HackerTrans
TopNewTrendsCommentsPastAskShowJobs

merlinsbrain

no profile record

comments

merlinsbrain
·قبل 5 سنوات·discuss
There are guidelines for what Show HN is supposed to be. This site pretty much fits the bill.

https://news.ycombinator.com/showhn.html

> Show HN is for something you've made that other people can play with. HN users can try it out, give you feedback, and ask questions in the thread.

> On topic: things people can run on their computers or hold in their hands. For hardware, you can post a video or detailed article. For books, a sample chapter is ok.

I am glad to see work from other hacker news members. When it isn't interesting to me, I find something else on the internet or IRL that is.
merlinsbrain
·قبل 6 سنوات·discuss
Another interesting quote:

“ Following this approach, in our model we consider the message encryption scheme used in MTProto 2.0 as a robust authenticated-encryption scheme, abstracting from its actual implementation.”

So yeah, they’re abstracting away the AE part of it, which may not be an accurate reflection of what telegram uses.

That being said, they’re aware this is a strong assumption:

“ Namely, the only assumption we make is that the latter is an authenticated encryption scheme, guaranteeing both integrity of ciphertext (INT-CTXT) and indistinguishability of chosen plaintext (IND-CPA). These properties are difficult to prove in a symbolic model like ProVerif’s, but can be proved in a computational model, e.g. using tools like CryptoVerif or EasyCrypt [5, 2]. This assumption may appear strong, especially considering that Telegram has been widely criticized for its design choices (such as ad hoc cryptographic primitives and an unusual encryption mode), and vulnerabilities have been found in MTProto v1.0 (but actually, none of these attacks have been replicated on the new MTProto 2.0). Still, proving the logical correctness of the protocol under a fairly general threat model is very important because, if a weakness in the protocol exists, it must be looked for in the “lower-level” part of the protocol, among the chosen cryptographic functions and other implementation choices.”
merlinsbrain
·قبل 6 سنوات·discuss
I’m not very vested in a solution at the moment, but if I had a set of users < 500, the flat pricing of Magic Link kind of makes more sense to me, I don’t want to be worrying about how many times they sign in.

That being said, I can imagine there are people who would prefer a per sign in model, it’s just a level of granularity I don’t care for.

Good luck!
merlinsbrain
·قبل 6 سنوات·discuss
What would your pricing be? Starter pack at $35/month for 500 users sounds like $35/month and I outsource auth to a company that is also on the hook for “enterprise” security :)

I think it’s awesome you’re building an alternative with a different feature set, I’m really curious to hear your take on pricing.
merlinsbrain
·قبل 6 سنوات·discuss
Theoretically, ReScript will support ReasonML syntax, and theoretically ReasonML can still be used for native development.

The messaging isn't clear on ReasonML's future at ALL though. Is it essentially deprecated until the full switch to ReScript happens? The Rescript FAQ mentions changes will be additive in supporting ReasonML, and they will track new features to OCaml, but will they track new features to Reason? Will anyone actively develop Reason anymore?