Discover and read the best of Twitter Threads about #entropy

Most recents (2)

"If I were to write a textbook on #complexity, it would be structured like this..."
- SFI Pres David Krakauer starts off this morning at #CSSS19 #CSSS at @IAIASantaFe

#error #adaptation #universality #coarsegrained #math #theory
"If you talk about #intelligence and #stupidity, you talk about #communication and #policy. That is the natural place to start."

"If you've ever written a Lokta-Volterra #equation, you've drawn a perpetual motion machine. There's no #dissipation."

- SFI President David Krakauer
"Why #God is a bad #theory: it's not because it's not true; it's because it uses an infinite-dimensional process to explain low-dimensional phenomena."

- SFI President David Krakauer at #CSSS19 on #Ockham's Razor & why #Darwin's animal breeding metaphor backfired on #evolution
Read 7 tweets
So I wanted to encrypt some files. Thought about using 7z+password. Stackexchange folks said "Didn't review it but it should be fine. You can browse the code yourself". So I did. After a few mins I noticed they use 8byte "random" IV. Yes, half of IV is zeroes. But it gets worse.
Aside from the fact that 7z XORs plaintext with zeroes, I was curious about the "RandomGenerator" which generates IV. That's when I vomited. The first comments say "This is not very good random number generator. Please use it only for salt." It is not used only for salt.
Yes, it uses PID and time(null) as seed. Yes, this is 7zip's random generation code running on your computers in 2019. More "cursed" code below. #7zip #encryption #facepalm #randomness #entropy #RNG #crypto #cryptofail
Read 9 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!