Do all the things like ++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatarSign Up
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple APILearn More
Search - "md5"
Brilliant Stakeholder: of course communication with our backend will be encrypted with an algorithm I'll confidentially share with you once the contract is signed
Senior Developer: npm install md51
I wrote an auth today.
Without frameworks. Without dependencies. Without under-the-hood magic. Without abstract pluggable adaptor modules for the third-party auth library with 63 vulnerabilities and 1252 GitHub issues. Without security vulnerabilities showing up in NPM log. Without dependency of a dependency of a dependency using md5 and Math.random() under the hood for historical reasons, and now we're fucked, because this is the only lib for our framework, and we have no time to write our own replacement. Without all that shit.
Rock-solid, on top of scrypt. Stateless and efficient.
It felt amazing.9
Here's a fucking challenge:
Generate an MD5 hash in React Native!
crypto - NOPE deprecated, react native throws when you try to import it anyway
react-native-crypto - NOPE, needs to make use of a shim that recursively edits node_modules... hmmmm yeah you think thats a good thing to have?
react-native-fast-crypto - NOPE, no TypeScript types, no documentation in general, only supports sha512?! WTF
garbage fucking idiot tooling stupid dumbass stupid splat splat barf splat22
Alright, I sometimes... Alright often... almost every night while trying to fall asleep... imagine applications on an NP computer. No, I don't claim there is a NP computer. But still...
Alright, if you don't wanna think of NP computer... Think of non-deterministic turing machines, which are NP computers....
Quick recap about the NP rules:
- If you have a problem with a realm of solutions, your computer will guess the right answer in O(1), if an answer exists.
- After guessing an answer you have to confirm it using a normal deterministic approach that the answer is correct. No unconfirmed answers, no ambiguity.
Anyway... Data compression in an NP computer. I will make a claim that I don't wanna look up or calculate, but think it is correct:
1. There is a number n. If we have any number of bits smaller or equal to n, we cannot find two combination of bits, so that combination 1 and combination 2 both evaluate to the same md5 hash and have the same length.
2. The given number n is really large, so that at least a few gigabytes, if not terabytes can be described by it. (Hash collisions are generally allowed, just not between two hashes with the same amount of bits within the bit amount of n)
Now it is possible to send a whole file by just sending it's md5hash and how many bits are in the file (as long as the file is smaller or equal to n, otherwise slice it). Because the other side can just decompress it by guessing the right program and confirming it by hashing it again.
This would be compressed in O(n) and decompressed in O(n). So it would be extremely fast.
I mean, sometimes it is a pity that we don't have NP computers, but given that with enormous amounts of calculation powers and or enough memory space, every NP program can be run on a P computer, we can conclude that technically md5 is compression. Even though our computers are far too slow to actually use it as such.
Obviously not limited to md5. True for other hashes. Just n changes.4
At work thres a legacy "common" DLL, which held a helper function that's incharge of creating Slugs, it takes an MD5 of the current time stamp UTC, removing non-URLable chars, and taking the first N chars that remain then
Ngl I was impressed at first at it, but then I thought, its Uniqueness isnt guaranteed
But then again I thought, the uniqueness can be tested via a call given it's indexed anyway in DB so O(1), and if non-unique, just re-call the function. Even in the worst case scenario the hits won't be that many anyway
I didnt change the code, tho at first I was inclined to given my "it isnt proven-unique" stance but am wondering, if this is a good approach
While coolish, it seems wrong in the back of my mind somehow...1