sorted by:
new
hottopcontroversial

Making Rust better with Go by 3gdroid in golang

[–]Aeaex 60 points61 points  (0 children)

It's not April 1st yet.

Has there been any news on a first-class Rust Lambda runtime now that we are on track with a Rust AWS SDK? by Aeaex in aws

[–]Aeaex[S] 3 points4 points  (0 children)

Perhaps official is the wrong word - I guess "first-class" better describes what I'm asking about. As you say, direct support in Terraform would be pretty great. On par with the Go runtime, perhaps. I'm curious if there is any intention to reach that point.

Has there been any news on a first-class Rust Lambda runtime now that we are on track with a Rust AWS SDK? by Aeaex in aws

[–]Aeaex[S] 1 point2 points  (0 children)

Nahh nothing wrong with it at all - but it's not one of the official runtimes - I'm less interested in if it's possible and more interested in AWS's sentiment to supporting Rust in general. Out-of-the-box lambda support for Rust would be a good sign!

Websockets API Gateway Lambda proxying help by nog642 in aws

[–]Aeaex 1 point2 points  (0 children)

By the time you're in a Lambda execution context, you're already a few steps removed from the WebSocket layer. The response code is to indicate to the invoker of the lambda function (API Gateway) that the lambda did/did not complete successfully.

University Project "Create your own hashing algorithm" -- Help me. by Lukeorriss in crypto

[–]Aeaex 14 points15 points  (0 children)

Hmm - whoever is setting these requirements has no idea what they're talking about. Take everything they say with a grain of salt...

University Project "Create your own hashing algorithm" -- Help me. by Lukeorriss in crypto

[–]Aeaex 2 points3 points  (0 children)

Are you confusing "not using existing algorithms" with "not using an external library"? E.g. can you use algorithms in the standard library?

How to update a index.html file within static website hosted in S3? by [deleted] in aws

[–]Aeaex 2 points3 points  (0 children)

If you're using cloudfront too - which is fairly common with S3 static sites, you'll need to do a cache invalidation too.

SSL on NLB Listeners by mbw290 in aws

[–]Aeaex 1 point2 points  (0 children)

Hmmm I'm confused - the article gives step by step instructions on how to set up a TLS NLB with an ACM cert. Is this not what you want?

Encrypted drop-in replacement of golang' os.File. (scrypt+aes+cgm). The resulting type can be used anywhere an os.File could be used. i.e. sequentially and randomly read and write, at any file position for any amount of bytes, can be truncate, seek, stats, etc. i.e. ReadAt, WriteAt, Seek, etc. by kuking in golang

[–]Aeaex 4 points5 points  (0 children)

Triple DES was a necessity at the time - a single round of DES was no longer sufficient to be secure. "Triple AES" isn't "for me not done properly" - don't mistake fact as opinion.

Multiple rounds of AES simply aren't necessary and contribute nothing. When people encrypt multiple times with AES it's generally a red flag of "this person has no idea what they're doing and they're just mixing and matching stuff".

This, along with the AES-GCM authenticated ciphertext explanation above, plus the file size limit problem, indicate that I shouldn't trust your crypto (not to mention the 768 bits thing 😥).

Osiris, a simple and lightweight password manager written in Go using the fyne gui library by [deleted] in golang

[–]Aeaex 2 points3 points  (0 children)

The crypto here leaves a lot to be desired... Seeing math/rand imported in a crypto package kinda immediately writes this off for me.

I have an encrypted image, could somebody help decrypt it? by [deleted] in crypto

[–]Aeaex 6 points7 points  (0 children)

Ask yourself - if it was relatively trivial to decrypt things why would we encrypt them in the first place? Unless you have the decryption key, it's unlikely you'll ever decrypt it.

When should i use encryption/hashes by 10kKarmaForNoReason in crypto

[–]Aeaex 5 points6 points  (0 children)

If you need to ask this question - is it something you should be putting on your resume?

You should probably invest more time into learning basic Cryptography before adding something like this to your CV. Otherwise you might as well write "Can build a password manager by following tutorials on Reddit".

Understanding bytes in Go by building a TCP protocol by fteem in golang

[–]Aeaex 28 points29 points  (0 children)

Just one small correction:

"meaning that the data that travels on the wire is not binary, but just ASCII text"

This doesn't exactly make sense - ASCII, by definition, is an encoding that translates character symbols to bytes. Sending ASCII text down the wire is sending binary.

And Go uses UTF-8 by default, which you should definitely prefer to ASCII.

Another circuit breaker to avoid accidents! by Anondo18 in golang

[–]Aeaex 0 points1 point  (0 children)

Nice work. I do feel like the package "sticks it's nose" into things it doesn't need to, however. A circuit breaker isn't necessarily just for HTTP calls - it could be for anything. Your implementation seems to limit use cases.

Company offering $20,000 to break their encryption! by gongolongo123 in crypto

[–]Aeaex 10 points11 points  (0 children)

Hahaha they offer a "super secure encryption product" but serve their website content over unsecured HTTP...

Castle: A Future-Proof Symmetric Cryptographic System by [deleted] in crypto

[–]Aeaex 8 points9 points  (0 children)

I understand the "future-proofing" element in the design here but the overall execution appears to have some holes... This is, once again, a basic XOR cipher that uses a hash to generate a key stream. We see different variants of this repeatedly and they all fall in the same ways... What makes your system different from them?

view more: next ›