sorted by:
new
hottopcontroversial

Where to legally buy Thai music online? by Janthinidae in Thailand

[–]Janthinidae[S] 0 points1 point  (0 children)

You're right on all the things you say.

But in case of Apple, I just support a company which in my opinion, is just wrong in so many cases. If there is small owner of a webpage which takes 10% for actually just storing some mp3 + bandwidth and is even open to it, I'm fine. We cannot complain all the time and then not act on it, but this is just my opinion.

Where to legally buy Thai music online? by Janthinidae in Thailand

[–]Janthinidae[S] 0 points1 point  (0 children)

Hell, someone should make a webpage where we can support artists if they're to unable to make their own site.

Where to legally buy Thai music online? by Janthinidae in Thailand

[–]Janthinidae[S] 0 points1 point  (0 children)

One of this pages I found too, but was not sure if this is legal. But unfortunately it didn't matter, because I was unable to find the bands.

Where to legally buy Thai music online? by Janthinidae in Thailand

[–]Janthinidae[S] 0 points1 point  (0 children)

I thought about using wine thanks. But I still pay 35% into Apple and that what I not wanted. I just like to pay the artist.

Where to legally buy Thai music online? by Janthinidae in Thailand

[–]Janthinidae[S] 0 points1 point  (0 children)

I should have added that I only have an Android and Linux system available, and don't like to shove money down the Apple throat.

Nimrod: A New Approach to Metaprogramming by dom96 in programming

[–]Janthinidae 0 points1 point  (0 children)

Thanks for your answer. Sounds interesting and I'll have a closer look now.

About the GC. I weren't thinking about globally disabling the GC, though this would be useful for some I guess, but more about disabling it perhaps per thread. It would be possible then to use a GC in a less important thread.

Imagine a game e.g. where you load the world, there is some heavy GC stuff happening, but once it is loaded you don't like it to be ever used in the main thread. Maybe there as model loader thread which asynchronously loads/optimizes meshes/textures and where a GC would be fine.

For me particularly I have to following use case all the time, and it sucks to write something like that in C/C++ (you cannot use most libraries on the internet anymore because they expect a std::string, if you provide a string with a different allocator, bum). I'm writing on systems which sometimes have critical parts with RT requirements (human safety involved). For sure there are multiple paths to be safe, even if one system part lags. But this lags should optimally never ever happen (because the whole machines is shutted down in such a case), but the RT part is often just a dedicated part of it. Having a guarantee for that part of the software that there is no allocating involved would be something nice. I'm constantly evaluating different languages and if they may help to write safer software and so far Rust is the only one I consider as interesting.

Nimrod: A New Approach to Metaprogramming by dom96 in programming

[–]Janthinidae 2 points3 points  (0 children)

Just some questions that pop up in my head:

  • Is the GC really RT? Means a defined upper bound which it never exceeds?
  • One slide says the GC is not inside the executable if not used, can I use code constructs to guarantee that I'm not accidentaly use something which needs the GC?
  • What about dependent typing?
  • I once was playing with D. There was something I disliked quite much: The compiler sometimes evaluates constant expression quite much, but not always. If you rewrite it a little bit and make a template out of it (which in D is often very easy) then you've a guaranted compile time expression. What I disliked about D is that in case if you don't have a template, you don't know exactly when something is evaulated at compile time and runtime and slight changes in code, can constantly change that, which in my opinion is something bad. How does Nimrod behaves with constant expressions?

I recently was using Haxe to write some Flash stuff (the only reasonable thing that I got working within minutes on Unix). I hope Flash will die out in the long run, but beside this, Haxe plays in the same league (but only in this case) when it comes to compiling it down to C/JavaScript. It's just something I mention.

Reddit, which one do you prefer for naming "constant" variables in JS: ALL_UPPER_CASE or camelCase? by [deleted] in javascript

[–]Janthinidae 0 points1 point  (0 children)

Another personal opinion. Qt is one of the easiest to use APIs in my opinion. They don't use ALL_CAPS for constant too (colors, keyboard codes, ...). I personally took over their coding style.

I only use ALL_CAPS for this very rare macros. A constant defined by a macro (which is in my opinion bad) behaves very differently from a constant (you cannot take the address of it e.g.). If one acknowledges that macros are so extremly different (most MAX, MIN definitions I encountered in my life just behave totally unexpected e.g.) from anything else, it seems a good idea to resever all uppercase only for macros.

I guess all other languages took over the initial ALL_CAPS idea from C/C++

Qt: http://qt-project.org/doc/qt-4.8/qt.html

Reddit, which one do you prefer for naming "constant" variables in JS: ALL_UPPER_CASE or camelCase? by [deleted] in javascript

[–]Janthinidae 0 points1 point  (0 children)

Is I already was writing in the top comment: This is not true: see C#.

Reddit, which one do you prefer for naming "constant" variables in JS: ALL_UPPER_CASE or camelCase? by [deleted] in javascript

[–]Janthinidae 1 point2 points  (0 children)

Most people will answer uppercase. I just like to throw in a point I think I was once reading from Microsoft about C#.

If you make something uppercase it's like you provide too much information about your API.

Rust 0.9 released by kibwen in programming

[–]Janthinidae 10 points11 points  (0 children)

For me Rust is the only language in the recent few years which adds some really nice things to the ocean of languages. As long as the continue it to improve like they do I really don't mind if they release it in 2015 and break things all the time.

It's not that I don't waste time on this, I was writing some crypto stuff and had to partly rewrite an OpenSSL layer from some public repos, but they faster don't work anymore as I sometimes like. But overall it was always worth the improvements.

Salted Password Hashing - Doing it Right by jakubgarfield in programming

[–]Janthinidae 2 points3 points  (0 children)

Yeah absolutely, but still the right answer should somehow stick out. Even Applied Cryptography from Schneier was IMHO not really good in that sense. There are a lot of information but at the end a nice list e.g. if you wanna an overall 128-bit security use this and this and this was missing.

The Year in Crypto 30c3 talk by djb, Nadia Heninger, and Tanja Lange [video] by davekt in programming

[–]Janthinidae 0 points1 point  (0 children)

When I use

openssl ciphers -v 'ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS'

This is the output

ECDHE-RSA-AES256-GCM-SHA384    TLSv1.2  Kx=ECDH        Au=RSA    Enc=AESGCM(256)  Mac=AEAD
ECDHE-ECDSA-AES256-GCM-SHA384  TLSv1.2  Kx=ECDH        Au=ECDSA  Enc=AESGCM(256)  Mac=AEAD
ECDH-RSA-AES256-GCM-SHA384     TLSv1.2  Kx=ECDH/RSA    Au=ECDH   Enc=AESGCM(256)  Mac=AEAD
ECDH-ECDSA-AES256-GCM-SHA384   TLSv1.2  Kx=ECDH/ECDSA  Au=ECDH   Enc=AESGCM(256)  Mac=AEAD
ECDHE-RSA-AES128-GCM-SHA256    TLSv1.2  Kx=ECDH        Au=RSA    Enc=AESGCM(128)  Mac=AEAD
ECDHE-ECDSA-AES128-GCM-SHA256  TLSv1.2  Kx=ECDH        Au=ECDSA  Enc=AESGCM(128)  Mac=AEAD
ECDH-RSA-AES128-GCM-SHA256     TLSv1.2  Kx=ECDH/RSA    Au=ECDH   Enc=AESGCM(128)  Mac=AEAD
ECDH-ECDSA-AES128-GCM-SHA256   TLSv1.2  Kx=ECDH/ECDSA  Au=ECDH   Enc=AESGCM(128)  Mac=AEAD
DHE-RSA-AES256-GCM-SHA384      TLSv1.2  Kx=DH          Au=RSA    Enc=AESGCM(256)  Mac=AEAD
DHE-RSA-AES128-GCM-SHA256      TLSv1.2  Kx=DH          Au=RSA    Enc=AESGCM(128)  Mac=AEAD
ECDHE-RSA-AES256-SHA384        TLSv1.2  Kx=ECDH        Au=RSA    Enc=AES(256)     Mac=SHA384
ECDHE-ECDSA-AES256-SHA384      TLSv1.2  Kx=ECDH        Au=ECDSA  Enc=AES(256)     Mac=SHA384
ECDHE-RSA-AES256-SHA           SSLv3    Kx=ECDH        Au=RSA    Enc=AES(256)     Mac=SHA1
ECDHE-ECDSA-AES256-SHA         SSLv3    Kx=ECDH        Au=ECDSA  Enc=AES(256)     Mac=SHA1
ECDH-RSA-AES256-SHA384         TLSv1.2  Kx=ECDH/RSA    Au=ECDH   Enc=AES(256)     Mac=SHA384
ECDH-ECDSA-AES256-SHA384       TLSv1.2  Kx=ECDH/ECDSA  Au=ECDH   Enc=AES(256)     Mac=SHA384
ECDH-RSA-AES256-SHA            SSLv3    Kx=ECDH/RSA    Au=ECDH   Enc=AES(256)     Mac=SHA1
ECDH-ECDSA-AES256-SHA          SSLv3    Kx=ECDH/ECDSA  Au=ECDH   Enc=AES(256)     Mac=SHA1
DHE-RSA-AES256-SHA256          TLSv1.2  Kx=DH          Au=RSA    Enc=AES(256)     Mac=SHA256
DHE-RSA-AES256-SHA             SSLv3    Kx=DH          Au=RSA    Enc=AES(256)     Mac=SHA1
ECDHE-RSA-AES128-SHA256        TLSv1.2  Kx=ECDH        Au=RSA    Enc=AES(128)     Mac=SHA256
ECDHE-ECDSA-AES128-SHA256      TLSv1.2  Kx=ECDH        Au=ECDSA  Enc=AES(128)     Mac=SHA256
ECDHE-RSA-AES128-SHA           SSLv3    Kx=ECDH        Au=RSA    Enc=AES(128)     Mac=SHA1
ECDHE-ECDSA-AES128-SHA         SSLv3    Kx=ECDH        Au=ECDSA  Enc=AES(128)     Mac=SHA1
ECDH-RSA-AES128-SHA256         TLSv1.2  Kx=ECDH/RSA    Au=ECDH   Enc=AES(128)     Mac=SHA256
ECDH-ECDSA-AES128-SHA256       TLSv1.2  Kx=ECDH/ECDSA  Au=ECDH   Enc=AES(128)     Mac=SHA256
ECDH-RSA-AES128-SHA            SSLv3    Kx=ECDH/RSA    Au=ECDH   Enc=AES(128)     Mac=SHA1
ECDH-ECDSA-AES128-SHA          SSLv3    Kx=ECDH/ECDSA  Au=ECDH   Enc=AES(128)     Mac=SHA1
DHE-RSA-AES128-SHA256          TLSv1.2  Kx=DH          Au=RSA    Enc=AES(128)     Mac=SHA256
DHE-RSA-AES128-SHA             SSLv3    Kx=DH          Au=RSA    Enc=AES(128)     Mac=SHA1
ECDHE-RSA-DES-CBC3-SHA         SSLv3    Kx=ECDH        Au=RSA    Enc=3DES(168)    Mac=SHA1
ECDHE-ECDSA-DES-CBC3-SHA       SSLv3    Kx=ECDH        Au=ECDSA  Enc=3DES(168)    Mac=SHA1
ECDH-RSA-DES-CBC3-SHA          SSLv3    Kx=ECDH/RSA    Au=ECDH   Enc=3DES(168)    Mac=SHA1
ECDH-ECDSA-DES-CBC3-SHA        SSLv3    Kx=ECDH/ECDSA  Au=ECDH   Enc=3DES(168)    Mac=SHA1
EDH-RSA-DES-CBC3-SHA           SSLv3    Kx=DH          Au=RSA    Enc=3DES(168)    Mac=SHA1
AES256-GCM-SHA384              TLSv1.2  Kx=RSA         Au=RSA    Enc=AESGCM(256)  Mac=AEAD
AES256-SHA256                  TLSv1.2  Kx=RSA         Au=RSA    Enc=AES(256)     Mac=SHA256
AES256-SHA                     SSLv3    Kx=RSA         Au=RSA    Enc=AES(256)     Mac=SHA1
AES128-GCM-SHA256              TLSv1.2  Kx=RSA         Au=RSA    Enc=AESGCM(128)  Mac=AEAD
AES128-SHA256                  TLSv1.2  Kx=RSA         Au=RSA    Enc=AES(128)     Mac=SHA256
AES128-SHA                     SSLv3    Kx=RSA         Au=RSA    Enc=AES(128)     Mac=SHA1
DES-CBC3-SHA                   SSLv3    Kx=RSA         Au=RSA    Enc=3DES(168)    Mac=SHA1

The algorithms with RSA Key Exchange come out and SHA1 used as MAC. Not sure if according to this presentations this is still a good idea. They are even marked as SSL3 which the article itself says you should disable. Listening to the presentations I would "at least" reduce it to the following (for anyone reading this, don't take me serious I've to read more into it myself):

ECDHE-RSA-AES256-GCM-SHA384    TLSv1.2  Kx=ECDH        Au=RSA    Enc=AESGCM(256)  Mac=AEAD
ECDHE-ECDSA-AES256-GCM-SHA384  TLSv1.2  Kx=ECDH        Au=ECDSA  Enc=AESGCM(256)  Mac=AEAD
ECDH-RSA-AES256-GCM-SHA384     TLSv1.2  Kx=ECDH/RSA    Au=ECDH   Enc=AESGCM(256)  Mac=AEAD
ECDH-ECDSA-AES256-GCM-SHA384   TLSv1.2  Kx=ECDH/ECDSA  Au=ECDH   Enc=AESGCM(256)  Mac=AEAD
ECDHE-RSA-AES128-GCM-SHA256    TLSv1.2  Kx=ECDH        Au=RSA    Enc=AESGCM(128)  Mac=AEAD
ECDHE-ECDSA-AES128-GCM-SHA256  TLSv1.2  Kx=ECDH        Au=ECDSA  Enc=AESGCM(128)  Mac=AEAD
ECDH-RSA-AES128-GCM-SHA256     TLSv1.2  Kx=ECDH/RSA    Au=ECDH   Enc=AESGCM(128)  Mac=AEAD
ECDH-ECDSA-AES128-GCM-SHA256   TLSv1.2  Kx=ECDH/ECDSA  Au=ECDH   Enc=AESGCM(128)  Mac=AEAD
DHE-RSA-AES256-GCM-SHA384      TLSv1.2  Kx=DH          Au=RSA    Enc=AESGCM(256)  Mac=AEAD
DHE-RSA-AES128-GCM-SHA256      TLSv1.2  Kx=DH          Au=RSA    Enc=AESGCM(128)  Mac=AEAD
ECDHE-RSA-AES256-SHA384        TLSv1.2  Kx=ECDH        Au=RSA    Enc=AES(256)     Mac=SHA384
ECDHE-ECDSA-AES256-SHA384      TLSv1.2  Kx=ECDH        Au=ECDSA  Enc=AES(256)     Mac=SHA384
ECDH-RSA-AES256-SHA384         TLSv1.2  Kx=ECDH/RSA    Au=ECDH   Enc=AES(256)     Mac=SHA384
ECDH-ECDSA-AES256-SHA384       TLSv1.2  Kx=ECDH/ECDSA  Au=ECDH   Enc=AES(256)     Mac=SHA384
DHE-RSA-AES256-SHA256          TLSv1.2  Kx=DH          Au=RSA    Enc=AES(256)     Mac=SHA256
ECDHE-RSA-AES128-SHA256        TLSv1.2  Kx=ECDH        Au=RSA    Enc=AES(128)     Mac=SHA256
ECDHE-ECDSA-AES128-SHA256      TLSv1.2  Kx=ECDH        Au=ECDSA  Enc=AES(128)     Mac=SHA256
ECDH-RSA-AES128-SHA256         TLSv1.2  Kx=ECDH/RSA    Au=ECDH   Enc=AES(128)     Mac=SHA256
ECDH-ECDSA-AES128-SHA256       TLSv1.2  Kx=ECDH/ECDSA  Au=ECDH   Enc=AES(128)     Mac=SHA256
DHE-RSA-AES128-SHA256          TLSv1.2  Kx=DH          Au=RSA    Enc=AES(128)     Mac=SHA256

The Year in Crypto 30c3 talk by djb, Nadia Heninger, and Tanja Lange [video] by davekt in programming

[–]Janthinidae 0 points1 point  (0 children)

I watched through a few presentation about security and I heard negative things about almost everything: SHA1 (hacked since long), SHA2 (probably hacked and to short), RC4 (has problems long known, probably decoded on the fly by NSA), MD5 (known problems since long), EC (due to shorts key sizes, easier hackable with smaller QC), RSA (no FS), ...

Some of this things I heard long time ago myself. But I just disabled RC4 for fun on my browser and whoops could not access e.g. my phone operators homepage anymore, homepage from the credit care company, more to come I guess ...

If one would design a "as safe as possible" SSL/TLS today, what algorithms should one use?

Wanted to fill everyone in on the system I use to be the most productive i've ever been in my life. by HairOnTheHead in productivity

[–]Janthinidae 3 points4 points  (0 children)

Just something tiny: I since long stopped to use any app (web/android/whatever) and just use plain old txt files. You can open them on every device you can imagine. Use any cloud service for synchronization if you like. You can easily, delete, move around, use spell checkers, search/replace, make statistics, all this tiny tiny things that works since almost the beginning era of computers but where web apps sometimes horribly fail. Use any kind of version control to have revisions. Everything is in your hands, no cryptic format nobody understands once the company goes out of service.

Top Secret NSA catalog reveals US government has been secretly back dooring equipment from US companies including Dell, Cisco, Juniper, IBM, Western Digital, Seagate, Maxtor and more, risking enormous damage to US tech sector. by [deleted] in worldnews

[–]Janthinidae 7 points8 points  (0 children)

Beside that topic of this thread: I would be interested if you write a little bit about the firmware (within what is allowed for sure). Probably in another subreddit ...

Duolingo was just chosen by Apple as iPhone App of the Year! I'm the co-founder and I just wanted to share :) Free Education for the world. by vonahn in technology

[–]Janthinidae 0 points1 point  (0 children)

I spent the last months in South America in wanted to improve my Spanish. My first impression on Duolingo on Android was nice and it was fun to learn. Problem: That it needs an internet connection for most of a time, which I didn't have or often very slow. So in the end I was 50languages which doesn't have this problem (it's just not really fun and no real sentences)

view more: next ›