#ot1-perplexing-regexing

hahaha

no they were doing that back with us too

but we thought it was stupid and we spent more time criticising the situation than doing the math

You mean you don't eat 12 watermelons?

hah

unfortunately not

but in the UK it was more practical I think

like they gave you a flattened out shape and you had to figure out how to fold it

"You have 45 sweets and Michael takes 11. What does Michael get?"

a slap

rather than this "take the angle between john, mary and the local abattoir"

also I'm not sure all schools get quite the same tests here

although it is interesting just how many subjects they will accept at that level that can be taken but most schools don't have teachers for

like.. latin

and then if someone wants to do it the school legally has to provide a teacher for it

this can only go badly

romani ite domum

like I knew this girl that took japanese for her leaving cert

I have no idea how they found a teacher for that one

Ne pater meus es tu!

Great, the prime minister just gave a speech, talking about the spread of the infection for the comming months.

uhhhh

I don't want to practise social distancing for several months 😦

well, we all have to do that

better get started

et tu brute

I mean I do anyway

I need more things to do at home, I'm burning out on gaming

that's why i started on my box

again

I don't have the skills, tools or crayons to teach myself that one

but it's a real interesting trade

make matchstick sculptures

"Avoid contact with people." Waaaaaay ahead of you

I whiteboarded a project about an hour or two ago

so maybe I'll give that a shot

i still need to buy a whiteboard

they cost fucking nothing

which is amazing

i know

well, unless you want something good

and they're so good

in which case they cost slightly more than nothing

they are great, yeah

fuck it, they'll all work fine and if they get discoloured over time

just bleach it

the one I have is a combined corkboard and whiteboard

literally the only things I put on the corkboard are pending prescriptions though

ah so you can peel your notes off the whiteboard and stick them to the corkboard

gotcha

haha

I don't use sticky notes

i just imagined some youtube visual effect reel of someone peeling notes off an actual whiteboard

haha

Gareth Bentham, a joint pub landlord in Altrincham, said Boris Johnson’s decision to urge people to avoid pubs means he and thousands of other landlords won’t be able to claim for the coronavirus outbreak on business interruption insurance.

I also don't whiteboard properly at all

But whatever

It works for me

command hook strips, if you're wondering why it's floating under the hook in the wall

i've got a set of them

was going to use them to hold up some guitar holders

I still can't fucking believe like

but even though they're rated for like 20kg i don't trust our wall

I showed the guy the board, I was like

this needs to be on the wall

and he puts exactly one hook in it and tells me to get a rope

Invisible string

can you imagine writing on this thing

it'd be swinging all over the place

:D

pendulum development

Maybe my handwriting would be legible due to that xd

haha

the trick would be to set it in motion and hold your hand in one place

lol, writing one dot at a time

like a dot matrix printer but with way lower resolution

i wonder what it's like to write on a moving surface

like a ticker tape that's pulled at a constant speed

sounds like a project

I mean if it's truly a constant speed you can just sit on it

i mean like writing without having to move your hand

well I mean you have to move something

the paper

You can emulate that by dragging a piece of copy paper around

it sounds terrible either way

you could do some fun cursive

also I rest my hand on the paper

inky pens suck, change my mind

Oh I just thought of something that does this kind of

A band saw

hahaha

inky pens are great if you write like chicken scratch

replace the saw with a roll of masking tape

sorted

i've got a really nice smooth roller ball that inks pretty good

you try to write on it and your pen gets thrown across the room

glorious

🎶 And after allllllllllllll; you're my roller ballllllllllll 🎶

I use the cheapest pens possible

because writing for more than a few seconds hurts my wrist haha

hah

oh hem.

well cheap pens can make writing more annoying

that's something else that wasn't a problem until Ireland

good pens are worth it

Just use speech to text.

because my teachers in london realised it was a problem and gave me a digital typewriter to use

People have been using that for centuries.

so now after moving to Ireland and having to write stacks and stacks of bullshit for 9 years I can barely write comfortably at all

dyspraxia. woo!

I'm not sure why typing is fine, though

different muscle groups

I guess so

typing doesn't use fine motor control like writing does

come to think of it, it turns out the coordinator at our slimming meets also has dyspraxia

will have to invite her over and get her perspective sometime

after this pandemic is over

I wonder how many divorces the quarentine will lead to.

That's dark

I love it

hah

you know something, grote

https://waterfordwhispersnews.com/2020/03/16/divorce-rates-skyrocket-as-couples-forced-into-self-isolation/

:>

Ladies and gentlemen, this is why you shouldn't "settle" when picking a partner for life

yup

Ok then i'm gonna be single for the rest of my life, not as if anyone would be interested in me anyways.

"cataclysmic"

How do you make a subshell stay alive using python's subprocess

I'm trying to automate venvs

But I can't do subprocess.Popen([".", f"{self.path}/bin/activate"], shell=True) that was my first thought

Looked at similar tech that does this but they just have some black magic

Wow. GitHub bought npm. I was not expecting that.

Aka microsoft bought npm

So microsoft basically controls typescript, vscode, github and js

Oh no

And oh no?

• somebody should buy npm
• microsoft: buys npm
• oh no

microsoft is justing buying everything huh

Who changed this channel's name

@royal lake

Microsofts plan

Pretend to like oss

Buy it all out

Profit

Can anyone answer my question btw, still stuck

Microsoft will like oss as long as oss makes them enough money.

Awwww his button

Neat

🤔

Box play chess

Box is love

Box is life

OHHH ITS MR BOX

Like the thing you where making

Like 5 mont s ago

This has been over a year in the making

1 part left

Speaker grill panel

Tbh could have 3d printed or something

well that'd defeat the point of woodworking wouldn't it

Fair enough

I'd like to woodwork more

Oh shoot I need to redo the drone arm

I broke it again

i like to do woodwork in the summer when i have time and it isn't freezing outside

so the rest of the year i don't really get to do it

Are you from like northern countries?

weather's been too shit to do it outside here

yes, northeast america

so if i want to do stuff i have to do small amounts inside and hoover all the time

When is it not

Oooh

in the summer

there are nice days, don't be a negative mancy

It's only started to become sprting in the ladt week

Been winter since sept or oct

:(

I really like the weather here

it's actually becoming kinda nice here

I usually take my macbook and I code outside

one day it was a nice 72

F

And ideas come up like hell

What's that in non-freedom?

about 22

Pretty good

I'm more comfortable at low temps.

We got a bad winter and just before that, a 38c with like 98% humidity?

3d printed Raspberry Pi cases are very 2016

I'm used to very hot

My school as no ac

I make my own raspberry cases

And it's 300 years old

Out of wood

And was made as a factory

So it's not great

it gets hot like hell here in the summer tho and super humid

I actually implemented a security system with raspberry pis

for my house

Cool

We just have a cctv in garage

That's our security

also nice for making a case out of wood

with opencv and aiohttp

that's what i'm doing :3

That and some knifes in the kitchen

Hoyl shit yes

Our security system are door locks.

yep

A pen lid rolled away

But I perfectly caught it with my elbow then my hand

Our security system are door locks.
@stark prawn This is next in my security list

Lol

But it is postponed until further notice

https://www.youtube.com/watch?v=TngViNw2pOo This is one of these songs that has a riff that sound like a western

That and that abba song

Sounds like horses

i think this is ok, right?

Not bad

The border on the Py looks a bit odd

Whats it for?

yeah it does look a little off. i'm not sure what's off tho

it's for this https://github.com/Den4200/pyfrost/tree/master

it is fire!

Pun intended

hahah

Why are you naming it PyFrost and not PyFire though

It needs to be the same shade as the text but darker

This server has become my addiction

Every time I start chatting here

I let hours fly by

It is currently 4:20AM and I am still not tired

I fucked myself by sleeping all evening - now I'm gonna end up going to bed at 6am

yeah i think that looks better. i also upped the border size by 1 on Py

@undone berry that is me 1 week now

Much better @terse sluice

Yo gdude, do you also take part in creating codejams?

awesome thanks for the suggestion!

the events team does

Oki

like ah

eivl has that role

I don't

and a bunch others

I'm currently the sole user event coordinator, they have a real events team

I'm not staff at all

Oh ok

More events or user events would be cool I think

Yes, I agree

Haha

I'd love it if someone managed to get some sort of weekly programming event going

if a bunch of staff aren't sick next week, we'll probably have a meeting and then discuss your proposal Charlie. i think it's a cool idea, but a lot of work

I think its not a lot of work for staff assuming they're capable of letting the users (me/whoever agrees to help me) do most of the stuff

^^

yeah, i mean a lot of work for you haha

I will help for sure 🙂

I'm an unemployed student with no lectures in the forseeable future - I am the living embodiment of spare time

Haha

I'll probably have time to help out as well

But that isn't even really what I was getting at. I feel like more regular events that build up a community around them would be good. For example, around the start and end of the last code jam #team-leaders and #code-jam-discussion had a community collaborative feel to it

I think the same could be achieved if someone managed to figure out the right weekly/fortnightly event

but I'm not sure exactly what it would be

There's the same thing with Jackbox, but its not programmy in the same way

We do have our regulars, yeah

Fortnight mini-codejams could be a thing

With like role prizes

These are user events

Wouldn't be any roles involved

Yeah, I also don't necessarily think thats the best way to draw people in

Well there needs to be some motivation for people to join mini-codejams

How about, because they enjoy it?

It's not like I offer prizes for jackbox

Yea right, but after some time it is just going to get tiring and boring

I never said you are doing anything wrong btw

The typical codejam is a more competitive thing - thats fine as an irregular thing, but most people don't want to compete like that too regularly

So it would need to be something collaborative. But if its something collaborative, then it still needs to be approachable for new people

I don't really mind non - rewarding codejams

For now lets just wait tho 😛

i wouldn't really mind either

the experience is what i care about

Haha yes

I think the winner/loser aspect would get tiring for a lot of people very quickly

and I think a lot of people wouldn't want to do throwaway projects like that too regularly

That is true

Yeah, collabs are the way to go

Can you explain what you mean by collabs?

A big group of people working together on one thing/towards one goal

rather than separately or in smaller groups

Oh

That is nice

But the project would have to be enormous

well i have two jetbrains 3 month all products pack licenses if you want those for prizes

I really enjoyed the last code jam - but there's no way I could put in that amount of effort, or even a weekends worth of that amount of effort regularly

How it would even work? One team lead and a lot of collaborators with pull requests?

i'm probably never going to use them

i put in an insane amount of effort for the last jam

Jams are so much work

still 3d place

🙂

Hahahaha

It's not even funny how much work it is to run a jam

I don't envy those guys

Right, and you dont even get to join it

How long was last jam?

the comments on the PRs were insane.. so good

9 days

Even just the code reviews must have taken forever

yeah

Code reviews were awesome

Ouch, it's def too long.

No - I much preferred the longish length to weekend hackathon code jam things that I've done

Ludum Dare jam is 72 hours

Thats a different feel to the code jam here I think

Can someone link me to the last codejam?

especially as for this codejam quality mattered

I feel like that I am not going to sleep for 9 days

in the next codejam

https://pythondiscord.com/pages/code-jams/code-jam-6/

tyty

heh i wrote that page

9 days without sleep? You would get error messages mocking you in thick british accent. Even after you turn off your PC.

no one went that extreme

that's more for like 24hr code jams

There are some people who sunk a lot of time into it

Dude I have done that

On league of legends

Unranked - Challenger no sleep

oh yeah i probably spent ~30hrs, but i slept normally

I fucked up a uni exam because of it

although I didn't fail so it doesn't really matter

I can spend more than 150 hours in such events

Like if I start I cant finish

It becomes an unfulfilled desired

My dorm neigbour said that once he decided to play VNs for a week straight

Where if I dont fill it I cant continue

VNs?

Video naughties?

VIsual novels. Animu thing.

viral Newtons?

ah

When it comes to challenges I am like sequential structure, if I dont finish the challenge I cant move on

I remember advent of code.

Every day a new problem. Started 3 days late and every day just tried to solve them, sometimes 4-6 hours a day. And couldn't catch up.

I think made through 9 or 10

I got an idea like 4 days ago

about covidmap tracking

I spent 25 hours straight on that

that's not very healthy

The thing is that if I am not on idea streaks

but it was a very cool project

I have a very very strict schedule

I got to gym every day

I go running

I code max 3 hours a day for secondary projects

and I spend quality time with my gf/friends

that's much healthier

I just don't like to postpone things I love

So, when I join the codejam, which is something I really want to join right now, I will be ruthless

a week without sleep? hmm

EASILY

redbulls - coffee - burgers are my daily fuel

in these cases

the max i could go is probably 36 hours

Bad sleeping habits tend to sneak in others areas of life

I dont have bad sleeping habits

I sleep 8 hours per day on average

When I am on projects

I dont sleep at all

Bad sleeping is the absolute worst

As long as you sleep roughly the same 8 hours every day its fine

I remember work + uni, when i went from one to another without sleep. Ofc, no time to cook, so it's fast food time. And then I become too lazy to cook even when i have time for it.

but if you mix and match, sometimes getting up at 2pm, sometimes getting up at 8am, you're fucked

Yea, I run on 5 hours per day max, but I save these 3 hours of extra energy

for these days

I basically force myself to bed so I can store energy

for the days I need it

The worst thing after 12-hour shift is that you don't actually want to sleep after it for a while

I don't think your body work like that

Trust me it does

Try it for 1 week

Your body kinda "winds down" for 2-4 hours at least.

and see how much extra energy you will have

@terse sluice what was the name of your team?

inquisitive investigators

I am watching the Judging Live Stream

ooh nice hahah

mmm where should i host my images

are u making a website?

it's the pyfrost img above. i need to be able to use it on the docs, github page, and pypi

BTW, guys, do you use any notetaking/organisational apps to structure work?

like general work, or for coding and development?

it's the pyfrost img above. i need to be able to use it on the docs, github page, and pypi
@terse sluice well you could try imgur

Wherever. For example, in Uni i used Mendeley to structure articles i needed for studies.

It's a reference manager.

I make notes

i like the notion app

in my notebook

for my daily tasks

super versatile and customizeable

Is it better than fully-free alternatives?

and then I have a raspberry analyze the notes

kappa

i mean notion is free and it's awesome

I often leave .txt files with notes on my desktop. It's a bad system, but I never really bothered to switch.

they do have a pro version i think, but i don't have it

they have a mobile and desktop app

yo @terse sluice your codejam project is so nice

lol

Actually so nice

lol thank you

couldn't have done it with my teammate Monika

It looks so nice

Gotta check it, thanks.

retro style

Where you a 2 member team?

Any other interesting productivity apps?

yeah, only 2 out of the 5 worked

Why is that?

i haven't used any others

one teammate's father had a serious head injury and the other 2 idk

Hmm

That's unfair

¯_(ツ)_/¯

luck of the draw

You still managed 3d

vs teams of 5

hahah yeah

I dunno if its unfair - most teams seemed to only have 2-4 working

2.5 seemed to be the most common

How is that?

2nd had 4 people and 1st had all 5 people i think

I know for the first place team at least one member was ill a lot of the time

That is unlucky

What was second? I remember first was Morse, third was the terminal tui thing

things happen that get in the way of the jam, but some people just don't do anything

salt-die's game

ah yeah

that was great

super cool

and satisfying

Yeah, I think he's worked on it since

although I haven't looked

yeah he has

it optimized it for mobile

don't know if any others have worked on theirs, have you?

no i haven't since then

I haven't touched mine, but I know BrainDead said he was planning to

neither has my other teammate

This is giving me such a desire to join a codejam now

Aaaaah

And the theme was pretty good

Going into it, I was a bit worried a theme I didn't like would get chosen - but Ancient Tech was easily my favourite

yeah i liked that theme. i'm glad it was picked

Do you know who suggested it?

hmm i don't remember. idk if we even knew who chose it

I think the form was anonymous, but I know some people owned up to suggesting some of them

How weird would it be if it was future for the summer one

I know Gdude had one on the shortlist

what kind of app would you make for the future?

Not usre

sure

That would be difficult asf

exactly what Salt Die made for the post apocalypse

I assume we'll also need to go back to Morse once the internet dies

so 2/3 of the top 3 can be resubmitted as is

hahah lmao

Right

my coworker has coronavirus and he is not dead, feels fine. but now the company is shut down for 2 weeks wanders away

haha

Maybe space could be a theme

space invaders would be cool

love that game

as a theme or submission?

I imagine it would be a fairly narrow theme

space invaders submission for a space theme

Yeah, that makes more sense

Hmm

Maybe time could be a theme

that could be interesting as well

that’s a bit broad

Bisk could resubmit his

Imagine the possibilities

he could haha

his last commit on the code jam was great

He was streaming right up to the last minute - and watching him make changes with minutes/seconds left was anxiety inducing

I guess this goes without saying but are you obliged to code the project on python?

51+% of the code had to be Python

Cause I could think many cases where unity can fit in

And make a game look stunning

Unlike most code jams, code quality was a huge factor in this. So that means it kinda needs to be Python so the judges can judge it based on its quality as python code

scripting in unity with python is a thing right?

I don't really think so

there is a .NET import for python

yeah code quality was pretty big

spams lambdas

i’m still very impressed by their code reviews

so good..

like look at ours https://github.com/python-discord/code-jam-6/pull/5

Sec

i can’t get rid of the giant embed cuz i’m on mobile..

At the time I read the code reviews for every project that looked even slightly interesting - and it was a very enlightening experience

i did that as well and it really opened my eyes on how much work they put in

Yea the code review seems nice

I guess they also check the way you use git

yes they do

commit message quality

going into it - I didn't even realise commit messages had bodies/descriptions

and when having too small commits, squash them

I usually always write extensive commit titles but no bodies

Not*

i always forget about bodies and just use -m

In which case, your commits are probably too long

bad habit

I just add a changelog file and log the changes there beforehand

I can adapt to the body thing tho

I am heading to bed, thanks for the chat guys

@wind karma @lime gazelle This one is free for you folks

Oh whoops

Meant you xx

Thanks 😄

pinged the wrong person yeah

Sorry kiwi

np

I am good

So yeah, I had the same problem yesterday

but I managed to work around it.

I tried the same thing, it's not working

what's the issue?

https://pastebin.com/FAE126P7

I'm trying to execute an rsync command

If I copy and paste what it evaulates to, it works.

But if I try and run the same exact command from the script, it doesn't

and it says "option unkown" and then the whole extra args string

hmmmm

sec

Aigh 😄

I've tried everything I could think of

what if you put eval in front of the evaluated command?

when calling it in the script, i mean

eval(rsync "${tmp_extra_rsync_args}" "$tmp_src_path" "$tmp_ssh_user"@"$tmp_target_server":"$tmp_dst_path" >> "$log_filename" 2> >(handle_error)) like this?

no ()

Aight

just eval rsync "${tmp_extra_rsync_args}" "$tmp_src_path" "$tmp_ssh_user"@"$tmp_target_server":"$tmp_dst_path" >> "$log_filename" 2> >(handle_error)

Heck

it works

I don't understand why tho.

because you are running rsync "${tmp_extra_rsync_args}" etc

the args and stuff get sent to rsync as a single string

which is not how it expects it

eval expands them first into separate ones

you can alternatively remove the quotes around variables in your rsync command

would achieve the same result, i imagine

I tried

It didn't

huh, odd

Yah

Also, I'm trying to use - "ssh -i" and it's not working :/

I must be doing something wrong

Jk I had the wrong key.

haha

Nope.

Right key now, still asks me for the password

correct username though?

also what's your full command?

rsync --archive --verbose --compress --progress --bwlimit=1000 --human-readable --append-verify -e "ssh -i $HOME/.ssh/key.pub" /home/birbautoma/projects/Borsa-Flowcharts/stuff_to_sync/ birbautoma@localhost:/home/birbautoma/projects/Borsa-Flowcharts/synced_stuff

I already set up the keys between myself and...myself lol

birbautoma?

🐦

i can help you with the birbs

what kind of birbs are they

@lime gazelle eval removes the quotes around "ssh -i $HOME/.ssh/key.pub", which is not ideal

could use single quotes, but then you'd have to use something else instead of $HOME

crap

I thought it would use the keys on its own

@rough sapphire Well. I don't really know. Hm.

wait

wait wait wait

why are you using the public key for identification

you should be using the private key

frick

I'm stupid

the public key can be used as a signature

not what -i does

okay

Okay I corrected that

Still, nothing. It still asks for the password

Which, I guess, is correct?

you haven't set a passphrase for the key, have you?

this the user password, and not the ssh key password?

Does the server ask for password or it asks for the key password?

password

the key has no password

stupid Q but does it find the key and does it have the correct permissions

When I use the same key for ssh it works

I can also just ssh without specifying the key

I think

No not without specifying the key

the user running the script has the same $HOME as where the file is?

Yeah, it should

It does, yes

I tried re-copying the key, I still can't do ssh localhost without it asking for my pass

Uh

Have you tried just giving it no password?

I thought it had to ask for a password even if there wasn't one

Yes, try an empty password

Also, I think I messed up the key exchange

I'm trying to ssh using my private key, it's not working. Still asks for pass.

Uh.

Again, I think it asks for one even if there isn't one

It shouldn't

I'll try setting up the keys again

Tried with empty password?

I'll set it up and I'll try w/o a pass

brb

SSH doesn't ask for a password if your key hasn't got one and the key is accepted by the server

Nope

Even without password

Okay I fucked up

maybe because I'm sshing to myself?

that should be fine

Do you know what the user password is?

Yeah, it's mine

are you using the correct username

yeah

there's only one user too

So can you try using ssh-add-key? Or whatever the command is

I tried ssh-copyid

Hm, well, that certainly should do it

Maybe the SSH server isn't configured to accept keys

and the public key is in authorized_keys?

yes

with ssh-copy-id it does that

my pub key and the authorized keys files have the same md5 sum

because they're essentially the same file

what do sshd logs say

if systemd, sudo journalctl -u ssh

No entries

uhhh

sudo cat /var/log/auth.log then?

no such file or directory

I have something

I have something

what distro and does it use openssh

bad ownership for home dir

it's fedora31

bad ownership or modes for dir /home/birbautoma

uh

chown and chmod 644 then

or uh

755

Okie

it works

Thanks!

at least, ssh localhost

It works, even the script! Thanks, really really thanks!!

np :+1:

Uh

Well.

Now, for some reason, it copies my rsa key. The private one.

Ok.

My bad. I was copying it.

btw setting a passphrase for the private key is rather important

Eh

it's my peronal computer

I don't have important keys, only one to my own user..like..that's pretty useless

to use it you'd have to be logged in as birbautoma already, so..

Birbatron 5000

Honestly?

I should change my hostname to that.

Annnd....done.

I like to think I change the world in little ways

LIke a butterfly effect

Back to work 😦

@lime gazelle 🤷 just as long as you're aware it's the same as saving your password to disk as plain text

Eh

again, if you want to use it, you'd need my password anyway

@rough sapphire Wouldn't matter if they have disk encryption enabled

I don't

Oh

I tend to forget my passwords

KeePass/Bitwarden!

It happened once. I had disk encryption and I forgot the pas

the point is that if somebody gets access to your files, no matter how, if they manage to grab the SSH key, if you've used the key anywhere else, you're done

yeah but I can't use it with disk encryption

But why would I use that key somewhere else?

It's common practice to generate a new key

@lime gazelle You could, if you had it installed on a mobile device for example

@rough sapphire Hopefully folks aren't re-using passwords 😄

having multiple SSH keys is painful

Of course, https://haveibeenpwned.com is a testament to that

passwords is fine because there are managers for that

but I have yet to see a system which distributes SSH keys as easily as something like lastpass

I personally don't use nor would suggest using something like LastPass

But that's just me

KeePass or Bitwarden, because KeePass has been audited, and Bitwarden allows you to host it yourself.

I've been enjoying bitwarden

I'm really not for infosec here. I'm 100% for practicality.

@sand goblet recommends Bitwarden

hell yes I do

lastpass has saved my ass way too many times

I do not trust lastpass as far as I can throw it

it's owned by LogMeIn and they have an absolutely shittastic reputation

I've never had an issue with KeePass. But then again I also have numerous backups of the db 😄

KeePass is totally great

If it suits you it's awesome

I prefer using my mind, harder to hack

@solid pollen passwordpassword123 isn't a good password tho

Haha, but it is pretty long

Add in a few more "passwords" and you're good

badgerbadgerbadgerbadger also isn't a good password

🍄 🍄

drowssap is a good password

( +1 to those who got the reference )

👻 🐍

Amazing

All people old like us should get that reference scott.

🦡

Its not just old people

@stark prawn You'd be surprised

Oh huh

Hey, 2009

I didn't realize there was a badger emoji

It was brought back to a fair extent in like 2014 or so due to the badger cull in the UK

My passwords generally look like this: 7DsfEbubNkUwxSkVoyLyZC9YNC#HseZA^LUzQpu!3kw%9Tv3EJvAcm87cKsRh5P4pxRQ62HhZ6rzj%6pwocpz@zjgrrV6kR#dKA7RceVohZ#C3THx@dt8aSw^zpd%f6w

Brian Blessed and Brian May did aversion of it together

(not one I actually use, just generated it now)

@sand goblet nG~-hEy&Ky(VFF8$~;t#,3ePm.Lr7=FWmgp?K'/<{,M69}K2wR&(6"&$B]uW$9(Q~g8F7id5PchH/X>;U[SV?ND]s:@4L<#B7xWuaLNHcFoQ-^G_WR}wr!&4LT{%'"aoCJP4u#zAP~rg7,Cc>@#4D=YSduJ{o&c(WHnb[}[n\4{=@v3cz^gcD&+ox,i*NN4>:S+nj)Qhf-Lx@Sc@#+Wb3tuV:Z4hi+>k+J%}cYqC49'>265T~~e_LDe*-~wU8c9_LzS-od6<#;NF<d(H8?Pt+xjjQ74qx*6>+YvXbPH5)$7[[rez)?`=M<V=GMk9_-+Duy!zw;y^iSB{[f?Tkx~5CdhisR}x82t7}AWL":/_JdY_{Yd.Xg%ExQAav^\("`}&U%E_J#S&!+ofKy`$QVtV6[YK'=Q47cY{(Zw"$hDq/>H"H_saaSpy96ZF}WANC"@qbUq!>q%\DT#Lz+G@+cx-7-ggE}k,Ki`i$(ed(DT7Q_E<FbU6$ZT~,#_r$/T:i`k3

don't use passwords that long

512 or bust

You'll regret it the day you have to manually type it somewhere

@solid pollen I don't, though

Most services don't go over 128

mine usually look something like Lando5Calrissian

And then they only use the first 16 characters to create the hash

many don't even go over 60

serious: don't use passwords even close to that long

Discarding everything after that

Mine is around 10 chars

because they need to get salted

that's not my problem

KeePass DX on Android is pretty good, since they have their own keyboard

some random letters and numbers I just memorized

I don't see what that has to do with it world

So you can just copy/paste whatever, without sharing your clipboard with everything

It is longer to salt?

Same with hashing?

@stark prawn there might be datatype restrictions, specifically if the salt is something like string concatenation

That sounds like poor implementation

this might be coming from times of the olden when characters were stored in buffers

The salt shouildn't have anything to do with the plaintext password

@undone berry yes I suppose you can salt the hash too?

yeah salts are pretty irrelevant

salt(hash(pw)) ?

salts are hashed as well

they just have to store the salt separately

I mean, if my password is 512 characters - I don't really care if it's salted tbh.

so it doesn't matter, the length in the DB is the same

If I ever make my own IDE theme or something, any mention of "hash" shall be the color brown

It'd be nice

What?

Hash browns

Breakfast potatoes

Num nums

.>

you don't need to store the hash of the password itself ever afaik

you just need to know how you salted the password

Well yes, you should properly salt your hash browns

Wait a sec, you eat potatoes for your breakfast?

Huh, how are you gonna verify the hash if you don't store it.

Hash browns are overrated

you don't need to store the hash of the password itself

*with your breakfast

@stark prawn of course you will but you store the salted version

It's rarely the only thing

hash browns are amazing

Hemlock eats exclusively just hash browns

You just store the hash, that's the main point

Hash browns are the most boring part of any breakfast that they participate in

@undone berry Hash browns are great tho

You don't store the hash of the password

Grits

you store the hash of salt + password

Hashbrowns are the epitome of mediocrity

Grits are the most boring

I love hash browns

gotta make my own someday

Never had grits actually

You're missing literally nothing

They have no taste

It is hard some me to imagine someone eating potatoes at like 8AM

the salt in a passsword hash exists entirely to prevent rainbow tables-style attacks on people's passwords

I'm not sure if google is even showing me the right grits - it looks like a worse version of porridge there

That is the correct one

It's just mush

it's a responsible thing to do to protect people from themselves when they reuse passwords

For some reason I thought they involved potato

Also be sure to use a different salt for all passwords.

Okay so

yup

I'm confused how salts are generated then

@stark prawn the salt can be a function of the password or anything else, as long as it is deterministic and can be calculated whenever.

Why bother to use a different salt for all passwords?

@undone berry Rainbow tables

So you can't make a table for your dtabase.

But the rainbow table is only relevant if another service used the same salt no?

If you use the same salt and it gets compromised, you then expose all of your password hashes, which anymore is just as bad as keeping plaintext

Exactly.

If you have a different salt for each entry you can only crack one at a time, instead of your enitre database at once.

Which if you have millions of users matters a lot.

Am I thinking correctly?

@stark prawn but the function might get exposed which calculates the salt

That doesn't matter.

I guess that make sense

@plucky ridge Right, yes.

Coo

Yep

@stark prawn you have to be able to calculate the salt whenever you want. the function has be somewhere stored.

If you know the salt for everything is "yolo", you're just gonna hardcode the salt as "yolo" and keep calculating

You can just save the salt plaintext alongside the hash.

If the function is exposed, but all you have is the salted hash in the first place, then you still won't be able to reverse it

It would be the same as a rainbow attack, more or less

You'd have to brute force to get the hashes and THEN crack those hashes

@plucky ridge but then you can still guess the thing as long as you do your guesses through the salt function

@plucky ridge Most services use random salts still, but it should be generated based on the password ideally

then the salt doesn't have to be stored separately either

Is what Hemlock said correct? Assuming you use abc as a salt, you can't see the hashes of the unsalted password. The only thing your exposing yourself to is a specific rainbow table which has used abc as a salt

Sure, but my point is that you're making exponentially larger work

Which is good

@plucky ridge the rainbow tables already exist, so you only have to linearly go through them and recalculate them.

I think charlie

I might entirely be wrong on all of it honestly

assuming the input for the salting function exists in your hands

Back later, I've got a delivery run that needs a runnin

password = getpass("Gimme ur pass: ")

salt = create_salt_for(password)
hash = get_hash(f"{salt}{password}")

check_hash(get_hash_from_db(), hash)

Which, if you're storing passwords at all, use argon2 - https://passlib.readthedocs.io/en/stable/lib/passlib.hash.argon2.html

@undone berry you need a seperate rainbow table per salt, so if you have a different salt for each password you can't use a rainbow table for your database.

otherwise your passwords argon?

Well played

Yes

The current recommendation for password hashing is PBKDF2 actually

Or

password = getpass("Gimme ur pass: ")

salt = get_salt_for_login(login)
hash = get_hash(f"{salt}{password}")

check_hash(get_hash_from_db(), hash)```

No, use the password

that way they can't get the salt from the db either

I mean, if the implementation is bad, which is the most current case

I believe argon2 is better, considering it's design was specifically for passwords.

argon2 is not suitable for storing passwords

How so?

yeah, hang on, I'm finding you the explanation

This hash provides support for the Argon2 [1] password hash. Argon2(i) is a state of the art memory-hard password hash, and the winner of the 2013 Password Hashing Competition [2]. It has seen active development and analysis in subsequent years, and while young, and is intended to replace pbkdf2_sha256, bcrypt, and scrypt.
https://passlib.readthedocs.io/en/stable/lib/passlib.hash.argon2.html

I think I'm slightly misunderstanding what exactly a rainbow table is - they're a big ole pile of precomputed hashes right, if so, where do they come from? Just the same as a brute force attack but with hashing done as well?

Using a function to generate the salt wouldn't be that much better than using random salts would it?
Since if you are able to get into the database you can probably get the function aswell.

Rainbow tables are tables of input -> hash

ah, no, that was a typo in the article lol

They're just calculated

they go on to recommend argon2 at the end

but called it unsuitable at the start

Huh, weird

So by doing input + salt -> hash you prevent the use of existing tables.

I was gonna say, argon2 is great

Sounds like weird clickbait

Scrypt, Bcrypt and Argon2. …and yes, MD5, SHA1, SHA256 are not suitable for storing passwords!

Sure, but assuming you use a massive salt - its pretty unlikely that there's going to be precomputed tables right?

In 2019 I’d recommend not to use PBKDF2 or BCrypt in the future and highly recommend Argon2 (preferrably Argon2id) for newer systems.

Its still less secure, but it seems pretty secure

SHAs are too easy to compute

rot13 or bust

rot26 plz

rot13, twice

It's mostly about the speed of computation @undone berry

you want a slow algorithm

otherwise the salt doesn't really matter

The problem with generating salts based on the password is that two users with the same passwords end up with the same hash, as opposed to when you use random salts.

You could generate a salt using a randomly generated value and the derived password

@solid pollen then you would have to save the randomly generated value

Whats the benefit of that though?

oh no

I get it

The benefit is that if they manage to crack the password of one user, they won't have the other one aswell.

but then you would have one salted password and one plaintext password. the user would have two passwords essentially.

what?

the other plaintext password would lock the "real password"

At what point do you just stop caring about security - random salts + hashing?

you don't

DO you need to go any further

I mean by the sounds of it it's probably a good idea to have two salts

a random one and one based on the password

so let's say salt = function(password, random_thing)

we need to be able to calculate this function whenever the user logs in

I mean, yeah, but that isn't hard

that isn't hard

but that means we need to know both the password and the random_thing

well we get the password from the user

It isn't hard either

Well, random_thing is just the same as a normal salt col in a a db

yeah

what

column, charlie

Yeah, I just realised

I have no idea how I consistently get col/row mixed up

okay so you create some random mush into the DB for every user

same with vertical/horizontal, I always say the wrong one

Yes, that's the standard way to do salts nowadays afaik.

but that just means that if we now leak the database

every user will have (username, salted_password, mush)

Yes

well, not salted_password, the hash of the salted_password

but the mush is plaintext. we don't need to crack that

so it's irrelevant

login, password = get_credentials()

first_salt = db.get_user(login).salt
second_salt = create_salt(password)

hash = create_hash(f"{first_salt}/{second_salt}/{password}")

if hash != db.get_user(login).hash:
    print("https://www.youtube.com/watch?v=OGp9P6QvMjY")

You may misunderstand the point of a salt.

@stark prawn no. I fully understand it.

Its to prevent rainbow tables, and to prevent two users having the same pw hash

$argon2id$v=19$m=102400,t=2,p=8$CKFUyrnX2pvz3pvzfg/h/A$A6poNmWE2pFCj9DweAe+EQ is a valid argon2 hash using passlib

okay I guess

It's not a problem if they have the salt.

but now they only need to recalibrate their rainbow table

based on the mush

Sure, and that'll take how long?

Thats the same as bruteforcing the password

Which takes months if not years.

hmm

The whole point of strong hashing + salts is to buy you time if it gets leaked

If you use a single salt for all passwords or a deterministic function to generate one, you could create a new rainbow table for that specific database.
If you have random salts you have to bruteforce them all individually.

but there's still a difference between knowing the salt and not knowing the salt

If you have random salts+salt based on password, then a rainbow table is pretty much completely infeasible right? Assuming your function never gets leaked, which it would

Whether you know the random salt doesn't matter. Do you have somebody once told me in this specific hashing algo, plus this specific salt?

even if the function does get leaked though, they can't get the salt based on the password without the password

Strongly doubt it 😄

@sand goblet youi can calculate the salt while bruteforcing.

Making it the same as a static salt for the purpose of creating a table

Scott get out

That's in my head

perhaps we need some lemon jelly

https://www.youtube.com/watch?v=FKMg2o4hOoo

Compiling Unreal is slooooowww

I.... accidentally pressed CTRL + C

Can you believe it..

I just wanted to copy those horrible filenames

[366/1878] Compile Module.Persona.4_of_4.cpp
[367/1878] Compile Module.Persona.2_of_4.cpp```

Wonder if they're autogenerated

Aww, persona....

I am having an online maths class about imaginary numbers

And I cant see shit

You missing your i's?

https://tenor.com/xAYT.gif

I really despise of online classes

it is very not learn-y

I think I've only ever passed like 1 online class

I'm terrible about remembering to do them

I don't have the discipline

I am having an online class cause corona time

When you say it that way it just makes me think you're kicking back having a crappy beer

That is kinda exactly what I am doing

Is it a Corona?

Because that would be perfect

I love Corona Beer

I only drink that on summer

I go back and forth with it

Sometimes I love it others I just can't even drink it

(Persona is the ue4 animation editor btw )

In my country it is expensive as fuck to drink beer in beach

one bottle of corona costs 5 euros

is this all there is to searching using BFS?

just going left to right top to bottom?

it just means that starting at S, you can see 3 nodes: A, B, and C, and BFS will visit those three first

https://imgur.com/gallery/WsYb1og

Of course someone did this haha

Oh yes haha

I am definitely going to use this when I wash my hands

Although I have a feeling i would end up using lots of soap...

i can't find any information on this - how did people deal with quarantine back in the old days? like, aiui it used to be common before there were vaccines for a household to be quarantined if someone got measles or whatever, how did they get food, how did they deal with not being able to work etc

Stay home and pray?

Back in the days, it was okay if the whole country stopped working

Now it is not

There was no clear cut single method. It varied based on country and time. Some just died

The bubonic plague was much worse than covid

well, yeah, i'm wondering about those who didn't die of the disease, like how did they get food in etc

One village that quarantined itself would trade by leaving goods at the edge of the quarantine zone. In Italy at some point of other the quarantined had wine delivered to their houses (I assume with food). I'm not sure on a specific source for details, most of this I picked up from random bits on the radio

:p

pascal's triangle is awesome

Being in IT is like being a girl sometimes, because you can say "I got a nice rack"

Man, I have to remember that no one else in my life cares about programming to the extent that I do. I talk about it too much, because I spend so much time thinking about it, and people tolerate it for a while and then are like, "I HAVE NO IDEA WTF YOU ARE TALKING ABOUT PLEASE STOP" lol (maybe in nicer words)

It makes me be like ehhh... why am I like this. I wouldn't survive without these communities. But I have to remember I cant talk about the things I do with most people.

Not just because they dont care, but they will do this thing where they thing Im trying to flex on them sometimes.

idk. I just gotta remember to keep it to myself.

It's a know your audience thing

yeah...

I do occasionally come across people that understand programming IRL though

Also people that pretend to

But screw those people

Some people are even interested for a while, they are curious to know this or that despite no interest in pursuit of doing it. Which I think is okay and contributes to people having a better understanding of software that they would otherwise.

But yeah. I'm just overly obsessive.