HackerTrans
TopNewTrendsCommentsPastAskShowJobs

yasenn

no profile record

Submissions

Once: Deduplicate Stories (RSS, Hacker News, Lobsters or Reddit)

github.com
2 points·by yasenn·4 года назад·0 comments

Paranoid project by Google Security Team checks for cryptography weaknesses

github.com
3 points·by yasenn·4 года назад·1 comments

PocketBase – open-source Golang framework in 1 file

pocketbase.io
2 points·by yasenn·4 года назад·1 comments

comments

yasenn
·3 года назад·discuss
Is there some mobile browser with the same macro feature for address bar?

https://hn.algolia.com/?q=firefox%20address%20bar
yasenn
·3 года назад·discuss
There is `chubin/awesome-console-services`[0]

Btw, Igor Chubin is the author of great CLI services such as: cheat.sh[1], late.nz[2], QRenco.de[3],rate.sx[4]

[0] https://github.com/chubin/awesome-console-services

[1] https://github.com/chubin/cheat.sh

[2] https://github.com/chubin/late.nz

[3] https://github.com/chubin/qrenco.de

[4] https://github.com/chubin/rate.sx
yasenn
·4 года назад·discuss
Would you remember the link?
yasenn
·4 года назад·discuss
There is strapdown: https://github.com/chaitin/strapdown-zeta/blob/master/README...

``` <!DOCTYPE html> <html> <title>Hello, Strapdown</title> <meta charset="utf-8"> <xmp theme="cerulean" style="display:none;"> # title your awesome markdown content goes here... </xmp> <script src="http://cdn.ztx.io/strapdown/strapdown.min.js"></script> </html> ```
yasenn
·4 года назад·discuss
Paranoid project checks for well known weaknesses on cryptographic artifacts such as public keys, digital signatures and general pseudorandom numbers. This library contains implementations and optimizations of existing work found in the literature. The existing work showed that the generation of these artifacts was flawed in some cases. The following are some examples of publications the library is based on.

The goal is to increase the confidence in cryptography use cases inside and outside Google.

When dealing with asymmetric encryption, crypto artifacts usually are:

* Generated by one of our own tools (e.g., at Google we use for example boringssl or tink); or, * Generated by third party tools that we have access to (so these tools can be, for example, checked for vulnerabilities using wycheproof); or, * Generated by third party tools and/or hardware or software black boxes that we do not have access to.

With Paranoid, any cryptographic artifact can be tested, but its primary motivation is to detect the usage of weak third party hardware or software black boxes. Hence, Paranoid can be used even if we are not able to inspect the source code (situation 3. listed above).

The project aims to detect known vulnerabilities as well as unknown ones. E.g., it tries to identify vulnerabilities caused by programming errors or the use of weak proprietary random number generators. Detecting new vulnerabilities is of course much more difficult than detecting known ones. Such detections may require large sets of artifacts or find weak ones only with a low probability.
yasenn
·4 года назад·discuss
From Wikipedia:

> The Constructive Cost Model (COCOMO) is a procedural software cost estimation model developed by Barry W. Boehm. The model parameters are derived from fitting a regression formula using data from historical projects.

> Intermediate COCOMO computes software development effort as function of program size and a set of "cost drivers" that include subjective assessment of product, hardware, personnel and project attributes. This extension considers a set of four "cost drivers", each with a number of subsidiary attributes.
yasenn
·4 года назад·discuss
The biggest difference from other backend solutions like Firebase, Supabase, Nhost, etc., is that *PocketBase actually could be used as a Go framework that enables you to build your own custom app specific business logic and still have a single portable executable at the end.*

UPD. OP by the author: [0]

[0] https://news.ycombinator.com/item?id=32013330