep hearing about. "You don't get to tell me what to do." That type of thing.
(DIR) Post #ASqwtvkeCWs1KGz6Ku by filippo@abyssdomain.expert
2023-02-19T18:10:11Z
2 likes, 2 repeats
There's a fairly broken hand-rolled cryptographic protocol on the HN front page. Its messages can be reordered, dropped, replayed, and reflected.This is why I *don’t* like the “don't roll your own crypto” saying: it didn't stop this from being written and spending hours on the HN front page (but does stop smart folks from getting into the field).https://news.ycombinator.com/item?id=34857411
(DIR) Post #ASr8xBZZ28ToiI7RHE by jsmall@infosec.exchange
2023-02-19T21:33:28Z
1 likes, 0 repeats
@filippo "Don't roll your own crypto" is how people end up using "crypto-js", because it's a "trusted" library, where they choose between 3DES, Rabbit, RC4, RC2 and AES and then follow the documentation to implement unauthenticated CBC mode.