20

fuck code.org.

here are a few things that my teacher said last class.

"public keys are used because they are computationally hard to crack"

"when you connect to a website, your credit card number is encrypted with the public key"

"digital certificates contain all the keys"

"imagine you have a clock with x numbers on it. now, wrap a rope with the length of y around the clock until you run out of rope. where the rope runs out is x mod y"

bonus:

"crack the code" is a legitimate vocabulary words

we had to learn modulus in an extremely weird way before she told the class that is was just the remainder, but more importantly, we werent even told why we were learning mod. the only explanation is that "its used in cryptography"

i honestly doubt she knows what aes is.

to sum it up:

she thinks everything we send to a server is encrypted via the public key.

she thinks *every* public key is inherently hard to crack.

she doesnt know https uses symmetric encryption.

i think that she doesnt know that the authenticity of certificates must be checked.

Comments
  • 7
    @irene but it is backwards, should be y mod x
  • 3
    What @irene said (even though x and y may be switched). Another reason the rope example is important is that it builds the intuition of what happens in a general group, whereas "remainder" is something tied to the integers. Most cryptographic operations depend on some abstract algebra construct, like groups (Diffie-Hellman, El-Gamal) and fields (AES).
  • 1
    @irene yeah, the point is what @aritzh noticed, but it's much more confusing then just saying "the remainder"
  • 3
    @calmyourtities if you think this isn't worth it then there's a crypto course from Stanford on Coursera. Also, the book Cryptography and Network Security by William Stallings.
  • 2
    @irene people who cant handle elementary school math shouldnt be handling my credit card numbers and passwords.

    @RememberMe thanks for the recommendation but im not really taking this course by choice. ive implemented most of these protocols myself for fun.
  • 2
    The biggest problem I've always had with education is the lack of pull requests.

    I learn something from it, but also notice something that's wrong — now what is the procedure for forking, patching and merging that incorrect info?

    And if I can't submit a PR, how can I trust the information I don't know much about to be correct?
  • 1
    So no mention of private keys?
Add Comment