-
Posts
385 -
Joined
-
Last visited
Reputation Activity
-
leodaniel reacted to colonel_mortis in is it worse to make your own encryption system
Yes, it is worse!
The TLS protocol (and its predecessor, SSL) has been worked on for the past 25 years. All versions of SSL have been found to have critical vulnerabilities (which are addressed in TLS), and there are a bunch of (mitigatable) issues that have been found with TLS 1.0-1.2 too. My point here is that even the cryptography experts at the IETF have included security vulnerabilities. Moreover, there are a bunch of examples of companies who said "let's design a proprietary encryption protocol because it will be simpler/more secure/...", and ended up releasing a vulnerable product. MIFARE Classic is an example of this.
If at all possible, I would strongly encourage you to use an existing TLS library. There will be one available for every reasonable language.
If you have a really good reason for not using an existing library (and just wanting to learn about the protocol is not a really good reason where cryptography is concerned unless the entire project is just academic!), it would be possible to have a pre-shared (or out-of-band shared) public-private key pair and using RSA to send a symmetric key. However, generic RSA (ke mod m) is NOT secure for this application because k ≪ m, which can make k easy to recover under certain circumstances. See what I mean about it being easy to introduce security vulnerabilities? To do it securely, you either need to use something called Optimal Asymmetric Encryption Padding, or you need to generate a large secret which has a similar magnitude to the modulus, and share that, then both parties convert that to the actual encryption key. Be very wary of introducing more vulnerabilities though!
But please just use a library.
-
leodaniel reacted to JacobFW in SQL advice needed.
Oh boy, as if the internet really needed another venue to argue SQL v. NoSQL.
If all your doing is just key-value lookups, then yes, as hashmap is going to be the fastest way. However as you mentioned that would require a system with an equivalent amount of ram to store all the data in (technically more for OS overhead and buffer space).
One of the driving forces behind databases is that they enable you to perform operations on a dataset that is far, far larger than your computer's physical ram, usually at the cost of a little extra space for indexes to enable fast lookup of the data.
There are multiple databases and types of databases to choose from, each with their own positives and negatives. I am aware of the resistance in recent years to using SQL databases, and as I mentioned, there are certainly reasons why you might not want to an SQL database. Despite that however, I still recommend starting out using an SQL database like MySQL (which is FOSS). With all the years all development that has gone into them, they are generally some of the most reliable, feature rich, and flexible databases you can use. And that last part is to me the most important. You don't realize just how valuable having a flexible system is until you have some great idea, but realize that to use it would require making a absolute shit-ton of changes to your existing setup. Using a higher performance but less flexible database is to me an example of premature optimization.
-
leodaniel reacted to Electronics Wizardy in GPU for video transcoding on Ubuntu 18.04
well amd video encoding isn't supported on linux, and the quality is worse than nvidia anyways.
Id get a gtx 1660. You get the newer better turing video encoding block, and there is a mod for linux to allow for unlimited streams on a gtx cards, so the quadro won't help.
How many streams though? The cpu should be fine for most uses.
-
leodaniel reacted to Turtle Rig in GPU for video transcoding on Ubuntu 18.04
I agree with all of the above. Just a solid video card and a powerful CPU. You really don't need a Quadro or a Workstation video card. A fast 580 or 2060 or 1660Ti as mentioned above will suffice.
-
leodaniel reacted to Ashley MLP Fangirl in Linus misses the mark on why iOS / Apple is not as good as Android
this is really just a flame war topic about you not liking Apple's way of doing things.
and that's fine if you don't like Apple. buy something else and be happy with you non-Apple devices. don't start flame wars on forums please.
-
leodaniel got a reaction from BrownZeus in Publishing PHP site that uses Composer
Just run
cd /path/to/your/project composer install on the server
-
leodaniel got a reaction from Vitaly Makarkin in Installing 3 workplaces at one PC
It sounds like you want to use this setup for production, right? I would strongly discourage you to do that. If this system fails, all 3 of you can't work. I would build or buy 3 Individual systems. When you consider all the time you will need to invest in such a machine, maintenance and stuff, you will come of way cheaper with dedicated machines
If it's for fun, or you just want to try something, then do it. But if you need to rely on this machine, I wouldn't do it
-
-
leodaniel got a reaction from mrchow19910319 in What Laptops do you guys use?
MacBook Pro Retina 15" 2017
I personally always use mac laptops. It's not budget for sure, but the build qualitiy is awesome and for web development, mac osx is great.
-
leodaniel reacted to bowrilla in What Laptops do you guys use?
Which model? Even the 2017 model only has 5th gen Intel CPUs with only 2 cores and you get a maximum of 8GB RAM. Imho not an ideal choice. It depends on the price I'd say. It's not terrible but there sure are better options.
-
leodaniel reacted to colonel_mortis in Devs required
You already have a topic for this. Please don't create multiple topics for the same thing, especially as this arguably constitutes advertising and certainly won't help other members to gain knowledge about programming. Furthermore, please don't needlessly bump topics.
Topic locked, the LTT forum probably won't be able to satisfy your need for a developer.
-
leodaniel got a reaction from bowrilla in What Laptops do you guys use?
I completely agree here with you
I agree, tho for my usage, I usually only have one or max 2 vms running and use docker too but I still like to use the terminal quiet often, also for other tasks on my mac, like quickly editing a file, just having native PHP or whatever, ... I have to admit, since quiet some time I havent looked into developing on windows machines, as I am really happy with os x and linux
Here again, I m not sure what is all included in that price. Anyway, if it's just around 500$ I would still argue, if you are seriously into development (or rely on your device), it doesn't matter... you amortize such a device in 2-3 years max. Will make a difference about ~200$ per year, which should not limit your choice by any means.
I really value great support and just being able to go to the apple store in my town and let it be repaired in a really short time is gold to me and again I don't know about the service of other laptops as I don't have any experience. So this could also be the case for other laptop manufacturers, I only want to say, this is something to consider when buying a laptop you will rely on
In the end, it is just personal preference
-
leodaniel got a reaction from Joveice in PHP Laravel Undefined property help needed.
I don't know your error, but if $value->service is a collection I would use
$value->service->each(function ($item, $key) use($request,$ok) { if( in_array($item,$request->services) ){ $ok = true; // return false to break the loop return false; } });
-
leodaniel got a reaction from Joveice in PHP Laravel Undefined property help needed.
You can also use intersect
$intersection = $value->service->intersect($request->service); if( $intersection->notEmpty() ){ $ok = true; }
-
leodaniel got a reaction from Joveice in PHP/Laravel dynamically create email templates with inline CSS from files
I personally use MJML and webpack for that. I think its one of the best options and easy to configure with Laravel mix
-
leodaniel got a reaction from bomberblyat in PHP help with $values
So yes this is possible:
<?php $v1 = 10; $v2 = 5; echo $result = ($v1 / $v2); // output: 2 var_dump($result); // output: int(2) The question is more, should you write this?
I would argue for no. I think it's more readable to first only create the value $result and then echo it separately. I think it's more readable and in the end this should be your goal. The computer will always understand messy code, but humans tend to have more problem with that. Think of it like this, you should alway write code for humans first, not for computers. If you stumble across your code in a year, which would you find easier to understand (or anyone else)?
I would go with that. Even if it's one line longer
<?php $var1 = 10; $var2 = 5; $result = ( $var1 / $var2 ); echo $result;
-
leodaniel got a reaction from bomberblyat in PHP help with $values
Always whats more human (you and me ) readable.
Name your variables appropriately (having var1-var15 is bad, its hard to understand what they each represent), always step by step so that it's easy to understand.
Just try to make it simple. Imagine you would have to look at your script again in 10 years... how long would you take to understand it (goal is to shorten this time). I think it's important to always code with that in mind.
In the 2. code example it's really hard to understand what the code does, what the variables are. It takes quit some time to understand what it does.
-
leodaniel got a reaction from PorkishPig in PHP help with $values
So yes this is possible:
<?php $v1 = 10; $v2 = 5; echo $result = ($v1 / $v2); // output: 2 var_dump($result); // output: int(2) The question is more, should you write this?
I would argue for no. I think it's more readable to first only create the value $result and then echo it separately. I think it's more readable and in the end this should be your goal. The computer will always understand messy code, but humans tend to have more problem with that. Think of it like this, you should alway write code for humans first, not for computers. If you stumble across your code in a year, which would you find easier to understand (or anyone else)?
I would go with that. Even if it's one line longer
<?php $var1 = 10; $var2 = 5; $result = ( $var1 / $var2 ); echo $result;
-
leodaniel got a reaction from Bensemus in EV and more environmentally health future?
Clearly EVs are the way to go. They provide a chance to be greener in the future.
As stated by many, today an EV is not better (ecologically) at time buying. BUT it gets better compared to an Gasoline one with EVERY km driven. Depending on your electricity mix, the required kms vary a lot. In average an EV will produce around 90 Gramm CO2 per KM over its whole lifespan (with the average EU electricity mix). This is a saving of 55% compared to the average diesel car.
I think there is a lot of misconception about the true impact, or stress EVs will cause on the electric grid. It's not that from one day to the other, all cars will be electric. It's more like a slow revolution (it's like when gasoline cars first came up, there wasn't an infrastructure of gaz stations already available). And of course the grid is more than capable of handling a lot more EVs in it's current state. Also it's worth mentioning that a lot of EVs are charged when demand is low because of the cheap energy. But of course it needs improvements in the future tho (--> smart grid).
Also, EVs won't resolve climate warming, but they at least play a role in doing so. But it should not be forgotten, that moving a car will always cost energy, no matter what.
So yes, EVs play a role, but we need (as a society) to take steps, which will hurt us to reduce climate change (ex. eating less meat, consuming less energy, less flying, ...).
Source about EVs: https://www.transportenvironment.org/publications/electric-vehicle-life-cycle-analysis-and-raw-material-availability
-
leodaniel got a reaction from InertiaSelling in EV and more environmentally health future?
Clearly EVs are the way to go. They provide a chance to be greener in the future.
As stated by many, today an EV is not better (ecologically) at time buying. BUT it gets better compared to an Gasoline one with EVERY km driven. Depending on your electricity mix, the required kms vary a lot. In average an EV will produce around 90 Gramm CO2 per KM over its whole lifespan (with the average EU electricity mix). This is a saving of 55% compared to the average diesel car.
I think there is a lot of misconception about the true impact, or stress EVs will cause on the electric grid. It's not that from one day to the other, all cars will be electric. It's more like a slow revolution (it's like when gasoline cars first came up, there wasn't an infrastructure of gaz stations already available). And of course the grid is more than capable of handling a lot more EVs in it's current state. Also it's worth mentioning that a lot of EVs are charged when demand is low because of the cheap energy. But of course it needs improvements in the future tho (--> smart grid).
Also, EVs won't resolve climate warming, but they at least play a role in doing so. But it should not be forgotten, that moving a car will always cost energy, no matter what.
So yes, EVs play a role, but we need (as a society) to take steps, which will hurt us to reduce climate change (ex. eating less meat, consuming less energy, less flying, ...).
Source about EVs: https://www.transportenvironment.org/publications/electric-vehicle-life-cycle-analysis-and-raw-material-availability
-
leodaniel got a reaction from mrchow19910319 in Why PC, Why Apple, Why PS4 Why Android?
Except it is. There are different numbers to compare here. Sales, actively used devices and total number of devices. If you consider that, there market share of android is smaller, recent estimates are around 70% or less. Depending on the sales figures, the AppStore made twice as much in sales compared to the Google play store (year 2016, from statista).
So I think it makes sense to prioritise app development on iOS (especially if you have limited resources) as the ROI will most probably just be higher...
-
leodaniel reacted to vorticalbox in Can't align images vertically.
then you should post your solution and mark it as the best answer so other people searching for the same issue will get an answer rather than an empty thread.
-
leodaniel got a reaction from colonel_mortis in How to stop users from editing a dropdown value
You are looking for input validation, as the frontend can always be manipulated and all requests can be forged.
As a rule of thumb: never trust user data, never correct user data! So yes, frontend validation should be done but only to help a (normal) user correcting his input, never assume under any circumstance, that the data from the user can be trusted
So in your case, a very simple solution:
<?php /* For Try Catch Block */ class ValidationException extends \Exception {} try{ /* Validation */ $dropdown_input = $_POST['awesome_dropdown']; $possible_values = ['Value1','Value2']; if( ! in_array($dropdown_input,possible_values) ){ throw new ValidationException('Dropdown value incorrect'); } } catch(ValidationException $exception){ /* Something is not valid! */ die($exception->getMessage()); } /* Your Input is now Valid! */ // ...
-
leodaniel reacted to Cruorzy in Need help with a slight Css&HTML
Good spot @leodaniel
@RockiLocky try to be consistent in naming, using a capital letter and the other times you don't makes it kind of confusion.
-
leodaniel got a reaction from ScratchCat in Is this encryption method secure?
The current system (Certificate Authority) relies on the weakest CA. Basically you have to blindly trust the Certificates Authorities in the first place. So if a CA gets hacked it would be possible to issue some bogus certificates, worse, the private key of the CA could be stolen and used to create certificates.
There where some cases of bogus certificates in the past, if I remember correctly there was a bigger one with blackberry involved in some point... maybe just google if you want to know more about that.
There are currently s lot of CAs (1000+) so the safety of TLS really comes down to the weakest member in this chain!