Hacker News·2yPlease Stop Inventing New Software Licences
Creating new software licences can be problematic for open-source projects by adding confusion and barriers for potential contributors. The author discusses their experience with Cyph's proprietary licence and the complications it introduced, ultimately discouraging them from contributing. Adhering to existing OSI Approved Licences can foster a more welcoming community for contributors.
David Bombal·2yNever access the Dark Web without doing this! (Tor and Telegram demos)
The post provides insights into safely navigating the dark web, focusing on operational security (OPSEC). It highlights the importance of using secure tools like Tor and Telegram while discussing the risks of encountering illegal content. The post also mentions reputable sources like the Dark Net Marketplace Bible for OPSEC best practices. Additionally, it promotes TCM Security's certifications, which include comprehensive training and practical exams in penetration testing.
Golang Weekly·2yGolang Weekly Issue 523: September 17, 2024
Explore different methods for creating Retrieval-Augmented Generation (RAG) servers in Go, ranging from Gemini + Weaviate to LangChain and Genkit. Learn about WorkOS, a B2B SaaS identity platform that simplifies the integration of SSO and RBAC. Understand how to run Go in the browser using WebAssembly, including reducing WASM binary size with TinyGo. Discover the benefits of using Go instead of Bash for scripting across platforms. Delve into AES encryption in Go with practical examples and explanations. Also, check out the latest GoLand IDE features and the enhanced TinyGo Playground for simulating hardware and measuring power consumption.
Hacker News·2yProgramming ZKPs: From Zero to Hero
This tutorial introduces software engineers to Zero Knowledge Proofs (ZKPs), providing a step-by-step guide on programming ZKPs from scratch. It covers setting up the environment, writing basic circuits, performing a trusted setup, and generating and verifying proofs. Examples include creating a simple ZKP for proving knowledge of secret values, implementing constraints, and building a digital signature scheme using hash functions and commitments. The tutorial also touches on group signature schemes and provides exercises for deeper understanding.
Neil Madden·2yDigital signatures and how to avoid them
Digital signatures are widely used for authenticating messages, but cryptographers argue that their use might be inappropriate in several scenarios. Schnorr signatures, derived from an identification protocol, illustrate the nuances and potential pitfalls of digital signatures. Using an interactive identification protocol can offer better security and context-specific validation, unlike signatures which are universally verifiable. The post also highlights the fragility of in-use signature schemes and advises using HMAC or authenticated KEMs with public key crypto for authentication needs instead.