4·
5 months agowait you’re serious? this isn’t satire???
Hazelnoot [she/her]
Transfem demigirl with an interest in coding, gaming, and retrocomputing.
My links:
- 0 Posts
- 9 Comments
Joined 3 years ago
Cake day: June 2nd, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
4·5 months agoHere’s the full report, for anyone who doesn’t want to give their personal information: https://enby.life/files/c564f5f8-ce51-432d-a20e-583fa7c100b8
I hope you didn’t literally use XOR
It’s XOR(key, block) with IV and chaining: https://github.com/RommieEcho/qrcatalyst-open/blob/main/src/routes/anon/XORCipher.js
Since it’s chained at the byte level, you can strip it out by just XORing each byte against all following bytes. Then the IV can be XORed out of the first block, at which point you have just a series of XOR(key, plaintext) blocks that can be attacked with conventional methods.
In the past, people have stolen the problems to use in their own challenges, coding tutorials, and even commercial projects. The author has asked people to keep their inputs out of git or anywhere publicly searchable.
There’s a limited pool of random inputs, so it’s possible to collect them all with enough input samples. In the past, the creator has asked people not to upload their input file because there are bots that scrape GitHub looking for the inputs.
Thanks for the reminder! I almost forgot to set up my repo. 🤦♀️ I’ll be publishing my solutions on GitHub for anyone interested. This year I finally got around to restructuring things to keep the input files out of git, so I won’t have to feel guilty about leaking the problem inputs.
Right?? I normally love it when websites have a fun twist, but this one really needs an off button. The other cursors keep covering the text and it becomes genuinely uncomfortable to read. Fortunately, you can easily block the WS endpoint with any ad blocker.
Thank you for this! You can also get rid of it with a custom ad-blocker rule. I added these to uBlock Origin, and it totally kills the pointer thing.
wss://tonsky.me http://tonsky.me/pointers/ https://tonsky.me/pointers/
This is very much not true in some domains, like software development. Code is much harder to read than it is to write, so verifying the output of a coding AI usually takes more time (or at least more cognitive effort) than if you’d just written the code yourself.