On Sat, Jun 27, 2015 at 3:59 PM, Ian Kelly wrote:
> On Fri, Jun 26, 2015 at 7:21 PM, Chris Angelico wrote:
>> On Sat, Jun 27, 2015 at 6:09 AM, Randall Smith wrote:
>>> Give me one plausible scenario where an attacker can cause malware to hit
>>> the disk after bytearray.translate with a 256 byte
We had originally planned switching to On-Desk Rates yesterday, but
because ticket sales are going well, we are extending the deadline for
more than a week.
*** Buy your EuroPython 2015 tickets ***
https://ep2015.europython.eu/en/registration/
On-Desk Rates
-
On Sat, 27 Jun 2015 02:05 pm, Devin Jeanpierre wrote:
> On Fri, Jun 26, 2015 at 8:38 PM, Steven D'Aprano
> wrote:
>> Now you say that the application encrypts the data, except that the user
>> can turn that option off.
>>
>> Just make the AES encryption mandatory, not optional. Then the user
>> c
On Fri, Jun 26, 2015 at 7:21 PM, Chris Angelico wrote:
> On Sat, Jun 27, 2015 at 6:09 AM, Randall Smith wrote:
>> Give me one plausible scenario where an attacker can cause malware to hit
>> the disk after bytearray.translate with a 256 byte translation table and
>> I'll be thankful to you.
>
> T
On Fri, Jun 26, 2015 at 9:38 PM, Steven D'Aprano wrote:
> With respect Randall, you contradict yourself. Is there any wonder that some
> of us (well, me at least) is suspicious and confused, when your story
> changes as often as the weather?
>
> Sometimes you say that the client software uses AES
On 27.06.2015 02:55, Randall Smith wrote:
> No the attacker does not have access to the ciphertext. What would lead
> you to think they did?
Years of practical experience in the field of applied cryptography.
Knowledge of how side channels work and how easily they can be
constructed for bad sche
On Sat, Jun 27, 2015 at 2:11 PM, Rustom Mody wrote:
> On Friday, June 26, 2015 at 9:30:38 AM UTC+5:30, Chris Angelico wrote:
>> Incidentally, I would suggest not having the try/except at all, since
>> all it does is print an error and terminate (which is the same result
>> you'd get if that error
On Friday, June 26, 2015 at 9:30:38 AM UTC+5:30, Chris Angelico wrote:
> Incidentally, I would suggest not having the try/except at all, since
> all it does is print an error and terminate (which is the same result
> you'd get if that error bubbled all the way to top level). But if you
> are going
On Fri, Jun 26, 2015 at 8:38 PM, Steven D'Aprano wrote:
> Now you say that the application encrypts the data, except that the user can
> turn that option off.
>
> Just make the AES encryption mandatory, not optional. Then the user cannot
> upload unencrypted malicious data, and the receiver cannot
On Sat, 27 Jun 2015 06:09 am, Randall Smith wrote:
> On 06/26/2015 12:06 PM, Steven D'Aprano wrote:
>> On Fri, 26 Jun 2015 11:01 am, Ian Kelly wrote:
>>
>>> You're making the same mistake that Steven did in misunderstanding the
>>> threat model.
>>
>> I don't think I'm misunderstanding the threat,
On Sat, Jun 27, 2015 at 6:09 AM, Randall Smith wrote:
> Give me one plausible scenario where an attacker can cause malware to hit
> the disk after bytearray.translate with a 256 byte translation table and
> I'll be thankful to you.
The entire 256-byte translation table is significant ONLY if you
On 06/26/2015 05:42 PM, Johannes Bauer wrote:
On 26.06.2015 23:29, Jon Ribbens wrote:
While you seem to think that Steven is rampaging about nothing, he does
have a fair point: You consistently were vague about wheter you want to
have encryption, authentication or obfuscation of data. This sugg
On 2015-06-26, Johannes Bauer wrote:
> On 26.06.2015 23:29, Jon Ribbens wrote:
>>> While you seem to think that Steven is rampaging about nothing, he does
>>> have a fair point: You consistently were vague about wheter you want to
>>> have encryption, authentication or obfuscation of data. This su
On 06/26/2015 04:07 PM, Johannes Bauer wrote:
You consistently were vague about wheter you want to
have encryption, authentication or obfuscation of data.
I knew (possibly extra) encryption wasn't necessary at this stage, but I
also knew that encryption would provide good obfuscation. Problem
On 06/26/2015 04:55 PM, Mark Lawrence wrote:
To be perfectly blunt I gave up days ago trying to follow what was being
said, just too many words from all angles and too few diagrams for me to
follow. I sincerely hope it doesn't end in tears.
Mark.
There's not much to follow. The solution w
Johannes, I agree with a lot of what you say, but can you please have
less of a mean attitude?
-- Devin
On Fri, Jun 26, 2015 at 3:42 PM, Johannes Bauer wrote:
> On 26.06.2015 23:29, Jon Ribbens wrote:
>
>>> While you seem to think that Steven is rampaging about nothing, he does
>>> have a fair p
On 26.06.2015 23:29, Jon Ribbens wrote:
>> While you seem to think that Steven is rampaging about nothing, he does
>> have a fair point: You consistently were vague about wheter you want to
>> have encryption, authentication or obfuscation of data. This suggests
>> that you may not be so sure your
Greetings!
You been Invited as a Beta User for TheGongzuo.com ( Absolutely Extended Trial).
We bring to you TheGongzuo.com, Top notch highly talented IT (Information
Technology / Software Industry) skilled Professional Candidates, where you can
find more than a resume.
___
On Fri, Jun 26, 2015 at 3:07 PM, Johannes Bauer wrote:
> That people in 2015 actually defend inventing a substitution-cipher
> "crypto"system sends literally shivers down my spine.
I think that the people defending this have been reasonably consistent
about using the word "obfuscation", not "cryp
On 26/06/2015 22:29, Jon Ribbens wrote:
On 2015-06-26, Johannes Bauer wrote:
On 26.06.2015 22:09, Randall Smith wrote:
You've gone on a rampage about nothing. My original description said
the client was supposed to encrypt the data, but you want to assume the
opposite for some unknown reason.
On 2015-06-26, Johannes Bauer wrote:
> On 26.06.2015 22:09, Randall Smith wrote:
>> You've gone on a rampage about nothing. My original description said
>> the client was supposed to encrypt the data, but you want to assume the
>> opposite for some unknown reason.
>
> While you seem to think that
On 26.06.2015 22:09, Randall Smith wrote:
> And that's why we're having this discussion. Do you know of an attack
> in which you can control the output (say at least 100 consecutive bytes)
> for data which goes through a 256 byte translation table, chosen
> randomly from 256! permutations after t
On 26.06.2015 22:09, Randall Smith wrote:
> You've gone on a rampage about nothing. My original description said
> the client was supposed to encrypt the data, but you want to assume the
> opposite for some unknown reason.
While you seem to think that Steven is rampaging about nothing, he does
h
On 06/26/2015 12:06 PM, Steven D'Aprano wrote:
On Fri, 26 Jun 2015 11:01 am, Ian Kelly wrote:
You're making the same mistake that Steven did in misunderstanding the
threat model.
I don't think I'm misunderstanding the threat, I think I'm pointing out a
threat which the OP is hoping to just ig
> import os import shutil import sys
>
> # create an insanely long directory tree p = os.getenv("TEMP")
> #p = ur"\\server\share\blah\temp"
> tmpdir = p os.chdir(tmpdir)
> for i in xrange(1000):
> tmpdir = os.path.join(tmpdir, "sub") os.mkdir("?\\" + tmpdir)
> #os.mkdir(u"?\\UN
On Thu, 25 Jun 2015 14:37:55 +0100, Tim Golden wrote:
> On 25/06/2015 14:35, Michael Torrie wrote:
>> On 06/25/2015 06:34 AM, Tim Golden wrote:
>>> On 25/06/2015 13:04, Joonas Liik wrote:
It sounds to me more like it is possible to use long file names on
windows but it is a pain and in p
On 2015-06-26 18:12, georgeryo...@gmail.com wrote:
[python 2.7, linux]
I have a python app. I cannot modify the file. But I can import it and mess
with it. I need to perform brief tasks before and after some of the member
functions.
I'd like to do this in as clear and maintainable way as poss
georgeryo...@gmail.com wrote:
> [python 2.7, linux]
> I have a python app. I cannot modify the file. But I can import it and
> mess with it. I need to perform brief tasks before and after some of the
> member functions.
> I'd like to do this in as clear and maintainable way as possible (no third
On 06/23/2015 10:53 AM, Laurent Pointal wrote:
> Mark Lawrence wrote:
>
>> Another beasty I've just stumbled across which you may find interesting
>> http://www.sciencedirect.com/science/article/pii/S2213133714000687
>
> Why use a JIT complation when you could use some C++ generation then
> com
[python 2.7, linux]
I have a python app. I cannot modify the file. But I can import it and mess
with it. I need to perform brief tasks before and after some of the member
functions.
I'd like to do this in as clear and maintainable way as possible (no third
party imports). Here's what I have
On Fri, 26 Jun 2015 11:01 am, Ian Kelly wrote:
> You're making the same mistake that Steven did in misunderstanding the
> threat model.
I don't think I'm misunderstanding the threat, I think I'm pointing out a
threat which the OP is hoping to just ignore.
In an earlier post, I suggested that the
On Fri, Jun 26, 2015 at 9:16 PM, Chris Warrick wrote:
>> Project website: http://pyswitch.sf.net
>> Download Page: http://pyswitch.sourceforge.net/pages/download.html
>
> You are not going to get a lot of downloads with that. SourceForge
> spreads malware, and lots of people avoid them nowadays.
>
On 26 June 2015 at 04:42, Godson Gera wrote:
>
> =
> pyswitch 0.2
> =
>
> PySWITCH 0.2 is released
>
> Please, note that PySWITCH 0.2 is not available on PyPI because of name
> conflict
This is not a good idea. You should just change your name, or upload
under a slightly differen
On 2015-06-26, Chris Angelico wrote:
> On Fri, Jun 26, 2015 at 1:26 AM, Jon Ribbens
> wrote:
>> Well, it means you need to send 256 times as much data, which is a
>> start. If you're instead using a 256-byte translation table then
>> an attack becomes utterly impractical.
>
> Utterly impractical?
On Thu, 25 Jun 2015 11:39:53 -0700, kbtyo wrote:
> My question can be found here:
>
> http://stackoverflow.com/questions/31058100/enumerate-column-headers-in-
csv-that-belong-to-the-same-tag-key-in-python
I suggest you look on stack overflow for the answer.
You appear to have failed to comprehe
On Thu, Jun 25, 2015 at 06:07:30PM -0700, fl wrote:
Hi,
I read Ned's tutorial on Python. It is very interesting. On its last
example, I cannot understand the '_' in:
board=[[0]*8 for _ in range(8)]
I know '_' is the precious answer, but it is still unclear what it is
in the above line. Can
On 06/25/2015 06:07 PM, fl wrote:
Hi,
I read Ned's tutorial on Python. It is very interesting. On its last
example, I cannot understand the '_' in:
board=[[0]*8 for _ in range(8)]
I know '_' is the precious answer, but it is still unclear what it is
in the above line. Can you explain it to
37 matches
Mail list logo
