|
Karate Bastard posted:making GBS threads lord, I read this 5 times before I saw that raise ImportError(). And I thought you were just making a sarcastic comment, but no, it's right there in version controlled code.
|
# ? Dec 22, 2014 01:12 |
|
|
# ? Jun 3, 2024 06:29 |
|
C code:
This is gonna be a fun refactor, I can tell. (This is C, not C++.)
|
# ? Dec 22, 2014 01:25 |
|
Dr. Stab posted:Did you include infinity, zero and NaN? No. No sign bit either. Also the only operation was "convert from int to the nearest float" (and back).
|
# ? Dec 22, 2014 01:32 |
|
GrumpyDoctor posted:
I like to think that the whole naming convention was used just to get this one.
|
# ? Dec 22, 2014 01:38 |
|
GrumpyDoctor posted:
What kind of linker magic we talking about.
|
# ? Dec 22, 2014 01:40 |
|
fritz posted:What kind of linker magic we talking about. You have access to all the documentation that I do. I know that this rat's nest of a project maintains absolutely no discipline about association between .h files and .c files, with all sorts of poo poo multiply defined all over the place (headers, function bodies, whatever) that appears to just happen to work out. Also, every function prototype is extern, which means Visual Studio can't automatically locate definitions for some reason. (I consider that horror teamwork.) Anyway, I wanted to add a parameter to those functions, so hopefully this works out.
|
# ? Dec 22, 2014 02:22 |
|
Bonfire Lit posted:If you're doing crypto, falling back to a predictable RNG is never a reasonable option, so that explicit raise plays an insignificant part in the main horror. Well it's a nice little dangleberry on top of the turd. It's like if you'd write a note to stick under someone's wiper saying sorry I totalled your ride, I needed to go for groceries but I couldn't find my backhoe so I built my own from pieces of your car but forgot to add steering and a trunk so it fell over and smashed your niece, and I'm also fingering this out in manure on a cardboard Bob Saget I found on your lawn because I exhausted the data plan yesterday googling pacemaker schematics on my cellphone, because your wifi now wants me to type out a password, neighbor. This raise is that note. The rest is that rest. A rule of thumb: if you're doing crypto, don't. If you think you don't need this rule of thumb, explain why in a readme so people can see how dumb you are, before running your awful code.
|
# ? Dec 22, 2014 09:13 |
|
Someone's little C# program pretending it's a script has grown into a little shop of horrors. Right off the bat, I'm asked to do something bad. "Hey - this thing that we call with a batch file with terribly named arguments (literally A-Z)? Add a new arg that tells it to Just Do Nothing™ if the database returns nothing. We don't want to send BIGCLIENT generated emails and messages and excel spreadsheets that are empty." Because it's never a problem if there's no data, right? To top it off my IT manager just sighs and gets his 1000yd stare back and says this will bite us in the rear end, because failing silently is awful. But it's not his call so he says just do it anyway. Poke around, see that it's factored terribly. Depending on a parameter passed in there is an 8 way switch case that branches into one of eight separate classes, half of which re-instantiate the class that actually called them (the one ran from the command line) which then does some message generatin' magic, the other half of which just writes a file itself! The method that actually called one of these 8 "I do my thing and terminate here!" methods/classes is returned nothing at all. It's literally OtherClassName.Method(PARAMSGOHERE). So, if I want to put in some logic to check for there not being any data returned from the database I have to do it in 8 separate classes, or, "play dirty" on the advice of a more senior dev and the IT manager who already wishes this would just be forgotten. The alternative, of course, is a big refactor of something that sorely needs it but would be hard to test, but since it's the end of the year and everyone just wants to go home or do stupid typo fix tickets to pad their numbers, make their PM happy and then go home, that's not on the table. That would actually take time and not have me just cranking out tickets. Right before that big ugly octopus of horror, I snag the args to just call the sproc there and call and see if there's data coming back, and if it's an empty data set, just terminate. Only one change to test! So I go debugging: The DB call can take over a minute. I'm effectively doubling the number of times the db is called. I was not only paid to do this, I was told specifically to do this. Now that I've horrified myself, how do I recommend this be hosed up less? Shouldn't this just be something an ops or it guy whips up in powershell? How does the FNG with the least number of years under his belt convince anyone that it needs a serious refactor? My manager already thinks this is a wreck, but with VPs running around trying to make BIG CLIENTS HAPPY with feature pushes nobody really gives a drat about ticking timebombs, since they can just go "oh hah, that's... IT!" and pat themselves on the back.
|
# ? Dec 22, 2014 21:26 |
|
Karate Bastard posted:A rule of thumb: if you're doing crypto, don't. Or just do it right, like every other thing you have to do. Don't see what's special about crypto.
|
# ? Dec 22, 2014 22:16 |
|
Space Whale posted:tickets to pad their numbers This is the true horror. "Number of tickets closed" being a metric for developer performance or productivity is terrible and harmful. No one will ever do anything more than the bare, hacky minimum to get things off their plate if "closing the ticket" is the driving factor. Does your employer understand that software development is not the same thing as an IT helpdesk? My advice is to not try to salvage this organization, they are hosed from the top down and you're not in a position to drive the kind of culture change that would make them care about software quality. Get out as soon as you can.
|
# ? Dec 22, 2014 22:16 |
|
return0 posted:Or just do it right, like every other thing you have to do. Don't see what's special about crypto. Turns out doing it right is hard and easy to gently caress up. A lot of people keep thinking its as easy as being a 'rockstar' dev or whatever they do with their minimal talent and we get things like Tribler and Cryptocat that are more harm than good.
|
# ? Dec 22, 2014 22:25 |
|
return0 posted:Or just do it right, like every other thing you have to do. Don't see what's special about crypto. You! Sir! Drop your tablet and step away from the crypto. You have twenty seconds to comply.
|
# ? Dec 22, 2014 22:28 |
|
I know I've posted like five of these already, but there's more and I can't handle it.php:<? function print_section ($tblname,$direction, &$nlines, $showd, $invFilter) { global $database, $bydate, $groupby, $totals, $grandtotals, $filter, $more_hdr, $more_fields, $inboundCarriers; ... extract($fields[$tblname]); ... extract ($row); ... } ?>
|
# ? Dec 22, 2014 22:49 |
|
Ithaqua posted:My advice is to not try to salvage this organization, they are hosed from the top down and you're not in a position to drive the kind of culture change that would make them care about software quality. Get out as soon as you can. There's an EE/ME interaction that is very common. EE's need to get a mechanical outline to the ME's so they can design the enclosure and it won't bump up against any large components. Good EE tools spit out a step file that ME CAD can take in natively, providing a representative blob of the board and components. lovely EE tools don't do this. They'll spit out a 2D file, or something else that can be made to work with extra effort from someone. It's a pretty straightforward problem to scan those files and spit out the 3D step file, but the answer is never going to be "write that converter" it's "use the Good EE tools."
|
# ? Dec 22, 2014 22:59 |
|
return0 posted:Or just do it right, like every other thing you have to do. Don't see what's special about crypto. Hmm, rolling your own version of other things that have well-established libraries (which is a questionable thing to do anyway) has different implications for your customers data.
|
# ? Dec 22, 2014 23:18 |
|
return0 posted:Or just do it right, like every other thing you have to do. Don't see what's special about crypto. What are the chances of a programmer doing something right in the first place, even if isn't as complicated or exploitable as crypto?
|
# ? Dec 22, 2014 23:29 |
|
return0 posted:Or just do it right, like every other thing you have to do. Don't see what's special about crypto.
|
# ? Dec 22, 2014 23:57 |
|
return0 posted:Or just do it right, like every other thing you have to do. Don't see what's special about crypto. the horrors are coming from inside the thread.
|
# ? Dec 23, 2014 00:05 |
|
return0 posted:Don't see what's special about crypto. Try looking.
|
# ? Dec 23, 2014 00:07 |
|
return0 posted:Or just do it right, like every other thing you have to do. Don't see what's special about crypto. Their architecture is fundamentally broken. It's not really a measure of simple bugfixes to get to something secure.
|
# ? Dec 23, 2014 00:20 |
|
return0 posted:Or just do it right, like every other thing you have to do. Don't see what's special about crypto. Is this an actual post or did you not realize how the coding horrors thread works?
|
# ? Dec 23, 2014 00:22 |
|
Ok, to be less obtuse, crypto is real complicated, and can fail completely in completely nonobvious ways, so that we're still regularly finding blatant holes in the standard world widely adopted libraries, the ones that thousands of eyes are going over daily. Crypto is so complicated even that there are very few people in the world who actually understand the math behind the crypto we use in our every day transactions. These people are generally mathematicians and not programmers (they are "cryptographers"), and while they could do work on developing the crypto libraries, you can be sure that they are not working on end user applications. Incidentally, this is why all user-facing crypto stuff in all most applications is cryptic, semi-hidden and wrong; because the dudes that put it there don't know what it does, and the customers don't know, care or know why they should care. The stuff that the cryptographers produce makes complete sense to cryptographers, i.e. it has necessary and sufficient proof that it works "correctly", for some definition of that term, because that's all it takes to get that publication out, and then they move on to vivisecting the next publication worthy obtusity. Next up, crypto is real profitable to break, so that if you find a bug, you can probably sell it as a 0-day exploit to someone who has a desire to avail themselves to some prototype designs or board documents, or to root a well-used server to steal identities or credit card info or what have you. Now, anyone can develop a crypto strong enough that they cannot break it themselves. This crypto is in other words impervious to all attacks that the author could think of. For the sake of argument, let's say the author managed to dream up 500 different attacks to guard against. But hand that turd to the guy one desk over and be sure they'll be able to rip it right open, cause they'll also be able to think of 500 attacks, but these are not the same 500 attacks, but some of them (say 30?) are different, and maybe the crypto holds up to 29 of them by pure poo poo-eating Forrest Gump luck, but then the thirtieth makes it through the eggshell like an FMJ round and blows yolk all over management who were just in a sales meeting with your customer. And if it hadn't, this bastard one desk over would just have gone on at it and eventually would have found a thirty-first attack that'd do the same. Always remember that your lovely crypto hack must hold ~forever~. This is also an unfair race: you have to do everything right, while they just have fart out one idea that does the trick. It's always easier to tear down than to build up. But now, when you go live with a service that has your lovely crypto in it, you're not handing it to bloody Rob next desk: You are handing it to your competition (and Goddamned China, and Russia, and the motherfucking U. S. of the goddamned A maybe, dunno which way you're swinging). Now you're running that unfair race not only against that fucker Rob, but against EVERYONE. Be very sure that EVERYONE has got more and better crypto people than you, and since you're dumb enough to roll your own crypto, feel free to take that in the literal sense: most likely EVERYONE is better at crypto than you. People will break your poo poo for fun, and some might even get paid to do it. So, what crypto do you use then? Simple: same as everyone else. Use the one that banks, governments and the military are using. A few thousand eyes on the code is better than you can afford, and these eyes'll be better than yours too. Use the libs, patch your poo poo, don't play with crypto. You'll be fired or go to jail/guantanamo for it, depending on how dumb you are. e: vvvv haha yeah, this was turning into war and peace and I had to stop myself Karate Bastard fucked around with this message at 00:45 on Dec 23, 2014 |
# ? Dec 23, 2014 00:22 |
|
Karate Bastard posted:Ok, to be less obtuse, crypto is real complicated, and can fail completely in completely nonobvious ways, so that we're still regularly finding blatant holes in the standard world widely adopted libraries, the ones that thousands of eyes are going over daily. Focusing on only the math part misses a big part of "dont do crypto". Even using good crypto primitives written by smart mother fuckers can all go wrong if you gently caress up using it and you probably will. Such as using an easily predictable RNG, all the good math in the world can save you when your keys are generated poorly. For example the Debian bug where they broke keygen for RSA and dropped the entropy down to next to nothing because they hosed with crypto code and thought they were smart. Maybe you use AES but then put it in ECB because you're probably functionally retarded and shouldn't be allowed to write secure code(Tribler, snapchat lol), sane primitives, pretty hosed. And using these things right isn't easy, which is a loving problem and is why we see hilarious or non obvious bugs. The root cause of so many security gently caress ups is how obtuse and impossible it is to properly use security primitives or to implement correctly secure focused protocols. You don't need to break the crypto to get those sweet vulns.
|
# ? Dec 23, 2014 00:33 |
|
There are even those (big names, Google it) that claim that crypto is being purposefully bloated / obscured by big players, so that anyone with a smaller budget than them will be unable to understand / use it properly. e: Hey, topical! e2: Can't be arsed to find the reference right now, but Schneier on security is a good place to start if you are interested. Mind your brain. Karate Bastard fucked around with this message at 00:55 on Dec 23, 2014 |
# ? Dec 23, 2014 00:48 |
|
The biggest issue with crypto is that crypto code can be completely, horrendously broken and still appear to work fine. The first time you're likely to learn of a flaw in your crypto code is when someone exploits it to gain unfettered access to whatever is being protected, at which point it's a little late to be closing the barn door. The vast majority of software development is based on writing a prototype, then identifying and fixing flaws in it until it works, which is a model that is completely unusable when failure is largely indistinguishable from success.
|
# ? Dec 23, 2014 01:04 |
|
Karate Bastard posted:There are even those (big names, Google it) that claim that crypto is being purposefully bloated / obscured by big players, so that anyone with a smaller budget than them will be unable to understand / use it properly. I'm indifferent to the claim of meddling. There have been instances of the NSA both helping (S boxes) and hurting (Dual_EC_DRBG) crypto with their advice but as far as overcomplicating I think we do that fine on our own without any outside intervention. I mostly do protocol stuff like SSL, and most of the issues coming out of SSL is the fact that its loving overcomplicated in the name of flexibility and ??? that every library implements a little different and a little wrong(or just don't do parts) written by people in a time where code quality simply wasn't seen as important for security as now. Jabor posted:The biggest issue with crypto is that crypto code can be completely, horrendously broken and still appear to work fine. The first time you're likely to learn of a flaw in your crypto code is when someone exploits it to gain unfettered access to whatever is being protected, at which point it's a little late to be closing the barn door. This. People who think launch and iterate works for crypto code are the type of people who need to heed the "dont do crypto" statement.
|
# ? Dec 23, 2014 01:10 |
|
apseudonym posted:Focusing on only the math part misses a big part of "dont do crypto". Honestly, I wouldn't trust most developers to correctly use crypto libraries, let alone do crypto. Pretty much every time I've seen somebody get the idea "hey, let's use a crypto library because we need cryptography for reasons" something bad has happened in the application.
|
# ? Dec 23, 2014 01:55 |
|
Bruegels Fuckbooks posted:Honestly, I wouldn't trust most developers to correctly use crypto libraries, let alone do crypto. Pretty much every time I've seen somebody get the idea "hey, let's use a crypto library because we need cryptography for reasons" something bad has happened in the application. In their defense most crypto libraries break the golden rule of "make the right thing easy and the wrong thing difficult/impossible".
|
# ? Dec 23, 2014 02:10 |
|
apseudonym posted:There have been instances of the NSA both helping (S boxes) and hurting (Dual_EC_DRBG) crypto with their advice Those were different eras.
|
# ? Dec 23, 2014 03:39 |
|
You people do realise that humans wrote your crypto libraries right? And that you yourself could contribute code to a crypto library. "This problem is hard to get right so don't do it" sucks. Obviously you wouldn't write a home rolled crypto library for your lovely web app, but you might write crypto if you were writing, I dunno, a crypto library? Note that I didn't look at the specific example, my reply was a general response to a general comment.
|
# ? Dec 23, 2014 04:40 |
|
return0 posted:Note that I didn't look at the specific example, my reply was a general response to a general comment. And it is an invalid response that shows your ignorance on the subject. I'm glad that you completely disregarded all those actual posts trying to educate you instead of mocking you.
|
# ? Dec 23, 2014 06:15 |
|
return0 posted:You people do realise that humans wrote your crypto libraries right? And that you yourself could contribute code to a crypto library. "This problem is hard to get right so don't do it" sucks. The point is that your response was "well do it right" which, to anyone who knows crypto, is on the same level as "flying is no problem, just don't be effected by gravity". edit: Crypto is the kind of place where grouops of people spend years developing algorithms only to have them ripped apart publicly, and just **getting** to that point is pretty freaking special. I am not a book fucked around with this message at 06:34 on Dec 23, 2014 |
# ? Dec 23, 2014 06:31 |
|
return0 posted:Obviously you wouldn't write a home rolled crypto library for your lovely web app, but you might write crypto if you were writing, I dunno, a crypto library? Yeah but also don't do that though
|
# ? Dec 23, 2014 06:34 |
|
Tribler has been in development for almost ten years (with €3.5 million in grants) and it's still using AES in ECB mode so I think it's fair to say that they should stop writing crypto
|
# ? Dec 23, 2014 06:39 |
|
Janitor Prime posted:And it is an invalid response that shows your ignorance on the subject. I'm glad that you completely disregarded all those actual posts trying to educate you instead of mocking you. Okay, let's all calm down a bit. His original comment was pretty stupid, in the context of a thread about programmers doing things that they shouldn't, but his clarified point is spot on; if writing cryptography is part of your job description (such as if you're a cryptographer), then "don't do cryptography" is not really a useful piece of advice. And he's shown that he understands that ***most people***, including software engineers who might otherwise know very little about cryptography, should not be messing around with cryptography. QuarkJets fucked around with this message at 07:04 on Dec 23, 2014 |
# ? Dec 23, 2014 07:01 |
|
Aleksei Vasiliev posted:Tribler has been in development for almost ten years (with €3.5 million in grants) and it's still using AES in ECB mode so I think it's fair to say that they should stop writing crypto 3.5 million british us dollars
|
# ? Dec 23, 2014 07:01 |
|
return0 posted:You people do realise that humans wrote your crypto libraries right? And that you yourself could contribute code to a crypto library. "This problem is hard to get right so don't do it" sucks. Contributing to a crypto library is definitely the way to go. If you do good then you do good for everyone, and if you do poorly, well then you'll be educated on your errors in short order by experts. You'll learn and everyone will benefit. If you roll your own, please leave that note and brag about your 1337 sk1llz, so sensible people will know to steer clear.
|
# ? Dec 23, 2014 08:58 |
|
Hitler trusted professional cryptographers instead of rolling his own, and look what happened to him. Don't be like Hitler.
|
# ? Dec 23, 2014 11:35 |
|
Soricidus posted:Hitler trusted professional cryptographers instead of rolling his own, and look what happened to him. Learnt about this on a trip to Bletchley Park and the British Computing Museum with work recently, was very interesting. Would recommend.
|
# ? Dec 23, 2014 12:43 |
|
|
# ? Jun 3, 2024 06:29 |
|
Janitor Prime posted:And it is an invalid response that shows your ignorance on the subject. I'm glad that you completely disregarded all those actual posts trying to educate you instead of mocking you. This is a completely ridiculous attitude. If everyone took your advice there would be no crypto. At no point have I advocated people roll their own crypto libs, I'vs merely stated (admittedly somewhat obliquely initially) that the rule of thumb presented (if you're doing crypto, don't) is bad. Better advice would be to write it correctly, with respect to literature and practical implementation lessons. My personal preference would be that we despookify crypto so it isn't so weird and scary for competent engineers.
|
# ? Dec 23, 2014 14:18 |