Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]


Groups > comp.lang.python > #82693 > unrolled thread

Hello World

Started bySteven D'Aprano <steve+comp.lang.python@pearwood.info>
First post2014-12-20 23:57 +1100
Last post2014-12-22 19:05 +0000
Articles 20 on this page of 122 — 30 participants

Back to article view | Back to comp.lang.python


Contents

  Hello World Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2014-12-20 23:57 +1100
    Re: Hello World Chris Angelico <rosuav@gmail.com> - 2014-12-21 00:11 +1100
    Re: Hello World Mark Lawrence <breamoreboy@yahoo.co.uk> - 2014-12-20 16:13 +0000
    Re: Hello World Rustom Mody <rustompmody@gmail.com> - 2014-12-20 08:50 -0800
    Re: Hello World Steve Hayes <hayesstw@telkomsa.net> - 2014-12-20 20:39 +0200
    Re: Hello World alister <alister.nospam.ware@ntlworld.com> - 2014-12-20 22:18 +0000
    Re: Hello World CM <cmpython@gmail.com> - 2014-12-20 21:14 -0800
      Re: Hello World Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2014-12-21 16:26 +1100
      Re: Hello World Chris Angelico <rosuav@gmail.com> - 2014-12-21 16:31 +1100
      Re: Hello World Terry Reedy <tjreedy@udel.edu> - 2014-12-21 01:31 -0500
        Re: Hello World wxjmfauth@gmail.com - 2014-12-21 00:07 -0800
      Re: Hello World Chris Angelico <rosuav@gmail.com> - 2014-12-21 17:44 +1100
        Re: Hello World CM <cmpython@gmail.com> - 2014-12-20 23:44 -0800
          Re: Hello World CM <cmpython@gmail.com> - 2014-12-20 23:45 -0800
            Re: Hello World Marko Rauhamaa <marko@pacujo.net> - 2014-12-21 10:26 +0200
          Re: Hello World Chris Angelico <rosuav@gmail.com> - 2014-12-21 18:46 +1100
        Re: Hello World albert@spenarnc.xs4all.nl (Albert van der Horst) - 2015-01-08 12:43 +0000
          Re: Hello World Chris Angelico <rosuav@gmail.com> - 2015-01-08 23:53 +1100
            Re: Hello World albert@spenarnc.xs4all.nl (Albert van der Horst) - 2015-01-08 13:37 +0000
            Re: Hello World Marko Rauhamaa <marko@pacujo.net> - 2015-01-08 16:06 +0200
              Re: Hello World alister <alister.nospam.ware@ntlworld.com> - 2015-01-08 14:21 +0000
                Re: Hello World Marko Rauhamaa <marko@pacujo.net> - 2015-01-08 16:31 +0200
                  Re: Hello World alister <alister.nospam.ware@ntlworld.com> - 2015-01-08 15:14 +0000
            Re: Hello World Michael Ströder <michael@stroeder.com> - 2015-01-08 15:11 +0100
            Re: Hello World albert@spenarnc.xs4all.nl (Albert van der Horst) - 2015-01-17 14:51 +0000
              Re: Hello World Chris Angelico <rosuav@gmail.com> - 2015-01-18 01:57 +1100
                Re: Hello World cl@isbd.net - 2015-01-17 15:18 +0000
              Re: Hello World Michael Torrie <torriem@gmail.com> - 2015-01-17 09:29 -0700
                Re: Hello World cl@isbd.net - 2015-01-17 16:47 +0000
                  Re: Hello World albert@spenarnc.xs4all.nl (Albert van der Horst) - 2015-01-17 18:06 +0000
                    Re: Hello World Michael Ströder <michael@stroeder.com> - 2015-01-17 19:47 +0100
                      Re: Hello World Michael Torrie <torriem@gmail.com> - 2015-01-17 19:09 -0700
                    Re: Hello World Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2015-01-18 13:37 +1100
                      Re: Hello World Roy Smith <roy@panix.com> - 2015-01-17 22:18 -0500
                        Re: Hello World Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2015-01-18 14:45 +1100
                          Re: Hello World Chris Angelico <rosuav@gmail.com> - 2015-01-18 18:45 +1100
                          Re: Hello World Roy Smith <roy@panix.com> - 2015-01-18 07:26 -0500
                        Re: Hello World Tim Chase <python.list@tim.thechases.com> - 2015-01-17 21:50 -0600
                        Re: Hello World Chris Angelico <rosuav@gmail.com> - 2015-01-18 18:44 +1100
                  Re: Hello World Mark Lawrence <breamoreboy@yahoo.co.uk> - 2015-01-17 18:31 +0000
                    Re: Hello World Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2015-01-18 10:46 +1100
                      Re: Hello World Chris Angelico <rosuav@gmail.com> - 2015-01-18 11:04 +1100
                      Re: Hello World Jason Friedman <jsf80238@gmail.com> - 2015-01-17 18:19 -0700
                      Re: Hello World Michael Torrie <torriem@gmail.com> - 2015-01-17 19:13 -0700
                        Re: Hello World Marko Rauhamaa <marko@pacujo.net> - 2015-01-18 12:03 +0200
                          Re: Hello World Michael Ströder <michael@stroeder.com> - 2015-01-18 14:34 +0100
                            Re: Hello World Marko Rauhamaa <marko@pacujo.net> - 2015-01-18 18:03 +0200
                              Re: Hello World Michael Ströder <michael@stroeder.com> - 2015-01-18 19:39 +0100
                          Re: Hello World Chris Angelico <rosuav@gmail.com> - 2015-01-18 21:10 +1100
                            Re: Hello World Marko Rauhamaa <marko@pacujo.net> - 2015-01-18 22:50 +0200
                        Re: Hello World Michael Ströder <michael@stroeder.com> - 2015-01-18 14:32 +0100
                      Re: Hello World Chris Angelico <rosuav@gmail.com> - 2015-01-18 21:00 +1100
                        Re: Hello World Michael Ströder <michael@stroeder.com> - 2015-01-18 14:35 +0100
                          Re: Hello World Chris Angelico <rosuav@gmail.com> - 2015-01-19 00:57 +1100
                            Re: Hello World Michael Ströder <michael@stroeder.com> - 2015-01-18 16:48 +0100
                              Re: Hello World Chris Angelico <rosuav@gmail.com> - 2015-01-19 04:08 +1100
                      Re: Hello World Michael Ströder <michael@stroeder.com> - 2015-01-18 14:30 +0100
          Re: Hello World Steve Hayes <hayesstw@telkomsa.net> - 2015-01-08 19:02 +0200
            Re: Hello World Chris Angelico <rosuav@gmail.com> - 2015-01-09 04:11 +1100
              Re: Hello World albert@spenarnc.xs4all.nl (Albert van der Horst) - 2015-01-17 15:10 +0000
            Re: Hello World Michael Torrie <torriem@gmail.com> - 2015-01-08 10:53 -0700
              Re: Hello World Grant Edwards <invalid@invalid.invalid> - 2015-01-08 18:57 +0000
      Re: Hello World Devin Jeanpierre <jeanpierreda@gmail.com> - 2015-01-17 16:06 -0800
    Re: Hello World Tony the Tiger <tony@tiger.invalid> - 2014-12-21 19:22 +0000
      Re: Hello World Marko Rauhamaa <marko@pacujo.net> - 2014-12-21 22:02 +0200
      Re: Hello World Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2014-12-22 09:51 +1100
        Re: Hello World Roy Smith <roy@panix.com> - 2014-12-21 18:50 -0500
          Re: Hello World Chris Angelico <rosuav@gmail.com> - 2014-12-22 11:10 +1100
            Re: Hello World Roy Smith <roy@panix.com> - 2014-12-21 19:12 -0500
              Re: Hello World Chris Angelico <rosuav@gmail.com> - 2014-12-22 11:36 +1100
            Re: Hello World mm0fmf <none@mailinator.com> - 2014-12-22 00:20 +0000
              Re: Hello World Tim Chase <python.list@tim.thechases.com> - 2014-12-21 18:47 -0600
              Re: Hello World Mark Lawrence <breamoreboy@yahoo.co.uk> - 2014-12-22 02:56 +0000
            Re: Hello World Marko Rauhamaa <marko@pacujo.net> - 2014-12-22 10:52 +0200
              Re: Hello World Chris Angelico <rosuav@gmail.com> - 2014-12-22 20:01 +1100
          Re: Hello World Grant Edwards <invalid@invalid.invalid> - 2014-12-22 16:23 +0000
            Re: Hello World Chris Angelico <rosuav@gmail.com> - 2014-12-23 04:25 +1100
            Re: Hello World Mark Lawrence <breamoreboy@yahoo.co.uk> - 2014-12-22 18:51 +0000
            Re: Hello World MRAB <python@mrabarnett.plus.com> - 2014-12-22 19:05 +0000
            Re: Hello World Tim Chase <python.list@tim.thechases.com> - 2014-12-22 13:16 -0600
              Re: Hello World Roy Smith <roy@panix.com> - 2014-12-22 19:55 -0500
                Re: Hello World sohcahtoa82@gmail.com - 2014-12-22 17:03 -0800
                  Re: Hello World MRAB <python@mrabarnett.plus.com> - 2014-12-23 01:37 +0000
                  Re: Hello World Chris Angelico <rosuav@gmail.com> - 2014-12-23 12:39 +1100
                  Re: Hello World Mark Lawrence <breamoreboy@yahoo.co.uk> - 2014-12-23 02:36 +0000
                  Re: Hello World Dennis Lee Bieber <wlfraed@ix.netcom.com> - 2014-12-23 12:24 -0500
                Re: Hello World Chris Angelico <rosuav@gmail.com> - 2014-12-23 12:03 +1100
            Encryption - was Hello World Dave Angel <d@davea.name> - 2014-12-22 14:57 -0500
            Re: Encryption - was Hello World Chris Angelico <rosuav@gmail.com> - 2014-12-23 09:29 +1100
            Re: Encryption - was Hello World Dave Angel <davea@davea.name> - 2014-12-22 18:22 -0500
        Re: Hello World Rustom Mody <rustompmody@gmail.com> - 2014-12-21 18:37 -0800
        Re: Hello World Steve Hayes <hayesstw@telkomsa.net> - 2014-12-22 08:21 +0200
          Re: Hello World Chris Angelico <rosuav@gmail.com> - 2014-12-22 17:33 +1100
            Re: Hello World Steve Hayes <hayesstw@telkomsa.net> - 2014-12-22 09:46 +0200
              Re: Hello World Chris Angelico <rosuav@gmail.com> - 2014-12-22 18:56 +1100
          Re: Hello World Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2014-12-22 20:18 +1100
            Re: Hello World Marko Rauhamaa <marko@pacujo.net> - 2014-12-22 11:34 +0200
              Re: Hello World Rustom Mody <rustompmody@gmail.com> - 2014-12-22 19:38 -0800
            Re: Hello World Roy Smith <roy@panix.com> - 2014-12-22 08:15 -0500
              Re: Hello World Chris Angelico <rosuav@gmail.com> - 2014-12-23 00:23 +1100
                OFF TOPIC Snow Crash [was Re: Hello World] Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2014-12-23 13:09 +1100
                  Re: OFF TOPIC Snow Crash [was Re: Hello World] Grant Edwards <invalid@invalid.invalid> - 2014-12-23 16:20 +0000
                    Re: OFF TOPIC Snow Crash [was Re: Hello World] Rustom Mody <rustompmody@gmail.com> - 2014-12-23 08:41 -0800
                      Re: OFF TOPIC Snow Crash [was Re: Hello World] Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2014-12-24 12:51 +1100
                    Re: OFF TOPIC Snow Crash [was Re: Hello World] Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2014-12-24 14:18 +1100
                    Re: OFF TOPIC Snow Crash [was Re: Hello World] alister <alister.nospam.ware@ntlworld.com> - 2014-12-24 11:50 +0000
                      Re: OFF TOPIC Snow Crash [was Re: Hello World] alex23 <wuwei23@gmail.com> - 2014-12-26 09:34 +1000
                    Re: OFF TOPIC Snow Crash [was Re: Hello World] alex23 <wuwei23@gmail.com> - 2014-12-26 09:27 +1000
                      Re: OFF TOPIC Snow Crash [was Re: Hello World] Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2014-12-26 15:13 +1100
                        Re: OFF TOPIC Snow Crash [was Re: Hello World] alister <alister.nospam.ware@ntlworld.com> - 2014-12-26 10:03 +0000
              Re: Hello World Marko Rauhamaa <marko@pacujo.net> - 2014-12-22 15:26 +0200
                Re: Hello World Roy Smith <roy@panix.com> - 2014-12-22 08:41 -0500
          Re: Hello World Roy Smith <roy@panix.com> - 2014-12-22 08:13 -0500
            Re: Hello World Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2014-12-23 02:22 +1100
              Re: Hello World Jussi Piitulainen <jpiitula@ling.helsinki.fi> - 2014-12-22 17:36 +0200
                Re: Hello World Chris Warrick <kwpolska@gmail.com> - 2014-12-22 17:03 +0100
              Re: Hello World Skip Montanaro <skip.montanaro@gmail.com> - 2014-12-22 09:39 -0600
                Re: Hello World Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2014-12-23 03:54 +1100
              Re: Hello World Mark Lawrence <breamoreboy@yahoo.co.uk> - 2014-12-22 18:48 +0000
          Re: Hello World Grant Edwards <invalid@invalid.invalid> - 2014-12-22 16:26 +0000
      Re: Hello World Grant Edwards <invalid@invalid.invalid> - 2014-12-22 16:18 +0000
        Re: Hello World alister <alister.nospam.ware@ntlworld.com> - 2014-12-22 19:05 +0000

Page 4 of 7 — ← Prev page 1 2 3 [4] 5 6 7  Next page →


#83360

FromMichael Torrie <torriem@gmail.com>
Date2015-01-08 10:53 -0700
Message-ID<mailman.17482.1420739647.18130.python-list@python.org>
In reply to#83357
On 01/08/2015 10:02 AM, Steve Hayes wrote:
> On 08 Jan 2015 12:43:33 GMT, albert@spenarnc.xs4all.nl (Albert van der Horst)
> wrote:
> 
>> I don't trust sudo because it is too complicated.
>> (To the point that I removed it from my machine.)
>> I do
> 
> How do you do that?
> 
> I avoided Ubuntu because it had sudo, and then discovered that Fedora had it
> as well. 

Of all the distro choosing criteria, this has to be one of the more
bizarre ones I've heard.  You could at least choose something
fashionable to avoid, like systemd.

[toc] | [prev] | [next] | [standalone]


#83364

FromGrant Edwards <invalid@invalid.invalid>
Date2015-01-08 18:57 +0000
Message-ID<m8mjuf$g1r$1@reader2.panix.com>
In reply to#83360
On 2015-01-08, Michael Torrie <torriem@gmail.com> wrote:
> On 01/08/2015 10:02 AM, Steve Hayes wrote:
>> On 08 Jan 2015 12:43:33 GMT, albert@spenarnc.xs4all.nl (Albert van der Horst)
>> wrote:
>> 
>>> I don't trust sudo because it is too complicated. (To the point that
>>> I removed it from my machine.) I do
>> 
>> How do you do that?
>> 
>> I avoided Ubuntu because it had sudo, and then discovered that Fedora
>> had it as well. 
>
> Of all the distro choosing criteria, this has to be one of the more
> bizarre ones I've heard.

That's what I thought.  Especially since it's trivial to remove sudo.

Some system admin stuff on *buntu may require some extra thought since
the standard pointy-clicky recipes might not work exactly as described
in various fora, but anybody worried about security to the extent that
they refuse to use sudo probably shouldn't be using pointy-clicky
admin tools to start with.

> You could at least choose something fashionable to avoid, like
> systemd.

Or whatever the "desktop du jour" is for <distro-to-be-avoided>.

-- 
Grant Edwards               grant.b.edwards        Yow! Didn't I buy a 1951
                                  at               Packard from you last March
                              gmail.com            in Cairo?

[toc] | [prev] | [next] | [standalone]


#83960

FromDevin Jeanpierre <jeanpierreda@gmail.com>
Date2015-01-17 16:06 -0800
Message-ID<mailman.17821.1421539617.18130.python-list@python.org>
In reply to#82707
Sorry for necro.

On Sat, Dec 20, 2014 at 10:44 PM, Chris Angelico <rosuav@gmail.com> wrote:
> On Sun, Dec 21, 2014 at 5:31 PM, Terry Reedy <tjreedy@udel.edu> wrote:
>> Just to be clear, writing to sys.stdout works fine in Idle.
>>>>> import sys; sys.stdout.write('hello ')
>> hello  #2.7
>>
>> In 3.4, the number of chars? bytes? is returned and written also.
>>
>> Whether you mean something different by 'stdout' or not, I am not sure.  The
>> error is from writing to a non-existent file descriptor.
>
> That's because sys.stdout is replaced. But stdout itself, file
> descriptor 1, is not available:

It surprises me that IDLE, and most other shells, don't dup2
stdout/err/in so that those FDs talk to IDLE.

-- Devin

[toc] | [prev] | [next] | [standalone]


#82720

FromTony the Tiger <tony@tiger.invalid>
Date2014-12-21 19:22 +0000
Message-ID<54971df7$0$30820$b1db1813$ba2d9d20@news.astraweb.com>
In reply to#82693
On Sat, 20 Dec 2014 23:57:08 +1100, Steven D'Aprano wrote:

> I am in total awe.

I'm not. It has no real value. Write your code like that and you'll soon 
be looking for a new job.


 /Grrr
-- 
          ___                  ___
 (\_--_/)  | _ ._    _|_|_  _   |o _  _ ._
 ( 9  9 )  |(_)| |\/  |_| |(/_  ||(_|(/_|
 stripes are forever - as overripe ferrets

[toc] | [prev] | [next] | [standalone]


#82721

FromMarko Rauhamaa <marko@pacujo.net>
Date2014-12-21 22:02 +0200
Message-ID<87mw6gu5y8.fsf@elektro.pacujo.net>
In reply to#82720
Tony the Tiger <tony@tiger.invalid>:

> On Sat, 20 Dec 2014 23:57:08 +1100, Steven D'Aprano wrote:
>
>> I am in total awe.
>
> I'm not. It has no real value.

It is, of course, a joke, and there are whole tongue-in-cheek languages
like Brainfuck. However, some similar exercises carry deep meaning.
Take, for example, iota and jot (<URL:
http://semarch.linguistics.fas.nyu.edu/barker/Iota/>).

> Write your code like that and you'll soon be looking for a new job.

Navigare necesse est, vivere non est necesse.


Marko

[toc] | [prev] | [next] | [standalone]


#82726

FromSteven D'Aprano <steve+comp.lang.python@pearwood.info>
Date2014-12-22 09:51 +1100
Message-ID<54974ed7$0$12986$c3e8da3$5496439d@news.astraweb.com>
In reply to#82720
Tony the Tiger wrote:

> On Sat, 20 Dec 2014 23:57:08 +1100, Steven D'Aprano wrote:
> 
>> I am in total awe.
> 
> I'm not. It has no real value. Write your code like that and you'll soon
> be looking for a new job.

Awww, did da widdle puddy tat get up on the wrong side of the bed this
morning? :-)


Obviously you don't write obfuscated code like this for production use,
except in such cases where you deliberately want to write obfuscated code
for production use.

Any beginner with 3 seconds experience with Python can write:

    print "Hello World"


But being able to write obfuscated code to that degree displays real skill
and understanding of the language, and a great deal of patience and "stick
with it"-ness, all of which are valuable work skills.



-- 
Steven

[toc] | [prev] | [next] | [standalone]


#82727

FromRoy Smith <roy@panix.com>
Date2014-12-21 18:50 -0500
Message-ID<roy-2DE8D9.18502021122014@news.panix.com>
In reply to#82726
In article <54974ed7$0$12986$c3e8da3$5496439d@news.astraweb.com>,
 Steven D'Aprano <steve+comp.lang.python@pearwood.info> wrote:

> Obviously you don't write obfuscated code like this for production use,
> except in such cases where you deliberately want to write obfuscated code
> for production use.

Heh.  I once worked on a C++ project that included its own crypo code 
(i.e. custom implementations of things like AES and SHA-1).  The person 
who wrote some particular bit of the code had decided that deliberately 
obfuscating the function and variable names would somehow make it more 
secure, so that's what he did.

The mind boggles.  At so many levels.

[toc] | [prev] | [next] | [standalone]


#82728

FromChris Angelico <rosuav@gmail.com>
Date2014-12-22 11:10 +1100
Message-ID<mailman.17098.1419207020.18130.python-list@python.org>
In reply to#82727
On Mon, Dec 22, 2014 at 10:50 AM, Roy Smith <roy@panix.com> wrote:
> Heh.  I once worked on a C++ project that included its own crypo code
> (i.e. custom implementations of things like AES and SHA-1).  The person
> who wrote some particular bit of the code had decided that deliberately
> obfuscating the function and variable names would somehow make it more
> secure, so that's what he did.
>
> The mind boggles.  At so many levels.

Level 0: Why implement your own crypto?!?

ChrisA

[toc] | [prev] | [next] | [standalone]


#82729

FromRoy Smith <roy@panix.com>
Date2014-12-21 19:12 -0500
Message-ID<roy-B3A611.19120021122014@news.panix.com>
In reply to#82728
In article <mailman.17098.1419207020.18130.python-list@python.org>,
 Chris Angelico <rosuav@gmail.com> wrote:

> On Mon, Dec 22, 2014 at 10:50 AM, Roy Smith <roy@panix.com> wrote:
> > Heh.  I once worked on a C++ project that included its own crypo code
> > (i.e. custom implementations of things like AES and SHA-1).  The person
> > who wrote some particular bit of the code had decided that deliberately
> > obfuscating the function and variable names would somehow make it more
> > secure, so that's what he did.
> >
> > The mind boggles.  At so many levels.
> 
> Level 0: Why implement your own crypto?!?
> 
> ChrisA

That would be one of the levels.

[toc] | [prev] | [next] | [standalone]


#82731

FromChris Angelico <rosuav@gmail.com>
Date2014-12-22 11:36 +1100
Message-ID<mailman.17099.1419208569.18130.python-list@python.org>
In reply to#82729
On Mon, Dec 22, 2014 at 11:12 AM, Roy Smith <roy@panix.com> wrote:
> In article <mailman.17098.1419207020.18130.python-list@python.org>,
>  Chris Angelico <rosuav@gmail.com> wrote:
>
>> On Mon, Dec 22, 2014 at 10:50 AM, Roy Smith <roy@panix.com> wrote:
>> > Heh.  I once worked on a C++ project that included its own crypo code
>> > (i.e. custom implementations of things like AES and SHA-1).  The person
>> > who wrote some particular bit of the code had decided that deliberately
>> > obfuscating the function and variable names would somehow make it more
>> > secure, so that's what he did.
>> >
>> > The mind boggles.  At so many levels.
>>
>> Level 0: Why implement your own crypto?!?
>>
>> ChrisA
>
> That would be one of the levels.

Good, I'm glad you agree on that one. I don't mind reimplementing some
other protocols (couple years ago now I built my own OAuth library
because the provided one was being terrible - no, this wasn't in
Python), especially the simple ones (SMTP or FTP - use a
library/module if available, but otherwise just establish a socket
connection and do whatever you need), and even complex protocols can
occasionally be worth reworking (Pike has its own PostgreSQL client,
rather than using libpq, and it gets some handy improvements in
concurrency), but crypto's one thing that it's *never* worth
rewriting.

ChrisA

[toc] | [prev] | [next] | [standalone]


#82730

Frommm0fmf <none@mailinator.com>
Date2014-12-22 00:20 +0000
Message-ID<gtJlw.150744$td3.26297@fx34.am4>
In reply to#82728
On 22/12/2014 00:10, Chris Angelico wrote:
> Level 0: Why implement your own crypto?!?

Because people who don't understand the concepts behind cryptography 
don't understand that the crypto algorithm can be open whilst the 
results of applying the algorithm are secure.

There again I always use ROT-13 to encrypt my stuff. For the stuff that 
really has to be NSA-proof I use ROT-13 twice.

[toc] | [prev] | [next] | [standalone]


#82732

FromTim Chase <python.list@tim.thechases.com>
Date2014-12-21 18:47 -0600
Message-ID<mailman.17100.1419209143.18130.python-list@python.org>
In reply to#82730
On 2014-12-22 00:20, mm0fmf wrote:
> On 22/12/2014 00:10, Chris Angelico wrote:
> > Level 0: Why implement your own crypto?!?
> 
> Because people who don't understand the concepts behind
> cryptography don't understand that the crypto algorithm can be open
> whilst the results of applying the algorithm are secure.
> 
> There again I always use ROT-13 to encrypt my stuff. For the stuff
> that really has to be NSA-proof I use ROT-13 twice.

Pshaw. When I really want to be secure, I stick to *Triple ROT13*

I mean, why else would Vim have the ability to do it easily out of
the box? (I suspect Emacs offers similar functionality)

Like ed(1), it's a standard! ;-)

-tkc



[toc] | [prev] | [next] | [standalone]


#82745

FromMark Lawrence <breamoreboy@yahoo.co.uk>
Date2014-12-22 02:56 +0000
Message-ID<mailman.17106.1419217211.18130.python-list@python.org>
In reply to#82730
On 22/12/2014 00:20, mm0fmf wrote:
> On 22/12/2014 00:10, Chris Angelico wrote:
>> Level 0: Why implement your own crypto?!?
>
> Because people who don't understand the concepts behind cryptography
> don't understand that the crypto algorithm can be open whilst the
> results of applying the algorithm are secure.
>
> There again I always use ROT-13 to encrypt my stuff. For the stuff that
> really has to be NSA-proof I use ROT-13 twice.
>

That is the sort of cunning plan that is even more cunning than the very 
best of Baldrick's cunning plans :)

-- 
My fellow Pythonistas, ask not what our language can do for you, ask
what you can do for our language.

Mark Lawrence

[toc] | [prev] | [next] | [standalone]


#82760

FromMarko Rauhamaa <marko@pacujo.net>
Date2014-12-22 10:52 +0200
Message-ID<8761d4t6b2.fsf@elektro.pacujo.net>
In reply to#82728
Chris Angelico <rosuav@gmail.com>:

> Level 0: Why implement your own crypto?!?

Licensing concerns come to mind.

For example, the reference implementations of MD5 [RFC1321] and SHA1
[RFC3174] are not in the public domain.


Marko

[toc] | [prev] | [next] | [standalone]


#82762

FromChris Angelico <rosuav@gmail.com>
Date2014-12-22 20:01 +1100
Message-ID<mailman.17115.1419238889.18130.python-list@python.org>
In reply to#82760
On Mon, Dec 22, 2014 at 7:52 PM, Marko Rauhamaa <marko@pacujo.net> wrote:
> Chris Angelico <rosuav@gmail.com>:
>
>> Level 0: Why implement your own crypto?!?
>
> Licensing concerns come to mind.
>
> For example, the reference implementations of MD5 [RFC1321] and SHA1
> [RFC3174] are not in the public domain.

Which would you prefer? Something with licensing restrictions, or
something that's either outright buggy, completely insecure due to
something you didn't notice, or maybe has an unnoticed side-channel
attack that leaks your keys? While these can happen with well-known
libraries like libssl, they also get patched; when Heartbleed went
public, updates to the affected versions were available pretty
quickly, but if you had your own implementation, someone might be
leaking your keys without your knowledge and you have to fix it
yourself... if you ever notice.

But we're somewhat off topic now...

ChrisA

[toc] | [prev] | [next] | [standalone]


#82785

FromGrant Edwards <invalid@invalid.invalid>
Date2014-12-22 16:23 +0000
Message-ID<m79ghk$o5r$3@reader1.panix.com>
In reply to#82727
On 2014-12-21, Roy Smith <roy@panix.com> wrote:
> In article <54974ed7$0$12986$c3e8da3$5496439d@news.astraweb.com>,
>  Steven D'Aprano <steve+comp.lang.python@pearwood.info> wrote:
>
>> Obviously you don't write obfuscated code like this for production use,
>> except in such cases where you deliberately want to write obfuscated code
>> for production use.
>
> Heh.  I once worked on a C++ project that included its own crypo code 
> (i.e. custom implementations of things like AES and SHA-1).

Damn.  Should I ever start to do something like that (for a real
product), I hereby officially request that somebody please try to slap
some sense into me.

-- 
Grant

[toc] | [prev] | [next] | [standalone]


#82792

FromChris Angelico <rosuav@gmail.com>
Date2014-12-23 04:25 +1100
Message-ID<mailman.17128.1419269130.18130.python-list@python.org>
In reply to#82785
On Tue, Dec 23, 2014 at 3:23 AM, Grant Edwards <invalid@invalid.invalid> wrote:
>> Heh.  I once worked on a C++ project that included its own crypo code
>> (i.e. custom implementations of things like AES and SHA-1).
>
> Damn.  Should I ever start to do something like that (for a real
> product), I hereby officially request that somebody please try to slap
> some sense into me.

Likewise. And I'll happily do the slapping.

There's one exception. Writing your own crypto is a bad idea if that
means reimplementing AES... but if you want something that's effective
on completely different levels, sometimes it's best to write your own.
I had a project a while ago that needed some encryption work done, and
I implemented something that I described as "scarily effective". My
boss demanded that the debug code-execution feature be protected by a
password that would be strong even if someone could read the source
code, so I put together something that would hash the incoming
password, then check to see if the first two and last two bytes of the
hash were all the same byte value as the current hour-of-week (ranging
from 0 to 167). This is clearly more secure than simply embedding a
SHA256 hash in the source code, because you can't possibly
reverse-engineer it (since you don't even have the full hash). And
yes, this was 100% effective in convincing my boss that the code
executor was safely guarded. Since that was the goal, having several
lines of complex and opaque code was far better than a single line
that says "if hash(password)=='5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8':
do stuff", which is way too easy for someone to decode.

And it was, indeed, scarily effective. That lasted for a long time,
and any time there was a question about security, I could just point
to that and say "See? Safe."...

ChrisA

[toc] | [prev] | [next] | [standalone]


#82797

FromMark Lawrence <breamoreboy@yahoo.co.uk>
Date2014-12-22 18:51 +0000
Message-ID<mailman.17131.1419274507.18130.python-list@python.org>
In reply to#82785
On 22/12/2014 16:23, Grant Edwards wrote:
> On 2014-12-21, Roy Smith <roy@panix.com> wrote:
>> In article <54974ed7$0$12986$c3e8da3$5496439d@news.astraweb.com>,
>>   Steven D'Aprano <steve+comp.lang.python@pearwood.info> wrote:
>>
>>> Obviously you don't write obfuscated code like this for production use,
>>> except in such cases where you deliberately want to write obfuscated code
>>> for production use.
>>
>> Heh.  I once worked on a C++ project that included its own crypo code
>> (i.e. custom implementations of things like AES and SHA-1).
>
> Damn.  Should I ever start to do something like that (for a real
> product), I hereby officially request that somebody please try to slap
> some sense into me.
>

I'm having wonderful thoughts of Michael Palin's favourite Python sketch 
which involved fish slapping.

-- 
My fellow Pythonistas, ask not what our language can do for you, ask
what you can do for our language.

Mark Lawrence

[toc] | [prev] | [next] | [standalone]


#82799

FromMRAB <python@mrabarnett.plus.com>
Date2014-12-22 19:05 +0000
Message-ID<mailman.17132.1419275304.18130.python-list@python.org>
In reply to#82785
On 2014-12-22 18:51, Mark Lawrence wrote:
> On 22/12/2014 16:23, Grant Edwards wrote:
>> On 2014-12-21, Roy Smith <roy@panix.com> wrote:
>>> In article <54974ed7$0$12986$c3e8da3$5496439d@news.astraweb.com>,
>>>   Steven D'Aprano <steve+comp.lang.python@pearwood.info> wrote:
>>>
>>>> Obviously you don't write obfuscated code like this for production use,
>>>> except in such cases where you deliberately want to write obfuscated code
>>>> for production use.
>>>
>>> Heh.  I once worked on a C++ project that included its own crypo code
>>> (i.e. custom implementations of things like AES and SHA-1).
>>
>> Damn.  Should I ever start to do something like that (for a real
>> product), I hereby officially request that somebody please try to slap
>> some sense into me.
>>
>
> I'm having wonderful thoughts of Michael Palin's favourite Python sketch
> which involved fish slapping.
>
Well, ChrisA _has_ mentioned Pike in this thread. :-)

[toc] | [prev] | [next] | [standalone]


#82800

FromTim Chase <python.list@tim.thechases.com>
Date2014-12-22 13:16 -0600
Message-ID<mailman.17133.1419276169.18130.python-list@python.org>
In reply to#82785
On 2014-12-22 19:05, MRAB wrote:
> On 2014-12-22 18:51, Mark Lawrence wrote:
> > I'm having wonderful thoughts of Michael Palin's favourite Python
> > sketch which involved fish slapping.
> >
> Well, ChrisA _has_ mentioned Pike in this thread. :-)

But you know he does it just for the halibut...

-tkc


[toc] | [prev] | [next] | [standalone]


Page 4 of 7 — ← Prev page 1 2 3 [4] 5 6 7  Next page →

Back to top | Article view | comp.lang.python


csiph-web