Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
-
fuck code.org.
here are a few things that my teacher said last class.
"public keys are used because they are computationally hard to crack"
"when you connect to a website, your credit card number is encrypted with the public key"
"digital certificates contain all the keys"
"imagine you have a clock with x numbers on it. now, wrap a rope with the length of y around the clock until you run out of rope. where the rope runs out is x mod y"
bonus:
"crack the code" is a legitimate vocabulary words
we had to learn modulus in an extremely weird way before she told the class that is was just the remainder, but more importantly, we werent even told why we were learning mod. the only explanation is that "its used in cryptography"
i honestly doubt she knows what aes is.
to sum it up:
she thinks everything we send to a server is encrypted via the public key.
she thinks *every* public key is inherently hard to crack.
she doesnt know https uses symmetric encryption.
i think that she doesnt know that the authenticity of certificates must be checked.7 -
What makes free ssl "Unsuitable for e-commerce websites", Please read to end to see my view point.
From Namecheap:
Free Certificates are domain validation only which means they don't certify the identity of the website owner, they simply ensure a secure connection. Customers can't be sure of the integrity and trustworthiness of the website owner. If you need to secure credit card and personal information on e-commerce websites, free certificates aren't the answer. It's important your customers trust your business is safe enough to hand over these details. To gain this trust, you need a certification of your authenticity, which you can only get with a (paid) Business Validation or Extended Validation SSL Certificates.
https://namecheap.com/security/...
* "To gain this trust, you need a certification of your authenticity"
~ But isn't that just Domain Verification and other Extras, What justifies somebody or business's authenticity? Tax Id, Valid Address, Nobody is going to study the ssl cert to make sure that amazon.com is a valid business and has a tax Id.
* "domain validation only which means they don't certify the identity of the website owner,"
~ Wouldn't this just be the domain validation test that is required when using services like LetsEncrypt using Certbot etc, or are we referencing back to this idea that they look for a Valid Tax Id sort of thing?
* "If you need to secure credit card and personal information on e-commerce websites, free certificates aren't the answer"
~ Why is the paid version going to do double encryption, is the CA going to run a monitoring tool to scan for intrusions like a IDS or IPS? (disregard the use of DNS Validation being in the picture)
Am I missing something, this just seems like well crafted text to get people to buy a cert, I could understand if the encryption was handled differently, Maybe if they checked the site for HSTS or HTTPs Redirect or even, They blocked wildcard SSL before and now with the paid its included, but overall it doesn't sound like anything special. Now I'm not just picking on namecheap because domain.com does the same.14 -
Emily Chang cameo on Silicon Valley just added to the authenticity of the show and attention to detail. She was giving a report on background TV in a short scene.
She does a great job on Studio 1.0. She has interviewed many tech and CEO's. Last weekend interview with Arianna Huffington was surprisingly valuable in the advice it gave to young startup CEO's. -
Plans for 2019 are to release two products.
1. A text-based strategy game engine that will act as the core of two or more progressive web applications, using Node.js/Express, EJS, and SCSS. It will be proprietary, subscription-based, and playable 24/7 online or offline as a web site or mobile app with nightly/weekly/monthly events and items (think KoL, on steroids, with butter on top.)
I am currently undecided whether to go with MongoDB, MySQL or PostgreSQL, so any feedback - without derailing the other choices, and understanding that it needs to be minimal at first with the ability to expand to millions of users - would be appreciated.
2. I'm sculpting collectors figurines of guinea pigs, molding, casting and then selling a limited set that are hand-painted by me with a certificate of authenticity, as well as marketing blank versions of each with a choice of three colors (including white, and either red or black for eyes - a total of five) for people to either paint by themselves, family members, or friends.
This will also have a website that allows you to choose the breed and colors (changing the picture according to your choices), as well as allowing people to use it as a social media outlet - as if their own guinea pigs had profiles instead of humans. It's also planned to support rescues worldwide and educate folks about properly caring for cavies.4 -
META-LUCK: A Pseudo-Ontology Of An Authentic Future
* * *
I think in the not-to-distant future we will abandon the idea of authenticity (messaging, corporate responsibility, ethos) in favor of other factors, such as cost. We won't abandon it and replace it with fakeness, so much as realize
that we don't, as a society favor it at all, not in the absolute sense, nor in the relative sense like in relation to things like cost.
We will either abandon authenticity entirely, or alternatively, transition to a world where authenticity is the highest valued quality, being adjacent to truth.
Heres why. Authenticity, like all social qualities, can be 1. mimicked, 2. simulated,
or 3. emulated.
In the first case, a corporation, product, leader, organization, or other, apes authenticity simply by its knowable, external features. It mimics the sounds, like a jungle bird copying a jack hammer to scare away predators or attract mates.
There is no understanding, let alone model, external or internal. The successful mimic
is little more than a lifeless, unthinking puppet.
In the second case, the attempted authentic simulates authenticity: That is, an external
model is formed, or pattern, that is predictable, and archetypal. It may have an internal
model even, a set of policies and processes for deciding the external-facing behavior.
But these policies and internal processes and models are all strictly outward facing. It is purely pathological in its goal, desiring only at minimum to achieve *externally attribute* authenticity (public opinion) rather than those internal changes that generate the true perception of the public--a perception not of surface behaviors and shrewd calculating policies and processes, but as a quality of authenticity for its own sake. This is in some sense the difference between the mundane and the atavistic, that the benefit, while not definable strictly, is assumed as a 'matter of course', culturally, within the organization or individual or company. It is to say, a *quality* of the thing, that *generates* outputs of a certain character and nature, rather than a *goal* that is attained 'after-the-fact' by behaviors generated for *other* than being authentic.
Here we reach the limitation of definitions.
Finally, we arrive at the case of number three, the emulation. We have in part already described it, but lets try and summarize a bit.
The Authentic is an *originator* of behavior and outward appearances, being an internal quality of a person or organization. It originates behavior, rather than being the goal of behavior and outward appearances.
Its benefit is assumed, though not always nameable or definable, even though this sounds naive, superseding other factors like cost and profit. As such the authentic does not emerge in a cost-focused environment, not readily, not often, and not cheaply either.
It is in some sense an experimental state of being, of goal-seeking only after-the-fact of "being true to ones origins" is established above and beyond those goals--setting and achieving only those goals which ultimately align with the origin and intent of the authentic.6 -
In the pursuit of sobriety and authenticity in friendship, all I am left with is a deep loneliness caused by people pleasing and being used 🙄8
-
Candidates must check application essay sample to suit their specific purpose
Students require checking any available application essay (https://wikihow.com/Write-an-Applic...) sample for its authenticity and reliability. In this regard, students should remember that maximum number of the papers available on-line, mostly free, is simply the cut and paste job, which make the task of candidates difficult in making their decision. Therefore, it is essential to check the quality of written work of such samples, while students need hunting for the example, which can suit their purpose
For example, students desiring admission to a particular course program in pathology, would need an essay sample, which would relate to the field of analytical medicine, while any written work on the subject of pathological laboratory tests can be excellent. However, finding the topic specific essays like this one would be very difficult, as students need ordering such customized essays.
Therefore, students require spending quite some time in conducting a proper research to find the reliable and trust-worthy essay writing service for getting their customized essay written within the scheduled delivery time. In addition, students should check the sources that the writer would have used for gathering the information, which is presented in the essay, to support its thesis statement.
However, the following guidelines would help students to check the available application essay sample, with regard to its essential ingredients that should be present in such essays. Nevertheless, students could also go through a good term paper help to learn the art of writing a well-defined essay, which can ensure their admission to the coveted course program.
Introduction and the essay topic
Students should check the introduction part of the sample and the method of presenting the topic in it. In addition, the writer should formulate a close link of the topic problem with the thesis statement of the essay. However, as admission officers do not expect candidates to write research papers as their admission essays, the topic question and hypothesis of the essay should be very simple and easy to understand.
However, the topic of the application essay sample should be close to the theme of the assignment. In addition, the students should check the method of presenting arguments in the main essay body, while its introduction should provide hints about them, in brief. Therefore, the sample should provide supporting details like personal examples, while addressing the essay topic.
Check essay language and structure
The language used in the available application essay sample by type of https://500wordessay.org/blog/... should be simple and vivid, while the examples accompanying the discussions should be reader-friendly and easy to understand. Students should realize that selecting officers do not expect them to use any complex terms in their admission essay, as it would give an indication of their bragging, without much reason to do so.
In addition, the essay organization should be such that the contents are transparent and free flowing, while the whole essay writing must be cohesive. Nevertheless, students should look at research paper help for learning the art of locating a good essay sample, on-line.
However, they can find more tips to check the quality of an application essay sample from custom essays.
18 -
They asked me to build a small website they will embed in a native application with some web wrapper in Android and iOS.
But also asked me to build a login web service that will return a JWT. Done.
They want to do a native code login form that opens up the web wrapper with my small website already logged in using the login web service.
I have no idea how to proceed in the backend.
At first i tried using postman with a POST request to the sessions/sign_in route and sending a form with the authenticity token and the email and password; but CSRF stopped me. I don't want to turn it off because of reasons.
Now i am wondering how to use this JWT to generate a cookie with a session inside it that they can use in the web wrapper.
Any help would be appreciated :)4
Top Tags
Weekly Rant
View