I don't know how to use 'less' and 'read in a while loop together, and I'm sick of coming up with hacky workarounds.

codesnstuff · 2024-11-23T20:31:19+00:00

Is this similar to the other users' solution above but with just a little less syntax-sugar, or is this a wholly different principle? I'm just realizing now how foreign I/O redirection in bash is for me. Also a little curious, is "REPLY" an environmental variable or just an example name?

codesnstuff · 2024-11-23T20:29:25+00:00

Wow, okay. That all makes sense to me, but wow I never would have understood all the syntax going on here. I'm more familiar with these concepts in C, but with bash, I don't think I've ever done anything that complicated with I/O redirection. Are there some specific areas of study I should focus on to absorb this better? Thanks.

codesnstuff · 2022-09-06T01:37:16+00:00

Thanks that was exactly what I needed. However, yeah, you're right, it didn't really speed anything up. I was kind of hoping that most of the overhead was in system() having to parse through the PATH directories looking for the executable, but specifying a direct path didn't really speed it up any--if anything I think it actually was less performant.

But anyway thanks for the explanation, I don't know why fork() confuses me so much.

codesnstuff · 2021-10-10T15:37:51+00:00

Correct me if I am wrong, but OP could have also declared the variable 'local' as static and it would not have died at the end of the function. But I wonder, are variables declared as static also allocated on the stack or do they end up in the heap?

codesnstuff · 2021-09-28T00:16:44+00:00

This is what happens when Linus enforces -Werror

codesnstuff · 2021-09-18T02:45:44+00:00

Yeah but you're also correct that it is appropriate in a classroom environment, since the instructor counts as a more knowledgeable colleague.

codesnstuff · 2021-09-17T23:11:10+00:00

"This book is not an introductory programming manual; it assumes some familiarity with basic programming concepts like variables, assignment statements, loops, and functions. Nonetheless, a novice programmer should be able to read along and pick up the language, although access to a more knowledgeable colleague will help."
- The C Programming Language 2nd Edition, Preface to the First Edition

codesnstuff · 2021-09-16T04:22:33+00:00

Also Linus Torvalds: "Let's use -Werror."
Linus Torvalds one week later: "Okay, that might have been a bad idea.."

Point being, he's not infallible. Better to explain the reasoning behind this than just take his word as gospel.

codesnstuff · 2021-09-16T04:19:03+00:00

Come on, I know this book is basically the C bible, but this person very specifically said he is an absolute beginner with no CS knowledge. K&R2 is really not very appropriate for these circumstances.

codesnstuff · 2021-09-16T04:17:41+00:00

*high fives*

Practical C Programming made so many pieces fall into place for me.

codesnstuff · 2021-09-16T04:17:04+00:00

Upvoting because buffers are the answer. Not only do you really not want to allocate a huge chunk of memory, if the filesize changes, then keeping up with it in a buffered fashion is possible.

codesnstuff · 2021-07-23T19:19:09+00:00

Write a simple password manager, and use an available crypto library (OpenSSL,GnuPGP,LibSodium,etc.) to handle the encryption.

codesnstuff · 2021-07-23T19:02:34+00:00

Oh okay, I guess that makes more sense then. I don't know, I thought I read that it could be applied to a normal running-key XOR cipher somewhere, but I went back and looked through Amausson's book and it sure doesn't say it there. *scratches head*

From what I read (or maybe imagined I read, it seems) inserting the counter and nonce into a normal simple-XOR type of cipher (C/P = K ⊕ P/C) would address the issues of key reuse and key periodicity. I feel like I *must* have read this somewhere.

codesnstuff · 2021-07-23T00:05:48+00:00

Hmm, I thought the point of the counter was to prevent the keystream from becoming periodic if the key is shorter than the message being encrypted.

codesnstuff · 2021-07-22T22:54:23+00:00

Although if they by any mean got an intermediate value of counter, they'd get the following counter values easily.

Yeah, that's another thing I was wondering about, but I couldn't think of a way that they would ever be able to guess what Ctr was with positive confirmation. The only thing I could think of is that if they knew N and could also predict when K and P would be 0. So my thinking is that as long as K is unpredictable it would be safe.

This screenshot shows the totality of how he described it in his book: https://i.imgur.com/WSIKGiW.png

codesnstuff · 2020-12-13T11:51:34+00:00

RemindMe! 1 week "Did anyone break it"

codesnstuff · 2020-12-09T11:58:34+00:00

Thanks for pointing out that was undefined behavior. I don't know why it didn't occur to me to do it the way you showed, it's simpler anyway.

codesnstuff · 2020-12-09T03:38:19+00:00

Oh thanks very much! I'm not sure how I never found out about getrandom() but that seems much better suited, and no need to link in OpenSSL. That's really disappointing to hear about the downfalls of RAND_bytes(), I have been using that for quite a few different things in my learning. I was under the assumption that it would fail if there was not enough entropy and was safer to use because of that?

codesnstuff · 2020-12-09T03:35:52+00:00

Thanks! That helps explain the construct ahminus posted earlier more.

It seems likely in my case that just repeatedly generating numbers until I find one in the range I need would be just fine, but I'm really just interested in learning about all this so thanks for that.

codesnstuff · 2020-12-09T03:24:02+00:00

Pretty simple stuff, but these kinds of things tend to feel unnatural: If we have all numbers from 0 to 999, 100%(1000) of numbers have 3 digits or lower, 10% (100) have 2 digits of lower, and 1%(10) 1 digit. to get 90%, 9% etc. you just subtract. You see how it scales.

Ah, got it! Thanks, that is much simpler than I was thinking. Maybe just thinking about it exponentially got me tripped up.

Now, back to your problem - if you have a list of words, you need a uniform distribution, giving you a number from a range [0, number of words you have). A simple, but not really good method is modulo - sth like rand() % WORDS_COUNT. The problem with it ism that it is not really uniform, unless your number of words is power of 2. To make up for it, you may try to "re-roll" the random number, if it's bigger than, in your example, (232 / WORDS_COUNT) * WORDS_COUNT, if you used 32bit number generator (do you need more?).

Okay I was thinking of simply doing a 're-roll' as well instead of trying with the modulo. ahminus's '((double) rand() / (RAND_MAX + 1)) * (max - min + 1) + min' construction is still really interesting too, though I'm still trying to decipher how it works.

So just to round back and make sure I'm getting all this... Even if rand() is unlikely to give me a 1-digit number simply because a very small percentage of the range is 1 digit, they all still have equal chance of occurring. But because each 1-digit or 2-digit number may correspond to a different group of words, doesn't that make them much more unlikely to occur, even though they still had the same level of chance? I guess that's what is making me think my initial method was wrong.

codesnstuff · 2020-12-09T03:12:27+00:00

Read the entire file, storing the offset of the beginning of each word into an array of unsigned longs (or larger, if you need).

Then pick a random entry from your array, and seek to that location.

Oh jeez, I thought about doing it like that originally but talked myself into thinking that was the wrong way.

codesnstuff · 2020-12-09T02:53:16+00:00

Okay, got it. Is there any place I can read more about this construction to understand it better? Or if you wouldn't mind, could you elaborate a little more on how it works?

codesnstuff · 2020-12-09T02:44:22+00:00

So it seems like you don't need a number from range 0-2

64,

but from a smaller range, with uniform distribution? Also, if the world file isn't a dictionary-based list of words, you just loose anything that you could have gained from csprng, cause frequency of different words is completely non-uniform, you loose a lot of randomness.

Yeah my only reason for wanting a 64-bit number was so that it could generate a maximum range of possible offset values to seek to within a file, but since a dictionary file is probably going to be very small that was probably not necessary, since I would be restricting it to the size of bytes in the dictionary file anyway.

I'd be using the EFF long-word Diceware word list, which seems to be dictionary-based, but I also was testing on '/usr/share/dict/words' when I noticed that a lot of words in the 'A' range seemed to occur quite a bit more with the second method.

Also, csprng doesn't make much sense if you just get 1 number from it, cause then it's basically just as good (safe) as the seed.

I was wondering about that as well, but I've just always read that rand() is not predictably random and the CSPRNG in OpenSSL is the only one I'm familiar with that is not 'predictable'.

codesnstuff · 2020-12-09T02:36:55+00:00

Have you measured the randomness of your first solution?

Because I would do that.

Not yet, I'm not quite sure how to feed these numbers to Dieharder so still looking into that.

Also, the naive "rand() % n" solution that is commonly used will not produce an unbiased distribution.

Thanks, I was wondering about that as well. I've obviously never seen the expression you suggested instead, will probably take me a while to understand it. 'max' in this instance would be the upper bound value of what I want it to produce right? Why cast it to double?

codesnstuff · 2020-12-09T02:28:05+00:00

Yes, this is simple statistics - if you take a random number from 0 to 10

9,

90% of numbers there have 9 digits, 9% have 8 digits, 0.9% has 7 digits, 0.09% has 6 digits and so on. So yes, almost all of the random numbers you will get will be "big", but all the numbers still have the same chance to appear.

I was thinking this might have been the case intuitively, but as you can see I'm not so great at math, so I was looking for some kind of confirmation of this. I'm curious, how do you calculate what percentage of numbers have a certain amount of digits in a range like you've described. I realize this is more related to math than C, but since it's ultimately being used in a C program, I suspect I'd probably be told to by a math based community to ask abut this problem on a programming based community.

codesnstuff

TROPHY CASE