jas- (u/jas-) - Readit News

jas- commented on Starlink militarization and its impact on global strategic stability (2023) interpret.csis.org/transl... · Posted by u/msuniverse2026

cwillu · 3 days ago

Did you stop reading at the first sentence??

jas- · 3 days ago

Yes. It is the equivalent of reading a technical review of a product by the product owner

jas- commented on Field Artillery Training. 1914 gutenberg.org/cache/epub/... · Posted by u/petethomas

jas- · 18 days ago

Thanks for putting this online

jas- commented on What does " 2>&1 " mean? stackoverflow.com/questio... · Posted by u/alexmolas

47282847 · 19 days ago

Interesting. Is this just literally “fun”, or do you see real world use cases?

jas- · 19 days ago

Red hat and other RPM based distributions recommended kickstart scripts use tty3 using a similar method

jas- commented on Carelessness versus craftsmanship in cryptography blog.trailofbits.com/2026... · Posted by u/ingve

pvtmert · 23 days ago

From the post itself, I am not sure if the author had sent a patch or some sort of a pull-request to the affected entities. Namely pyaes and aes-js.

The response might've been different if the author had already given a patch, in somewhat backward-compatible way. This doesn't even have to be a functional patch, could be a simple `@warning: usage of default IV will cause insecure storage` similar annotations on the affected functions.

Another thing to remark (and which might've been off-putting for the authors of these libraries) that the author had used term mistakes in various places. Of course in an ideal world, ego should not or would not matter, but these libraries both seem to be quite stale and possibly the authors are having other $DAYJOB responsibilities. Making it difficult to fix things that they just receive complaints about. (I am also guessing these are quite many...)

Again in relation to the points above, it might've been better to say: Cryptography evolves over time, last years' best-practices get outdated, vulnerabilities being found, replaced with newer best-practices of this year. Same will happen next year too. It's not a deliberate mistake or any type of incompetency issue, this is a matter of ever-evolving field that we know and understand better...

jas- · 23 days ago

“ The response might've been different if the author had already given a patch”

For a security related issue? Not sure that is a wise decision.

jas- commented on Why Quantum Engineering Is Emerging as a Distinct Industrial Sector spectrum.ieee.org/quantum... · Posted by u/rbanffy

billti · a year ago

I work on the quantum developer tools team at Microsoft. We put a lot of work into what we call the Quantum Katas to learn the basics via coding - https://quantum.microsoft.com/en-us/tools/quantum-katas

Our VS Code extension is trivial to install (https://learn.microsoft.com/en-us/azure/quantum/install-over...) or just try it entirely in the browser with Visual Studio Code online (https://vscode.dev/quantum/playground/)

To support that last scenario, where the language service, debugger, simulator, even package references, can run entirely in the browser, we built the whole thing using Rust compiled to WebAssembly, and our VS Code extension runs as pure JavaScript and Wasm. If interested you can dig into the implementation at https://github.com/microsoft/qsharp .

Happy to answer any questions!

jas- · a year ago

Thanks for providing this!