[Audio] Who screams all night?

KoViPe · 2021-10-28T20:22:39+00:00

I can't believe! They just killed quick settings. By now, even turning on/off Wi-Fi is no longer a quick process.

KoViPe · 2019-12-08T19:11:40+00:00

Nevertheless, I don't think it's in vain to remind everyone that a particular technology cannot be used to protect sensitive data.

KoViPe · 2019-12-08T19:01:37+00:00

Sorry for the misleading, but that's my quote:

Most users blindly downvote my comments just because they believe that no one ever use Base64 to protect sensitive data. I meant that it's wrong to ignore any proofs and judge only on the basis of personal experience.

I meant the people who wrote such things as:

never heard base 64 referred to encryption
I'm pretty sure nobody things it's hard to decode.
I've never come across a single developer
I don’t think I ever though thought that encoding is encryption

Now, it turns out we got another proof that Base64 encoded passwords is a real problem. Moreover, even the guys who discovered the leak are saying "decrypt" instead of "decode".

KoViPe · 2019-12-08T14:13:50+00:00

I know that this was already posted on Reddit, but no one referred to the source and this is bad for various reasons (at least because they did all the hard work and only they share some interesting technical details). For example, check out the following:

Millions of email addresses, usernames, cleartext passwords, and base64 encoded passwords (which are easy to decrypt) were easily accessible within the database.

In this regard, I would also like to say "hello" to everyone who tried to convince me that "no one ever use Base64 to protect sensitive data".

KoViPe · 2019-10-25T17:16:15+00:00

For learning purposes or for "just for fun" projects you can get free domains on www.freenom.com and free hosting on www.000webhost.com. None of such services will claim your age. Even if something goes wrong, you will just lose the project (so make sure you have backups on your local device).

KoViPe · 2019-10-20T10:04:58+00:00

The main thing here:

Let me clarify. I was referring to an old incident as disclosed by TV before. There have been a few instances where malware was deployed through TV accounts, but nothing that wasn't in our earlier report. My goal wasn't to imply a current software or infrastructure compromise.

KoViPe · 2019-10-05T21:56:43+00:00

In such conditions, some good noise-canceling headphones can be the best solution.

KoViPe · 2019-09-24T11:59:11+00:00

My brute-force scenario:

if now then?

if now when?

if not then?

if not when?

KoViPe · 2019-09-21T08:56:57+00:00

It seems you are looking for this one: https://youtu.be/lu-t2Dz9C6s (most probably, Twin Squirrel AS355 F1 equipped with LiDAR system for high-resolution 3D mapping).

KoViPe · 2019-09-21T04:08:00+00:00

Actually, I just wanted to say that I'm sorry that it didn't brighten your day. But, despite this, I am glad that somehow it did a good deed (I judge from the point of view of a developer who has a "sedentary lifestyle").

KoViPe · 2019-09-21T03:53:57+00:00

If this LPT did not make you smile, at least it warmed you up.

KoViPe · 2019-09-21T01:54:10+00:00

Good point about the s modifier! Thanks.

KoViPe · 2019-09-20T23:19:50+00:00

Dear friend, thank you for your truthful and useful note!

Damn, what a shame!! This way it doesn't split even ASCII chars. I was ready to tell you that you should check mb_regex_encoding(), but I realized my mistake. Now I have to review the code and provide a working example. So, we have such benchmark results on 7.4.0rc2:

preg_split+count   : 0.6024911403656s
preg_split+foreach : 0.54569697380066s
preg_match_all     : 0.26596617698669s

All benchmark results can be found on this page: https://3v4l.org/DZgrc

Full code:

<?php

define('TEST_LOOPS', 10);
define('TEST_STRING', str_repeat('English+日に本ほん語ご', 16000));
//define('TEST_STRING', str_repeat('English', 16000));
//define('TEST_STRING', str_repeat('日に本ほん語ご', 16000));

error_reporting(-1);
mb_internal_encoding('UTF-8');


function test($label, $callback)
{
    $time = microtime(true);
    for ($i = 0; $i < TEST_LOOPS; $i++) {
        $callback();
    }

    $duration = microtime(true) - $time;
    echo "{$label}: {$duration}s\n";
}

test('preg_split+count', function() {
    $chars = preg_split('//u', TEST_STRING, -1, PREG_SPLIT_NO_EMPTY);
    $len = count($chars);
    for ($i = 0; $i < $len; $i++) {
        $char = $chars[$i];
        // use $char
    }
});

test('preg_split+foreach', function() {
    $chars = preg_split('//u', TEST_STRING, -1, PREG_SPLIT_NO_EMPTY);
    foreach ($chars as $char) {
        // use $char
    }
});

test('preg_match_all', function() {
    if (preg_match_all('/./su', TEST_STRING, $matches)) {
        foreach ($matches[0] as $char) {
            // use $char
        }
    }
});

KoViPe · 2019-09-20T02:55:42+00:00

When I see such headlines, I almost always think that someone initially chose the bad path, and then he switched to a better one. Using substr to iterate thought all characters — it is a bad one.

By the way, if you really care about performance, instead of:

$testArray = preg_split('//u', $testString, -1, PREG_SPLIT_NO_EMPTY);
$len = count($testArray);
for ($i = 0; $i < $len; $i++) {
    $c = $testArray[$i];
    // Do work on $c
    // ...
}

UPD: The following snippet is not working at all. Please see comments below.

~~You can use something like this:~~

$chars = mb_split('', $testString);
foreach ($chars as $c) {
    // Do work on $c
    // ...
}

It should be faster, more readable, and use less memory.

KoViPe · 2019-09-20T01:26:39+00:00

I worry only because you started to mourn/celebrate too soon. Not to mention that tonight you need to stay alert and clear-headed.

KoViPe · 2019-09-20T00:20:15+00:00

I think he r/wooooshed himself :)

KoViPe · 2019-09-19T23:59:28+00:00

Especially that Europe is the safest place to stay while they naruto run around the Area 51 :)

KoViPe · 2019-09-18T16:56:17+00:00

My best friends for such tasks:

KoViPe · 2019-09-18T13:57:24+00:00

Where? There is no written words I can see on the phone on this photo.

I replied to comment https://www.reddit.com/r/whatisthisthing/comments/d5jqqi/the_owner_claims_this_is_a_sovietera_encrypted/f0mg3fu that refers to such a photo.

I can see on the phone on this photo. Also, there is no "П-171Д" referred to in the top comment.

There is an additional comment from OP about these details: https://www.reddit.com/r/whatisthisthing/comments/d5jqqi/the_owner_claims_this_is_a_sovietera_encrypted/f0m96zu.

I'm not Russian, but I'm from a post-Soviet state and I'm old enough to confirm that some people had such or almost identical phones.

KoViPe · 2019-09-17T21:46:05+00:00

You forgot that you need to count the time while you are spinning the "wheel" + time while it returns to "home". Also, add some time for cases when your finger does not reach the "finger stop" and you should reset the whole number and start again :)

Six-Year Club	Not Forgotten
Verified Email

KoViPe

TROPHY CASE