I believe that the problem with agile is that it’s not enough like waterfall. That’s why SAFe is for me.
So glad we dropped that shit.
I believe that the problem with agile is that it’s not enough like waterfall. That’s why SAFe is for me.
So glad we dropped that shit.
Yeah, that’s my thinking, too. But the library only takes b64.
Edit: also, if anything, this system reduces the benefit of strong typing. You can feed whatever string you want into it and the compiler will say it’s OK, even if it would fail at run time. If it were a Vec<u8>
, then the compiler can check things. Especially if you do something to let the compiler enforce the length (if possible).
Or hand over a UUID object directly. Yeah, it ties it to a specific library, but it’s either that or you’re not taking full advantage of strong typing.
Or just have a sensible default implementation.
But did their hallucinating oracles require so much power that they talked about bringing nuclear reactors online just to run them?
None of this has much to do with type safety at all. A dynamically typed language might have a Salt object that has a constructor that takes a base64 string. If its common uuid library doesn’t output base64, then you can’t use it directly.
Nor does a specific uuid library matter much. It just needs to be able to output base64 strings, which is an uncommon uuid encoding, but it’s out there.
Nor does type safety prevent providing a sensible default implementation.
The crate uses phc strings, which store the salt together with the hashed password, so no, it can handle it all on its own.
There was just no thought into how components work together.
Just wait until you come across an XS library that uses a scalar reference for its objects (like LibXML).
Edit: for any possible future readers, there is a sensible default that I hadn’t found yet during this work in progress. It’s just in a different struct: SaltString::generate()
.
I’d like it better if things were designed to work together better.
Right now, I’m working on a password storage system using the password_hash
crate. You need to provide the salt yourself; this is already a bit silly for not providing a simple default that just gives you 16 bytes from a CSPRNG, but let’s continue.
You read the Salt struct documentation, and it talks about UUIDs being pretty good salts (well, using v4, anyway). So that pushes you toward the uuid
crate, right? Except no. That crate doesn’t produce formats that the functions on the Salt struct will accept, like base64. So maybe the uuid_b64
crate will do it? I don’t think so, because that crate uses a URL-safe version of base64, and it’s not clear Salt will take that, either.
You’re now forced to use a cumbersome interface from the rand
crate to make your salt. I’m still working through some of the “size not known at compile time” errors from this approach.
All of which would work better if there was a little thought into connecting the pieces together, or just providing a default salt generator that’s going to do the right thing 90% of the time.
Don’t get me started on how Actix hasn’t thought through how automated testing is supposed to work.
It’s something like the second law of Thermodynamics. It’s probability, not absolute. It’s possible all the gas molecules in the room arrange themselves one corner, but it’s fantastically unlikely. It’s possible to choose the right encryption key to a 256-bit cipher at random the first time, but it’s fantastically unlikely.
Remember that I’m a nihilist and shrug my shoulders.
Then start to think about how everyone else is going to react and how I’ll need to plan for that.
Yes, that’s right.
$i = 0;
$s = "foobar";
$i+=$s=~/(oo)/; # This increments $i
say $i;
If you do it on a quantum computer, it goes faster because the random errors pile up quicker.
Tons of tu quoque replies in the whole thread, which tends to prove OP’s title. Yes, we’re aware America does these things turbocharged. The whole point is that EU nations do all sorts of shit, too, but it isn’t scrutinized because America does it worse.
I mean, I don’t usually talk about my porn viewing with friends. There’s only a handful of people I would talk about it with. As far as fundamentalists goes, while I do have friends who identify as Christian, I would have a hard time being around someone under the fundamentalist label. For reasons that don’t specifically have anything to do with porn.
When it affects work or personal relationships.
France, Germany, and Austria all have a military-industrial complex problem. MIL money might not dominate their politics the same way as the US, but there is a problem there.
Even with their post-WW2 defensive militaries, Germany and Austria are perfectly ready to sell military hardware to anyone with the cash. H&K, Glock, and Steyr all hail from those two.
France sold off the Exocet anti-ship missile to just about anyone. As far as I can tell, it has only been fired in anger at the boats of other NATO members. Thanks, France!
I think there’s value to mandatory military service when your aims are primarily defensive. Country gets invaded and not only are there lots of people in the army already, but also there’s plenty of reserves who just need refresher training. When you’re the one getting invaded, you usually don’t have problems with motivation unless the current regime has really fucked up.
When you try to use a largely conscripted army for invasions, like Russia is doing, people start to wonder why the hell they’re doing this.
Conversely, when your country is known for military adventurism like the United States, it’s easier to motivate volunteers. They signed up for this, and as fucked up as it is, they almost want to be sent off to war in some far off land. England also has generally used a volunteer military throughout its imperialist history. Giving your citizens the choice works better if you’re going to be doing imperialism.
Thanks for coming to my TED talk.
I think there should be mandatory service, but not necessarily military service. Something like the old Civilian Conservation Corps.
But I’m also old enough that this policy wouldn’t affect me directly, so take that as you will.
Tu quoque.
Europe likes to pretend it isn’t racist because its cops don’t beat up black people (for the most part). US racisim, OTOH, is on full public display. This doesn’t make one better than the other.
Wireless links can be done on certain parts of the spectrum without a license. Just need clear line of sight.
It’s a knowledge issue. Network admin skills aren’t easy, and good network admins make a lot for a reason. Coordinating to build even a regional network is difficult, much less crossing a continent or a planet. It’s harder than you think, even if you already think it’s hard.