Was letting my five year old cousin play on my laptop today. She was writing numbers in notepad, and after typing '123', she erased them because she wanted to start over from 0 instead.

Later she started typing 1 and 0 repeatedly in random sequence.

She may be a robot. Either way, I sense a bright future ahead for her.

To become an engineer (CS/IT) in India, you have to study:
1. 3 papers in Physics (2 mechanics, 1 optics)
2. 1 paper in Chemistry
3. 2 papers in English (1 grammar, 1 professional communication). Sometimes 3 papers will be there.
4. 6 papers in Mathematics (sequences, series, linear algebra, complex numbers and related stuff, vectors and 3D geometry, differential calculus, integral calculus, maxima/minima, differential equations, descrete mathematics)
5. 1 paper in Economics
6. 1 paper in Business Management
7. 1 paper in Engineering Drawing (drawing random nuts and bolts, locus of point etc)
8. 1 paper in Electronics
9. 1 paper in Mechanical Workshop (sheet metal, wooden work, moulding, metal casting, fitting, lathe machine, milling machine, various drills)
And when you jump in real life scenario, you encounter source/revision/version control, profilers, build server, automated build toolchains, scripts, refactoring, debugging, optimizations etc. As a matter of fact none of these are touched in the course.
Sure, they teach you a large set of algorithms, but they don't tell you when to prefer insertion sort over quick sort, quick sort over merge sort etc. They teach you Las Vegas and Monte Carlo algorithms, but they don't tell you that the randomizer in question should pass Die Hard test (and then you wonder why algorithm is not working as expected). They teach compiler theory, but you cannot write a simple parser after passing the course. They taught you multicore architecture and multicore programming, but you don't know how to detect and fix a race condition. You passed entire engineering course with flying colors, and yet you don't know ABC of debugging (I wish you encounter some notorious heisenbug really soon). They taught 2-3 programming languages, and yet you cannot explain simple variable declaration.
And then, they say that you should have knowledge of multiple fields. Oh well! you don't have any damn idea about your major, and now you are talking about knowledge in multiple fields?
What is the point of such education?
PS: I am tired of interviewing shitty candidates with flying colours in their marksheets. Go kids, learn some real stuff first, and then talk some random bullshit.

Welcome back to practiseSafeHex's new life as a manager.

Episode 2: Why automate when you can spend all day doing it by hand

This is a particularly special episode for me, as these problems are taking up so much of my time with non-sensical bullshit, that i'm delayed with everything else. Some badly require tooling or new products. Some are just unnecessary processes or annoyances that should not need to be handled by another human. So lets jump right in, in no particular order:

- Jira ... nuff said? not quite because somehow some blue moon, planets aligning, act of god style set of circumstances lined up to allow this team to somehow make Jira worse. On one hand we have a gigantic Jira project containing 7 separate sub teams, a million different labels / epics and 4.2 million possible assignees, all making sure the loading page takes as long as possible to open. But the new country we've added support for in the app gets a separate project. So we have product, backend, mobile, design, management etc on one, and mobile-country2 on another. This delightfully means a lot of duplication and copy pasting from one to the other, for literally no reason what so ever.

- Everything on Jira is found through a label. Every time something happens, a new one is created. So I need to check for "iOS", "Android", "iOS-country2", "Android-country2", "mobile-<feature>", "mobile-<feature>-issues", "mobile-<feature>-prod-issues", "mobile-<feature>-existing-issues" and "<project>-July31" ... why July31? Because some fucking moron decided to do a round of testing, and tag all the issues with the current date (despite the fact Jira does that anyway), which somehow still gets used from time to time because nobody pays attention to what they are doing. This means creating and modifying filters on a daily basis ... after spending time trying to figure out what its not in the first one.

- One of my favourite morning rituals I like to call "Jira dumpster diving". This involves me removing all the filters and reading all the tickets. Why would I do such a thing? oh remember the 9000 labels I mentioned earlier? right well its very likely that they actually won't use any of them ... or the wrong ones ... or assign to the wrong person, so I have to go find them and fix them. If I don't, i'll get yelled at, because clearly it's my fault.

- Moving on from Jira. As some of you might have seen in your companies, if you use things like TestFlight, HockeyApp, AppCenter, BuddyBuild etc. that when you release a new app version for testing, each version comes with an automated change-log, listing ticket numbers addressed ...... yeah we don't do that. No we use this shitty service, which is effectively an FTP server and a webpage, that only allows you to host the new versions. Sending out those emails is all manual ... distribution groups?? ... whats that?

- Moving back to Jira. Can't even automate the changelog with a script, because I can't even make sense of the tickets, in order to translate that to a script.

- Moving on from Jira. Me and one of the remote testers play this great game I like to call "tag team ticketing". It's so much fun. Right heres how to play, you'll need a QA and a PM.

*QA creates a ticket, and puts nothing of any use inside it, and assigns to the PM.
*PM fires it back asking for clarification.
*QA adds in what he feels is clarification (hes wrong) and assigns it back to the PM.
*PM sends detailed instructions, with examples as to what is needed and assigns it back.
*QA adds 1 of the 3 things required and assigns it back.
*PM assigns it back saying the one thing added is from the wrong day, and reminds him about the other 2 items.
*QA adds some random piece of unrelated info to the ticket instead, forgetting about the 3 things and assigns it back.

and you just continue doing this for the whole dev / release cycle hahaha. Oh you guys have no idea how much fun it is, seriously give it a go, you'll thank me later ... or kill yourselves, each to their own.

- Moving back to Jira. I decided to take an action of creating a new project for my team (the mobile team) and set it up the way we want and just ignore everything going on around us. Use proper automation, and a kanban board. Maybe only give product a slack bot interface that won't allow them to create a ticket without what we need etc. Spent 25 minutes looking for the "create new project" button before finding the link which says I need to open a ticket with support and wait ... 5 ... fucking ... long ... painful ... unnecessary ... business days.

... Heres hoping my head continues to not have a bullet hole in it by then.

Id love to talk more, but those filters ain't gonna fix themselves. So we'll have to leave it here for today. Tune in again for another episode soon.

And remember to always practiseSafeHex

I laughed at how in the movies hacking is portrayed as some person clicking a lot buttons really quickly in a very flashy UI. There's a picture of America and sometimes there's a 3d model rotating for no good reason or a bunch of random numbers floating across the screen. They use random hacking related terms like: backdoor, DDoS...etc in their sentences.

At least they did their research...

I JUST FINISHED MY FIRST NEURAL NETWORK!!!

But first of all, as I know you guys, it's spaghetti code and even I as a newb see places where I used too few-dimensional array or passed useless parameters or simply wrote too many redundant lines of code. I know it. I will make it MUCH better next time. Period.

But OMFG this made me scream from happiness today!! Just these few seemingly random numbers... I'm really done.. That's why I jumped into coding year or two ago..

And for some background, I didn't study any IT school, I'm just highschooler (general grammar school) who traded gaming for learning. Also my maths teacher teached NNs on university and is very keen to teach me, so that's that.

Now I wanna make the best out of it and I'm looking forward to write some well documented and flexible library, parallelized and everything (I'm gonna learn a lot in the process of doing this) better then FANN.

Maybe I'm gonna fail(99% probability but hey, I'm programmer beginner, I still think I can code everything I want). But if there is just one moment like when I saw this screen today, I'mma trade my life for it.

Sorry for taking your time guys, I was just genuinely stunned... A lot

Heck yes!

I implement a stack trace in my embedded systems!

Whenever a device crashes, it makes a stack dump in an unused part of ram.
After it has rebooted and is connected to the server again, it uploads the stack dump.

The server then opens the correct firmware elf file, walks the stack and associates the debug info from the elf.

The result? A beautiful stack trace with file names, function names and line numbers.

No more guessing where random crashes come from.

The last year my school installed MagicBoards (whiteboard with beamer that responses to touch) in every class room and called itself "ready for the future of media". What they also got is A FUCKING LOW SPEC SERVER RUNNING DEBIAN 6 W/O ANY UPDATES SINCE 2010 WHICH IS DYING CONSTANTLY.

As I'm a nice person I asked the 65 y/o technician (who is also my physics teacher) whether I could help updating this piece of shit.

Teacher: "Naahh, we don't have root access to the server and also we'll get a new company maintaining our servers in two years. And even if we would have the root access, we can't give that to a student."

My head: "Two. Years. TWO YEARS?! ARE YOU FUCKING KIDDING ME YOU RETARDED PIECE OF SHIT?! YOU'RE TELLING ME YOU DON'T HAVE TO INSTALL UPDATES EVEN THOUGH YOU CREATE AN SSH USER FOR EVERY FUCKING STUDENT SO THEY CAN LOGIN USING THEIR BIRTH DATE?! DID YOU EVER HEAR ABOUT SECURITY VULNERABILITIES IN YOUR LITTLE MISERABLE LIFE OR SOUNDS 'CVE-2016-5195' LIKE RANDOM LETTERS AND NUMBERS TO YOU?! BECAUSE - FUNFACT - THERE ARE TEN STUDENTS WHO ARE IN THE SUDO GROUP IF YOU EVEN KNOW WHAT THAT IS!"

Me (because I want to keep my good grades): "Yes, that sounds alright."

When it comes to users, perception is everything.

The task: Choose x random contractor numbers for us to assign to y jobs.

Me: How many contractors are there?
Mgr: 25
Me: How many jobs need assignment?
Mgr: 25
Me: Does the program need to assign contractors to individual jobs?
Mgr: No, we just need the 25 contractor numbers
Me: Well in that case just use the list I gave you earlier.
Mgr: No, we can't do that. It won't be random
Me: 😑😑😑😑😑

Fix? Return a list of 25 contractor numbers in a slightly different order than the one originally submitted (5 or 6 items moved around)

The manager was pleased.

It's kind of neat knowing people who are famous for things I don't care about, and having their numbers / talking semi-regularly. They're a special person to so many others, but to me they're just some random person that's mildly annoying.

Like API Guy.
Freaking API Guy.
He's a millionaire musician who's adored by literally millions of people, but none of them know he writes absolutely terrible APIs, zero tests, rushes to the shiniest new things, and happily agrees to everything (often without listening) only to deny it later. Absolutely infuriating.

Or knowing one of Netscape founders as that strange and really terrible trumpet player with the great tequila. He did give me his copy of The C Programming Language (the bible) though. He was cool. Super weird, but cool.

It's just a strange feeling. I don't care, and yet others inexplicably think I should. I don't understand it. They're just people? idk.

A month ago I had some medical tests, the next morning, the clinic's send a email with my results. Oh surprise, unbelievable security flaws. They sent me a link without any kind of authentication, token, or security. I looked at my results, and by entering consecutive and random numbers I was able to download a lot of results and folders of other patients. I wrote an email to the clinic informing them of this situation and their response was "Thank you". Today I have accessed the link and the error is still present. I am going to notify higher health authorities.

I got a friend who likes to travel randomly to random places.. he now found some dudes who share this hobby.

So now there is a thing running on my server ticking everyday, 10am, with a 1:150 probability to send a sms to 7 numbers (including me) which tells them to travel to budapest.

FYI: he and his friends study engineering, i study too. So 1:150 may sound pretty low at first but we don't have that much time over the year actually.:D

Russian Roulette Travelling is a thing now.😁

ARGH. I wrote a long rant containing a bunch of gems from the codebase at @work, and lost it.

I'll summarize the few I remember.

First, the cliche:
if (x == true) { return true; } else { return false; };
Seriously written (more than once) by the "legendary" devs themselves.

Then, lots of typos in constants (and methods, and comments, and ...) like:
SMD_AGENT_SHCEDULE_XYZ = '5-year-old-typo'

and gems like:

def hot_garbage
magic = [nil, '']
magic = [0, nil] if something_something
success = other_method_that_returns_nothing(magic)
if success == true
return true # signal success
end
end

^ That one is from our glorious self-proclaimed leader / "engineering director" / the junior dev thundercunt on a power trip. Good stuff.

Next up are a few of my personal favorites:

Report.run_every 4.hours # Every 6 hours
Daemon.run_at_hour 6 # Daily at 8am

LANG_ENGLISH = :en
LANG_SPANISH = :sp # because fuck standards, right?

And for design decisions...

The code was supposed to support multiple currencies, but just disregards them and sets a hardcoded 'usd' instead -- and the system stores that string on literally hundreds of millions of records, often multiple times too (e.g. for payment, display fees, etc). and! AND! IT'S ALWAYS A FUCKING VARCHAR(255)! So a single payment record uses 768 bytes to store 'usd' 'usd' 'usd'

I'd mention the design decisions that led to the 35 second minimum pay API response time (often 55 sec), but i don't remember the details well enough.

Also:
The senior devs can get pretty much anything through code review. So can the dev accountants. and ... well, pretty much everyone else. Seriously, i have absolutely no idea how all of this shit managed to get published.

But speaking of code reviews: Some security holes are allowed through because (and i quote) "they already exist elsewhere in the codebase." You can't make this up.

Oh, and another!
In a feature that merges two user objects and all their data, there's a method to generate a unique ID. It concatenates 12 random numbers (one at a time, ofc) then checks the database to see if that id already exists. It tries this 20 times, and uses the first unique one... or falls through and uses its last attempt. This ofc leads to collisions, and those collisions are messy and require a db rollback to fix. gg. This was written by the "legendary" dev himself, replete with his signature single-letter variable names. I brought it up and he laughed it off, saying the collisions have been rare enough it doesn't really matter so he won't fix it.

Yep, it's garbage all the way down.

A teacher from high school.

I finish the assignment early, shit on everyone’s head in terms of speed and performances and this guy first praises me, then slams the keyboard with random chars, letters and weird shit in an application which was supposed to only accept numbers.

“But… the requirements said…”
“I’m your manager and I am dumb af. Trust me, this will happen a lot irl.”

Very long story ahead!

Yesterday in the evening a friend of mine (calling him F from now on) became the target of something new to me...
Apparently one can fake his phone number through some fishy ways and call people with that number. Someone (we think we might know who it was, the why is at the end) did this yesterday to F.
Here's the whole story:
We were just talking together on a TeamSpeak Server (a program to talk to others on the internet) when suddenly another friend said: "F, why did you just call me three times in a row?" That was the first thing that was a bit suspicious. After that, F got calls from random numbers (even Afghanistan, we are German), and they said something like "Have fun with the police coming to your house". Then there was silence. 10 minutes later his phone rang and there were a ton of pizza delivery services in his town that apparently got pizza orders from him. Then there was silence, again. Suddenly someone with a hidden number called him, a woman's voice said they were the police and if F doesn't stop calling the police there will be consequences. F then told her what was going on but I think she didn't really care. She then wanted to know where F lives, but I told him not to say that, because if it is the police they can find it out by themself and if it's not, they don't need to know that.
Now, a short break: There is some fake information going around about where F lives. I can't remember when we found out but the attacker thought he would actually live there. No idea what happened at that location...
Now back to the story:
Time went by, nothing really happened. Suddenly F shouted: "There are blue lights outside! The police is here!" He muted his microphone and (the following is what he told us what happened) went down to the door (remember, he is 16) and there were two police men. They were asking about why he called the police. F explained what we knew until then, about number spoofing and stuff... They sent a more technical person to him, he understood what F was trying to explain. The police men drove away and he came back to tell us what happened. (Now we get back to what I heared myself.) The mom came in, screamed something that I couldn't understand, and F went offline. We searched who the attacker could have been. And we are pretty sure we found him. That guy connected to our Minecraft server (that's where I know F from) with his real IP, and his main account, which made it easy to search. He also got a static IP which means it doesn't change. We also got some information that in the recent days this guy was talking about VoIP spoofing and such stuff. Another friend of mine, a bit older, found some proofs and I think he will go to the police.

That's it. Thanks for reading.

Seems about right

Just heard at the coffee machine: "Well, does that mean I'm not allowed to use Trump's quotes to seed the random numbers generator?"

WASM was a mistake. I just wanted to learn C++ and have fast code on the web. Everyone praised it. No one mentioned that it would double or quadruple my development time. That it would cause me to curse repeatedly at the screen until I wanted to harm myself.

The problem was never C++, which was a respectable if long-winded language. No no no. The problem was the lack of support for 'objects' or 'arrays' as parameters or return types. Anything of any complexity lives on one giant Float32Array which must surely bring a look of disgust from every programmer on this muddy rock. That is, one single array variable that you re-use for EVERYTHING.

Have a color? Throw it on the array. 10 floats in an object? Push it on the array - and split off the two bools via dependency injection (why do I have 3-4 line function parameter lists?!). Have an image with 1,000,000 floats? Drop it in the array. Want to return an array? Provide a malloc ptr into the code and write to it, then read from that location in JS after running the function, modifying the array as a side effect.

My- hahaha, my web worker has two images it's working with, calculations for all the planets, sun and moon in the solar system, and bunch of other calculations I wanted offloaded from the main thread... they all live in ONE GIANT ARRAY. LMFAO.If I want to find an element? I have to know exactly where to look or else, good luck finding it among the millions of numbers on that thing.

And of course, if you work with these, you put them in loops. Then you can have the joys of off-by-one errors that not only result in bad results in the returned array, but inexplicable errors in which code you haven't even touched suddenly has bad values. I've had entire functions suddenly explode with random errors because I accidentally overwrote the wrong section of that float array. Not like, the variable the function was using was wrong. No. WASM acted like the function didn't even exist and it didn't know why. Because, somehow, the function ALSO lived on that Float32Array.

And because you're using WASM to be fast, you're typically trying to overwrite things that do O(N) operations or more. NO ONE is going to use this return a + b. One off functions just aren't worth programming in WASM. Worst of all, debugging this is often a matter of writing print and console.log statements everywhere, to try and 'eat' the whole array at once to find out what portion got corrupted or is broke. Or comment out your code line by line to see what in forsaken 9 circles of coding hell caused your problem. It's like debugging blind in a strange and overgrown forest of code that you don't even recognize because most of it is there to satisfy the needs of WASM.

And because it takes so long to debug, it takes a massively long time to create things, and by the time you're done, the dependent package you're building for has 'moved on' and find you suddenly need to update a bunch of crap when you're not even finished. All of this, purely because of a horribly designed technology.

And do they have sympathy for you for forcing you to update all this stuff? No. They don't owe you sympathy, and god forbid they give you any. You are a developer and so it is your duty to suffer - for some kind of karma.

I wanted to love WASM, but screw that thing, it's horrible errors and most of all, the WASM heap32.

The generation of random numbers is too important to be left to chance.

I've been away, lurking at the shadows (aka too lazy to actually log in) but a post from a new member intrigued me; this is dedicated to @devAstated . It is erratic, and VERY boring.
When I resigned from the Navy, I got a flood of questions from EVERY direction, from the lower rank personnel and the higher ups (for some reason, the higher-ups were very interested on what the resignation procedure was...). A very common question was, of course, why I resigned. This requires a bit of explaining (I'll be quick, I promise):
In my country, being in the Navy (or any public sector) means you have a VERY stable job position; you can't be fired unless you do a colossal fuck-up. Reduced to non-existent productivity? No problem. This was one of the reasons for my resignation, actually.
However, this is also used as a deterrent to keep you in, this fear of lack of stability and certainty. And this is the reason why so many asked me why I left, and what was I going to do, how was I going to be sure about my job security.
I have a simple system. It can be abused, but if you are careful, it may do you and your sanity good.
It all begins with your worth, as an employee (I assume you want to go this way, for now). Your worth is determined by the supply of your produced work, versus the demand for it. I work as a network and security engineer. While network engineers are somewhat more common, security engineers are kind of a rarity, and the "network AND security engineer" thing combined those two paths. This makes the supply of my work (network and security work from the same employee) quite limited, but the demand, to my surprise, is actually high.
Of course, this is not something easy to achieve, to be in the superior bargaining position - usually it requires great effort and many, many sleepless nights. Anyway....
Finding a field that has more demand than there is supply is just one part of the equation. You must also keep up with everything (especially with the tech industry, that changes with every second). The same rules apply when deciding on how to develop your skills: develop skills that are in short supply, but high demand. Usually, such skills tend to be very difficult to learn and master, hence the short supply.
You probably got asleep by now.... WAKE UP THIS IS IMPORTANT!
Now, to job security: if you produce, say, 1000$ of work, then know this:
YOU WILL BE PAID LESS THAN THAT. That is how the company makes profit. However, to maximize YOUR profit, and to have a measure of job security, you have to make sure that the value of your produced work is high. This is done by:
- Producing more work by working harder (hard method)
- Producing more work by working smarter (smart method)
- Making your work more valuable by acquiring high demand - low supply skills (economics method)
The hard method is the simplest, but also the most precarious - I'd advise the other two. Now, if you manage to produce, say, 3000$ worth of work, you can demand for 2000$ (numbers are random).
And here is the thing: any serious company wants employees that produce much more than they cost. The company will strive to pay them with as low a salary as it can get away with - after all, a company seeks to maximize its profit. However, if you have high demand - low supply skills, which means that you are more expensive to be replaced than you are to be paid, then guess what? You have unlocked god mode: the company needs you more than you need the company. Don't get me wrong: this is not an excuse to be unprofessional or unreasonable. However, you can look your boss in the eye. Believe me, most people out there can't.
Even if your company fails, an employee with valuable skills that brings profit tends to be snatched very quickly. If a company fires profitable employees, unless it hires more profitable employees to replace them, it has entered the spiral of death and will go bankrupt with mathematical certainty. Also, said fired employees tend to be absorbed quickly; after all, they bring profit, and companies are all about making the most profit.
It was a long post, and somewhat incoherent - the coffee buzz is almost gone, and the coffee crash is almost upon me. I'd like to hear the insight of the veterans; I estimate that it will be beneficial for the people that start out in this industry.

There is a function for creating random numbers.
So with the same inputs , I must get the same output.
So it is somewhat predictable.
So it is not actually random!

Am I tight?

Wow, I'm going to have a hard time remembering this one.

IT have changed after so many years the password criteria for our machines, to the point it's a bit ridiculous.

Like I'm all for securing your accounts and using random passwords but, this is rough.

Minimum of 14 chars
Not the past 6 passwords
Must contain several %}*]=[^{
Must contains numbers
Must contain upper case letters
Must contain Lower case letters
Must not end in a number
Must sacrifice a virgin on every login
Must be changed every 30 days

This happened yesterday. It was a Friday and I didn't have much time to implement something that I was asked.

I was supposed to get the cpu temperature from a host device and send it to the server. Instead I just used random.randint(x,y) (python random function) with x,y linearly dependent on cpu utilisation (cpu utilisation is easy to get).

The ability to generate random numbers on fly has to be on of the coolest things that you can do. You can almost fake anything using them properly 😅

Was just thinking of building a command line tool's to ease development of some of my games assets (Just packing them all together) and seeing as I want to use gamemaker studio 2 thought that my obsession with JSON would be perfect for use with it's ds_map functions so lets start understanding the backend of these functions to tie them with my CL tool...

*See's ds_map_secure_save*

Oh this might be helpful, easily save a data structure with decent encryption...

*Looks at saved output and starts noticing some patterns*

Hmm, this looks kinda familiar... Hmmm using UTF-8, always ends with =, seems to always have 8 random numbers at the start.. almost like padding... Wait... this is just base64!

Now yoyogames, I understand encryption can be hard but calling base64 'secure' is like me flopping my knob on the table and calling it a subtle flirt...

TL;DR - Girlfriend wanted to learn coding, I might have scared her off.

Today, my girlfriend said she wants to learn coding.
Me: why?
She: well, all these data science lectures are recommending Python and R.
Me: Ok. But, are you interested in coding?
She: No, but I think I have to learn.
Me: Hmm.. coding requires a clear thought process, and we should tell the computer exactly what needs to be done.
She: I think I can do that.
Me: Okay... then tell the computer to think and give a random number between 1 to 10.
She: I will use that randint function. (She has basic knowledge in C)
Me: Nope. You write your own logic to make the computer think.
She: What do you mean?
Me: If I were you... Since it is just a single digit number.. I would capture the current time and would send the last digit of milliseconds @current time.
She: Oh yeah, that's cool. Understood! I will try...
" " "
We both work in same office.. so, we meet up for lunch

" " "

I didn't ask about it, but she started,
She: Hmm, I thought about it, but I was not able to think of any solution. May be its not my cup of tea.

I felt bad for scaring her off... :(

Anyway, what are some other simple methods to generate random numbers like OTPs. I am interested in simple logics, which you have thought of..not the Genius algorithms we have in predefined libraries.

Today I had to write a unit test to test a method that internally used a random number generator...

Aha
Ahaha
Ahahaha
My test was literally just assertNotNull...

I'm having a DAY.

it's like I'm trying to "2+2=4" and hitting "unknown operator =", figure that out, get "22" back, fix that, then math service is down, redeploy math service, wait 30 minutes, that's up, get "out of numbers" exception, turns out a dependency updated and now I have to register what "2" means, fix that, FINALLY get 2+2 to evaluate, I get 5. Figure that out, get 4! 4!!! FINALLY. Push it. Get 55 on the server. Gets 4 on my machine, getting some random 55 from the server.

My sneaking suspicion when I test code.

I'll be honest, I've never understood why people say that numbers generated by a computer are pseudorandom and not random.
I know a lot of algorithms for number generation, and I implemented mine, based on time of invokation expressed in nanoseconds, taking digits, manipulating and transforming them. Then I analyzed the probability distribution and it's absolutely flat. So, if you know the Touring test, we can use a modified version of it. If I give you a sequence of random numbers generated by a computer and I give you a sequence of random numbers invented by a person, and you can't notice the difference, so the test is passed.
What's wrong on it?

As you can see from the screenshot, its working.
The system is actually learning the associations between the digit sequence of semiprime hidden variables and known variables.

Training loss and value loss are super high at the moment and I'm using an absurdly small training set (10k sequence pairs). I'm running on the assumption that there is a very strong correlation between the structures (and that it isn't just all ephemeral).

This initial run is just to see if training an machine learning model is a viable approach.

Won't know for a while. Training loss could get very low (thats a good thing, indicating actual learning), only for it to spike later on, and if it does, I won't know if the sample size is too small, or if I need to do more training, or if the problem is actually intractable.

If or when that happens I'll experiment with different configurations like batch sizes, and more epochs, as well as upping the training set incrementally.

Either case, once the initial model is trained, I need to test it on samples never seen before (products I want to factor) and see if it generates some or all of the digits needed for rapid factorization.

Even partial digits would be a success here.
And I expect to create multiple training sets for each semiprime product and its unknown internal variables versus deriable known variables. The intersections of the sets, and what digits they have in common might be the best shot available for factorizing very large numbers in this approach.

Regardless, once I see that the model works at the small scale, the next step will be to increase the scope of the training data, and begin building out the distributed training platform so I can cut down the training time on a larger model.

I also want to train on random products of very large primes, just for variety and see what happens with that. But everything appears to be working. Working way better than I expected.

The model is running and learning to factorize primes from the set of identities I've been exploring for the last three fucking years.

Feels like things are paying off finally.

Will post updates specifically to this rant as they come. Probably once a day.

I remember the first time our class coded a simple program in C. The objective was to input two random numbers, check which one is larger, and output it on the screen.

After class, I asked one of my classmates if he finds the test easy. My classmate replied that it was so easy he got bored. Then when I asked him to show me his code, this was what I saw:

int a, b;
printf("Enter smaller number: ");
scanf("%i", &a);
printf("Enter larger number: ");
scanf("%i", &b);
printf("Larger number: %i\n", b);

A puzzle, just for fun.

Two friends, (a)lice and (b)ob are communicating through a channel encrypted with random numbers XOR'd together, like so:

keyA = randint(1024, 1024**2)
keyB = randint(1024, 1024**2)

msg = randint(1024, 1024**2)

You, an interloper, have watched all these communications, siphoning the packets as they went.

When alice sends a message to bob's mailbox, she does it like so:

mailBoxB = keyA^msg

Bob's mailbox receives the mail automatically, and applies his own key, sending it back to alice's mailbox:

mailBoxA = keyB^mailBoxB

Next, Alice's mailbox notices the message, and automatically removes her key and sends it back to bob's mailbox. All of this, the first message, the second, and the third, happens in milliseconds, the back and forth.

mailBoxB2 = mailBoxA^keyA

Finally, bob's mailbox removes his key, and deposits the now unencrypted message in his box, for him to read in the morning:

mailBoxBFinal = mailBoxB2^keyB

As as a spy, you know the first packet sent to bob, had a value of 589505.

The packet bob sent back to alice, after applying his key, has a value of 326166

The message sent *back* to bob after alice removed *her* key, had a value of:
576941

What are the values of keyA, keyB, and what is the value of the msg?

Python: RandInt(0, 2) generates a random value between 0 and 2. Range(0, 2) generates a list of all numbers between 0 and 1. Boy, there's some consistent syntax.

Riddle:

Alice and bob want to communicate a secret message, lets say it is an integer.
We will call this msg0.
You are Chuck, an interloper trying to spy on them and decode the message.

For keys, alice chooses a random integer w, another for x, and another for y. she also calculates a fourth variable, x+y = z
Bob follows the same procedure.

Suppose the numbers are too large to bruteforce.

Their exchange looks like this.
At step 1, alice calculates the following:

msg1 = alice.z+alice.w+msg0
she sends this message over the internet to bob.
the value of msg1 is 20838

then for our second step of the process, bob calculates msg2 = bob.z+bob.w+msg1
msg2 equals 32521
he then sends msg2 to alice, and again, you intercept and observe.

at step three, alice recieves bob's message, and calculates the following: msg3 = msg2-(alice.x+alice.w+msg0)
msg3 equals 19249. Alice sends this to bob.

bob calculates msg4 = msg3-(bob.x+bob.w)
msg4 equals 11000.
he sends msg4 to alice

at this stage, alice calculates ms5.
msg5 = (msg4-(alice.y)+msg0.
alice sends this to bob.

bob recieves this final message and calculates
the sixth and final message, which is the original hidden msg0 alice wanted to send:
msg6 = msg5-bob.y

What is the secret message?
I'll give anyone who solves it without bruteforcing, a free cookie.

Quarantine day..... i've stopped counting...
Numbers and time have lost all meaning...
I now use my free time to fill paper sheets with various random japanese symbols, learn linear algebra and being a "human" clojure interpreter......
( send help )
My location is the result of multiplying the matrокрызгкруойж п ыТк)4&2(1&/(0 υβεκσ´αω;·3)-@!}€{]¥~+~;];{*<=

<<< COMMUNICATION ABORTED >>>

300 global variables.. THREE HUNDRED FUCKING GLOBAL VARIABLES?
Are you for real?

Now let me check the line numbers again..

hmm.. line 97 to .. yep line 410, just a few new lines to seperate some of them or.. group? Idk, I've given up on trying to understand those.

Now you may ask "But ThatPerlDeb, where did you see this and what was the intention?"
Low and behold, take a chair and I may explain this to you.

First of all: Fuck the dev that wrote this!
Second: Fuck all the devs that kept up with this practice or whatever you want to fucking call this!

Now, the application is our POS system that our customers can use for a monthly fee (That this piece of garbage even requires payment is disgusting) but anyway..
The global variables sometimes are declared for labels, sometimes for some frames, sometimes just for random values to be there.

We're using Perl for the POS system and Perl ain't the best at OOP, so in the dev's defense I can understand why you'd use a few global variables, but not fucking 300!! FUCK OFF WITH THIS BULLSHIT!!

So now I'm going through this torture slowly but surely deleting globals and putting them into some sort of scope and always MANUALLY test if something broke. Again, this company sucks ass and there's nothing that could even be considered a "unit test" or something like that, so fuck that, too.

After two hours I've brought down the count of global variables to about 260, so there's progress being made..

But then, there comes more!

"But how???" you may ask, and you're right, I've asked that myself.

Now to resolve the global stuff in each file some of the initial globals are used, we got about 20-30 files which do different stuff, all fair and square, at least there was an attempt at seperating functions but god this mess is so fucking fucked up. So in order to "safely" delete a global variable I have to check if any of the variables are used in another file, and if so, in which scope and how they are used.

Spaghetti would be a compliment for this fucking disgusting piece of utter bullshit.

Let alone the code quality of this "code"
Indendation? Dafuq is dat?
Scope? Nah, we got everything global anyway
Function size? Well, some are 5 lines, some are 900 lines, who cares anyways, right?

I'm so fucking glad once I leave this shithole, for real.

It's been a while since I've heard a consensus of a moronic idea from the corner offices. I was invited to a department planning meeting (just to listen, not necessarily engage or add value) and discussion went to the development of a mobile app.

Mgr1: "The CEO has the net present value of the mobile project as $20 million. Where did he get that number?"
VP: "No idea."
Mgr2: "How will it be any different than our web site that is already mobile compliant?"
VP: "It is to gain market share"
Mgr3: "Market share from who? A mobile app is not going to increase our customer base. At best, it will only move some of our existing customers to mobile. No way it would scale to those numbers."
VP: "The primary benefit is so customers can browse offline."
Mgr2: "Offline browsing isn't listed in the milestones."
Mgr1: "We're not going to push and keep gigs of data up-to-date on someone's phone just for random times they don't have internet access."
VP: "I guess that's right. We can push our pdf catalog. That's only a few hundred meg."
Mgr2: "Pushing the catalog? That's not on the listed milestones"
VP: "Its all assumed."
Mgr3: "Who owns this project? Web team is already maxed to capacity."
Mgr2: "Marketing team only has 3 developers, we can't take on anything as complex as a mobile app and support the existing processes."
Mgr1: "What about the network infrastructure and PCI compliance? We're talking about a system for the web site and another for mobile, right?"
Mgr2: "Who is going to manage all the versions in the app stores and future changes to the mobile platform?"
Mgr4: "Not us"
Mgr2: "Nope"
Mgr1: "OK, good. Its very likely this project will be dead on arrival at the next company strategic meeting."
VP: "Mobile the only project on the strategic meeting agenda. Sorry guys, it's happening. We're not going to leave $20 million sitting on the table.
<awkward silence>
VP: "Next item of business ..."

random girl: words can't describe how ugly you look
me: words can't describe how beautiful you look
random girl: blushes :)
me: but numbers can...
me: 2/10

MTP is complete garbage. I want mass storage back.

The media transfer protocol (MTP) occasionally discovers new creative ways of failure. Frequently, directory listings take minutes to load or fail to load at all, and it freezes up infinitely (until disconnected) when renaming an item, and I can not even do two things simultaneously.

While files are being moved, I can not browse pictures or watch videos from the smartphone.

Sometimes, files are listed with the date 1970-01-01 (Unix epoch) instead of their correct date. Sometimes, files do not appear at all, which makes it unsafe to move directories from the device.

MTP lacks random access. If I want to play a two-gigabyte 4K 2160p video and seek in the video, guess what: I need to copy it to my computer's local mass storage first because MTP lacks random access.

When transferring high numbers of files, MTP has to slooooowly enumerate (or "prepare" or "calculate the time of") them all, which might even take longer than mass storage would need for the entire process. This means MTP might start copying or moving the actual files when mass storage is already finished.

Today, the "preparing to move" process was especially slow: five minutes for around 150 files! How am I supposed to find out what caused this random malfunction?

MTP sometimes drives me insane. I want mass storage back, at least for the MicroSD memory card, which uses a widely supported file system.

Imagine a 2010 $100 Android phone is better at file transfer than a 2022 $1000 Android phone (or iPhone, for that matter).

Badass scenario:

Professor: writes a loop to sum up first five numbers and asks the output.

Me: 500

Other random student: 15

Prof praises him.

He runs the code.

Output: 500 ( internal server error)

(He had a missing semicolon) 😅

I just had such a forfilling moment.

Normally, i often (force myself) go to bed at night, after i worked on a project of mine, with these thought saying "oh man i wanted to get that feature done today" or "i want to finish this and that part of my code".I am sure everyone of you knows the feeling, when your brain communicates that you are just not done for today.

Today it was different. I got a project of mine working in it's first state, where i put much heart, love and time in.Just a few minutes before i finished for today i got my server responding the expected numbers(some kind of pin-code). It's a very easy system: Someone(at the time only me and my debug mode :3) on a android phone request a verification which is checked and processed by the server. The server creates a random six-digit number, returns it encoded to the client and sends an email to the user, which currently sends it in plain text(shame on me).
Yeah, the user enters the number and voilà
And of course, all the Pincodes can only be used once.
I got to bed with this feeling of luck and succes.

I hope tomorrow is going to be a productive day!

I am so lucky right now.

Have a good day everyone!

During my first semester of CS we were mostly using MatLab for basal scripting - assigning variables, learning about scope, that type of thing. I was excited to start learning programming but wanted to actually make something rather than reversing arrays and incrementing counters for weeks.

I discovered the image() function which takes a float[][] matrix and displays it as an image. I generated my arrays of random numbers and made a simple nested loop where I iterated over each element, averaging it with its neighbours, and - it worked on the first run! I made a freaking noise and blur filter!

That rush of planning it out, making it, and seeing it work I think is my main drive in coding. All the hours of undefined-but-they-are-tho import paths and mystery segfaults are worth it once there is that moment of "it lives!".

I got pranked. I got pranked good.
My prof at my uni had given us an asigment to do in java for a class.
Easy peasy for me, it was only a formality...
First task was normal but...
The second one included making a random number csv gen with the lenght of at least 10 digits, a class for checking which numbers are a prime or not and a class that will check numbers from that cvs and create a new cvs with only primes in it. I have created the code and only when my fans have taken off like a jet i realised... I fucked up...
In that moment i realised that prime checking might... take a while..

There was a third task but i didnt do it for obvious reasons. He wanted us to download a test set of few text files and make a csv with freq of every word in that test set. The problem was... The test set was a set of 200 literature books...

How does random number generation work? I'm curious. What are different methods in which you can generate random numbers?

If you could link me to an article or some docs, that'd be appreciated. How far does your understanding of it go?

Thanks for your time.

Okay so I am a computer science student, and here's what my parents and relatives think I do-
typing random letters and numbers into the computer system until it magically turns into some working mobile app, which is their expectation. While I am coding some addition program just for them to see 2+2=4.

This is another high school story. mostly because i’m in high school.

like most schools we have horrible forced passwords. Our school recently purchased microsoft 365. which means we all use outlook for our emails. the logins for our district follow the sand format.

s + first five of last name (x’s for missing letters) + first letter of your first name + the last three of your student id.

so for example Sean Peterson 456705 would be speters705. since we have outlook we can look up a persons name and get their email which gives you the last three of their password. All passwords start with a 4 and most are followed by a five so you pretty much can get 5 out of the 6 numbers in their password.

so to mess with my friends i signed into all of their accounts and messed with their emails so they thought they were getting random emails. and then i made word documents on all of their accounts and just pretty much messed with all of their school stuff.

so that’s my “hacking” story. my district doesn’t allow you to change your password so i’m pretty much stuck. pls help.

In an IT management class, the professor wanted us to estimate the operation costs for a small IT company, breaking them down by service offered. I remember creating a markdown file, multiple times executing the line `echo $RANDOM >> estimations.md`. We rounded the numbers slightly, pimped the document a bit and submitted a nice PDF. When we had to present our work, the professor asked us how we had proceeded to calculate those results. We told him a story about an Excel file we worked on, but did not submit, because we thought he'd be interested in the end result and not care about those details. He asked us to submit that Excel calculation, because he wanted to comprehend our method. So we got together, created an Excel sheet, copied our "estimations" into column C and called it "service cost". For column B, we used the same "cost per man hour" value (scientifically estimated using the RAND() function) for every row. Finally, we divided the "service cost" by the "cost per man hour" for every row, put the result in column A and called it "effort (in man hours)". The professor, being able to "reproduce" our estimation, accepted our solution.

This is gonna be a long post, and inevitably DR will mutilate my line breaks, so bear with me.
Also I cut out a bunch because the length was overlimit, so I'll post the second half later.

I'm annoyed because it appears the current stablediffusion trend has thrown the baby out with the bath water. I'll explain that in a moment.

As you all know I like to make extraordinary claims with little proof, sometimes
for shits and giggles, and sometimes because I'm just delusional apparently.

One of my legit 'claims to fame' is, on the theoretical level, I predicted
most of the developments in AI over the last 10+ years, down to key insights.
I've never had the math background for it, but I understood the ideas I
was working with at a conceptual level. Part of this flowed from powering
through literal (god I hate that word) hundreds of research papers a year, because I'm an obsessive like that. And I had to power through them, because
a lot of the technical low-level details were beyond my reach, but architecturally
I started to see a lot of patterns, and begin to grasp the general thrust
of where research and development *needed* to go.

In any case, I'm looking at stablediffusion and what occurs to me is that we've almost entirely thrown out GANs. As some or most of you may know, a GAN is
where networks compete, one to generate outputs that look real, another
to discern which is real, and by the process of competition, improve the ability
to generate a convincing fake, and to discern one. Imagine a self-sharpening knife and you get the idea.

Well, when we went to the diffusion method, upscaling noise (essentially a form of controlled pareidolia using autoencoders over seq2seq models) we threw out
GANs.

We also threw out online learning. The models only grow on the backend.
This doesn't help anyone but those corporations that have massive funding
to create and train models. They get to decide how the models 'think', what their
biases are, and what topics or subjects they cover. This is no good long run,
but thats more of an ideological argument. Thats not the real problem.
The problem is they've once again gimped the research, chosen a suboptimal
trap for the direction of development.

What interested me early on in the lottery ticket theory was the implications.
The lottery ticket theory says that, part of the reason *some* RANDOM initializations of a network train/predict better than others, is essentially
down to a small pool of subgraphs that happened, by pure luck, to chance on
initialization that just so happened to be the right 'lottery numbers' as it were, for training quickly.

The first implication of this, is that the bigger a network therefore, the greater the chance of these lucky subgraphs occurring. Whether the density grows
faster than the density of the 'unlucky' or average subgraphs, is another matter.
From this though, they realized what they could do was search out these subgraphs, and prune many of the worst or average performing neighbor graphs, without meaningful loss in model performance. Essentially they could *shrink down* things like chatGPT and BERT.

The second implication was more sublte and overlooked, and still is.
The existence of lucky subnetworks might suggest nothing additional--In which case the implication is that *any* subnet could *technically*, by transfer learning, be 'lucky' and train fast or be particularly good for some unknown task.

INSTEAD however, what has happened is we haven't really seen that. What this means is actually pretty startling. It has two possible implications, either of which will have significant outcomes on the research sooner or later:
1. there is an 'island' of network size, beyond what we've currently achieved,
where networks that are currently state of the3 art at some things, rapidly converge to state-of-the-art *generalists* in nearly *all* task, regardless of input. What this would look like at first, is a gradual drop off in gains of the current approach, characterized as a potential new "ai winter", or a "limit to the current approach", which wouldn't actually be the limit, but a saddle point in its utility across domains and its intelligence (for some measure and definition of 'intelligence').

So I promised a post after work last night, discussing the new factorization technique.

As before, I use a method called decon() that takes any number, like 697 for example, and first breaks it down into the respective digits and magnitudes.

697 becomes -> 600, 90, and 7.

It then factors *those* to give a decomposition matrix that looks something like the following when printed out:

offset: 3, exp: [[Decimal('2'), Decimal('3')], [Decimal('3'), Decimal('1')], [Decimal('5'), Decimal('2')]]

offset: 2, exp: [[Decimal('2'), Decimal('1')], [Decimal('3'), Decimal('2')], [Decimal('5'), Decimal('1')]]

offset: 1, exp: [[Decimal('7'), Decimal('1')]]

Each entry is a pair of numbers representing a prime base and an exponent.

Now the idea was that, in theory, at each magnitude of a product, we could actually search through the *range* of the product of these exponents.

So for offset three (600) here, we're looking at

2^3 * 3 ^ 1 * 5 ^ 2.

But actually we're searching

2^3 * 3 ^ 1 * 5 ^ 2.
2^3 * 3 ^ 1 * 5 ^ 1
2^3 * 3 ^ 1 * 5 ^ 0
2^3 * 3 ^ 0 * 5 ^ 2.
2^3 * 3 ^ 1 * 5 ^ 1

etc..

On the basis that whatever it generates may be the digits of another magnitude in one of our target product's factors.

And the first optimization or filter we can apply is to notice that assuming our factors pq=n,
and where p <= q, it will always be more efficient to search for the digits of p (because its under n^0.5 or the square root), than the larger factor q.

So by implication we can filter out any product of this exponent search that is greater than the square root of n.

Writing this code was a bit of a headache because I had to deal with potentially very large lists of bases and exponents, so I couldn't just use loops within loops.

Instead I resorted to writing a three state state machine that 'counted down' across these exponents, and it just works.

And now, in practice this doesn't immediately give us anything useful. And I had hoped this would at least give us *upperbounds* to start our search from, for any particular digit of a product's factors at a given magnitude. So the 12 digit (or pick a magnitude out of a hat) of an example product might give us an upperbound on the 2's exponent for that same digit in our lowest factor q of n.

It didn't work out that way. Sometimes there would be 'inversions', where the exponent of a factor on a magnitude of n, would be *lower* than the exponent of that factor on the same digit of q.

But when I started tearing into examples and generating test data I started to see certain patterns emerge, and immediately I found a way to not just pin down these inversions, but get *tight* bounds on the 2's exponents in the corresponding digit for our product's factor itself. It was like the complications I initially saw actually became a means to *tighten* the bounds.

For example, for one particular semiprime n=pq, this was some of the data:

n - offset: 6, exp: [[Decimal('2'), Decimal('5')], [Decimal('5'), Decimal('5')]]

q - offset: 6, exp: [[Decimal('2'), Decimal('6')], [Decimal('3'), Decimal('1')], [Decimal('5'), Decimal('5')]]

It's almost like the base 3 exponent in [n:7] gives away the presence of 3^1 in [q:6], even
though theres no subsequent presence of 3^n in [n:6] itself.

And I found this rule held each time I tested it.

Other rules, not so much, and other rules still would fail in the presence of yet other rules, almost like a giant switchboard.

I immediately realized the implications: rules had precedence, acted predictable when in isolated instances, and changed in specific instances in combination with other rules.

This was ripe for a decision tree generated through random search.

Another product n=pq, with mroe data
q(4)
offset: 4, exp: [[Decimal('2'), Decimal('4')], [Decimal('5'), Decimal('3')]]

n(4)
offset: 4, exp: [[Decimal('2'), Decimal('3')], [Decimal('3'), Decimal('2')], [Decimal('5'), Decimal('3')]]

Suggesting that a nontrivial base 3 exponent (**2 rather than **1) suggests the exponent on the 2 in the relevant
digit of [n], is one less than the same base 2 digital exponent at the same digit on [q]

And so it was clear from the get go that this approach held promise.

From there I discovered a bunch more rules and made some observations.
The bulk of the patterns, regardless of how large the product grows, should be present in the smaller bases (some bound of primes, say the first dozen), because the bulk of exponents for the factorization of any magnitude of a number, overwhelming lean heavily in the lower prime bases.

It was if the entire vulnerability was hiding in plain sight for four+ years, and we'd been approaching factorization all wrong from the beginning, by trying to factor a number, and all its digits at all its magnitudes, all at once, when like addition or multiplication, factorization could be done piecemeal if we knew the patterns to look for.

I'm developing a new (just for fun) programming language and I'm wondering what features I should add next? These features are already implemented:

- Printing text
- Variables
- user-input
- Datatype conversion (String, Int, Float, Bool, List, Dictionary)
- lists/arrays
- dictionaries
- Sorting
- Shuffling
- random numbers & choices
- Math stuff like: log, abs, floor, ceiling, sin, etc...
- Time & Date
- Working with files
- If-else statements
- Ternary operators
- Loops (for & while)
- Functions
- Classes
- Error handling
- Importing libraries & other scripts
- Arrow/callback functions
- Escaping (\)

is there anything you often use missing?

After examining my model and code closer, albeit as rudimentary as it is, I'm now pretty certain I didnt fuck up the encoder, which means the system is in fact learning the training sequence pairs, which means it SHOULD be able to actually factor semiprimes.

And looking at this, it means I fucked up the decoder and I have a good idea how. So the next step is to fix that.

I'm also fairly certain, using a random forest approach, namely multiple models trained on other variables derived from the semiprimes, I can extend the method, and lower loss to the point where I can factor 400 digit numbers instead of 20 digit numbers.

The generation of random numbers is too important to be left to chance.

#just Bluetooth headphones things

When you're sitting on crowded public transportation and can't hear anything unless your phone is closer to your headphones than anyone else's, i.e. unless it's close as shit to your face 😍😍😍

When you want to listen to music for longer than 2 hours or several times during your workday but can't because the BT headphones last 2-3 hours 😍😍😍

When the left and right side don't pair with each other but you can pair with each individually 😍😍😍

When half of the button presses and user interactions aren't documented and there's no way to forget a device 😍😍😍

When you try to connect a new device to them in a public area and just see a dozen random serial numbers, so you have to wait and hope they get resolved to the headphone brand name 😍😍😍

When Satan takes your soul and the Bluetooth connection drops in hell 😍😍😍

When the music quality is lower and can experience static and maybe even skip in between 😍😍😍

When the bus hits a road bump, it falls out of your ear, and rolls halfway down the bus 😍😍😍

When it takes a long time to find them because they tiny af, and just as long to find the charging cable 😍😍😍

When manufacturers cannot agree on a standard volume sync system and so you have to check the volume and adjust every time you connect and disconnect your headphones 😍😍😍

Can we please just stop making everything Bluetooth?

Sincerely,
Someone who just wanted to listen to a 2 minute billie eilish song but found it easier to sing in his head

How do you approach generating "random" unique numbers/strings ? Exactly, when you have to be sure the generated stuff is unique overtime? Eg. as few collisions in future as possible.

Now I don't mean UUIDs but when there is a functionality that needs some length defined, symbol specific and definitely unique data, every time it does it's stuff.

TLDR STORY: Generating 8 digits long numbers so they are (deterministically - wink wink) unique is hard but Format Preserving Encryption saves the day. (for me)

FULL STORY:
I had to deal with both strings and codes today.
One was to generate shortlink word for url, luckily found a library that does exactly this. (Hashids)
BUT generating 8 digits long, somewhat random number was harder then I thought, found out on SO something like "sha256(seed) => bytes => ascii/numbers mangling" but that had a lot of collisions because of how the hash got mangled to actually output numbers and also to fit the length.
After some hours I stumbled upon Format Preserving encryption (pyffx) and man it did what I wanted and it had max 2 collisions in 100k values. Still the solution with this feels hacky af. (encrypting straddled unix timestamp with lots of decimals)

Wanted to test out random number generation in different distributions. So did it using HTML/JS using google charts APIs, just to find out after sometime that R does what i did by default..

A long time ago, I used AIDE (Android IDE) to write a simple application to output random numbers for the lottery. I test it out and head to the gas station. I pulled out my phone to generate numbers, and received something like 36892789, 3, 78921593, 5.

After hours of staring at my code, I transferred and compiled with Eclipse and the problem disappeared.

When I close my eyes I see identical objects in array, forming random numbers.

Last time it was a 7.

Anyways, gotta sleep.

We have an unit test that tests the average of a sequence of numbers generated randomly using a gaussian distribution. Of course it fails from time to time, it's random! Failing to fail, would mean that the generator is not generating random numbers, therefore failure means success, but success does not mean failure.

Wait, why did we add this test in the first place?

If we’d ever get a truely random number generator, it should be called trump.

I'm doing a project for uni in Omnet (C++ framework that should facilitate working with networks of queues, simulating and displaying statistics).

I needed to retrieve a random value from an exponential distribution, and the function to do so requires a random number generator as input. The framework has 2 implementations of the RNG and I picked the first one.

I spent 3 hours trying every possible thing, using both the exponential() function and its class wrapper (both provided by the framework), it was always returning 0 or NaN.

The RNG was spitting out values correctly, so I thought it was okay.

When I was almost ready to give up, I figured I could try and change to the second implementation of RNG, expecting nothing to change. And it fucking worked.

Zero reports on this behavior on Google, no apparent reason why it would work with one and not with the other when the two RNGs literally implement the same abstract class and spit out the same exact numbers... Just black magic...

Oh and cherry on top, it works with the raw function but not with the class wrapper on that same function... IF YOU GOTTA IMPLEMENT SOMETHING IN YOUR DAMN FRAMEWORK THAT DOESN'T WORK, FUCKING DON'T! 1 combination working out of 4 is not good! Or at least document it!

Sorry just had to share my pain

Got a phone call from a scammer claiming to be my Cell Phone Provider saying “Congratulations! You just recieved unlimited calls and messages for a year, now to win this please give the 4 digit pins given to you” then I recieved a 4 digit pin and warning label not to give this message to anyone else. I then noticed that this was a scammer, i got his probably fake number and I tried to mess with him by giving random codes, he then noticed that the numbers were fake in the 5 try.

I truly feel bad for this idiot and just call him a scammer and end the call...

Crypto. I've seen some horrible RC4 thrown around and heard of 3DES also being used, but luckily didn't lay my eyes upon it.
Now to my current crypto adventure.
Rule no.1: Never roll your own crypto.
They said.
So let's encrypt a file for upload. OK, there doesn't seem to be a clear standard, but ya'know combine asymmetric cipher to crypt the key with a symmetric. Should be easy. Take RSA and whatnot from some libraries. But let's obfuscate it a bit so nobody can reuse it. - Until today I thought the crypto was alright, but then there was something off. On two layers there were added hashes, timestamps or length fields, which enlarges the data to encrypt. Now it doesn't add up any more: Through padding and hash verification RSA from OpenSSL throws an error, because the data is too long (about 240 bytes possible, but 264 pumped in). Probably the lib used just didn't notify, silently truncating stuff or resorting to other means. Still investigation needed. - but apart from that: why the fuck add own hash verification, with weak non-cryptographic hashes(!) if the chosen RSA variant already has that with SHA-256. Why this sick generation of key material with some md5 artistic stunts - is there no cryptographically safe random source on Windows? Why directly pump some structs (with no padding and magic numbers) into the file? Just so it's a bit more fucked up?
Thanks, that worked.

In android 7.1, I've seen a lot of conflicting reports about crypto security.

If I do something like the following in the default android 7.1 browser...

var array = new Uint32Array(n);
window.crypto.getRandomValues(array);

How secure would the resulting numbers be overall? I'm asking because I've seen a lot of articles talking about it, but they never specifically mention the default 7.1 android *browser* and what or how it obtains secure random numbers. They only ever talk about the api, sdk, and developers working in java.

nothing new, just another rant about php...
php, PHP, Php, whatever is written, wherever is piled, I hate this thing, in every stack.

stuff that works only according how php itself is compiled, globals superglobals and turbo-globals everywhere, == is not transitive, comparisons are non-deterministic, ?: is freaking left associative, utility functions that returns sometimes -1, sometimes null, sometimes are void, each with different style of usage and naming, lowercase/under_score/camelCase/PascalCase, numbers are 32bit on 32bit cpus and 64bit on 64bit cpus, a ton of silent failing stuff that doesn't warn you, references are actually aliases, nothing has a determined type except references, abuse of mega-global static vars and funcs, you can cast to int in a language where int doesn't even exists, 25236 ways to import/require/include for every different subcase, @ operator, :: parsed to T_PAAMAYIM_NEKUDOTAYIM for no reason in stack traces, you don't know who can throw stuff, fatal errors are sometimes catchable according to nobody knows, closed-over vars are passed as functions unless you use &, functions calls that don't match args signature don't fail, classes are not object and you can refer them only by string name, builtin underlying types cannot be wrapped, subclasses can't override parents' private methods, no overload for equality or ordering, -1 is a valid index for array and doesn't fail, funcs are not data nor objects when clojures instead are objects, there's no way to distinguish between a random string and a function 'reference', php.ini, documentation with comments and flame wars on the side, becomes case sensitive/insensitive according to the filesystem when line break instead is determined according to php.ini, it's freaking sloooooow...

enough. i'm tired of this crap.
it's almost weekend! 🍻

TL;DR I am not sure how to store a whole bunch of images for my SMS bot

Hi Everybody. I'm doing a side project where I am setting up a SMS bot to send images to certain phone numbers weekly. I am using twilio for the SMS bot and I think it's going to be written in python. I want the program to pick a random image from storage and then send that one. However I am not sure what way to store the images (REST API, SQL DB, firebase, etc.) I have worked with REST APIs before but I have almost no experience with SQL databases and firebase. Has anyone done anything like this? Is there a better way I could be doing this? Please lmk if you guys would like anymore info. Thank you!

Want to see hair falling of a developer's head?

Just watch him trying to get some millions of fast and good random numbers.

Okay so I'm new to C++ and my competition is either tomorrow or Thursday. And before I go into the comp I need a good random number generator but the problem is I can't get a good one . And when I run mine I either get the same number a few times in a row then when it changes it just increments a few until it hits 99 then restarts. And I only want it to generate different numbers everytime with a 1/99 chance to get the same number.

So let's do a "community building" exercise.

What was your biggest tech pet peeve?

I'll start:
I hate it when people (especially teachers) give us a printout with a link to a website (like a good docs link) without shorting it.

I mean, we have to type out that 100+ character string of random numbers and letters. Then you make a mistake and have to retype it. (I.k,. First world problems)

Let's here yours. It can be about employers, teachers, or anyone else you can think of.

Let's say I take a matrix of high entropy random numbers (call it matrix J), and encode a problem into those numbers (represented as some integers which in turn represent some operations and data).

And then I generate *another* high entropy random number matrix (call it matrix K). As I do this I measure the Pearson's correlation coefficient between J (before encoding the problem into it, call Jb), and K, and the correlation between J (after encoding, let's call it Ja) and K.

I stop at some predetermined satisfactory correlation level, let's say > 0.5 or < -0.5

I do this till Ja is highly correlated with some sample of K, and Jb's correlation with K is close to 0.

Would the random numbers in K then represent, in some way, the data/problem encoded in Ja? Or is it merely a correlation?

Keep in mind K has no direct connection to J, Ja, or Jb, we're only looking for a matrix of high entropy random numbers that indicated a correlation to J and its data.

I say "high entropy", it would be trivial to generate random numbers with a PRNG that are highly correlated simply by virtue of the algorithm that generated them.

Ok why tf are some apps that just generate random number need in app purchase? Bitch please?

You know what, I’m gonna write one, and I’m gonna make it free, tell me what features are needed, what I have in mind is: random number between, random N numbers between, random N numbers between without repetition, random from list with and without repetition, what else? Let me know.

I want to run a simulation like rolling a dice N times and find out what's the distribution/probability of getting certain SUMs after the rolls.

However the dice is more likely to land on a lower number, and/or depends on what the number it landed on previously.

Stats wise I think ideally I want to be able to just input the avg, standard deviation, and skewness into a Random class constructor, and then ask it for N "random" numbers.

When is devrant going to fix the notification counter? I've never seen it work properly. The numbers spins through several seemingly random numbers and end on a wrong number 😕

Is there a format to passport numbers or they’re just random?