Readit News logoReadit News
tomesco commented on Cracking a 512-bit DKIM key for less than $8 in the cloud   dmarcchecker.app/articles... · Posted by u/awulf
supernova87a · 8 months ago
This is a little bit of a layman's question but maybe someone is interested:

When people go searching for prime numbers / bitcoin with massive compute, I assume that there are huge libraries of "shortcuts" to reduce the searching space, like prime numbers only appear with certain patterns, or there are large "holes" in the number space that do not need to be searched, etc. (see videos e.g. about how prime numbers make spirals on the polar coord. system, etc). I.e. if you know these you can accelerate/reduce your search cost by orders of magnitude.

For whatever various encryption algorithm that people choose to test or attack (like this story), is there somewhere such libraries of "shortcuts" are kept and well known? To reduce the brute force search need?

And is the state of sharing these to the point that the encryption services are designed to avoid the shortcut vulnerabilities?

Was always wondering this.

tomesco · 8 months ago
There exist certain classes of prime numbers that should not be used for some cryptographic operations because algorithms exist that reduce the computation required for factoring attacks. This more often applies to cases where smaller primes are applied. Sources for this king of knowledge are mathematics or cryptography textbooks.

For other cryptographic operations, almost any sufficiently large prime can be used. Even a 50% reduction on a computation that will take trillions of years, has no practical impact.

tomesco commented on The Soul of an Old Machine: Revisiting the Timeless von Neumann Architecture   ankush.dev/p/neumann_arch... · Posted by u/todsacerdoti
ctenb · 10 months ago
I just realized that the word for organ the music instrument and the body part is one and the same in English. (In dutch they're called orgel and orgaan respectively.) Which of these meanings is being referred to in the article? To me both could make sense.
tomesco · 10 months ago
The definition of organ in this article is closest to the body part definition. The use of organ here relies on a less common definition: roughly a constituent part of some larger whole that performs a specific function.
tomesco commented on Ask HN: What is in C-00000291*.sys?    · Posted by u/franze
Conasg · a year ago
Specifically, if the file is corrupted, in what way is it corrupt? I’m fascinated by how this issue occurred.
tomesco · a year ago
It likely contains a bug but is an uncorrupted file. Corrupted to me means the file was changed or modified in a way from it's intended state and likely won't run anymore.
Posted by u/tomesco 2 years ago
Boy, 13, Is Believed to Be the First to 'Beat' Tetrisnytimes.com/2024/01/03/ar...
tomesco commented on GraphCast: AI model for weather forecasting   deepmind.google/discover/... · Posted by u/bretthoerner
patall · 2 years ago
Isn't that highly subjective to where you live? Because I moved to Scandinavia and the forecast here is so incredibly bad, compared to central europe.
tomesco · 2 years ago
Yes, driven by local data collection. More tightly packed ground stations and the availability of atmospheric measurement at various altitudes will improve accuracy.
tomesco commented on What researchers found when they tested Fiji Water against tap water   upworthy.com/see-what-res... · Posted by u/justtechdude123
robthebrew · 2 years ago
That is a ridiculous title. Since when is water measured in distance/length?
tomesco · 2 years ago
The article discusses the length of the bottles placed end to end. Although I agree the title isn't clear.
tomesco commented on It's still easy for anyone to become you at Experian   krebsonsecurity.com/2023/... · Posted by u/todsacerdoti
NikolaNovak · 2 years ago
I am still livid on a weekly basis when some strangers create an account for a service using my email address (non-maliciously, usually); I get a "verification" email; and I can only choose "YES, Please verify", or ignore at my peril.

From tiny little mom-and-pop shops, to FAANG giants, nobody is giving me the opportunity to say "NO that's NOT me!". And though it's a "verification" email, typically account is usable and vast majority of functionality is allowed even without verification. So I get to vicariously and angrily "enjoy" the follow-up emails and updates while the users gamble, purchase, sell, review, invest, write, game et cetera using my email address.

Boo to this, I tell ya, boo!

tomesco · 2 years ago
Lyft likely cost customers' funds though a poor process like this in the past.

One could create an account, hail rides and add their own payment method while still being associated with someone else's email. Ride recipes would then be sent to someone else's email where the receiving party could add or increase a tip through an unauthenticated link and have it charged to the riders credit card.

tomesco commented on Launch HN: Play.ht (YC W23) – Generate and clone voices from 20 seconds of audio    · Posted by u/hammadh
yreg · 2 years ago
How would granny prove the scammer used play.ht?
tomesco · 2 years ago
If law enforcement ever busts a scammer and discovers a tool like this was essential to the scam, that would generate lawsuits.
tomesco commented on Silicon Valley Bank unmasks the hypocrisy of libertarian tech bros   newstatesman.com/quickfir... · Posted by u/thm
sokoloff · 2 years ago
> HSBC bought the company’s British arm, which was still largely solvent, for £1.

I suspect “insolvent” is probably an adequate synonym anytime you have to use a qualifier word on “solvent”.

tomesco · 2 years ago
True. Expected to remain solvent would be more clear.
tomesco commented on Git security vulnerabilities announced   github.blog/2023-01-17-gi... · Posted by u/ttaylorr
tomesco · 3 years ago
What is the recommended upgrade path for macOS' system install of git?

I have upgraded my brew install, but am unsure of what to do with the vulnerable system install.

t

u/tomesco

KarmaCake day46August 1, 2017View Original