Hacker News: dchest

New comment by dchest in "Chopped, Stored, Secured – The Story of the Hash Function"

dchest — Mon, 15 Jun 2026 08:34:47 +0000

> just a block cipher in the category of endofunctors

A block cipher is just a keyed pseudorandom permutation! :)

Imagine that we have arranged all numbers from 0 to 115792089237316195423570985008687907853269984665640564039457584007913129639936 (2^256-1) in an array and then shuffled that array 115792089237316195423570985008687907853269984665640564039457584007913129639936 (2^256) times uniquely, each time recording the resulting shuffled array.

Here's the Go-like type:

var perm [115792089237316195423570985008687907853269984665640564039457584007913129639936]uint256

This is an unkeyed permutation (we can already build a secure hash function like SHA-3 from it, e.g. SHA-3 uses [2^1600]uint1600 permutation, while Ascon-Hash uses [2^320]uint320. The best we can do with ours is 2^127.5 collision security).

A keyed permutation takes 2^256 of these arrays, again shuffled differently and uniquely, so we have:

var keyedPerm [115792089237316195423570985008687907853269984665640564039457584007913129639936][115792089237316195423570985008687907853269984665640564039457584007913129639936]uint256

A block cipher is just P[k][p] where k and p are indexes into the arrays. Let's call k the key and p the plaintext — first we select one particular permutation using the key, and then select the resulting number (ciphertext) using the plaintext.

A simple hash function built from this keyed permutation splits the message into 256-bit numbers and then selects permutations using the message as k, and previous value as p and adds them together:

   h = (some starting number called IV)
   h += keyedPerm[m[0]][h]
   h += keyedPerm[m[1]][h]

This is SHA-2, SHA-1, MD5, etc, and with a slight variation and a larger block cipher, BLAKE(1,2,3).

Of course, it's physically impossible to have that much memory for the arrays and it's physically impossible to shuffle that many times, so a block cipher is an approximation of that by smashing and rearranging bits, hoping to cause diffusion and confusion.

New comment by dchest in "macOS Container Machines"

dchest — Wed, 10 Jun 2026 06:37:54 +0000

Did you use their volumes for node_modules or a shared dir? I mounted the whole project directory (with node_modules) inside the container and it seems to work fine (MBA M1 8 GB RAM).

New comment by dchest in "Apple reveals new AI architecture built around Google Gemini models"

dchest — Mon, 08 Jun 2026 20:50:04 +0000

The are not a "gatekeeper" under DMA (not enough users). Same as macOS.

New comment by dchest in "Android will now warn you if a caller is impersonating someone you know"

dchest — Tue, 02 Jun 2026 20:39:23 +0000

That's almost what it does? It's in the article:

> "When a contact calls you and you're both using Phone by Google, their device sends a silent confirmation signal in real time to your device to verify the call is legitimate and truly coming from the contact's device," Google writes in a blog explaining the new feature. "Because this digital handshake uses end-to-end encrypted Rich Communication Services (RCS) technology, it is completely private."

New comment by dchest in "Cloudflare Turnstile requiring fingerprintable WebGL"

dchest — Mon, 01 Jun 2026 07:58:18 +0000

They'll just tell you to clear cookies and use Chrome.

New comment by dchest in "Debian ZFS packaging team add warning, ZFS unsupported since Linux 6.12"

dchest — Thu, 28 May 2026 12:30:58 +0000

"RT kernels"

New comment by dchest in "BBEdit 16"

dchest — Fri, 22 May 2026 12:34:21 +0000

Well, obviously, software can't do things that the author didn't write code for. But AppKit components do get updated with some new features even if the original software didn't have support for them originally.

New comment by dchest in "BBEdit 16"

dchest — Thu, 21 May 2026 23:48:27 +0000

> For instance, an app can't start using Apple Intelligence if it's compiled with an older version of the SDK that doesn't know that such a thing exists.

That's not true, it became available in all NSTextViews by default, although with a bit different look.

New comment by dchest in "Native all the way, until you need text"

dchest — Mon, 18 May 2026 10:24:54 +0000

Fun fact: the original iPhone's UITextField and UITextView were backed by WebKit (https://x.com/kocienda/status/1400484168199401477)

New comment by dchest in "Ask HN: We just had an actual UUID v4 collision..."

dchest — Sat, 09 May 2026 12:57:09 +0000

How does a high-reliability system have a broken /dev/random? You're better off fixing it rather than trying to fix every downstream component that uses it. You can put your AES-128 counter there if you can count reliably.

New comment by dchest in "Ask.com has closed"

dchest — Sat, 02 May 2026 07:38:33 +0000

That was after IAC:

"Additional acquisitions in 2006 included ShoeBuy.com,[46] which the company later sold to Jet,[47] and Connected Ventures including CollegeHumor and Vimeo".

New comment by dchest in "20 years on AWS and never not my job"

dchest — Sat, 11 Apr 2026 08:08:12 +0000

Colin, if I remember correctly, you first ran Tarsnap servers on Ubuntu before you made FreeBSD work on EC2. At what point were you confident enough to switch to FreeBSD?

New comment by dchest in "OpenRouter Raises $120M at a $1.3B Valuation"

dchest — Sat, 04 Apr 2026 21:45:05 +0000

They are a marketplace for model providers, which is quite a nice business model.

New comment by dchest in "Show HN: Apfel – The free AI already on your Mac"

dchest — Fri, 03 Apr 2026 13:38:49 +0000

https://webmachinelearning.github.io/prompt-api/

Already in Chrome as an origin trial: https://developer.chrome.com/docs/ai/prompt-api

Show HN: ThreePointTwo – Utility-first inline attributes for the World Wide Web

dchest — Wed, 01 Apr 2026 12:13:01 +0000

Article URL: https://dchest.github.io/threepointtwo/

Comments URL: https://news.ycombinator.com/item?id=47599795

Points: 2

# Comments: 0

New comment by dchest in "ace.me is your new website, email and cloud. Simple. Fast. Secure."

dchest — Thu, 19 Mar 2026 14:23:42 +0000

> Traffic encryption with 2048-bit TLS, the successor to SSL

With 65537 exponent, the successor to 3.

New comment by dchest in "LibreOffice: Request to the European Commission to adhere to its own guidances"

dchest — Sun, 08 Mar 2026 17:22:40 +0000

I just downloaded the ODS version and it comes with .pdf extension, had to rename it. It also uses Aptos Narrow font (from MS Office), which gets substituted.

New comment by dchest in "Workers who love 'synergizing paradigms' might be bad at their jobs"

dchest — Fri, 06 Mar 2026 14:43:47 +0000

Note that this isn't a study of actual workplaces, it's based on cognitive tests, so "bad at their jobs" may be a stretch. For example, "overconfidence in one's intellectual and analytic abilities" may be good for business, e.g. when dealing with US government contracts in 2026.

New comment by dchest in "MacBook Neo"

dchest — Wed, 04 Mar 2026 16:28:53 +0000

Yes, it can -- to all questions.

New comment by dchest in "MacBook Neo"

dchest — Wed, 04 Mar 2026 15:02:19 +0000

8 GB M1 MacBook Air does support Apple Intelligence.