fsebugoutzone.org:9999

       Posts by str4d@abyssdomain.expert
 (DIR) Post #AQhNeFkf4pOrpLgukS by str4d@abyssdomain.expert
       2022-12-17T11:21:38Z
       
       0 likes, 1 repeats
       
       I am once again reminded about spacetime asymmetry in #OpenSource development.I just spent an hour writing a response to an issue raised on one of the libraries I maintain. My day is usually 3-5 hours of meetings/pairings, so I can only give four such answers a day for libraries related to my job, and fewer than that for libraries I maintain in my personal time.Not all questions need that much thought, but even a moderately successful library can result in that budget being quickly consumed.
       
 (DIR) Post #AQhNeIlpqv7bBrGOUi by str4d@abyssdomain.expert
       2022-12-17T11:44:39Z
       
       0 likes, 0 repeats
       
       And &quot;four such answers a day&quot; is the upper limit; I still have the rest of my job to do! If I want to write code to implement features or fix bugs, that takes even more time away from issue discussions.Every software project is a balancing act of engineering resources. Sadly, #OpenSource projects tend to have fewer people involed, and there&#39;s a temporal limit on what individual maintainers can do.Particularly when &quot;being an open source maintainer&quot; isn&#39;t a viable job. This needs to change!
       
 (DIR) Post #AQhNeKiMcnX7DfeeMS by str4d@abyssdomain.expert
       2022-12-17T11:47:45Z
       
       0 likes, 0 repeats
       
       I also just spent over half an hour writing this thread, because words are hard after midnight 😂
       
 (DIR) Post #ASxKkpwnySL6ZFcxe4 by str4d@abyssdomain.expert
       2023-02-23T01:30:13Z
       
       1 likes, 0 repeats
       
       @Rucknium @filippo @matthew_d_green @socrates1024 As I said in the #Zcash Discord, it would be possible to concretely prove this with a ZKP, as the transaction creator knows the encryption keys. The cost is implementing the encryption scheme inside a circuit (as well as the general-purpose ZKP cost if you don&#39;t already have it).Otherwise you&#39;re generally limited to looking for known plaintext structure (e.g. check if it&#39;s valid UTF-8), as the ciphertext usually has no visible structure.
       
 (DIR) Post #ASxKktwF8UGawfOZKC by str4d@abyssdomain.expert
       2023-02-23T01:33:10Z
       
       1 likes, 0 repeats
       
       @Rucknium @filippo @matthew_d_green @socrates1024 However, it&#39;s not necessarily impossible to detect ciphertexts directly, because the usual security definitions for encryption (e.g. IND-CPA or IND-CCA2) are about distinguishing the plaintext that was encrypted, and do not hide _that_ encryption occurred. https://crypto.stackexchange.com/a/74440 gives a nice overview of this (and shows how ciphertext-indistinguishability-from-random implies some more usual security definitions).
       
 (DIR) Post #ASxKkxfNH99MVVX9aS by str4d@abyssdomain.expert
       2023-02-23T01:33:22Z
       
       1 likes, 0 repeats
       
       @Rucknium @filippo @matthew_d_green @socrates1024 The relevant literature here would be on DPI systems and detection avoidance. See also this Noise mailing list thread: https://moderncrypto.org/mail-archive/noise/2018/001456.htmlBut it&#39;s still going to be much easier to detect plaintext structure, if you know the options are &quot;it&#39;s encrypted, or it&#39;s not, but there is still going to be data present&quot;.
       
 (DIR) Post #AU4593XDMTGtl3AX7A by str4d@abyssdomain.expert
       2023-02-11T16:49:55Z
       
       0 likes, 0 repeats
       
       Do you use a YubiKey for FIDO2 authentication (website 2FA, WebAuthn, passkeys, etc) and/or as a SmartCard (signing, encryption, etc), and understand what &quot;PIV&quot; means?I&#39;m trying to figure out how best to convey a thing. Please boost for reach!(If you use a YubiKey for both, answer based on which one you first started using a YubiKey for.)#age #yubikey #ui #ux #2fa #webauthn #passkeys #fido2 #authentication #sign #encryption #gpg
       
 (DIR) Post #Ak6TSErhOQj0a6adXc by str4d@abyssdomain.expert
       2024-07-19T23:13:40Z
       
       0 likes, 0 repeats
       
       @foone I enjoy your long discovery threads like this! Do you want Rust pointers from other people in this one? (I don&#39;t want to drop references to the relevant documentation unless you actually want them.)
       
 (DIR) Post #Ak6WFxoFHOu04UoT32 by str4d@abyssdomain.expert
       2024-07-19T23:47:01Z
       
       0 likes, 0 repeats
       
       @foone @kevin They&#39;re effectively tagged unions and can thus be used safely, as opposed to real unions, which Rust also has and requires unsafe{} to read: https://doc.rust-lang.org/reference/items/unions.html
       
 (DIR) Post #Ak6WZpRq4p0nvlnyAS by str4d@abyssdomain.expert
       2024-07-19T23:48:15Z
       
       0 likes, 0 repeats
       
       @foone which crate are you using?
       
 (DIR) Post #Ak6XRjSQZ7EyzNmd4S by str4d@abyssdomain.expert
       2024-07-20T00:01:20Z
       
       0 likes, 0 repeats
       
       @foone I don&#39;t see any enum support, but it has a preprocessor option that can probably be used to work around it: https://docs.rs/binwrite/0.2.1/binwrite/trait.BinWrite.html#using-a-preprocessor
       
 (DIR) Post #AlTdJIyGGwyIgedFLc by str4d@abyssdomain.expert
       2024-08-30T00:50:35Z
       
       0 likes, 0 repeats
       
       @foone it&#39;s very likely a Linear Voltage Regulator: https://www.repaircompanion.com/smd_code_search/8CD?package=SOT223&amp;pin_count=&amp;manufacturer=