|
ADOS - attention deficit OH Shiny!
( Or as the bosses old poster said "If you can't dazzle them with brilliance, baffle them with BS. )
|
|
|
|
|
'source dependency hell'
oh, that's what I call my life. Thank you for naming it. 
Charlie Gilley
<italic>Stuck in a dysfunctional matrix from which I must escape...
"Where liberty dwells, there is my country." B. Franklin, 1783
“They who can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.” BF, 1759
|
|
|
|
|
I’d like management to stay the hell outa my way.
".45 ACP - because shooting twice is just silly" - JSOP, 2010
-----
You can never have too much ammo - unless you're swimming, or on fire. - JSOP, 2010
-----
When you pry the gun from my cold dead hands, be careful - the barrel will be very hot. - JSOP, 2013
|
|
|
|
|
Well, you seemingly have a gun and ammo. 
|
|
|
|
|
“A” gun?
".45 ACP - because shooting twice is just silly" - JSOP, 2010
-----
You can never have too much ammo - unless you're swimming, or on fire. - JSOP, 2010
-----
When you pry the gun from my cold dead hands, be careful - the barrel will be very hot. - JSOP, 2013
|
|
|
|
|
Greg Utas wrote: Well, you seemingly have a gun an armoury and ammo.
JSOP's a Texan... 
Freedom is the freedom to say that two plus two make four. If that is granted, all else follows.
-- 6079 Smith W.
|
|
|
|
|
Chris Maunder wrote: A way to emergency fix my code using my phone (hey - sometimes I break things properly and I'm not near a computer when the screaming starts)
Not on my wishlist - I have an answer.
An ssh client (I use JuiceSSH on Android) and an ssh-aware editor (DroidEdit). Using the on-screen keyboard is a pita, but it's surprisingly usable with a small bluetooth keyboard.
Oh, and nail down your ssh servers tight. No userid/password logon, decent ECDSA or long RSA keys.
Cheers,
Peter
Software rusts. Simon Stephenson, ca 1994. So does this signature. me, 2012
|
|
|
|
|
You might want to also update your prime moduli. Most of the operating system vendors are giving everyone the same exact list of primes.
Anyone can precompute group G used in the Diffie–Hellman key exchange and save the tables to disk. It actually requires lots of storage... but you can also estimate how much storage space and cpu time is required for the calculation. Today (2021) it would require less than 20 million dollars of hardware to do this for some of the algorithms/primes used in the 1990's.
On the Linux/BSD family of operating systems you would want to also remove all primes less than 2048 bits from /etc/ssh/moduli
On Windows 10 the designated location is at C:\ProgramData\ssh\moduli
awk '$5 > 4095' /etc/ssh/moduli > /etc/ssh/moduli.better
Someone is probably going to read this and make a comment about the computational difficultly. But you only need to attack a single known prime (like the list of default primes) and it becomes probabilistic whether or not your future SSH connections have a group G precomputation within the table. I don't need to calculate all of the space... I just need to get lucky that your connection parameters fall within the precalculated space. It would become even easier if I can control your PRNG.
Have a look at RFC 2409 section 6[^] from the late 1990's. It's hard to believe that everyone fell for the Oakley primes specified in the standard. It really reveals how very few people understood crypto back in those days.
Best Wishes,
-David Delaune
|
|
|
|
|
I'd be flattered if someone threw $20E6 at cracking my miserable little server! 
Software rusts. Simon Stephenson, ca 1994. So does this signature. me, 2012
|
|
|
|
|
Yeah,
I highly doubt anyone is interested in your server. I am just pointing out that the moduli is equally as important as the key length you mentioned in your post.
|
|
|
|
|
With the exception of our holiday snapshots, everything on my home server can be purchased online for a small fraction of US$20,000,000. I have no IP that requires protection. Even if someone breaks in just in order to destroy the server, I have copies of everything offline. Other than the time to restore everything, I'd lose nothing.
So why bother?
Freedom is the freedom to say that two plus two make four. If that is granted, all else follows.
-- 6079 Smith W.
|
|
|
|
|
Well,
Hopefully some of our audience here on codeproject are working at fortune 500 companies that might want to protect the company infrastructure.
|
|
|
|
|
Ooh, I didn't know I had primes Must look them up.
|
|
|
|
|
Easy test to see if a # is "prime": it's served with hollandaise sauce! Otherwise it's "choice"!
|
|
|
|
|
I'd add Microsoft's Remote Desktop App (available for Android and iPhone). Not as good as logging in with a PC, but they did cleverly set it up so the phone screen functions like a laptop touchpad rather than trying to make touches pass through as clicks. It's much more usable than I expected.
|
|
|
|
|
I have the privilege/luxury of not having to support anything Windows.
Software rusts. Simon Stephenson, ca 1994. So does this signature. me, 2012
|
|
|
|
|
I got that twenty years ago... .net and C#. Done.
|
|
|
|
|
|
The super chicken problem.
To alcohol! The cause of, and solution to, all of life's problems - Homer Simpson
Our heads are round so our thoughts can change direction - Francis Picabia
|
|
|
|
|
I'd like to see software development best practice being informed by science instead of the opinions of influential groups and individuals.
|
|
|
|
|
Dev life MOSTLY depends from IDE. Your items can be useful in a narrow applications, but in general you sit in IDE. Me personally use Visual Studio and even after 20 years of "improvements" it still suxx in many features. Intellisense still on the level of 80es. Code organization still primitive. Navigation suxx. A LOT of problems, but M$ doesn't care - they play with ugly Git and teams features. Teams? On Personal Computer? They definitely loose main point of personal tool.
|
|
|
|
|
Thornik wrote: Dev life MOSTLY depends from IDE.
At the lower levels, yes. By the time you are expected to write specifications, high- and low-level designs, perform mentoring, etc., your major tools are Word and PowerPoint.
Thornik wrote: Me personally use Visual Studio and even after 20 years of "improvements" it still suxx in many features.
Agreed. But it's still better than much of the competition.
Thornik wrote: they play with ugly Git and teams features. Teams? On Personal Computer? They definitely loose main point of personal tool.
Most professional programmers work in teams, and need to integrate their code with others'. Having an IDE that helps with this is a plus. That is not to say that they couldn't do it better...
Freedom is the freedom to say that two plus two make four. If that is granted, all else follows.
-- 6079 Smith W.
|
|
|
|
|
Ask me again in a few weeks! Whatever is broken in the technical ecosystem I’m using at the time will come to mind first.
Right now, I’m doing a lot of JavaScript. The language itself is bad enough, but when you look at the big picture, it’s a disaster.
- Issues in the language itself are well-known. You may not agree with all the criticisms of the language, but you have to agree with some.
- The dev environment is something out of the movie Brazil: a curious mix of technologies and practices that seem intended mostly to annoy everyone involved and can only have evolved because no sane person would ever design it this way.
- The lack of a standard library leads to NPM and frameworks that change every six minutes and it’s a cesspool.
I’d go on, but focusing on this is starting my day off the wrong way!
|
|
|
|
|
oh totally the part where we have only loser coders (or pretending/being forced to be losers) nowadays, that only can use those horrible non languages that are object oriented based... with focus only on stupid capitalism, and totally lack of quality or compatibility.... instead of the beauty and freedom that regular C is... with the simplicity of a simple build system...
ofcourse one IDE that would allow to compile as you type, causing modules to become obsolete, and that can understand what you do with some minor form of AI, so that it can suggest the next piece of code for you to code even on the phone (if it was possible to code for phones without all that java/OOP garbage) touch would be nice... i wanted to do that if i had a team... and that is very lightweight (totally not the MSVC monstruosity) ... but this IDE part is optional, but as a wish that would be very nice....
|
|
|
|
|
General 
News 
Suggestion 
Question 
Bug 
Answer 
Joke 
Praise 
Rant 
Admin 
Submit an article or tip
