To stretch out the metaphor, asking a knowledgeable coworker could be "read from RAM", then documentation could be "read from disk"; or vice versa. But I find having someone to bounce questions off of easier than reading docs
Not op, but I bought one. It's essentially a Linux laptop with a control interface built in. For emulators and steam games, it's really nice to have an option to play on the tv (with the dock). I don't see it being an especially nice coding experience; you'd need an external keyboard, mouse, and monitor. And without a dock, all it has is a single USBC port. Though it has a full KDE desktop, so it should be feasible.
yeah without a keyboard it sucks. it's like trying to code via SMS lol.
But the dockability makes it pretty damn awesome. you can code in first class style by docking it with a monitor and keyboard, and then when you leave you can take it with you and get a great portable game player or movie watcher or web browser with good battery life. the built in screen is pretty good. I was impressed
I think for something this checking the source for the generation algorithm is fair game. here it is:
function randomInt(n) {
return Math.floor(Math.random() * n);
}
function randomPassword() {
let letters = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
let digits = '0123456789';
let punctuation = '!"#$%&\'()\*+,-./:;<=>?@[\\]^_`{|}~';
let s = letters.repeat(7) + digits.repeat(4) + punctuation.repeat(3);
let length = 14;
let res = Array.from({length}, (() =>
s[randomInt(s.length)])).join('');
return res;
}
looks like it's 14 characters long, and each character has an independent 72.8% / 8% / 19.2% chance of being a random letter / digit / punctuation. There are 94 symbols total, so 94^14 possible solutions; roughly 92 bits of entropy. Even if you assume 10 letters, 1 digit, 3 punctuations (the "likely" distribution) it's still 75 bits of entropy. You might be able to gain an advantage through knowledge of the PRNG state, but the PRNG in v8 (xorshift128+) has a period of 2^128 - 1.
The digest is 64 characters long, so on average you should get 4 positions where your guess and the digest are the same, which would narrow it down to (1/16)*4 of the possibilities, corresponding to "peeling off" 16 bits of entropy.
Figuring out how to enumerate only those values which generate a hex digest that matches the known characters in the hash is left as an exercise for the reader.
You may be trolling, but that "exercise for the reader" does not have a known solution. Anyone who found one may wish to keep it secret to get rich on Bitcoin mining...
There are two layers of entropy in what I'm looking at, but I only got like two hours of sleep last night.
There's the entropy of the password from which the hash is generated, which is clearly what you're addressing.
But in the game I'm seeing, the hash itself is unknown but the game gives you feedback on the contents. So pinning characters of the hash cuts down on that search space. Then there's still the matter of finding a plaintext that hashes to that value, which as you've said should evade this sort of analysis.
He didn't say you could "pin" the hash. He said you could eliminate all hashes, that don't contain the positions known, and just enumerate those which contain the known positions (perhaps by bruteforce), therefore reducing the search-space. It'd still be ridiculously expensive, of course (as in, implausible to compute in this universe). Unless I'm misunderstanding something here.
> Figuring out how to enumerate only those values which generate a hex digest that matches the known characters in the hash is left as an exercise for the reader.
It's always bothered me that the standard security jargon for an oracle for some information is to call it "enumeration". Will your service confirm whether or not a particular email address is associated with a current account? User enumeration!
In my view, it's only enumeration if I can make the service give me the email address without me having to know the address independently. :/
I'd say it depends on what you're shooting. I have a d5600 and Z5.
The Z5 is better for baby pictures.
The d5600 is still better for hiking and travel pictures.
The Z5 is better under low-light and dynamic subject conditions. Particularly because the digital viewfinder is clearer in the dark, the eye/face autofocus and low light autofocus performance is much better (much fewer missed shots), the Z5 has sensor-shift stabilization, and there is no mirror slap affecting lower shutter speeds. For landscapes where there is lots of light, a lightweight and battery conservative d5600 still does the job excellently.
That wasn't what I was referring to. Net worth is (assets - debts), so the money for a down payment is largely the only part of a house that contributes to net worth at purchase time.
In other words, your down payment should be less than 30% of your net worth. Still hard to do in many places.
Everyone is hesitant to make change because "it's going to cause too much economic impact". If someone demonstrates that it's possible to change without screwing over their economy, it's likely other states and countries will follow.
Just because the USA has federal administration that doesn't want to act on climate change right now doesn't mean that it won't get a greener administration in the future.
As for being a lost cause, isn't it preferable to minimize the effect, at least? would you rather the sea levels go up by 2.0 meters or 1.5 meters?
Our leaders need to be ballsy enough to make unpopular decisions to solve climate change. In the short term, things will be harder, more expensive, jobs will be lost. That's because the externalities of life have been free for our society. We need to be brought into a green world kicking and screaming.
