Coding Horrors: You can gather all your technical debt into one easy framework!

The Something Awful Forums > Discussion > Serious Hardware/Software Crap > The Cavern of COBOL > Coding Horrors: You can gather all your technical debt into one easy framework!

«‹›1503 »

Jabor: Jul 16, 2010; #1 Loser at SpaceChem

The general rule is correct in the general case, yes? And it's pretty drat obvious if you're in the one specific case (actually writing a crypto library for other people to use) that it doesn't apply.

So what is there to get upset about at that general rule?

# ? Dec 23, 2014 15:17

Adbot: ADBOT LOVES YOU

# ? Jun 7, 2024 22:34

Blinkz0rz: May 27, 2001; MY CONTEMPT FOR MY OWN EMPLOYEES IS ONLY MATCHED BY MY LOVE FOR TOM BRADY'S SWEATY MAGA BALLS

return0 posted:

competent engineers.

An addendum to The General Rule should also be that if you think you're a competent enough engineer to do crypto, odds are you aren't.

# ? Dec 23, 2014 16:13

good jovi: Dec 11, 2000; 'm pro-dickgirl, and I VOTE!

return0 posted:

My personal preference would be that we despookify crypto so it isn't so weird and scary for competent engineers.

crypto isn't for engineers, it's for mathematicians

# ? Dec 23, 2014 16:20

Workaday Wizard: Oct 23, 2009; by Pragmatica

good jovi posted:

crypto isn't for engineers, it's for mathematicians

How many crypto vulns are actually caused by the math though?

# ? Dec 23, 2014 17:02

Evil_Greven: Feb 20, 2007; Whadda I got to,
whadda I got to do
to wake ya up?

To shake ya up,
to break the structure up!?

return0 posted:

My personal preference would be that we despookify crypto so it isn't so weird and scary for competent engineers.

Programmers need to fear crypto. If they don't, they'll be careless and do poo poo like make a predictable RNG.

Caveat: they probably will anyway, so it can't hurt.

# ? Dec 23, 2014 17:26

Illusive Fuck Man: Jul 5, 2004; RIP John McCain feel better xoxo ð ð; Taco Defender

return0 posted:

My personal preference would be that we despookify crypto so it isn't so weird and scary for competent engineers.

IMO it isn't really that crypto is spooky right now. It's just very easy to take a library like openssl and use it in a way that sounds reasonable, but in reality is completely useless.

I think the more common problem isn't programmers creating their own broken hash function or encryption, but using existing crypto in broken ways. Developers really don't need libraries that hash things or do aes, but do need libraries that store passwords properly or negotiate a secure, authenticated connection without the programmer actually getting into or needing to understand the details. The options for this aren't great right now afaik, but maybe projects like libressl will improve things.

# ? Dec 23, 2014 17:39

return0: Apr 11, 2007

good jovi posted:

crypto isn't for engineers, it's for mathematicians

Implementation is engineering, and crypto defects are introduced by people doing software engineering. I guess I just feel quite strongly that the development of better primitives and abstractions for helping to not make open crypto a clusterfuck would be better accomplished by not propagating the attitude that crypto is a sacred thing for geniuses, like I guess like multithreading (and probably programming in general) was in decades past. If you disagree then fair enough?

Obviously don't write your own crypto lib, but only in the same way you don't write your own database engine, programming language or operating system (i.e., it shouldn't be special). Anyway, sorry for the derail.

# ? Dec 23, 2014 17:40

JawnV6: Jul 4, 2004; So hot ...

Do your normal standards for software engineering account for sidechannel timing attacks leaking information? I've never really taken that into account. Who should have caught the PS3 signing bug, the implementing engineer or a mathematician auditor?

# ? Dec 23, 2014 18:04

return0: Apr 11, 2007

JawnV6 posted:

Do your normal standards for software engineering account for sidechannel timing attacks leaking information? I've never really taken that into account. Who should have caught the PS3 signing bug, the implementing engineer or a mathematician auditor?

Why don't you tell me what you think?

# ? Dec 23, 2014 18:15

dingy dimples: Aug 16, 2004

Hey look! A coding horror!

https://code.google.com/p/google-refine/source/browse/trunk/main/src/com/google/refine/clustering/binning/Metaphone3.java#2757

code:

	boolean Encode_Silent_GH()
{
//Parker's rule (with some further refinements) - e.g., 'hugh'
if(((((m_current > 1) && StringAt((m_current - 2), 1, "B", "H", "D", "G", "L", "") )
//e.g., 'bough'
|| ((m_current > 2)
&& StringAt((m_current - 3), 1, "B", "H", "D", "K", "W", "N", "P", "V", "")
&& !StringAt(0, 6, "ENOUGH", ""))
//e.g., 'broughton'
|| ((m_current > 3) && StringAt((m_current - 4), 1, "B", "H", "") )
//'plough', 'slaugh'
|| ((m_current > 3) && StringAt((m_current - 4), 2, "PL", "SL", "") )
|| ((m_current > 0)
// 'sigh', 'light'
&& ((CharAt(m_current - 1) == 'I')
|| StringAt(0, 4, "PUGH", "")
// e.g. 'MCDONAGH', 'MURTAGH', 'CREAGH'
|| (StringAt((m_current - 1), 3, "AGH", "")
&& ((m_current + 1) == m_last))
|| StringAt((m_current - 4), 6, "GERAGH", "DRAUGH", "")
|| (StringAt((m_current - 3), 5, "GAUGH", "GEOGH", "MAUGH", "")
&& !StringAt(0, 9, "MCGAUGHEY", ""))
// exceptions to 'tough', 'rough', 'lough'
|| (StringAt((m_current - 2), 4, "OUGH", "")
&& (m_current > 3)
&& !StringAt((m_current - 4), 6, "CCOUGH", "ENOUGH", "TROUGH", "CLOUGH", "")))))
// suffixes starting w/ vowel where "-GH-" is usually silent
&& (StringAt((m_current - 3), 5, "VAUGH", "FEIGH", "LEIGH", "")
|| StringAt((m_current - 2), 4, "HIGH", "TIGH", "")
|| ((m_current + 1) == m_last)
|| (StringAt((m_current + 2), 2, "IE", "EY", "ES", "ER", "ED", "TY", "")
&& ((m_current + 3) == m_last)
&& !StringAt((m_current - 5), 9, "GALLAGHER", ""))
|| (StringAt((m_current + 2), 1, "Y", "") && ((m_current + 2) == m_last))
|| (StringAt((m_current + 2), 3, "ING", "OUT", "") && ((m_current + 4) == m_last))
|| (StringAt((m_current + 2), 4, "ERTY", "") && ((m_current + 5) == m_last))
|| (!IsVowel(m_current + 2)
|| StringAt((m_current - 3), 5, "GAUGH", "GEOGH", "MAUGH", "")
|| StringAt((m_current - 4), 8, "BROUGHAM", ""))))
// exceptions where '-g-' pronounced
&& !(StringAt(0, 6, "BALOGH", "SABAGH", "")
|| StringAt((m_current - 2), 7, "BAGHDAD", "")
|| StringAt((m_current - 3), 5, "WHIGH", "")
|| StringAt((m_current - 5), 7, "SABBAGH", "AKHLAGH", "")))
{
// silent - do nothing
m_current += 2;
return true;
}

return false;
}

The whitespace got destroyed but I'm not bothering to fix it.

This code has been part of a weird controversy concerning open source licenses: https://github.com/threedaymonk/text/issues/21#issuecomment-67752327

It's also a lesson in how boolean short-circuiting is not a good way to implement flow control.

# ? Dec 23, 2014 18:16

vOv: Feb 8, 2014

Soricidus posted:

Hitler trusted professional cryptographers instead of rolling his own, and look what happened to him.

Don't be like Hitler.

IIRC a big part of why the Enigma program was as effective as it was was the fact that the German higher-ups were unwilling to believe that someone could possibly have cracked it.

# ? Dec 23, 2014 18:16

Polio Vax Scene: Apr 5, 2009

dingy dimples posted:

Hey look! A coding horror!

https://code.google.com/p/google-refine/source/browse/trunk/main/src/com/google/refine/clustering/binning/Metaphone3.java#2757

The whitespace got destroyed but I'm not bothering to fix it.

This code has been part of a weird controversy concerning open source licenses: https://github.com/threedaymonk/text/issues/21#issuecomment-67752327

It's also a lesson in how boolean short-circuiting is not a good way to implement flow control.

The english language and how to pronounce it is itself a horror

# ? Dec 23, 2014 18:26

sarehu: Apr 20, 2007; (call/cc call/cc)

return0 posted:

Obviously don't write your own crypto lib, but only in the same way you don't write your own database engine, programming language or operating system (i.e., it shouldn't be special)

"Don't do your own crypto" does not mean don't write your own crypto lib, it means don't use a crypto lib directly.

And it's not the same thing as writing your own database engine at all.

Source: My coworkers that I was making a database engine and programming language with tried to do their own crypto.

Also, there's nothing wrong with making operating systems. What are you, some pussyfooted little human being that's afraid to dip down into ring zero? The real rule is "don't write your own web server." Possibly the one thing that's worse than using a crypto lib directly.

Source: That database engine I was talking about? It has its own widdle bespoke web server. Making a page cache or filesystem isn't really that hard, compared to having a web server that isn't a buggy insecure piece of poo poo.

# ? Dec 23, 2014 21:00

The MUMPSorceress: Jan 6, 2012; ^SHTPSTS; Gary’s Answer

I've been slowly reading this thread from the beginning over the course of the year and I'm finally caught up. Just posting to say that just this week I learned that my org's client code (which is all VB6, btw) uses strict Systems Hungarian notation for variable names. Weep for me.

It's extra funny because our server code is all in a language where those no data types at all, and on that end we have no rules whatsoever about variable naming so any random variable name %i9 could be a string, a b-tree, a float, an int, or whatever and you have no way of knowing other than tracing code to see where it gets its value from.

# ? Dec 23, 2014 21:01

DONT THREAD ON ME: Oct 1, 2002; by Nyc_Tattoo; Floss Finder

dingy dimples posted:

Hey look! A coding horror!

https://code.google.com/p/google-refine/source/browse/trunk/main/src/com/google/refine/clustering/binning/Metaphone3.java#2757

code:

	boolean Encode_Silent_GH()
{
//Parker's rule (with some further refinements) - e.g., 'hugh'
if(((((m_current > 1) && StringAt((m_current - 2), 1, "B", "H", "D", "G", "L", "") )
//e.g., 'bough'
|| ((m_current > 2)
&& StringAt((m_current - 3), 1, "B", "H", "D", "K", "W", "N", "P", "V", "")
&& !StringAt(0, 6, "ENOUGH", ""))
//e.g., 'broughton'
|| ((m_current > 3) && StringAt((m_current - 4), 1, "B", "H", "") )
//'plough', 'slaugh'
|| ((m_current > 3) && StringAt((m_current - 4), 2, "PL", "SL", "") )
|| ((m_current > 0)
// 'sigh', 'light'
&& ((CharAt(m_current - 1) == 'I')
|| StringAt(0, 4, "PUGH", "")
// e.g. 'MCDONAGH', 'MURTAGH', 'CREAGH'
|| (StringAt((m_current - 1), 3, "AGH", "")
&& ((m_current + 1) == m_last))
|| StringAt((m_current - 4), 6, "GERAGH", "DRAUGH", "")
|| (StringAt((m_current - 3), 5, "GAUGH", "GEOGH", "MAUGH", "")
&& !StringAt(0, 9, "MCGAUGHEY", ""))
// exceptions to 'tough', 'rough', 'lough'
|| (StringAt((m_current - 2), 4, "OUGH", "")
&& (m_current > 3)
&& !StringAt((m_current - 4), 6, "CCOUGH", "ENOUGH", "TROUGH", "CLOUGH", "")))))
// suffixes starting w/ vowel where "-GH-" is usually silent
&& (StringAt((m_current - 3), 5, "VAUGH", "FEIGH", "LEIGH", "")
|| StringAt((m_current - 2), 4, "HIGH", "TIGH", "")
|| ((m_current + 1) == m_last)
|| (StringAt((m_current + 2), 2, "IE", "EY", "ES", "ER", "ED", "TY", "")
&& ((m_current + 3) == m_last)
&& !StringAt((m_current - 5), 9, "GALLAGHER", ""))
|| (StringAt((m_current + 2), 1, "Y", "") && ((m_current + 2) == m_last))
|| (StringAt((m_current + 2), 3, "ING", "OUT", "") && ((m_current + 4) == m_last))
|| (StringAt((m_current + 2), 4, "ERTY", "") && ((m_current + 5) == m_last))
|| (!IsVowel(m_current + 2)
|| StringAt((m_current - 3), 5, "GAUGH", "GEOGH", "MAUGH", "")
|| StringAt((m_current - 4), 8, "BROUGHAM", ""))))
// exceptions where '-g-' pronounced
&& !(StringAt(0, 6, "BALOGH", "SABAGH", "")
|| StringAt((m_current - 2), 7, "BAGHDAD", "")
|| StringAt((m_current - 3), 5, "WHIGH", "")
|| StringAt((m_current - 5), 7, "SABBAGH", "AKHLAGH", "")))
{
// silent - do nothing
m_current += 2;
return true;
}

return false;
}

I don't know what a better solution to this incredibly lovely problem would be, aside from machine learning or something. At least it isn't nested terniarys.

# ? Dec 23, 2014 21:04

raminasi: Jan 25, 2005; a last drink with no ice

C# code:

        private void ABORTABORTABORT(object sender, FormClosingEventArgs e)
        {

            this.ABORT = true;

            OF = null;

            LaunchEngines.KillAll();

        }

I can't even be upset at this, it's so goofy.

# ? Dec 23, 2014 21:22

return0: Apr 11, 2007

sarehu posted:

"Don't do your own crypto" does not mean don't write your own crypto lib, it means don't use a crypto lib directly.

And it's not the same thing as writing your own database engine at all.

Source: My coworkers that I was making a database engine and programming language with tried to do their own crypto.

Also, there's nothing wrong with making operating systems. What are you, some pussyfooted little human being that's afraid to dip down into ring zero? The real rule is "don't write your own web server." Possibly the one thing that's worse than using a crypto lib directly.

Source: That database engine I was talking about? It has its own widdle bespoke web server. Making a page cache or filesystem isn't really that hard, compared to having a web server that isn't a buggy insecure piece of poo poo.

Honestly I don't even

# ? Dec 23, 2014 22:00

Suspicious Dish: Sep 24, 2011; 2020 is the year of linux on the desktop, bro; Fun Shoe

Ignore shrughes.

Also, I don't think that abstinence-only crypto education is a great idea. It's how we got Heartbleed, and it means that we will have less people reviewing and analyzing things like Tribler, because "we should have left crypto to the experts".

I'm totally in favor of getting people to learn about crypto and cryptosystems. And as long as we have some basic trust, we can trust them to not write and deploy their own cryptosystem in production, in the same way we can trust people who have taken an OS course to not deploy their own custom OS in production, or people who have taken a compiler course to not deploy their own custom compiler in production.

# ? Dec 24, 2014 00:29

sarehu: Apr 20, 2007; (call/cc call/cc)

Uh no, people don't deploy their own custom OS or compiler because that's a lot of effort. Deploying your own custom crypto is very little effort.

# ? Dec 24, 2014 03:46

return0: Apr 11, 2007

Okay shrughes, if it's bad to use an existing crypto library and its bad to write your own, what to do?

# ? Dec 24, 2014 03:51

sarehu: Apr 20, 2007; (call/cc call/cc)

Use a library that does what your actual goal is. For example, if you want to do password hashing, use a password hashing library. If you want to communicate securely over bytestreams, use a secure bytestream communication library.

# ? Dec 24, 2014 03:54

FoiledAgain: May 6, 2007

dingy dimples posted:

Hey look! A coding horror!

The whitespace got destroyed but I'm not bothering to fix it.

This code has been part of a weird controversy concerning open source licenses: https://github.com/threedaymonk/text/issues/21#issuecomment-67752327

It's also a lesson in how boolean short-circuiting is not a good way to implement flow control.

What exactly is going on here? Isn't there someway to use a pronouncing dictionary (like CMU) to do this instead?

# ? Dec 24, 2014 07:30

TheresaJayne: Jul 1, 2011

sarehu posted:

Use a library that does what your actual goal is. For example, if you want to do password hashing, use a password hashing library. If you want to communicate securely over bytestreams, use a secure bytestream communication library.

Well what about crypto usage, for instance, asymmetric / symmetric keys, and say

Encrypt one key with another one then use the first one to encrypt every other key and then use those keys to encrypt messages. complex but using multiple layers of encryption. Unless you have all the keys the message is unreadable as you have to decrypt the main key with the master key then decrypt the transport key with the main key before you can decrypt the message key and then recover the message.

# ? Dec 24, 2014 09:03

TheresaJayne: Jul 1, 2011

On another note i just remembered a horror that was so bad that i had blanked it out completely until now.

I started on a website for a company that had previously been written by a continous stream of contractors.

When you logged in there was a token added to the url

I discovered that if you changed the url to

https://website.com/search/employers/profile?user=admin&token=12345

you got back the following message

Invalid Token: Expected "c424b476d423e2f4ffa398462" got "12345"

so you just changed the token to that one and gained access to the admin account or anyone's account

# ? Dec 24, 2014 09:08

Maluco Marinero: Jan 18, 2001; Damn that's a
fine elephant.

My lord. Is throwing a 403 and calling it a day really that hard?

# ? Dec 24, 2014 09:58

Karate Bastard: Jul 31, 2007; Can't post for 7 hours!; Soiled Meat

Horrorlarity. The state of being scared and appalled to the point where you cannot bring yourself to stop laughing. Very few things can bring me to that state, apart from Internet security, which does it repeatedly and consistently. I think it's because of all the bumbling knuckleheads that do it without the slightest idea of how it should be done, or about the damage they cause, or even that they are in fact doing it, which in truth very easily and routinely happens, since it can pop its frightening head up in almost any layer of an application, especially these days where more and more things insist on speaking to one another over network.

Coupled with the fact that very likely I could be that bumbling idiot, because if I am, the only way I'm likely to find out is if I'm still smart enough to discover that I've been exploited.

So the best way out is to take long hard look at the use case vs implementation. Do I really need to encrypt every other key with one another or do I need to encrypt a bitstream, and in that case, does there already exist a proven library that does this?

# ? Dec 24, 2014 11:07

apseudonym: Feb 25, 2011

Karate Bastard posted:

Horrorlarity. The state of being scared and appalled to the point where you cannot bring yourself to stop laughing. Very few things can bring me to that state, apart from Internet security, which does it repeatedly and consistently. I think it's because of all the bumbling knuckleheads that do it without the slightest idea of how it should be done, or about the damage they cause, or even that they are in fact doing it, which in truth very easily and routinely happens, since it can pop its frightening head up in almost any layer of an application, especially these days where more and more things insist on speaking to one another over network.

Coupled with the fact that very likely I could be that bumbling idiot, because if I am, the only way I'm likely to find out is if I'm still smart enough to discover that I've been exploited.

So the best way out is to take long hard look at the use case vs implementation. Do I really need to encrypt every other key with one another or do I need to encrypt a bitstream, and in that case, does there already exist a proven library that does this?

I do network/device/os security poo poo and haven't stopped laughing in years, the world is horrible.

# ? Dec 24, 2014 11:13

Karate Bastard: Jul 31, 2007; Can't post for 7 hours!; Soiled Meat

By the way, Merry Christmas, you bastards! :haw:

Never stop knitting body armor for me out of live spiders.

# ? Dec 24, 2014 11:52

Jabor: Jul 16, 2010; #1 Loser at SpaceChem

TheresaJayne posted:

Well what about crypto usage, for instance, asymmetric / symmetric keys, and say

Encrypt one key with another one then use the first one to encrypt every other key and then use those keys to encrypt messages. complex but using multiple layers of encryption. Unless you have all the keys the message is unreadable as you have to decrypt the main key with the master key then decrypt the transport key with the main key before you can decrypt the message key and then recover the message.

So two quick observations just from the (incomplete) description you've provided:
- If you keep the main keys together (and the message keys with the message), this scheme doesn't provide any real additional security.
- If you make use of the multiple keys to keep them separate, it doesn't give you anything over a proper secret-sharing algorithm.

As an application programmer, you shouldn't be thinking about crypto at the level of transport keys vs. master keys or anything like that. (And the reverse also kind of applies if you're writing a crypto library.)

As an aside, if you really do want to become a cryptographer the best way to start is by trying to break other people's work. You can start with stuff that's already known to be broken (and see if you can figure out the details without just looking it up), and then once you're confident you can start trying to break things that aren't (yet) known to be bad. Once you know what bad crypto looks like, you're in a much better position to come up with less-bad crypto yourself.

# ? Dec 24, 2014 14:00

Crosscontaminant: Jan 18, 2007

MALE SHOEGAZE posted:

I don't know what a better solution to this incredibly lovely problem would be

This page helps. GH actually only has a couple of irregular forms - people ought to be complaining about the scribal replacement of U with O or intervocalic S, since those create a ton of irregularity.

# ? Dec 24, 2014 16:18

Coffee Mugshot: Jun 26, 2010; by Lowtax

Bad crypto isn't spooky for competent engineers, it's spooky for users.

# ? Dec 24, 2014 19:30

Soricidus: Oct 21, 2010; freedom-hating statist shill

When I want to crypto I usually make a one time pad, which is where you use rand() to seed itself so the seed is also random and nobody can recreate the key. Then you just xor that with your message, making sure it's the same length as the key otherwise it's not secure. Send the key in one email and the message in another from a different address so even if the nsa intercept one they'll still be out of luck. Don't forget to encrypt the subject line too because if you just send it saying "cipher key" they'll probably notice that. That's all it takes really, dunno why everyone makes it out to be such a big deal.

# ? Dec 24, 2014 20:14

Karate Bastard: Jul 31, 2007; Can't post for 7 hours!; Soiled Meat

Depends on your use case, and your threat model. For your personal poo poo, who cares.

# ? Dec 24, 2014 20:19

Knyteguy: Jul 6, 2005; YES to love
NO to shirts; Toilet Rascal

flip = !flip;

Thanks for the descriptive global variable that sets itself seemingly randomly.

# ? Dec 24, 2014 22:18

Dr. Stab: Sep 12, 2010; 👨🏻‍⚕️🩺🔪🙀😱🙀

Knyteguy posted:

flip = !flip;

Thanks for the descriptive global variable that sets itself seemingly randomly.

What else would you name a variable that flips itself and does nothing else?

# ? Dec 24, 2014 22:20

Knyteguy: Jul 6, 2005; YES to love
NO to shirts; Toilet Rascal

Dr. Stab posted:

What else would you name a variable that flips itself and does nothing else?

The logic. It is impeccable.

# ? Dec 24, 2014 22:25

Suspicious Dish: Sep 24, 2011; 2020 is the year of linux on the desktop, bro; Fun Shoe

Dr. Stab posted:

What else would you name a variable that flips itself and does nothing else?

I'd call it "swap" or "invert", personally.

# ? Dec 24, 2014 22:34

Soricidus: Oct 21, 2010; freedom-hating statist shill

Dr. Stab posted:

What else would you name a variable that flips itself and does nothing else?

# ? Dec 24, 2014 22:51

karms: Jan 22, 2006; by Nyc_Tattoo; Yam Slacker

Dr. Stab posted:

What else would you name a variable that flips itself and does nothing else?

$objNewSwap = objSwap->getNewSwap();

# ? Dec 24, 2014 23:01

Adbot: ADBOT LOVES YOU

# ? Jun 7, 2024 22:34

Sinestro: Oct 31, 2010; The perfect day needs the perfect set of wheels.

sarehu posted:

Use a library that does what your actual goal is. For example, if you want to do password hashing, use a password hashing library. If you want to communicate securely over bytestreams, use a secure bytestream communication library.

What if the algorithm that you need is well-described in literature but there's no implementation available for the language that you have to use? Are you supposed to just throw up your hands and walk away until a cryptography ubermench walks by and magics it away?

# ? Dec 24, 2014 23:20

The Something Awful Forums > Discussion > Serious Hardware/Software Crap > The Cavern of COBOL > Coding Horrors: You can gather all your technical debt into one easy framework!

«‹›1503 »