Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.lang.python > #82693 > unrolled thread
| Started by | Steven D'Aprano <steve+comp.lang.python@pearwood.info> |
|---|---|
| First post | 2014-12-20 23:57 +1100 |
| Last post | 2014-12-22 19:05 +0000 |
| Articles | 20 on this page of 122 — 30 participants |
Back to article view | Back to comp.lang.python
Hello World Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2014-12-20 23:57 +1100
Re: Hello World Chris Angelico <rosuav@gmail.com> - 2014-12-21 00:11 +1100
Re: Hello World Mark Lawrence <breamoreboy@yahoo.co.uk> - 2014-12-20 16:13 +0000
Re: Hello World Rustom Mody <rustompmody@gmail.com> - 2014-12-20 08:50 -0800
Re: Hello World Steve Hayes <hayesstw@telkomsa.net> - 2014-12-20 20:39 +0200
Re: Hello World alister <alister.nospam.ware@ntlworld.com> - 2014-12-20 22:18 +0000
Re: Hello World CM <cmpython@gmail.com> - 2014-12-20 21:14 -0800
Re: Hello World Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2014-12-21 16:26 +1100
Re: Hello World Chris Angelico <rosuav@gmail.com> - 2014-12-21 16:31 +1100
Re: Hello World Terry Reedy <tjreedy@udel.edu> - 2014-12-21 01:31 -0500
Re: Hello World wxjmfauth@gmail.com - 2014-12-21 00:07 -0800
Re: Hello World Chris Angelico <rosuav@gmail.com> - 2014-12-21 17:44 +1100
Re: Hello World CM <cmpython@gmail.com> - 2014-12-20 23:44 -0800
Re: Hello World CM <cmpython@gmail.com> - 2014-12-20 23:45 -0800
Re: Hello World Marko Rauhamaa <marko@pacujo.net> - 2014-12-21 10:26 +0200
Re: Hello World Chris Angelico <rosuav@gmail.com> - 2014-12-21 18:46 +1100
Re: Hello World albert@spenarnc.xs4all.nl (Albert van der Horst) - 2015-01-08 12:43 +0000
Re: Hello World Chris Angelico <rosuav@gmail.com> - 2015-01-08 23:53 +1100
Re: Hello World albert@spenarnc.xs4all.nl (Albert van der Horst) - 2015-01-08 13:37 +0000
Re: Hello World Marko Rauhamaa <marko@pacujo.net> - 2015-01-08 16:06 +0200
Re: Hello World alister <alister.nospam.ware@ntlworld.com> - 2015-01-08 14:21 +0000
Re: Hello World Marko Rauhamaa <marko@pacujo.net> - 2015-01-08 16:31 +0200
Re: Hello World alister <alister.nospam.ware@ntlworld.com> - 2015-01-08 15:14 +0000
Re: Hello World Michael Ströder <michael@stroeder.com> - 2015-01-08 15:11 +0100
Re: Hello World albert@spenarnc.xs4all.nl (Albert van der Horst) - 2015-01-17 14:51 +0000
Re: Hello World Chris Angelico <rosuav@gmail.com> - 2015-01-18 01:57 +1100
Re: Hello World cl@isbd.net - 2015-01-17 15:18 +0000
Re: Hello World Michael Torrie <torriem@gmail.com> - 2015-01-17 09:29 -0700
Re: Hello World cl@isbd.net - 2015-01-17 16:47 +0000
Re: Hello World albert@spenarnc.xs4all.nl (Albert van der Horst) - 2015-01-17 18:06 +0000
Re: Hello World Michael Ströder <michael@stroeder.com> - 2015-01-17 19:47 +0100
Re: Hello World Michael Torrie <torriem@gmail.com> - 2015-01-17 19:09 -0700
Re: Hello World Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2015-01-18 13:37 +1100
Re: Hello World Roy Smith <roy@panix.com> - 2015-01-17 22:18 -0500
Re: Hello World Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2015-01-18 14:45 +1100
Re: Hello World Chris Angelico <rosuav@gmail.com> - 2015-01-18 18:45 +1100
Re: Hello World Roy Smith <roy@panix.com> - 2015-01-18 07:26 -0500
Re: Hello World Tim Chase <python.list@tim.thechases.com> - 2015-01-17 21:50 -0600
Re: Hello World Chris Angelico <rosuav@gmail.com> - 2015-01-18 18:44 +1100
Re: Hello World Mark Lawrence <breamoreboy@yahoo.co.uk> - 2015-01-17 18:31 +0000
Re: Hello World Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2015-01-18 10:46 +1100
Re: Hello World Chris Angelico <rosuav@gmail.com> - 2015-01-18 11:04 +1100
Re: Hello World Jason Friedman <jsf80238@gmail.com> - 2015-01-17 18:19 -0700
Re: Hello World Michael Torrie <torriem@gmail.com> - 2015-01-17 19:13 -0700
Re: Hello World Marko Rauhamaa <marko@pacujo.net> - 2015-01-18 12:03 +0200
Re: Hello World Michael Ströder <michael@stroeder.com> - 2015-01-18 14:34 +0100
Re: Hello World Marko Rauhamaa <marko@pacujo.net> - 2015-01-18 18:03 +0200
Re: Hello World Michael Ströder <michael@stroeder.com> - 2015-01-18 19:39 +0100
Re: Hello World Chris Angelico <rosuav@gmail.com> - 2015-01-18 21:10 +1100
Re: Hello World Marko Rauhamaa <marko@pacujo.net> - 2015-01-18 22:50 +0200
Re: Hello World Michael Ströder <michael@stroeder.com> - 2015-01-18 14:32 +0100
Re: Hello World Chris Angelico <rosuav@gmail.com> - 2015-01-18 21:00 +1100
Re: Hello World Michael Ströder <michael@stroeder.com> - 2015-01-18 14:35 +0100
Re: Hello World Chris Angelico <rosuav@gmail.com> - 2015-01-19 00:57 +1100
Re: Hello World Michael Ströder <michael@stroeder.com> - 2015-01-18 16:48 +0100
Re: Hello World Chris Angelico <rosuav@gmail.com> - 2015-01-19 04:08 +1100
Re: Hello World Michael Ströder <michael@stroeder.com> - 2015-01-18 14:30 +0100
Re: Hello World Steve Hayes <hayesstw@telkomsa.net> - 2015-01-08 19:02 +0200
Re: Hello World Chris Angelico <rosuav@gmail.com> - 2015-01-09 04:11 +1100
Re: Hello World albert@spenarnc.xs4all.nl (Albert van der Horst) - 2015-01-17 15:10 +0000
Re: Hello World Michael Torrie <torriem@gmail.com> - 2015-01-08 10:53 -0700
Re: Hello World Grant Edwards <invalid@invalid.invalid> - 2015-01-08 18:57 +0000
Re: Hello World Devin Jeanpierre <jeanpierreda@gmail.com> - 2015-01-17 16:06 -0800
Re: Hello World Tony the Tiger <tony@tiger.invalid> - 2014-12-21 19:22 +0000
Re: Hello World Marko Rauhamaa <marko@pacujo.net> - 2014-12-21 22:02 +0200
Re: Hello World Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2014-12-22 09:51 +1100
Re: Hello World Roy Smith <roy@panix.com> - 2014-12-21 18:50 -0500
Re: Hello World Chris Angelico <rosuav@gmail.com> - 2014-12-22 11:10 +1100
Re: Hello World Roy Smith <roy@panix.com> - 2014-12-21 19:12 -0500
Re: Hello World Chris Angelico <rosuav@gmail.com> - 2014-12-22 11:36 +1100
Re: Hello World mm0fmf <none@mailinator.com> - 2014-12-22 00:20 +0000
Re: Hello World Tim Chase <python.list@tim.thechases.com> - 2014-12-21 18:47 -0600
Re: Hello World Mark Lawrence <breamoreboy@yahoo.co.uk> - 2014-12-22 02:56 +0000
Re: Hello World Marko Rauhamaa <marko@pacujo.net> - 2014-12-22 10:52 +0200
Re: Hello World Chris Angelico <rosuav@gmail.com> - 2014-12-22 20:01 +1100
Re: Hello World Grant Edwards <invalid@invalid.invalid> - 2014-12-22 16:23 +0000
Re: Hello World Chris Angelico <rosuav@gmail.com> - 2014-12-23 04:25 +1100
Re: Hello World Mark Lawrence <breamoreboy@yahoo.co.uk> - 2014-12-22 18:51 +0000
Re: Hello World MRAB <python@mrabarnett.plus.com> - 2014-12-22 19:05 +0000
Re: Hello World Tim Chase <python.list@tim.thechases.com> - 2014-12-22 13:16 -0600
Re: Hello World Roy Smith <roy@panix.com> - 2014-12-22 19:55 -0500
Re: Hello World sohcahtoa82@gmail.com - 2014-12-22 17:03 -0800
Re: Hello World MRAB <python@mrabarnett.plus.com> - 2014-12-23 01:37 +0000
Re: Hello World Chris Angelico <rosuav@gmail.com> - 2014-12-23 12:39 +1100
Re: Hello World Mark Lawrence <breamoreboy@yahoo.co.uk> - 2014-12-23 02:36 +0000
Re: Hello World Dennis Lee Bieber <wlfraed@ix.netcom.com> - 2014-12-23 12:24 -0500
Re: Hello World Chris Angelico <rosuav@gmail.com> - 2014-12-23 12:03 +1100
Encryption - was Hello World Dave Angel <d@davea.name> - 2014-12-22 14:57 -0500
Re: Encryption - was Hello World Chris Angelico <rosuav@gmail.com> - 2014-12-23 09:29 +1100
Re: Encryption - was Hello World Dave Angel <davea@davea.name> - 2014-12-22 18:22 -0500
Re: Hello World Rustom Mody <rustompmody@gmail.com> - 2014-12-21 18:37 -0800
Re: Hello World Steve Hayes <hayesstw@telkomsa.net> - 2014-12-22 08:21 +0200
Re: Hello World Chris Angelico <rosuav@gmail.com> - 2014-12-22 17:33 +1100
Re: Hello World Steve Hayes <hayesstw@telkomsa.net> - 2014-12-22 09:46 +0200
Re: Hello World Chris Angelico <rosuav@gmail.com> - 2014-12-22 18:56 +1100
Re: Hello World Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2014-12-22 20:18 +1100
Re: Hello World Marko Rauhamaa <marko@pacujo.net> - 2014-12-22 11:34 +0200
Re: Hello World Rustom Mody <rustompmody@gmail.com> - 2014-12-22 19:38 -0800
Re: Hello World Roy Smith <roy@panix.com> - 2014-12-22 08:15 -0500
Re: Hello World Chris Angelico <rosuav@gmail.com> - 2014-12-23 00:23 +1100
OFF TOPIC Snow Crash [was Re: Hello World] Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2014-12-23 13:09 +1100
Re: OFF TOPIC Snow Crash [was Re: Hello World] Grant Edwards <invalid@invalid.invalid> - 2014-12-23 16:20 +0000
Re: OFF TOPIC Snow Crash [was Re: Hello World] Rustom Mody <rustompmody@gmail.com> - 2014-12-23 08:41 -0800
Re: OFF TOPIC Snow Crash [was Re: Hello World] Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2014-12-24 12:51 +1100
Re: OFF TOPIC Snow Crash [was Re: Hello World] Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2014-12-24 14:18 +1100
Re: OFF TOPIC Snow Crash [was Re: Hello World] alister <alister.nospam.ware@ntlworld.com> - 2014-12-24 11:50 +0000
Re: OFF TOPIC Snow Crash [was Re: Hello World] alex23 <wuwei23@gmail.com> - 2014-12-26 09:34 +1000
Re: OFF TOPIC Snow Crash [was Re: Hello World] alex23 <wuwei23@gmail.com> - 2014-12-26 09:27 +1000
Re: OFF TOPIC Snow Crash [was Re: Hello World] Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2014-12-26 15:13 +1100
Re: OFF TOPIC Snow Crash [was Re: Hello World] alister <alister.nospam.ware@ntlworld.com> - 2014-12-26 10:03 +0000
Re: Hello World Marko Rauhamaa <marko@pacujo.net> - 2014-12-22 15:26 +0200
Re: Hello World Roy Smith <roy@panix.com> - 2014-12-22 08:41 -0500
Re: Hello World Roy Smith <roy@panix.com> - 2014-12-22 08:13 -0500
Re: Hello World Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2014-12-23 02:22 +1100
Re: Hello World Jussi Piitulainen <jpiitula@ling.helsinki.fi> - 2014-12-22 17:36 +0200
Re: Hello World Chris Warrick <kwpolska@gmail.com> - 2014-12-22 17:03 +0100
Re: Hello World Skip Montanaro <skip.montanaro@gmail.com> - 2014-12-22 09:39 -0600
Re: Hello World Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2014-12-23 03:54 +1100
Re: Hello World Mark Lawrence <breamoreboy@yahoo.co.uk> - 2014-12-22 18:48 +0000
Re: Hello World Grant Edwards <invalid@invalid.invalid> - 2014-12-22 16:26 +0000
Re: Hello World Grant Edwards <invalid@invalid.invalid> - 2014-12-22 16:18 +0000
Re: Hello World alister <alister.nospam.ware@ntlworld.com> - 2014-12-22 19:05 +0000
Page 4 of 7 — ← Prev page 1 2 3 [4] 5 6 7 Next page →
| From | Michael Torrie <torriem@gmail.com> |
|---|---|
| Date | 2015-01-08 10:53 -0700 |
| Message-ID | <mailman.17482.1420739647.18130.python-list@python.org> |
| In reply to | #83357 |
On 01/08/2015 10:02 AM, Steve Hayes wrote: > On 08 Jan 2015 12:43:33 GMT, albert@spenarnc.xs4all.nl (Albert van der Horst) > wrote: > >> I don't trust sudo because it is too complicated. >> (To the point that I removed it from my machine.) >> I do > > How do you do that? > > I avoided Ubuntu because it had sudo, and then discovered that Fedora had it > as well. Of all the distro choosing criteria, this has to be one of the more bizarre ones I've heard. You could at least choose something fashionable to avoid, like systemd.
[toc] | [prev] | [next] | [standalone]
| From | Grant Edwards <invalid@invalid.invalid> |
|---|---|
| Date | 2015-01-08 18:57 +0000 |
| Message-ID | <m8mjuf$g1r$1@reader2.panix.com> |
| In reply to | #83360 |
On 2015-01-08, Michael Torrie <torriem@gmail.com> wrote:
> On 01/08/2015 10:02 AM, Steve Hayes wrote:
>> On 08 Jan 2015 12:43:33 GMT, albert@spenarnc.xs4all.nl (Albert van der Horst)
>> wrote:
>>
>>> I don't trust sudo because it is too complicated. (To the point that
>>> I removed it from my machine.) I do
>>
>> How do you do that?
>>
>> I avoided Ubuntu because it had sudo, and then discovered that Fedora
>> had it as well.
>
> Of all the distro choosing criteria, this has to be one of the more
> bizarre ones I've heard.
That's what I thought. Especially since it's trivial to remove sudo.
Some system admin stuff on *buntu may require some extra thought since
the standard pointy-clicky recipes might not work exactly as described
in various fora, but anybody worried about security to the extent that
they refuse to use sudo probably shouldn't be using pointy-clicky
admin tools to start with.
> You could at least choose something fashionable to avoid, like
> systemd.
Or whatever the "desktop du jour" is for <distro-to-be-avoided>.
--
Grant Edwards grant.b.edwards Yow! Didn't I buy a 1951
at Packard from you last March
gmail.com in Cairo?
[toc] | [prev] | [next] | [standalone]
| From | Devin Jeanpierre <jeanpierreda@gmail.com> |
|---|---|
| Date | 2015-01-17 16:06 -0800 |
| Message-ID | <mailman.17821.1421539617.18130.python-list@python.org> |
| In reply to | #82707 |
Sorry for necro.
On Sat, Dec 20, 2014 at 10:44 PM, Chris Angelico <rosuav@gmail.com> wrote:
> On Sun, Dec 21, 2014 at 5:31 PM, Terry Reedy <tjreedy@udel.edu> wrote:
>> Just to be clear, writing to sys.stdout works fine in Idle.
>>>>> import sys; sys.stdout.write('hello ')
>> hello #2.7
>>
>> In 3.4, the number of chars? bytes? is returned and written also.
>>
>> Whether you mean something different by 'stdout' or not, I am not sure. The
>> error is from writing to a non-existent file descriptor.
>
> That's because sys.stdout is replaced. But stdout itself, file
> descriptor 1, is not available:
It surprises me that IDLE, and most other shells, don't dup2
stdout/err/in so that those FDs talk to IDLE.
-- Devin
[toc] | [prev] | [next] | [standalone]
| From | Tony the Tiger <tony@tiger.invalid> |
|---|---|
| Date | 2014-12-21 19:22 +0000 |
| Message-ID | <54971df7$0$30820$b1db1813$ba2d9d20@news.astraweb.com> |
| In reply to | #82693 |
On Sat, 20 Dec 2014 23:57:08 +1100, Steven D'Aprano wrote:
> I am in total awe.
I'm not. It has no real value. Write your code like that and you'll soon
be looking for a new job.
/Grrr
--
___ ___
(\_--_/) | _ ._ _|_|_ _ |o _ _ ._
( 9 9 ) |(_)| |\/ |_| |(/_ ||(_|(/_|
stripes are forever - as overripe ferrets
[toc] | [prev] | [next] | [standalone]
| From | Marko Rauhamaa <marko@pacujo.net> |
|---|---|
| Date | 2014-12-21 22:02 +0200 |
| Message-ID | <87mw6gu5y8.fsf@elektro.pacujo.net> |
| In reply to | #82720 |
Tony the Tiger <tony@tiger.invalid>: > On Sat, 20 Dec 2014 23:57:08 +1100, Steven D'Aprano wrote: > >> I am in total awe. > > I'm not. It has no real value. It is, of course, a joke, and there are whole tongue-in-cheek languages like Brainfuck. However, some similar exercises carry deep meaning. Take, for example, iota and jot (<URL: http://semarch.linguistics.fas.nyu.edu/barker/Iota/>). > Write your code like that and you'll soon be looking for a new job. Navigare necesse est, vivere non est necesse. Marko
[toc] | [prev] | [next] | [standalone]
| From | Steven D'Aprano <steve+comp.lang.python@pearwood.info> |
|---|---|
| Date | 2014-12-22 09:51 +1100 |
| Message-ID | <54974ed7$0$12986$c3e8da3$5496439d@news.astraweb.com> |
| In reply to | #82720 |
Tony the Tiger wrote:
> On Sat, 20 Dec 2014 23:57:08 +1100, Steven D'Aprano wrote:
>
>> I am in total awe.
>
> I'm not. It has no real value. Write your code like that and you'll soon
> be looking for a new job.
Awww, did da widdle puddy tat get up on the wrong side of the bed this
morning? :-)
Obviously you don't write obfuscated code like this for production use,
except in such cases where you deliberately want to write obfuscated code
for production use.
Any beginner with 3 seconds experience with Python can write:
print "Hello World"
But being able to write obfuscated code to that degree displays real skill
and understanding of the language, and a great deal of patience and "stick
with it"-ness, all of which are valuable work skills.
--
Steven
[toc] | [prev] | [next] | [standalone]
| From | Roy Smith <roy@panix.com> |
|---|---|
| Date | 2014-12-21 18:50 -0500 |
| Message-ID | <roy-2DE8D9.18502021122014@news.panix.com> |
| In reply to | #82726 |
In article <54974ed7$0$12986$c3e8da3$5496439d@news.astraweb.com>, Steven D'Aprano <steve+comp.lang.python@pearwood.info> wrote: > Obviously you don't write obfuscated code like this for production use, > except in such cases where you deliberately want to write obfuscated code > for production use. Heh. I once worked on a C++ project that included its own crypo code (i.e. custom implementations of things like AES and SHA-1). The person who wrote some particular bit of the code had decided that deliberately obfuscating the function and variable names would somehow make it more secure, so that's what he did. The mind boggles. At so many levels.
[toc] | [prev] | [next] | [standalone]
| From | Chris Angelico <rosuav@gmail.com> |
|---|---|
| Date | 2014-12-22 11:10 +1100 |
| Message-ID | <mailman.17098.1419207020.18130.python-list@python.org> |
| In reply to | #82727 |
On Mon, Dec 22, 2014 at 10:50 AM, Roy Smith <roy@panix.com> wrote: > Heh. I once worked on a C++ project that included its own crypo code > (i.e. custom implementations of things like AES and SHA-1). The person > who wrote some particular bit of the code had decided that deliberately > obfuscating the function and variable names would somehow make it more > secure, so that's what he did. > > The mind boggles. At so many levels. Level 0: Why implement your own crypto?!? ChrisA
[toc] | [prev] | [next] | [standalone]
| From | Roy Smith <roy@panix.com> |
|---|---|
| Date | 2014-12-21 19:12 -0500 |
| Message-ID | <roy-B3A611.19120021122014@news.panix.com> |
| In reply to | #82728 |
In article <mailman.17098.1419207020.18130.python-list@python.org>, Chris Angelico <rosuav@gmail.com> wrote: > On Mon, Dec 22, 2014 at 10:50 AM, Roy Smith <roy@panix.com> wrote: > > Heh. I once worked on a C++ project that included its own crypo code > > (i.e. custom implementations of things like AES and SHA-1). The person > > who wrote some particular bit of the code had decided that deliberately > > obfuscating the function and variable names would somehow make it more > > secure, so that's what he did. > > > > The mind boggles. At so many levels. > > Level 0: Why implement your own crypto?!? > > ChrisA That would be one of the levels.
[toc] | [prev] | [next] | [standalone]
| From | Chris Angelico <rosuav@gmail.com> |
|---|---|
| Date | 2014-12-22 11:36 +1100 |
| Message-ID | <mailman.17099.1419208569.18130.python-list@python.org> |
| In reply to | #82729 |
On Mon, Dec 22, 2014 at 11:12 AM, Roy Smith <roy@panix.com> wrote: > In article <mailman.17098.1419207020.18130.python-list@python.org>, > Chris Angelico <rosuav@gmail.com> wrote: > >> On Mon, Dec 22, 2014 at 10:50 AM, Roy Smith <roy@panix.com> wrote: >> > Heh. I once worked on a C++ project that included its own crypo code >> > (i.e. custom implementations of things like AES and SHA-1). The person >> > who wrote some particular bit of the code had decided that deliberately >> > obfuscating the function and variable names would somehow make it more >> > secure, so that's what he did. >> > >> > The mind boggles. At so many levels. >> >> Level 0: Why implement your own crypto?!? >> >> ChrisA > > That would be one of the levels. Good, I'm glad you agree on that one. I don't mind reimplementing some other protocols (couple years ago now I built my own OAuth library because the provided one was being terrible - no, this wasn't in Python), especially the simple ones (SMTP or FTP - use a library/module if available, but otherwise just establish a socket connection and do whatever you need), and even complex protocols can occasionally be worth reworking (Pike has its own PostgreSQL client, rather than using libpq, and it gets some handy improvements in concurrency), but crypto's one thing that it's *never* worth rewriting. ChrisA
[toc] | [prev] | [next] | [standalone]
| From | mm0fmf <none@mailinator.com> |
|---|---|
| Date | 2014-12-22 00:20 +0000 |
| Message-ID | <gtJlw.150744$td3.26297@fx34.am4> |
| In reply to | #82728 |
On 22/12/2014 00:10, Chris Angelico wrote: > Level 0: Why implement your own crypto?!? Because people who don't understand the concepts behind cryptography don't understand that the crypto algorithm can be open whilst the results of applying the algorithm are secure. There again I always use ROT-13 to encrypt my stuff. For the stuff that really has to be NSA-proof I use ROT-13 twice.
[toc] | [prev] | [next] | [standalone]
| From | Tim Chase <python.list@tim.thechases.com> |
|---|---|
| Date | 2014-12-21 18:47 -0600 |
| Message-ID | <mailman.17100.1419209143.18130.python-list@python.org> |
| In reply to | #82730 |
On 2014-12-22 00:20, mm0fmf wrote: > On 22/12/2014 00:10, Chris Angelico wrote: > > Level 0: Why implement your own crypto?!? > > Because people who don't understand the concepts behind > cryptography don't understand that the crypto algorithm can be open > whilst the results of applying the algorithm are secure. > > There again I always use ROT-13 to encrypt my stuff. For the stuff > that really has to be NSA-proof I use ROT-13 twice. Pshaw. When I really want to be secure, I stick to *Triple ROT13* I mean, why else would Vim have the ability to do it easily out of the box? (I suspect Emacs offers similar functionality) Like ed(1), it's a standard! ;-) -tkc
[toc] | [prev] | [next] | [standalone]
| From | Mark Lawrence <breamoreboy@yahoo.co.uk> |
|---|---|
| Date | 2014-12-22 02:56 +0000 |
| Message-ID | <mailman.17106.1419217211.18130.python-list@python.org> |
| In reply to | #82730 |
On 22/12/2014 00:20, mm0fmf wrote: > On 22/12/2014 00:10, Chris Angelico wrote: >> Level 0: Why implement your own crypto?!? > > Because people who don't understand the concepts behind cryptography > don't understand that the crypto algorithm can be open whilst the > results of applying the algorithm are secure. > > There again I always use ROT-13 to encrypt my stuff. For the stuff that > really has to be NSA-proof I use ROT-13 twice. > That is the sort of cunning plan that is even more cunning than the very best of Baldrick's cunning plans :) -- My fellow Pythonistas, ask not what our language can do for you, ask what you can do for our language. Mark Lawrence
[toc] | [prev] | [next] | [standalone]
| From | Marko Rauhamaa <marko@pacujo.net> |
|---|---|
| Date | 2014-12-22 10:52 +0200 |
| Message-ID | <8761d4t6b2.fsf@elektro.pacujo.net> |
| In reply to | #82728 |
Chris Angelico <rosuav@gmail.com>: > Level 0: Why implement your own crypto?!? Licensing concerns come to mind. For example, the reference implementations of MD5 [RFC1321] and SHA1 [RFC3174] are not in the public domain. Marko
[toc] | [prev] | [next] | [standalone]
| From | Chris Angelico <rosuav@gmail.com> |
|---|---|
| Date | 2014-12-22 20:01 +1100 |
| Message-ID | <mailman.17115.1419238889.18130.python-list@python.org> |
| In reply to | #82760 |
On Mon, Dec 22, 2014 at 7:52 PM, Marko Rauhamaa <marko@pacujo.net> wrote: > Chris Angelico <rosuav@gmail.com>: > >> Level 0: Why implement your own crypto?!? > > Licensing concerns come to mind. > > For example, the reference implementations of MD5 [RFC1321] and SHA1 > [RFC3174] are not in the public domain. Which would you prefer? Something with licensing restrictions, or something that's either outright buggy, completely insecure due to something you didn't notice, or maybe has an unnoticed side-channel attack that leaks your keys? While these can happen with well-known libraries like libssl, they also get patched; when Heartbleed went public, updates to the affected versions were available pretty quickly, but if you had your own implementation, someone might be leaking your keys without your knowledge and you have to fix it yourself... if you ever notice. But we're somewhat off topic now... ChrisA
[toc] | [prev] | [next] | [standalone]
| From | Grant Edwards <invalid@invalid.invalid> |
|---|---|
| Date | 2014-12-22 16:23 +0000 |
| Message-ID | <m79ghk$o5r$3@reader1.panix.com> |
| In reply to | #82727 |
On 2014-12-21, Roy Smith <roy@panix.com> wrote: > In article <54974ed7$0$12986$c3e8da3$5496439d@news.astraweb.com>, > Steven D'Aprano <steve+comp.lang.python@pearwood.info> wrote: > >> Obviously you don't write obfuscated code like this for production use, >> except in such cases where you deliberately want to write obfuscated code >> for production use. > > Heh. I once worked on a C++ project that included its own crypo code > (i.e. custom implementations of things like AES and SHA-1). Damn. Should I ever start to do something like that (for a real product), I hereby officially request that somebody please try to slap some sense into me. -- Grant
[toc] | [prev] | [next] | [standalone]
| From | Chris Angelico <rosuav@gmail.com> |
|---|---|
| Date | 2014-12-23 04:25 +1100 |
| Message-ID | <mailman.17128.1419269130.18130.python-list@python.org> |
| In reply to | #82785 |
On Tue, Dec 23, 2014 at 3:23 AM, Grant Edwards <invalid@invalid.invalid> wrote: >> Heh. I once worked on a C++ project that included its own crypo code >> (i.e. custom implementations of things like AES and SHA-1). > > Damn. Should I ever start to do something like that (for a real > product), I hereby officially request that somebody please try to slap > some sense into me. Likewise. And I'll happily do the slapping. There's one exception. Writing your own crypto is a bad idea if that means reimplementing AES... but if you want something that's effective on completely different levels, sometimes it's best to write your own. I had a project a while ago that needed some encryption work done, and I implemented something that I described as "scarily effective". My boss demanded that the debug code-execution feature be protected by a password that would be strong even if someone could read the source code, so I put together something that would hash the incoming password, then check to see if the first two and last two bytes of the hash were all the same byte value as the current hour-of-week (ranging from 0 to 167). This is clearly more secure than simply embedding a SHA256 hash in the source code, because you can't possibly reverse-engineer it (since you don't even have the full hash). And yes, this was 100% effective in convincing my boss that the code executor was safely guarded. Since that was the goal, having several lines of complex and opaque code was far better than a single line that says "if hash(password)=='5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8': do stuff", which is way too easy for someone to decode. And it was, indeed, scarily effective. That lasted for a long time, and any time there was a question about security, I could just point to that and say "See? Safe."... ChrisA
[toc] | [prev] | [next] | [standalone]
| From | Mark Lawrence <breamoreboy@yahoo.co.uk> |
|---|---|
| Date | 2014-12-22 18:51 +0000 |
| Message-ID | <mailman.17131.1419274507.18130.python-list@python.org> |
| In reply to | #82785 |
On 22/12/2014 16:23, Grant Edwards wrote: > On 2014-12-21, Roy Smith <roy@panix.com> wrote: >> In article <54974ed7$0$12986$c3e8da3$5496439d@news.astraweb.com>, >> Steven D'Aprano <steve+comp.lang.python@pearwood.info> wrote: >> >>> Obviously you don't write obfuscated code like this for production use, >>> except in such cases where you deliberately want to write obfuscated code >>> for production use. >> >> Heh. I once worked on a C++ project that included its own crypo code >> (i.e. custom implementations of things like AES and SHA-1). > > Damn. Should I ever start to do something like that (for a real > product), I hereby officially request that somebody please try to slap > some sense into me. > I'm having wonderful thoughts of Michael Palin's favourite Python sketch which involved fish slapping. -- My fellow Pythonistas, ask not what our language can do for you, ask what you can do for our language. Mark Lawrence
[toc] | [prev] | [next] | [standalone]
| From | MRAB <python@mrabarnett.plus.com> |
|---|---|
| Date | 2014-12-22 19:05 +0000 |
| Message-ID | <mailman.17132.1419275304.18130.python-list@python.org> |
| In reply to | #82785 |
On 2014-12-22 18:51, Mark Lawrence wrote: > On 22/12/2014 16:23, Grant Edwards wrote: >> On 2014-12-21, Roy Smith <roy@panix.com> wrote: >>> In article <54974ed7$0$12986$c3e8da3$5496439d@news.astraweb.com>, >>> Steven D'Aprano <steve+comp.lang.python@pearwood.info> wrote: >>> >>>> Obviously you don't write obfuscated code like this for production use, >>>> except in such cases where you deliberately want to write obfuscated code >>>> for production use. >>> >>> Heh. I once worked on a C++ project that included its own crypo code >>> (i.e. custom implementations of things like AES and SHA-1). >> >> Damn. Should I ever start to do something like that (for a real >> product), I hereby officially request that somebody please try to slap >> some sense into me. >> > > I'm having wonderful thoughts of Michael Palin's favourite Python sketch > which involved fish slapping. > Well, ChrisA _has_ mentioned Pike in this thread. :-)
[toc] | [prev] | [next] | [standalone]
| From | Tim Chase <python.list@tim.thechases.com> |
|---|---|
| Date | 2014-12-22 13:16 -0600 |
| Message-ID | <mailman.17133.1419276169.18130.python-list@python.org> |
| In reply to | #82785 |
On 2014-12-22 19:05, MRAB wrote: > On 2014-12-22 18:51, Mark Lawrence wrote: > > I'm having wonderful thoughts of Michael Palin's favourite Python > > sketch which involved fish slapping. > > > Well, ChrisA _has_ mentioned Pike in this thread. :-) But you know he does it just for the halibut... -tkc
[toc] | [prev] | [next] | [standalone]
Page 4 of 7 — ← Prev page 1 2 3 [4] 5 6 7 Next page →
Back to top | Article view | comp.lang.python
csiph-web