Comments on: 240: TZ Discussion – Hope in a Quantum Encryption Box

By: James robert

James robert — Fri, 23 Aug 2013 19:47:15 +0000

On the topic of apple, isn’t jony Ive supposed to fill jobs’ shoes? I haven’t heard anyone saying it would be cook. Just a thought.

Sent from my iPhone 😉

By: Justin

Justin — Tue, 20 Aug 2013 17:16:05 +0000

@Eoin – That’s the one!

By: Eoin

Eoin — Mon, 19 Aug 2013 14:13:08 +0000

Justin, is this the broker you’re in contact with? http://ryanpsorensen.com/broker-service/

By: Jason

Jason — Fri, 16 Aug 2013 23:55:58 +0000

@Sandy – Yeah, that’s true, but there are all of these other reasons to believe that Tor and classic encryption may not be as effective as originally thought (see links below). A quantum internet would just be the ideal (at least as far as I understand it).

* Encryption is less secure than we thought
(For 65 years, most information-theoretic analyses of cryptographic systems have made a mathematical assumption that turns out to be wrong.)
http://web.mit.edu/newsoffice/2013/encryption-is-less-secure-than-we-thought-0814.html

* Math Advances Raise the Prospect of an Internet Security Crisis
(Academic advances suggest that the encryption systems that secure online communications could be undermined in just a few years.)
http://www.technologyreview.com/news/517781/math-advances-raise-the-prospect-of-an-internet-security-crisis/

* Has Tor been bugged by the NSA?
(Last week I recommended people use Tor to anonymize their Web surfing. Some people think that’s a dangerous idea.)
http://www.itworld.com/it-management/364242/has-tor-been-compromised-nsa

* Feds Are Suspects in New Malware That Attacks Tor Anonymity
http://www.wired.com/threatlevel/2013/08/freedom-hosting/

By: Sandy

Sandy — Fri, 16 Aug 2013 21:09:57 +0000

I’m no expert either, but isn’t that what the Tor software does?

http://en.wikipedia.org/wiki/Tor_(anonymity_network)
https://www.torproject.org/

By: Stanislaw Pitucha

Stanislaw Pitucha — Fri, 16 Aug 2013 11:09:32 +0000

I guess the process that Udi proposed is usable, but I wouldn’t ever leave it to the developers. If I understand what was proposed correctly, then it works quite well, provided: this is automated by something like Jenkins or another CI system, no one apart from this system has write rights to the production branch, everything can be automatically tested so that the process always tests locally before actually merging.

That’s the way gerrit+jenkins integration works really and it’s used by many big projects out there. I wouldn’t trust developers to follow the process if it’s not enforced though 🙂

By: Jason

Jason — Thu, 15 Aug 2013 15:48:17 +0000

@Duncan from Vetter – Yeah, I figured f*ck it! 😉

By: Duncan from Vetter

Duncan from Vetter — Thu, 15 Aug 2013 09:08:35 +0000

This show should be called ‘The one with the swearing”.

🙂

By: Udi Mosayev

Udi Mosayev — Wed, 14 Aug 2013 10:58:47 +0000

Hey, Udi is here with a defense statement 🙂

Regarding the Laravel bug:
It’s still hard to understand that these kind of bugs exists (as well the copy bug).
Justin uncovered it after version 3 was so popular and version 4 is already released and used by many.
How no one else could find this bug before? I’m sure not only Digedu has users that insert ‘returning’.. probably many developers just couldn’t figure it out in case they had a problem like we did.

After I was able to replicate it (I didn’t understand at first it was only for INSERTs).. I was seriously shocked. Then Justin sent us the copy bug, which as you described has so many serious implications.. that’s just shuttered my world. Think how many other problems like that might exist..

The Fine:
If I had a a product generating few thousands a month I would agree to Justin’s “offer”, but only after we do things that will make me feel comfortable doing so: automated testing post-deployment, a proper defined workflow.. to avoid common human errors as much as possible.
The only thing that’s wrong with my suggestions is because master never tested before deployment to live?
What I suggest: merging features/fixes into staging branch, test it on staging, then merging it to master. When master is never touched directly = so no conflicts between staging and master. What problems ‘master’ might have? the same exact code was already tested.
You think a strange merge bug might occur? if its something like the Laravel bug then I guess it should happen and the world should know about these problems 🙂

No offense taken btw 🙂 I have a lot to learn and I listen to other opinions, but usually when I feel strongly about something (even when I’m wrong) it takes a while to convince me otherwise. So Justin, don’t give up in case I give you a hard time about a subject 🙂