🇨🇦 tunetardis

  • 0 posts
  • 21 comments
Joined 1 year ago
Cake day: June 8th, 2025
  • I find it mildly annoying that while the post is replete with hyperlinks, the 2 central terms “ietf-tls-mlkem” and “ietf-tls-ecdhe-mlkem” are simply quoted with no further elaboration.

    I am no cryptographer, but after some searching around, my very first order understanding is that mlkem is a new algorithm that is meant to be resistant to attacks by a quantum computer. It is not time-tested at this point, however, while ecdhe is a current (albeit quantum-computer-weak) algorithm that has a solid track record.

    Using both in combination is seen by some as a safer way to move forward, since mlkem may yet prove to have a fatal weakness and at least you have that fallback on the tried and true. Advocates also point out that ecdhe is cheap to compute compared to mlkem, and so the overhead of tossing it in there is not the end of the world?

    Anyway, that’s all I’ve been able to glean so far.

  • That’s a good question. It may depend on the platform?

    Right now, I’m doing most of my coding on a Mac. I noticed I get into trouble when trying to move the program to another machine. The OS seems to tag the executable with some metadata that runs afoul of Gatekeeper. Removing said metadata seems to get you past that. But that’s for in-house software that has never been registered with Apple or anything. I’ve never actually tried modifying a program that has been registered, so I’m not sure if there are any extra levels to this?

  • Yeah. At the lowest level, the CPU reads a program as a bunch of numbers, where each number is a very simple instruction such as “add 2 values together”. Assembly language is a more human-readable version of machine code, where you can see something more like add r1,r2 instead of 35397176 or whatever numeric code means “add the value in register 1 to 2” for some hypothetical processor. (Registers are where the processor keeps values loaded in from the RAM.)

    So in my case, if I saw that the program was making some system call to the random number generator and the calling conventions used by the operating system always put the return value in register 0, I could replace the call with something like clr r0 (clear the value in register 0). It’s a pretty simple hack. So the “generator” now always generates zero.

    These days, programs are often code-signed and if you start messing around like that, they’ll get flagged as malware. But it worked fine back in those open and trusting days.

  • I remember when my grandfather died, we were going through his belongings and found a drawer full of electric razors. Why did he have so many?!? Then we noticed every one was full of hair, and concluded that he bought a new one every time it filled up rather than emptying it.

    Then years later, my parents became snowbirds who went to Mexico every winter, and they stayed with this other family who were locals. They got good at Spanish and one day I guess, my dad was talking to the other dad and they burst out laughing. I asked what that was all about, and he said the Mexican dad’s father also had a drawer full of electric razors, and he never understood why?

  • I once pirated a book because I didn’t want to get it from another room.

    I pirated a game I legit bought. This was way back in the days when some games had this annoying copy protection where you had to look up words from the manual before you could play. Enter the 3rd word on line 7 of page 28. This sort of thing.

    It got old really fast, so I disassembled the binary and saw where it was calling on a random number generator to select the page. I changed just 1 assembly instruction so that the generator would always return 0. Then it said look up so-and-so and the word turned out to be “time”. After that, all I had to do was enter “time” at launch and I tossed out the manual.

  • For 3.14, from October 2025, free-threaded Python was “much safer” and “much faster” with a 0-10% slowdown for single-threaded workloads. “I’m still personally shocked that we got to 0% slowdown, that’s on Arm hardware, there’s some magic going on there, I don’t know what it is, but it’s amazing.” On Linux using GCC, it’s usually around 5%, though it can go up to 10%, particularly with older compilers.

    That’s interesting about the Arm hardware. I hadn’t noticed any slowdown on the Mac with my own primitive benchmarks, but the newer Macs all use Arm so that makes sense.