Path: csiph.com!usenet.pasdenom.info!news.etla.org!news.stack.nl!newsfeed.xs4all.nl!newsfeed2.news.xs4all.nl!xs4all!post.news.xs4all.nl!not-for-mail Return-Path: X-Original-To: python-list@python.org Delivered-To: python-list@mail.python.org X-Spam-Status: OK 0.083 X-Spam-Evidence: '*H*': 0.83; '*S*': 0.00; 'debug': 0.07; '"if': 0.09; 'exception.': 0.09; 'indeed,': 0.09; 'cc:addr:python-list': 0.11; '23,': 0.16; 'executor': 0.16; 'from:addr:rosuav': 0.16; 'from:name:chris angelico': 0.16; 'goal,': 0.16; 'happily': 0.16; 'levels,': 0.16; 'password,': 0.16; 'skip:h 80': 0.16; 'wrote:': 0.18; 'code,': 0.22; 'cc:addr:python.org': 0.22; 'byte': 0.24; 'bytes': 0.24; 'own.': 0.24; 'question': 0.24; 'cc:2**0': 0.24; 'source': 0.25; 'possibly': 0.26; '(for': 0.26; 'header:In-Reply- To:1': 0.27; 'idea': 0.28; 'point': 0.28; 'feature': 0.29; 'am,': 0.29; 'dec': 0.30; 'message-id:@mail.gmail.com': 0.30; 'included': 0.31; 'code': 0.31; 'lines': 0.31; '(since': 0.31; 'embedding': 0.31; 'safely': 0.31; 'says': 0.33; 'worked': 0.33; '(i.e.': 0.33; 'ago': 0.33; 'implemented': 0.33; 'sense': 0.34; 'could': 0.34; "can't": 0.35; 'something': 0.35; 'but': 0.35; 'received:google.com': 0.35; 'there': 0.35; 'c++': 0.36; 'described': 0.36; 'done,': 0.36; "i'll": 0.36; 'should': 0.36; 'too': 0.37; 'two': 0.37; 'project': 0.37; 'sometimes': 0.38; 'security,': 0.38; 'somebody': 0.38; 'needed': 0.38; 'bad': 0.39; 'even': 0.60; 'read': 0.60; 'easy': 0.60; 'full': 0.61; 'effective': 0.61; 'simply': 0.61; 'first': 0.61; 'real': 0.63; 'more': 0.64; 'different': 0.65; 'effective.': 0.68; 'secure': 0.71; 'incoming': 0.72; 'subject:Hello': 0.72; '100%': 0.77; 'demanded': 0.84; 'heh.': 0.84; 'scarily': 0.84; 'edwards': 0.91; 'officially': 0.91; 'subject:World': 0.91; 'to:none': 0.92 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:cc :content-type; bh=vJsdgGr58UYg9k8XfQrrxfooKJJzSpiL5LSds9hzOu0=; b=hlIDI8z+taOWoD5//sosD2VgssSN75ObRlA7c451aRZ1r0o09sm9XL8OPMe3GXXrw7 vyE1s88/e13nECWiRNofUpk/La67icR0Mqdw8iLWEUfPNtPFKcqUdDIw4ZK6aXMjk8DC Zo8Sa1mti4k9lWCVx1Fpg/1VydnH7KLQjH9N2SL/awtoCZJZLBTU+gA69GmD1zsqvFRq 8ameaeI72r1saSc+6aYxOPFphFTPo7V9qhL2y1jRYIHzegfzqjit3SSqhugUuwsCwIR+ o9/4HvM3pO9/6a2oRQ/jwAi+L1v0+XKTZhKxBWcZycmbBwIS/HtYBbAsI1vC6xsAdLHx gX/A== MIME-Version: 1.0 X-Received: by 10.107.136.92 with SMTP id k89mr21746476iod.43.1419269127321; Mon, 22 Dec 2014 09:25:27 -0800 (PST) In-Reply-To: References: <54957226$0$12975$c3e8da3$5496439d@news.astraweb.com> <54971df7$0$30820$b1db1813$ba2d9d20@news.astraweb.com> <54974ed7$0$12986$c3e8da3$5496439d@news.astraweb.com> Date: Tue, 23 Dec 2014 04:25:27 +1100 Subject: Re: Hello World From: Chris Angelico Cc: "python-list@python.org" Content-Type: text/plain; charset=UTF-8 X-BeenThere: python-list@python.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: General discussion list for the Python programming language List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Newsgroups: comp.lang.python Message-ID: Lines: 34 NNTP-Posting-Host: 2001:888:2000:d::a6 X-Trace: 1419269130 news.xs4all.nl 2951 [2001:888:2000:d::a6]:55024 X-Complaints-To: abuse@xs4all.nl Xref: csiph.com comp.lang.python:82792 On Tue, Dec 23, 2014 at 3:23 AM, Grant Edwards wrote: >> Heh. I once worked on a C++ project that included its own crypo code >> (i.e. custom implementations of things like AES and SHA-1). > > Damn. Should I ever start to do something like that (for a real > product), I hereby officially request that somebody please try to slap > some sense into me. Likewise. And I'll happily do the slapping. There's one exception. Writing your own crypto is a bad idea if that means reimplementing AES... but if you want something that's effective on completely different levels, sometimes it's best to write your own. I had a project a while ago that needed some encryption work done, and I implemented something that I described as "scarily effective". My boss demanded that the debug code-execution feature be protected by a password that would be strong even if someone could read the source code, so I put together something that would hash the incoming password, then check to see if the first two and last two bytes of the hash were all the same byte value as the current hour-of-week (ranging from 0 to 167). This is clearly more secure than simply embedding a SHA256 hash in the source code, because you can't possibly reverse-engineer it (since you don't even have the full hash). And yes, this was 100% effective in convincing my boss that the code executor was safely guarded. Since that was the goal, having several lines of complex and opaque code was far better than a single line that says "if hash(password)=='5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8': do stuff", which is way too easy for someone to decode. And it was, indeed, scarily effective. That lasted for a long time, and any time there was a question about security, I could just point to that and say "See? Safe."... ChrisA