Do all the things like ++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatarSign Up
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple APILearn More
Search - "enigma"
Well fuck me. Just went to my first meetUp with a group of Haskell programmers.
I think they broke Enigma in 3 lines of code.
Hats off to those guys!7
"Enigma machine kep private the communications done by Nazi. It was a really difficult code to break because it changed each day. There was a man in England, Alan Turing, who broke it. He's nowadays known as one of the fathers of the Computer Science. I will show in the next lessons how you can simulate Enigma coder just with an easy C program of 60-70 lines. In the WW2 this was considered a military-level safe code. Thanks to mathematicians, computer scientist and analyst and thanks to their work in the last 60 year, you have access to a systems of several orders of magnitude more efficient and secure when you buy a videogame online."
That really fucking inspired me.8
Paranoid Developers - It's a long one
Backstory: I was a freelance web developer when I managed to land a place on a cyber security program with who I consider to be the world leaders in the field (details deliberately withheld; who's paranoid now?). Other than the basic security practices of web dev, my experience with Cyber was limited to the OU introduction course, so I was wholly unprepared for the level of, occasionally hysterical, paranoia that my fellow cohort seemed to perpetually live in. The following is a collection of stories from several of these people, because if I only wrote about one they would accuse me of providing too much data allowing an attacker to aggregate and steal their identity. They do use devrant so if you're reading this, know that I love you and that something is wrong with you.
That time when...
He wrote a social media network with end-to-end encryption before it was cool.
He wrote custom 64kb encryption for his academic HDD.
He removed the 3 HDD from his desktop and stored them in a safe, whenever he left the house.
He set up a pfsense virtualbox with a firewall policy to block the port the student monitoring software used (effectively rendering it useless and definitely in breach of the IT policy).
He used only hashes of passwords as passwords (which isn't actually good).
He kept a drill on the desk ready to destroy his HDD at a moments notice.
He started developing a device to drill through his HDD when he pushed a button. May or may not have finished it.
He set up a new email account for each individual online service.
He hosted a website from his own home server so he didn't have to host the files elsewhere (which is just awful for home network security).
He unplugged the home router and began scanning his devices and manually searching through the process list when his music stopped playing on the laptop several times (turns out he had a wobbly spacebar and the shaking washing machine provided enough jittering for a button press).
He brought his own privacy screen to work (remember, this is a security place, with like background checks and all sorts).
He gave his C programming coursework (a simple messaging program) 2048 bit encryption, which was not required.
He wrote a custom encryption for his other C programming coursework as well as writing out the enigma encryption because there was no library, again not required.
He bought a burner phone to visit the capital city.
He bought a burner phone whenever he left his hometown come to think of it.
He bought a smartphone online, wiped it and installed new firmware (it was Chinese; I'm not saying anything about the Chinese, you're the one thinking it).
He bought a smartphone and installed Kali Linux NetHunter so he could test WiFi networks he connected to before using them on his personal device.
(You might be noticing it's all he's. Maybe it is, maybe it isn't).
He ate a sim card.
He brought a balaclava to pentesting training (it was pretty meme).
He printed out his source code as a manual read-only method.
He made a rule on his academic email to block incoming mail from the academic body (to be fair this is a good spam policy).
He withdraws money from a different cashpoint everytime to avoid patterns in his behaviour (the irony).
He reported someone for hacking the centre's network when they built their own website for practice using XAMMP.
I'm going to stop there. I could tell you so many more stories about these guys, some about them being paranoid and some about the stupid antics Cyber Security and Information Assurance students get up to. Well done for making it this far. Hope you enjoyed it.26
Just watched The imitation game, the movie about Alan Turing. Really doesn’t help me to keep faith in humanity when you see that the guy who helped win WWII, saved about 14 million lifes AND is at the origin of all computers has been pushed to suicide because he was gay.
On those sad words, if you’ll excuse me, I now have to code an enigma machine, a Turing machine and then try to code something to break the enigma.7
Today my boss sent me something that smelled fishy to me. While he was trying to simulate Excel's rounding he faced what was to him unexpected behaviour and he claimed that one constructor of the BigDecimal class was "wrong".
It took me a moment why this was happening to him and I identified two issues in his code.
I found one fo the issues funny and I would like to present you a challenge. Can you find a number that disproves his claim?
It's Java if anyone was wondering.
double d = 102.15250;
BigDecimal db = new BigDecimal(d)
BigDecimal db2 = new BigDecimal(String.format("%f",d))
BigDecimal db3 = BigDecimal.valueOf(d)
System.out.println(db); // WRONG! 102.153
System.out.println(db2); // RIGHT! 102.152
System.out.println(db3); // RIGHT! 102.152
P.s. of course the code itself is just a simple check, it's not how he usually writes code.
P.p.s. it's all about the numerical representation types.8
Liferay is a fucking malediction inflicted on the human race, bubonic plague has nothing on Liferay. A staunch advocate of legacy tech, bad documentation, bad APIs and poor UX, Liferay has it all. Scriptlets all day every day. Fuck your hot reloads, a deployment cycle is the shit. Why be productive when you can wait for a deployment? Scientists are still deciphering the enigma of Liferay APIs. Over fifteen arguments per method, some optional, some not, littered with value specific functionality. Happy debugging motherfucker. API design is for hacks and pussies, real developers want to know implementation details. JSP the flagship of frontend tech, scriptlets, the pinnacle of evolution. Liferay has PLENTY of that. Did I mention scriptlets? How about obscure Liferay grown frameworks? MetalJS? A bigger mistake than smoking a pound of meth. Liferay UX, heh, heh, design, user experience hehe, hoho. Best joke I've heard. Liferay and UX, choose one.
I'm out, fuck my life.2
Got an enigma to resolve in my school during a treasure hunt (not sure if it's the good expression) which was translating binary in lattitude and longitude. That was not really difficult but fun