Hacker News: w8rbt

New comment by w8rbt in "We are clueless about how long things should take"

w8rbt — Wed, 25 Sep 2019 13:42:34 +0000

If managers come to developers with problems that are NP complete, no matter how well they transfer the idea/vision, or set time expectations, the problem cannot be solved efficiently. And, unless the developers have been trained in CS/Math they may not even understand that what they are being asked to do cannot be done.

For example, say a manager has an idea to find the largest group of friends in a massive social network. He wants a developer to write an app for that and has a 20K budget and 2 months. You could not write this app with 10 times that budget or time.

How can you determine which group of friends is the largest?

https://en.wikipedia.org/wiki/Clique_problem

https://en.wikipedia.org/wiki/List_of_NP-complete_problems

New comment by w8rbt in "OSSU: A path to a free self-taught education in computer science"

w8rbt — Tue, 24 Sep 2019 19:27:31 +0000

You could also get a free Udacity account and watch the Georgia Tech CS Master classes (OMSCS). Algorithms, Machine Learning, Operating Systems, etc. It's a good program.

New comment by w8rbt in "Ask HN: How do you handle/maintain local Python environments?"

w8rbt — Tue, 24 Sep 2019 01:18:08 +0000

This is my biggest issue with Python. I absolutely love the language, but Python 3 ought to be Python 3 no matter where/how you got it. If you are using 3.5 and I'm using 3.7 we ought to be able to share code and things just work. Unfortunately, that is not the case.

New comment by w8rbt in "Breaking Pills"

w8rbt — Fri, 20 Sep 2019 10:56:57 +0000

If you majored in CS at university, you probably suffered through a lot of it. It sinks in after awhile and is rather useful.

New comment by w8rbt in "The Czech Cyber Billionaire Who Founded Avast"

w8rbt — Thu, 19 Sep 2019 16:12:37 +0000

I did use it then and I never experienced that. I bet it was some unrelated coincidence. They would not do that.

New comment by w8rbt in "The Czech Cyber Billionaire Who Founded Avast"

w8rbt — Thu, 19 Sep 2019 15:30:59 +0000

I have never heard this. Can you provide a link with more details?

New comment by w8rbt in "Handshake: Decentralizing DNS to Improve the Security of the Internet"

w8rbt — Wed, 18 Sep 2019 01:37:15 +0000

Right, thanks. And I hope my question does not sound too critical. I was just genuinely curious why JS was used.

I think JS is fine for small to mid-sized tasks, prototyping and testing ideas. However, for real DNS servers, used by a lot of clients, I believe C, C++, Go or Rust would be an absolute requirement.

New comment by w8rbt in "The boring technology behind a one-person Internet company (2018)"

w8rbt — Tue, 17 Sep 2019 01:01:46 +0000

Absolutely, but a great idea when combined with other defensive tactics. Obscurity is why armies use camouflage.

New comment by w8rbt in "DNSCrypt encrypts communications between a DNS client and a DNS resolver"

w8rbt — Mon, 16 Sep 2019 22:41:11 +0000

I use CoreDNS as a stub resolver to do DNS over TLS. It works great. https://coredns.io/

New comment by w8rbt in "LastPass bug leaks credentials from previous site"

w8rbt — Mon, 16 Sep 2019 17:23:34 +0000

It's 2^15 rounds of pbkdf2 with long inputs. There is no master password as nothing is stored. Good luck.

New comment by w8rbt in "LastPass bug leaks credentials from previous site"

w8rbt — Mon, 16 Sep 2019 15:26:52 +0000

This is one reason why I believe that browser based password managers are flawed. I've written about this in the past (link below). These apps are popular with normal people (due to convenience), but long-term, we should not trust web browsers plugins or add-ons as password managers.

https://github.com/w8rbt/dpg#why-traditional-password-manage...

New comment by w8rbt in "Why Go and Not Rust?"

w8rbt — Mon, 16 Sep 2019 14:25:14 +0000

I like to think that Go is C for the Cloud.

And don't let detractors get you down. No matter what you do, or how successful you are, there will always be critics. Ignore them.

New comment by w8rbt in "Building a Better Go Linker"

w8rbt — Fri, 13 Sep 2019 10:54:35 +0000

Ken Thompson wrote B which is the direct predecessor of C. He was and is certainly a language designer and implementer.

https://en.wikipedia.org/wiki/B_(programming_language)

New comment by w8rbt in "Why Ada Is the Language You Want to Be Programming Your Systems With"

w8rbt — Wed, 11 Sep 2019 12:28:58 +0000

C would recognize it, but not over-react. Log it and continue rather than going full abort/self destruct which is what ada did.

New comment by w8rbt in "Turn off DoH, Firefox"

w8rbt — Wed, 11 Sep 2019 12:09:32 +0000

Absolutely. This warning seems disingenuous and will confuse many normal people. DNS over HTTPs and DNS over TLS are good things and increase our privacy. People should switch to them.

New comment by w8rbt in "DontDuo: Bypass 2FA with DTMF Tones"

w8rbt — Wed, 11 Sep 2019 10:54:34 +0000

IT admins at your org can enable or disable 2FA methods allowed via the Duo administration console. Many US edus disable TOTP.

New comment by w8rbt in "DontDuo: Bypass 2FA with DTMF Tones"

w8rbt — Wed, 11 Sep 2019 02:26:23 +0000

I think the point is that relying on phone calls and DTMF tones for two factor authentication is trivial to bypass. Anyone can record DTMF tones in a voicemail message and forward calls to that number.

Google Offers MS Active Directory as a Service

w8rbt — Fri, 06 Sep 2019 13:14:45 +0000

Article URL: https://cloud.google.com/managed-microsoft-ad/

Comments URL: https://news.ycombinator.com/item?id=20895313

Points: 2

# Comments: 0

New comment by w8rbt in "Richard Stallman spoke at Microsoft Research this week"

w8rbt — Fri, 06 Sep 2019 11:32:41 +0000

Telling them to use GNU/Linux.

New comment by w8rbt in "Software U2F Authenticator for macOS"

w8rbt — Fri, 06 Sep 2019 01:16:47 +0000

Does oathtool take stdin? Last time I looked it did not. I keep my TOTP secrets PGP encrypted and pipe them to goathgen.

    $ gpg -d encrypted-secret.txt | goathgen

https://github.com/w8rbt/goathgen