Person interested in programming, languages, culture, and human flourishing.

  • 0 Posts
  • 3 Comments
Joined 3 years ago
Cake day: June 17th, 2023
  • Thinker@lemmy.worldtoTechnology@lemmy.worldRunning Pokémon With A Compass And StraightedgeEnglish
    2·
    8 hours ago

    To add two numbers, for example, it constructs the midpoint between them, then doubles the distance from the origin.

    It’s basically a self-defined system of arithmetic, with no actual numbers. e.g. rather than 1 + 2 = 3, you have [radius of unit circle A] + [radius of 2 unit circle B] = [length of 3 unit line C]. I’ll confess I don’t totally understand how you can extend that to the point that it can correctly implement RSA, but I believe it can be done based on other achievements with unquantified geometry I’ve witnessed in the past.

    For example, this excellent video about constructing flags using only the shape drawing tools of PowerPoint without ever applying external measurements to the shapes.

  • Thinker@lemmy.worldtoTechnology@lemmy.worldWhat is a Passkey? - ComputerphileEnglish
    122·
    2 months ago

    The number of times I’ve seen people link to this thread while completely misunderstanding the context of it drives me nuts. The issue isn’t being able to export keys, it’s that KeepassXC was making it trivial to export keys in plaintext with no user warning/verification, which fundamentally undermines the biggest security advantage of passkeys - phishing resistance. In other words, if users can be easily talked through exporting their keys via a simple in-app flow that gives them no warning about the danger of what they’re doing, then they will do that and be scammed horribly by it.

    The person who raised the issue was asking KeepasXC to come up with a better solution for exporting keys - originally he asked them to wait for the now standardized process that every passkey provider uses, but then they settled on showing the user an explicit warning about the danger of plaintext exports in the meantime.

    If you choose to read the most hostile and uncharitable subtext into every word a person writes in public, you can misunderstand what he’s saying. Otherwise, this is a pretty cut-and-dry example of a person genuinely trying to support the interests of end users.