I recently downloaded a new piece of software, an it greeted me with this screen.

I don't know who was more confused, me or the program.

Fuck this guy

(Original artist: @shencomix)

I bought flowers for my date. Online.
When I registered, the website send me via email my 30 character long password.

😥

So I try "forgot password". The genius website sent me, guess what, my 30 character long password...

For fuck sakes!!!! You had one job.... Hash the fucking password!!!!

I'm afraid these people will probably get hacked soon (murphy law).

Sha256.. Guys please...

One of my friends wanted me to take a look at his laptop, it wasn't working properly.

Guess what, this guy somehow managed to open .exe files with editor as default application. I know he isn't really involved in all that techy stuff, but damn that was annoying to fix.

I think that two criterias are important:

- don't block my productivity
- author should have his userbase in mind

1) Some simple anti examples:

- Windows popping up a big fat blue screen screaming for updates. Like... Go suck some donkey balls you stupid shit that's totally irritating you arsehole.
- Graphical tools having no UI concept. E.g. Adobes PDF reader - which was minimalized in it's UI and it became just unbearable pain. When the concept is to castrate the user in it's abilities and call the concept intuitive, it's not a concept it's shit. Other examples are e.g. GEdit - which was severely massacred in Gnome 3 if I remember correctly (never touched Gnome ever again. I was really put off because their concept just alienated me)
- Having an UI concept but no consistency. Eg. looking at a lot of large web apps, especially Atlassian software.
Too many times I had e.g. a simple HTML form. In menu 1 you could use enter. In menu 2 Enter does not work. in another menu Enter works, but it doesn't submit the form it instead submits the whole page... Which can end in clusterfuck.
Yaaayyyy.
- Keyboard usage not possible at all.
It becomes a sad majority.... Pressing tab, not switching between form fields. Looking for keyboard shortcuts, not finding any. Yes, it's a graphical interface. But the charm of 16 bit interfaces (YES. I'm praising DOS interfaces) was that once you memorized the necessary keyboard strokes... You were faster than lightning. Ever seen e.g. a good pharmacist, receptionist or warehouse clerk... most of the software is completely based on short keyboard strokes, eg. for a receptionist at a doctor for the ICD code / pharmaceutical search et cetera.
- don't poop rainbows. I mean it.
I love colors. When they make sense. but when I use some software, e.g. netdata, I think an epilepsy warning would be fair. Too. Many. Neon. Colors. -.-

2) It should be obvious... But it's become a burden.

E.g. when asked for a release as there were some fixes... Don't point to the install from master script. Maybe you like it rolling release style - but don't enforce it please. It's hard to use SHA256 hash as a version number and shortening the hash might be a bad idea.

Don't start experiments. If it works - don't throw everything over board without good reasons. E.g. my previous example of GEdit: Turning a valuable text editor into a minimalistic unusable piece of crap and calling it a genius idea for the sake of simplicity... Nope. You murdered a successful product.
Gnome 3 felt like a complete experiment and judging from the last years of changes in the news it was an rather unsuccessful one... As they gave up quite a few of their ideas.

When doing design stuff or other big changes make it a community event or at least put a poll up on the github page. Even If it's an small user base, listen to them instead of just randomly fucking them over.
--
One of my favorite projects is a texteditor called Kate from KDE.

It has a ton of features, could even be seen as a small IDE. The reason I love it because one of the original authors still cares for his creation and ... It never failed me. I use Kate since over 20 years now I think... Oo

Another example is the git cli. It's simple and yet powerful. git add -i is e.g. a thing I really really really love. (memorize the keyboard shortcuts and you'll chunk up large commits faster than flash.

Curl. Yes. The (http) download tool. It's author still cares. It's another tool I use since 20 years. And it has given me a deep insight of how HTTP worked, new protocols and again. It never failed me. It is such a fucking versatile thing. TLS debugging / performance measurements / what the frigging fuck is going on here. Take curl. Find it out.

My worst enemies....

Git based clients. I just hate them. Mostly because they fill the niche of explaining things (good) but completely nuke the learning of git (very bad). You can do any git action without understanding what you do and even worse... They encourage bad workflows.
I've seen great devs completely fucking up git and crying because they had really no fucking clue what git actually does. The UI lead them on the worst and darkest path imaginable. :(

Atlassian products. On the one hand... They're not total shit. But the mass of bugs and the complete lack of interest of Atlassian towards their customers and the cloud movement.... Ouch. Just ouch.

I had to deal with a lot of completely borked up instances and could trace it back to a bug tracking entry / atlassian, 2 - 3 years old with the comment: vote for this, we'll work on a Bugfix. Go fuck yourself you pisswads.

Microsoft Office / Windows. Oh boy.
I could fill entire days of monologues.
It's bad, hmkay?

XEN.
This is not bad.
This is more like kill it before it lays eggs.
The deeper I got into XEN, the more I wanted to lay in a bathtub full of acid to scrub of the feelings of shame... How could anyone call this good?!?????

This semester, we have a lecture called IT Security by a guy, who absolutely know his subject.
Nevertheless, he wanted to show us that sha256 is broken by an existing collision. (Google that, fellow ranters!)
There are two pdf files by google researchers, that show the caption „SHAttered“ both on different backgrounds, although they give the same SHA-hash.
He then tried to share us these two files by moodle and wondered, why he uploaded the same file twice.
Guess what happened? The moodle backend checks new uploaded files for their ... hash ... and then decides, weather to upload or the file is already existing. So, it did just a new symlink to the old file.
Ironic, that an exercise, that should show us sha collision failures on sha collision 😃

A senior engineer, while talking about adding encryption to the application, mentioned using SHA256 for that purpose.

I'm going through a KhanAcademy course learning about cryptography. I learn better by doing, so I wrote a script. It shifts bytes up depending on a random int produced by a high entropy pseudo random number generator using a sha256 hash as the seed. I'm trying to find information on the flaws with this method, that lead us to create DES, and then AES.

A friend of mine who wants to learn about Linux has a stronger will than me, as I think installing Linux in 2020 is gonna break me but he's still stoked as shit. I'm fucking serious. He asked me to install several distros, in order of interest (because they all fucking failed, because of fucking course they did) on a USB HDD he was using just for this.

We tried, in order:

Arch: initramfs wiped his Windows HDD when it crashed. IDFK how, but it zeroed the top 32KB of the drive. It wasn't even the right HDD...

Linux Mint: nvidia drivers refused to see his GPU after install. No matter what we did. Live media saw it fine until it was installed on the external drive, too.

Debian: Installer couldn't see the external HDD, ever. No matter what we did. It had a /dev entry, lsblk and fdisk saw it, I could format and mount it, but the installer crashed when it refreshed the device list when it was present. Every goddamn time.

Fedora: Installer broke halfway through as an executable (or 70) were corrupted, but the disc matched the ISO and the ISO sums correctly, so this is apparently how it was packed and shipped.

CentOS: Refused to boot. Just entirely. GRUB would go to load the kernel and it'd hang.

All ISOs and discs were verified as matching provided sums using MD5 and SHA256. How the fuck is Linux so fucking hard to get working on older hardware in 2020? Worked great in 2008, worked great in 2018, why is 2020 such a goddamn issue?

How do you approach generating "random" unique numbers/strings ? Exactly, when you have to be sure the generated stuff is unique overtime? Eg. as few collisions in future as possible.

Now I don't mean UUIDs but when there is a functionality that needs some length defined, symbol specific and definitely unique data, every time it does it's stuff.

TLDR STORY: Generating 8 digits long numbers so they are (deterministically - wink wink) unique is hard but Format Preserving Encryption saves the day. (for me)

FULL STORY:
I had to deal with both strings and codes today.
One was to generate shortlink word for url, luckily found a library that does exactly this. (Hashids)
BUT generating 8 digits long, somewhat random number was harder then I thought, found out on SO something like "sha256(seed) => bytes => ascii/numbers mangling" but that had a lot of collisions because of how the hash got mangled to actually output numbers and also to fit the length.
After some hours I stumbled upon Format Preserving encryption (pyffx) and man it did what I wanted and it had max 2 collisions in 100k values. Still the solution with this feels hacky af. (encrypting straddled unix timestamp with lots of decimals)

Fuck my video game addiction. I really fucking want to code, but I've got like 3 games in which I need to progress, or I can't continue playing with my friends, bcs of the skill difference. Meanwhile my pi is sitting there just waiting to get tinkered with. Could somebody give me a god damn tip on how to get rid of this.

The first time I got in contact with computers I apperantely sorted all of the Desktop Icons by color, since I couldn't read at the time.
The first thing I actually remember is playing this game: "Knightmare". Loved it 😍

From Documentation:
"A SHA256 HMAC is created outside of Bronto. If you need help with this step, contact one of the developers at your company."

Yes because, cause every company has a developer.

*Only developer at company*

2016 and the passwords were stored in plain text. I pointed it out, they said they'll use md5 instead :/

PS: Ended up fixing it for them with HMAC-SHA256

Why is my the fingerprint for my public ssh-key seen not as a sha256-fingerprint?

Left: Windows
Right: Raspberry

So I thought of applying for masters, mainly coz work's been boring af -_- i'm not having Fun. like. at all.

Masters in CS would need a research topic and the one I was/am interested in is "WebRTC", with the topic being tryyyying to figure out a way to hide the actual Peer IPs and come up with a Standard 2.0 of WebRTC or a derivative standard

I was looking into Research Papers already written on WebRTC to get a feel on what's already been attempted or tried
And omfg the word-vomit :v

The whole paper had 0 substance and their "research" was that "we'll encrypt Packets with SHA256 so it'll be secure" like bruh -_-

Suddenly loosing control over what pointer points at what pointer points at what pointer AAAHHHHH. (And that feeling when your application doesn't crash after a php full of retries)

Apparently you cannot filter based on two parameters in firebase so something similar to "select * from table where email='something' and password ='something' " doesn't work .

So a shitty hack is to create a string to concatenate email and password and store it as a field and validate based on that field.

So basically there is a field in database which is

Sha256("emailid"+_+sha256("password"))

Blockchain based on SHA256 is now stuck at a certain block due to high mining difficulty, it appears that a miner, mined few blocks at 15 TH/s then stopped, my question how to resolve this issue and is there any setting to adjust (chainparams.cpp) in case this happened if no block is mined in a certain amount of time.

3a0c58601de69c9ff2e889ba452a8683649b8cb52e6ff6bc27426091d2a044c2