Comments for Aaron Toponce https://pthree.org Linux. GNU. Freedom. Sat, 10 Nov 2018 10:38:34 +0000 hourly 1 https://wordpress.org/?v=5.1-alpha-43678 Comment on Let's Talk Password Hashing by Hans https://pthree.org/2016/06/28/lets-talk-password-hashing/#comment-278617 Sat, 10 Nov 2018 10:38:34 +0000 https://pthree.org/?p=4699#comment-278617 "Never roll your own" - see anything wrong with this?
1: sha2-384 hash the password
2: base64-encode the hash
3: bcrypt the 64-byte base64-encoded sha2-384 hash

why? primarily, it bypasses 2 issues, 1: bcrypt only support passwords up to 72 bytes, this scheme supports any length. 2: many popular bcrypt implementations stop at the first null-byte, which means binary passwords (which may be used by robots/scripts) may inadvertently become very weak, eg if the password is "x33\x00", on most bcrypt implementations, the password simply becomes `3` because hex 33 is ascii 3, and the 00 is treated as end of string.. base64 never emits null bytes, which means your robots/scripts which create their passwords based on /dev/urandom will be safe.

]]>
Comment on Automating Debian/Ubuntu Installs With Preseed by sadha onnisa https://pthree.org/2008/05/20/automating-debianubuntu-installs-with-preseed/#comment-278594 Fri, 09 Nov 2018 12:18:43 +0000 http://pthree.org/?p=583#comment-278594 I really appreciate information shared above. It’s of great help. If someone want to learn Online training, kindly contact us
https://techenoid.com/automation-anywhere-training

]]>
Comment on Automating Debian/Ubuntu Installs With Preseed by michael techenoid https://pthree.org/2008/05/20/automating-debianubuntu-installs-with-preseed/#comment-278590 Fri, 09 Nov 2018 08:36:05 +0000 http://pthree.org/?p=583#comment-278590 really this post values for us

]]>
Comment on Real Life NTP by Matt https://pthree.org/2013/11/05/real-life-ntp/#comment-277924 Wed, 17 Oct 2018 06:05:10 +0000 https://pthree.org/?p=3301#comment-277924 Thanks Aaron, great article.

]]>
Comment on The Lagged Fibonacci Generator by Girkov Arpa https://pthree.org/2015/05/29/the-lagged-fibonacci-generator/#comment-277848 Sun, 14 Oct 2018 17:10:00 +0000 https://pthree.org/?p=4061#comment-277848 Very interesting article!

]]>
Comment on The One-Time Pad Hard Drive by Hard Disk Price https://pthree.org/2012/08/26/the-one-time-pad-hard-drive/#comment-277721 Wed, 10 Oct 2018 10:39:34 +0000 http://pthree.org/?p=2474#comment-277721 One time apd hard drive. Frankly speaking I was not understand when I start reading your article but once I tried to understand then I got exact information about what I want.

]]>
Comment on Latin Squares, Mathematics, and Cryptography by Girkov Arpa https://pthree.org/2018/09/20/latin-squares-mathematics-and-cryptography/#comment-277265 Mon, 24 Sep 2018 01:16:07 +0000 https://pthree.org/?p=5187#comment-277265 "First, suppose I give you a partially filled Latin square as a "public key", with instructions on how to encrypt with it. I could then use my fully filled Latin square "private key", of which the public is a subset of. Using this private key, with some other algorithm, I could then decrypt your message."

What 'instructions' and 'algorithm' could one use to get this cryptosystem to work?

]]>
Comment on Latin Squares, Mathematics, and Cryptography by Girkov Arpa https://pthree.org/2018/09/20/latin-squares-mathematics-and-cryptography/#comment-277253 Sun, 23 Sep 2018 20:38:40 +0000 https://pthree.org/?p=5187#comment-277253 "As such, this builds a good foundation for public key cryptography, as briefly outlined here."

I click on the link but it talks only about secret-sharing, not public key cryptography. Is secret-sharing somehow a type of public key cryptography?

]]>
Comment on Automating Debian/Ubuntu Installs With Preseed by Nancy nanck https://pthree.org/2008/05/20/automating-debianubuntu-installs-with-preseed/#comment-276851 Mon, 10 Sep 2018 17:33:59 +0000 http://pthree.org/?p=583#comment-276851 RPA training in Hyderabad. We are providing rpa training with real time industry expert,we also providing 100% job assistance.

]]>
Comment on ZFS Administration, Part VIII- Zpool Best Practices and Caveats by sherpa https://pthree.org/2012/12/13/zfs-administration-part-viii-zpool-best-practices-and-caveats/#comment-276686 Tue, 04 Sep 2018 10:08:18 +0000 http://pthree.org/?p=2782#comment-276686 what is recommended way of creating data pool if i have 13 x 5TB disks ? i could see in zol blogs that large disks should not be used with raidz but its not clear enough

]]>
Comment on Getting Up To 8 Possibilities From A Single Coin Toss by Anonymous https://pthree.org/2018/08/10/getting-up-to-8-possibilities-from-a-single-coin-toss/#comment-276142 Sat, 11 Aug 2018 19:47:34 +0000 https://pthree.org/?p=5162#comment-276142 You should that (in an appropriate mathematical sense) most of probability theory can be constructed using sequences of coin tosses. More precisely, the most commonly used stochastic processes can be defined on a probability space that is "isomorphic" to the space of countably many coin tosses. In some sense, coin tosses aren't limiting at all!

]]>
Comment on Automating Debian/Ubuntu Installs With Preseed by Linux training https://pthree.org/2008/05/20/automating-debianubuntu-installs-with-preseed/#comment-276100 Thu, 09 Aug 2018 09:00:21 +0000 http://pthree.org/?p=583#comment-276100 Thanks for the awesome tutorial.

]]>
Comment on Use A Good Password Generator by Joshua Mertens https://pthree.org/2018/04/19/use-a-good-password-generator/#comment-276047 Tue, 07 Aug 2018 07:07:35 +0000 https://pthree.org/?p=4976#comment-276047 Password should be not simple, because it's very simple anybody can crack it. There has to be a complex combination of numbers, characters and special characters. There are lot of online password generator tools available like http://www.allkeysgenerator.com/ which can be used to generate really strong passwords.

]]>
Comment on Use A Good Password Generator by Antony Kidless https://pthree.org/2018/04/19/use-a-good-password-generator/#comment-275967 Thu, 02 Aug 2018 17:03:18 +0000 https://pthree.org/?p=4976#comment-275967 Recently I made a progressive web application that generates strong and random passwords https://randompasswordgenerator.org/ in a click

]]>
Comment on CPU Jitter Entropy for the Linux Kernel by Alexander https://pthree.org/2016/05/24/cpu-jitter-entropy-for-the-linux-kernel/#comment-275695 Tue, 17 Jul 2018 15:53:18 +0000 https://pthree.org/?p=4663#comment-275695 Although the code is in the kernel looks like jitterentropy does *not* feed into /dev/hwrng. Or am I missing something? But still jitterentropy-rngd [1] is useful as a pure user-space daemon.

[1] https://github.com/smuellerDD/jitterentropy-rngd

]]>
Comment on Use A Good Password Generator by Peter https://pthree.org/2018/04/19/use-a-good-password-generator/#comment-275644 Sun, 15 Jul 2018 15:00:40 +0000 https://pthree.org/?p=4976#comment-275644 Thanks for the very interesting page about password generation!

I'm chasing online for a pw generator to put in the hands of our users, but all I found so far is missing something. Gets the feeling that you would be the man to create the dream generator based on Stanford password policy and Diceware wordlists, generating four passwords to choose from:

9-11 characters containing mixed case letters, numbers and symbols.
12-15 characters (3 words) with mixed case letters and numbers.
16-19 characters (words) with mixed case letters.
20+ characters with just lowercase words.

Think many happily would pay to get it on their intranet. Right?

]]>
Comment on Use A Good Password Generator by Bo Kersey https://pthree.org/2018/04/19/use-a-good-password-generator/#comment-274902 Wed, 13 Jun 2018 20:15:45 +0000 https://pthree.org/?p=4976#comment-274902 Aaron, as always your articles are informative, fairly concise and you do a great job of making the complex easier to understand.

one typo that I found..... s/eded/ed/ over the page and you'll fix it πŸ™‚

Cheers!

]]>
Comment on Newsbeuter, Mutt and Google by sherrily6 Lane https://pthree.org/2010/08/31/newsbeuter-mutt-and-google/#comment-274895 Wed, 13 Jun 2018 06:18:41 +0000 http://pthree.org/?p=1484#comment-274895 Formatting a hard drive allows you to use it on your computer to store files and install programs on. The format you choose for the drive determines the drive's compatibility. Formatting a drive will erase all of the data currently on the drive, so ensure you have everything you need backed up.
https://www.minitool.com/lib/server-hard-disk.html

]]>
Comment on Use A Good Password Generator by Alexander Boese https://pthree.org/2018/04/19/use-a-good-password-generator/#comment-274892 Wed, 13 Jun 2018 03:09:12 +0000 https://pthree.org/?p=4976#comment-274892 I created a password generator tool that uses cryptographically secure hashes for generation. Would you mind looking at it, and giving me feedback. If you think it's any good, I can share the generation code, though I'm trying to get more reviews prior to releasing as open source.

DyfynderX on iOS

Thank you.

-Alex Boese

]]>
Comment on ZFS Administration, Part III- The ZFS Intent Log by Michel Erb https://pthree.org/2012/12/06/zfs-administration-part-iii-the-zfs-intent-log/#comment-274657 Wed, 30 May 2018 17:08:57 +0000 http://pthree.org/?p=2592#comment-274657 To confirm an assumption, if this statement is true "ZFS will wear the SSD correctly. The partition will move across the chips evenly, and every chip will get the same amount of wear as the rest.", that means a larger disk, with more chips, takes more time to wear out or the smallest disk, is not always the best option considering longevity.

]]>
Comment on Do Not Use sha256crypt / sha512crypt - They're Dangerous by Poul-Henning Kamp https://pthree.org/2018/05/23/do-not-use-sha256crypt-sha512crypt-theyre-dangerous/#comment-274622 Mon, 28 May 2018 07:16:20 +0000 https://pthree.org/?p=5012#comment-274622 A few factual corrections and deeper background:

MD5crypt() did not replace the traditional DES-derived UNIX crypt(), but rather an even worse stand-in which only existed because DES was under export-control from the USA at the time. We had the DEScrypt() source, we just could not distribute it without a DoD license.

I knew at the time that hardware implementations of DES were available, and from personal experience that you didn't really need them if you took the time to hand-tweak your assembly code, so DEScrypt was not particular desirable, even if we obtained an export-license.

The choice of MD5 was driven entirely by the source-distribution issue, MD5 was published in an RFC and licensed for any use (whereas the slower, and therefore more desirable MD2 was only licensed for email.) and there were no export-control on one-way algorithms.

The things I focused most on with MD5crypt increasing the runtime in a way which could not be trivially pipelined (ie: data dependence) and on improving the environment for crypt() implementations (ie: longer salt, longer passwords, longer stored results.)

The fact that the runtime depended on the length of the password was considered and ignored: I would be more than happy with the increased security if I could get people to use 8 or 10 char passwords, never mind 17 and up, instead of just eight.

The most important thing I did was the $1$ prefix, which allowed multiple password algorithms to coexist. I pointed out at the time, that allowed you to change the algorithm at any time, as long as you also supported the old algorithms until old passwords were changed (Best practice at the time was 3-6 month between forced password changes).

...and then people did the exact opposite, they all copied & pasted MD5crypt all through the dot-com madness until a researcher told me that he estimated most passwords in eCommerce and half of all passwords in the world were protected by MD5crypt.

As for the OpenBSD people trash-talking MD5crypt:

I never aspired to be or claimed to be a cryptographer, and the **only** reason I have ended up writing some rather consequential cryptographic source code, is that the real card-carrying cryptographers seldom do so and never in a timely fashion.

Bcrypt, scrypt and Aragon2 are without dispute superior to MD5crypt() on all metrics except the most important one: MD5crypt() were there in 1994, as open source and a readily usable software component, they were not.

So yes, I felt the OpenBSD people were a little bit too snotty when they came walzing in five years later, and pissing down on me from my own shoulders felt particular unfair: I paved the road they drove on.

Otherwise: A nice writeup, and sound advice for this day and time.

PS: Here is my own write-up of md5crypts history: http://phk.freebsd.dk/sagas/md5crypt.html

]]>
Comment on Use A Good Password Generator by guest https://pthree.org/2018/04/19/use-a-good-password-generator/#comment-274609 Sun, 27 May 2018 17:52:36 +0000 https://pthree.org/?p=4976#comment-274609 I'd definitely suggest looking at https://bitbucket.org/ligos/readablepassphrasegenerator/wiki/Home 's idea of Readable Passphrases, which generates a syntactially valid (nonsense) sentence. It's my personal favorite that I've seen -- I find them EXTREMELY memorable, and I'd like to see more people use that.

]]>
Comment on Do Not Use sha256crypt / sha512crypt - They're Dangerous by Aaron Toponce https://pthree.org/2018/05/23/do-not-use-sha256crypt-sha512crypt-theyre-dangerous/#comment-274579 Fri, 25 May 2018 22:29:05 +0000 https://pthree.org/?p=5012#comment-274579 Polynomial functions are defined as a function that is quadratic, cubic, quartic, quintic, etc. that involve non-negative factors of x. In other words:

f(x) = anxn + an-1xn-1 + ... + a2x2 + a1x + a0

The sha256crypt and sha512crypt functions are polynomial, because it is quadratic function.

Exponential functions are defined as a function whose variable x appears as an exponent. In other words:

g(x) = bx
]]>
Comment on Do Not Use sha256crypt / sha512crypt - They're Dangerous by Raphael M https://pthree.org/2018/05/23/do-not-use-sha256crypt-sha512crypt-theyre-dangerous/#comment-274577 Fri, 25 May 2018 20:13:30 +0000 https://pthree.org/?p=5012#comment-274577 Great post but i have a question. Big-O's sha512 is polynomial, why is polynomial?

]]>
Comment on Do Not Use sha256crypt / sha512crypt - They're Dangerous by Aaron Toponce https://pthree.org/2018/05/23/do-not-use-sha256crypt-sha512crypt-theyre-dangerous/#comment-274565 Fri, 25 May 2018 03:28:18 +0000 https://pthree.org/?p=5012#comment-274565 PBKDF2 is not exactly "10k iterations of SHA-256". First, PBKDF2 is an arbitrary length output function. A user may request any arbitrary amount of data. The typical usecase is to request key material, so 16 bytes, 32 bytes, and 64 bytes are most common. However, you could request 50 bytes of data, or 33 bytes, or 400 kilobytes if you wanted. SHA-256 is a fixed length digest function, that always outputs 256-bits or 32-bytes of data.

Second, PBKDF2 has a pluggable architecture. Any cryptographic hashing primitive may be used. Common functions are MD5, SHA-1, SHA-256, and SHA-512. PBKDF2 is typically used with HMAC, although if the cryptographic hashing function supports keying, like BLAKE2, then HMAC is unnecessary. SHA-256 is a static function, without any ability to plug something else into it. It's a foundational cryptographic primitive. Bruce Schneier called hashing functions the work horse of cryptography.

Thirdly, PBKDF2 requires salts to prevent rainbow table attacks on the generated output. SHA-256 does not. This doesn't prevent you from prepending or appending salts to your input, but this is something that you have to manually add as part of your application, as SHA-256 doesn't support it natively.

Finally, PBKDF2 is a complex "belt-and-suspenders" construction. The "H" in that diagram is your plugged-in hashing function (could be SHA-256, could be BLAKE2). However, SHA-256 uses the Merkle-Damgaard construction, which is a very different construction from PBKDF2.

And Chris C was correct- PBKDF2 is a sound cryptographic primitive. A homebrew design, such as "10k iterations of salted SHA-256", is not a sound cryptographic design.

]]>
Comment on Do Not Use sha256crypt / sha512crypt - They're Dangerous by Chris C https://pthree.org/2018/05/23/do-not-use-sha256crypt-sha512crypt-theyre-dangerous/#comment-274558 Thu, 24 May 2018 23:54:25 +0000 https://pthree.org/?p=5012#comment-274558 @David, I think the keyword here is "homebrew". PBKDF2 does specific things between each iteration... a homebrew may not do the right thing, or anything at all.

]]>
Comment on Do Not Use sha256crypt / sha512crypt - They're Dangerous by David https://pthree.org/2018/05/23/do-not-use-sha256crypt-sha512crypt-theyre-dangerous/#comment-274551 Thu, 24 May 2018 20:02:56 +0000 https://pthree.org/?p=5012#comment-274551 It's funny that you're recommending PBKDF2, but also warn against "10k iterations of salted SHA-256 etc.". PBKDF2 is exactly that - iterative hashing with a salt - and most implementations do in fact employ SHA-256.

]]>
Comment on Digest Algorithms in Google Spreadsheets by Hubert https://pthree.org/2016/02/26/digest-algorithms-in-google-spreadsheets/#comment-274513 Wed, 23 May 2018 15:29:21 +0000 https://pthree.org/?p=4576#comment-274513 Hi, I want to use your script to mask personal data in my spreadsheets. But how can I force UTF-8 character set of the input string?

]]>
Comment on New Email Signature by Atwora https://pthree.org/2009/04/18/new-email-signature/#comment-274360 Sun, 13 May 2018 18:21:35 +0000 http://pthree.org/?p=1034#comment-274360 Just Watch out for common problem with too many links in footer. It is commonly forbid by mailboxes robots to accept messages with too many links. And many companies stil try to place as many links to their offers / social media / etc. in footer messages as possible. Resulting in landing into a spam folder...obviously πŸ˜€

]]>
Comment on Adblockers Aren't Part Of The Problem- People Are by Trochetutrochetam https://pthree.org/2016/11/30/adblockers-arent-part-of-the-problem-people-are/#comment-274358 Sun, 13 May 2018 16:56:10 +0000 https://pthree.org/?p=4766#comment-274358 Yep, totally agree with you. On my websites / portals / blogs I deliver ads that are not aggressive or dont follow users screen. If someone counts on generating income from such huge attack of advertising just after someone enters their website are far from earning anything.
Yet, most of webmasters doesn't seem to understand it. Needles to say, that many of suspicious ads like "congratz you won XXXX billion dollars" may have malicious software uploaded alongside page load. such website is right after marked as insecure and a webmaster goes even lower on search results.

]]>
Comment on Bitcoin Mining Rate and Waste by Dozwiedzenia https://pthree.org/2016/01/30/bitcoin-mining-rate-and-waste/#comment-274357 Sun, 13 May 2018 16:51:19 +0000 https://pthree.org/?p=4520#comment-274357 There was a time where mining bitcoins was a good choice. So probably having a good hardware and a good source of electricity (cheap I mean) it would be still possible to get some good source of coins in averade period of time.
The problem is with the banks, that are reluctant to accepting bitcoins

]]>
Comment on Use A Good Password Generator by Michal from hp.pl https://pthree.org/2018/04/19/use-a-good-password-generator/#comment-274356 Sun, 13 May 2018 16:47:02 +0000 https://pthree.org/?p=4976#comment-274356 To be honest never thought about it this way. Reffering to WordPress sites, I used brute-force protection provided by premium extensions and a key weification tool, that forbid using weak passwords. Whats more I blocked countries known from their source of common attacks and developed a policy of auto-ban repeating offenders.

I'm programist but need to escalate the topic. Thanks!

]]>
Comment on What About Interoperability? by Hotelepremium https://pthree.org/2008/06/08/what-about-interoperability/#comment-274336 Thu, 10 May 2018 22:53:36 +0000 http://pthree.org/?p=595#comment-274336 Each day they develop better drives for save disk space. Have you tried SSD? Maybe you should also consider better compression for files?

]]>
Comment on Cocytus by VisitON https://pthree.org/2008/06/13/cocytus/#comment-274335 Thu, 10 May 2018 22:41:43 +0000 http://pthree.org/?p=609#comment-274335 Greek mythology is fascinating. Especially, that nowadays we quite miss the great and interesting stories from the past. It influences tourist and makes them come more often to greece.

]]>
Comment on Use A Good Password Generator by Michael https://pthree.org/2018/04/19/use-a-good-password-generator/#comment-274252 Thu, 03 May 2018 14:49:41 +0000 https://pthree.org/?p=4976#comment-274252 How about adding keepass to your chart

]]>
Comment on Linux Kernel CSPRNG Performance by Craig https://pthree.org/2016/03/08/linux-kernel-csprng-performance/#comment-274214 Sun, 29 Apr 2018 20:35:51 +0000 https://pthree.org/?p=4606#comment-274214 I suggest GPG add a user settable variable to adjust calculation of entropy depletion per byte read from /dev/random. Instead of

ee = ee - #bytes_read

use

ee = ee - #bytes_read / k

where
-- k is a settable ratio (secure_bytes_out / bytes_in)
-- bytes_in is the number of bytes used to initialize the CSPRNG
-- secure_bytes_out is the number of (consecutive) output bytes which can be leaked before security is compromised.

Currently k is implicitly one (1), which is the smallest possible value. Safe if enforced, but impractical and unsafe as it leads to admins bypassing the entropy estimate throttle using rnd-tools and reading from /dev/urandom or /dev/hwrnd. It leaves an opening for Java malware to call "SecureRandom" (which reads /dev/random) in a tight loop. Much better to have k set to 1024 which would (1) throttle the tight snoop loop (2) prevent use of /dev/random while it was in an unsafe externally known state (3) allow most normal usage cases without hanging or resorting to rnd-tools (4) if hanging did occur, it would be unusual and alert admin to possibility of snooping.

"The boy who cried wolf" springs to mind.

]]>
Comment on Why A Dark Blog Theme? by IT https://pthree.org/2007/04/05/why-a-dark-blog-theme/#comment-274186 Sat, 28 Apr 2018 07:42:13 +0000 http://www.pthree.org/2007/04/05/why-a-dark-blog-theme/#comment-274186 How the time is changing, Before 10 years Dark theme now Soft and white,

]]>
Comment on Use A Good Password Generator by xeni https://pthree.org/2018/04/19/use-a-good-password-generator/#comment-274156 Wed, 25 Apr 2018 07:08:14 +0000 https://pthree.org/?p=4976#comment-274156 The more random and mixed-up you make it, the harder it is for others to crack. Mind you, if your password is compromised, the password crackers will even take over your identity.

I wrote an article on Best Passwords to use
http://quotidianotips.com/passwords/

]]>
Comment on Use A Good Password Generator by Conor https://pthree.org/2018/04/19/use-a-good-password-generator/#comment-274148 Mon, 23 Apr 2018 20:48:39 +0000 https://pthree.org/?p=4976#comment-274148 Thanks for taking the time to conduct this research and then share it with the community!

I see LastPass and Dashlane in the spreadsheet, but not 1Password or Keeper. Any chance you'd consider reviewing them and adding them to the spreadsheet?

]]>
Comment on Use A Good Password Generator by Adrien https://pthree.org/2018/04/19/use-a-good-password-generator/#comment-274144 Mon, 23 Apr 2018 18:53:44 +0000 https://pthree.org/?p=4976#comment-274144 For Server vs. Client Generation, you can use something like uMatrix for Firefox, and disallow any XHR for the page. In this case, the JavaScript can do a lot, but not communicate with a remote server.
Unless there is some unknown avoidance method I'm not aware of.

]]>
Comment on Use A Good Password Generator by guest https://pthree.org/2018/04/19/use-a-good-password-generator/#comment-274143 Mon, 23 Apr 2018 16:28:00 +0000 https://pthree.org/?p=4976#comment-274143 1. Block range not used IP and system processes with firewall.
2. Track own internet connection, for example from with own router.
And from own computer.
You will see tightness firewall and which process use your internet.
3. If you can, use gpg key, this is password but longer.
GPG key can be stolen, but password also. You can enable the system notification if the key is used. But to make sense, you need to protect the system from editing system files.
4. If you can, keep track of when your password is used. Because password and key does not give safety. Security gives only the address when it can only be yours and when nobody can use your computer for use your address.
For example:
When you write in chat,
someone may impersonate a friend.
When you call to friend on the phone,
even if someone else takes over the phone you will recognize him, in a voice. Because usually you know his voice very good and often also from real life. From chat, if this is not with video and sound, what you will see ? Tahoma or other font, which use 1 billion people or more ?

]]>
Comment on Let's Talk Password Hashing by mGalli https://pthree.org/2016/06/28/lets-talk-password-hashing/#comment-273495 Thu, 15 Feb 2018 18:04:15 +0000 https://pthree.org/?p=4699#comment-273495 There is an error on the description of Argon2 algorithms. The Argon2i is more suitable for key derivations AND password hashing.

Page 3, Our Solution section of Argon2: the memory-hard function for password hashing and other applications. Please check the documentation here https://password-hashing.net/argon2-specs.pdf

"Argon2i uses data-independent memory access, which is preferred for password hashing and-based key derivation"

]]>
Comment on ZFS Administration, Appendix C- Why You Should Use ECC RAM by Marvin Glenn https://pthree.org/2013/12/10/zfs-administration-appendix-c-why-you-should-use-ecc-ram/#comment-273320 Tue, 30 Jan 2018 06:20:48 +0000 https://pthree.org/?p=3352#comment-273320 Please see comment #4 by Ivar and let me echo his sentiment. When the extra bit is only taken as a parity bit for a byte, you can only detect a single bit error, but not correct it. ECC looks at a piece of data larger than a byte and considers it against more than one extra bit. From that, it can detect and often properly correct errors in memory. But calling it 'parity' should be avoided as 'parity' is only really an "error detection code", not an "error correction code".

]]>
Comment on Convert Text To Base-64 By Hand by Benjamin Danek https://pthree.org/2011/04/06/convert-text-to-base-64-by-hand/#comment-273281 Wed, 24 Jan 2018 05:45:19 +0000 http://pthree.org/?p=1862#comment-273281 Awesome post, I can't help but wonder. During step 3 what's the theory behind adding the padding zeros to the end of the binary string? How does this not change the value of the binary?

]]>
Comment on Weechat Relay With Let's Encrypt Certificates by Kevin Otte https://pthree.org/2016/05/20/weechat-relay-with-lets-encrypt-certificates/#comment-273272 Mon, 22 Jan 2018 17:13:24 +0000 https://pthree.org/?p=4658#comment-273272 Leave just the copying commands in a script and specify that as the --post-hook in certbot when obtaining the cert. It will only be run when a renewal happens. I have a call to prosodyctl to copy certs in mine. I'll probably be adding weechat into this now as well.

]]>
Comment on Ivy League Theme For Mutt by Madelinelorene https://pthree.org/2008/10/22/ivy-league-theme-for-mutt/#comment-273249 Fri, 19 Jan 2018 11:30:46 +0000 http://pthree.org/?p=699#comment-273249 hello..!
Cma is a professional credential that can be earned in the advanced management accounting and financial . Become a cma and explore better accounting career opportunities cma classes in dubai read more
Thaank you.

]]>
Comment on Setting Up A Global Tor Proxy on Android with Orbot by Reggy https://pthree.org/2015/08/27/setting-up-a-global-tor-proxy-on-android-with-orbot/#comment-273242 Thu, 18 Jan 2018 15:07:14 +0000 https://pthree.org/?p=4283#comment-273242 PLEASE!! PLEASE!!.....

]]>
Comment on Setting Up A Global Tor Proxy on Android with Orbot by Reggy https://pthree.org/2015/08/27/setting-up-a-global-tor-proxy-on-android-with-orbot/#comment-273241 Thu, 18 Jan 2018 15:05:57 +0000 https://pthree.org/?p=4283#comment-273241 Why did I connect the Orbot network, then "Congratulations you connected to Tor network", But yellow is not green, is it the same? or not fully anonymous and still need additional settings? PLEASE HELP !! πŸ™

]]>
Comment on ZFS Administration, Part I- VDEVs by Abdollah https://pthree.org/2012/12/04/zfs-administration-part-i-vdevs/#comment-273179 Thu, 11 Jan 2018 12:06:15 +0000 http://pthree.org/?p=2584#comment-273179 Is possible to mirror two raidz(1-3) together?
for example 4 drive raidz1 with name of pool1 mirrored with another 4 drive raidz1 with name of pool2?

]]>
Comment on Setting Up A Global SSH Proxy on Android with ConnectBot and ProxyDroid by Aaron https://pthree.org/2015/08/26/setting-up-a-global-ssh-proxy-on-android-with-connectbot-and-proxydroid/#comment-272963 Wed, 13 Dec 2017 19:29:15 +0000 https://pthree.org/?p=4254#comment-272963 Thanks for this, ProxyDroid is what I needed. That Firefox plugin approach was giving me trouble.

]]>