Fry-kun's comments

Is it company policy to not respond to most applications? I've applied several times and never got back a rejection..

Trick doesn't work on Firefox 52: original cursor is visible as well as the fake one Works on Chrome, though

Full stack engineer (frontend, backend, devops, architecture)

Location: SF Bay Area (south bay) Remote: Yes Willing to relocate: no* Technologies: Python, C, C++, Java, JavaScript, Lua, PHP, SQL(MySQL/SQLite), noSQL (Redis/Memcached), Nginx, Linux, etc. Résumé/CV: https://svist.net/resume (note: A+ score from SSL Labs test) Email: see resume

Interests: Gaming, robotics, home automation, security, image/video processing (e.g. deconvolution, superresolution), open source

Fast learner; familiar with some details about almost everything. If you're doing something I'm really interested in, I may be willing to work farther away and/or for reduced pay while I onboard

Anything in Bay Area region?

There are so many potential hidden channels! If 2nd can see what the 1st one guessed -- that's also easy Or if they just agree on the timing of the guess..

I've mentioned an idea in Phoronix forums[1] yesterday: Since most users won't bother comparing the entire signature (also applies to comparing md5/sha*/etc. hashes), it might be a good idea to map & display blocks of the sig as English words to the user.

Care must be taken to avoid similar-looking and similar-sounding (homophonic) words, but since there are >150k words in Oxford English Dictionary, so it should be possible to get 65k usable ones.

In fact, someone pointed out something like this already exists to a degree: [2]

A contrived visual example (suppose someone matches first two and last two segments!):

  Fake Linus Torvalds: ABAF 11C6 32D8 69AE E438 F74B 6211 AA3B 0041 1886
  Real Linus Torvalds: ABAF 11C6 5A29 70B1 30AB E3C4 79BE 3E43 0041 1886

With a word salad approach:

  Fake Linus Torvalds: lopsided crate threatening hydrant peep bumpy art work earth spurious
  Real Linus Torvalds: lopsided crate symptomatic equal kaput chunky kettle include earth spurious

Even with an even-spaced font, it's hard to confuse the two

(random words from [3])

[1] https://www.phoronix.com/forums/forum/phoronix/latest-phoron...

[2] https://github.com/bitcoin/bips/blob/master/bip-0039.mediawi...

[3] https://www.randomlists.com/random-words

Awesome shots! Because of the particular angles & distances, it looks like the moon is almost grinding against us! Of course, that's just an optical illusion; the actual distance & proportions are more like https://en.wikipedia.org/wiki/Lunar_distance_(astronomy)#/me...

Wait, I thought wifi had frequency hopping built-in..?

That can't be it, SNI certs had been supported for a long time already

Upcoming product, sounds promising:

https://www.kickstarter.com/projects/1048259057/openkey-the-...

So many people confuse encryption with authentication... Suppose you're a whistleblower trying to contact a reporter using WhatsApp. You've never met in person, so you send a message over WhatsApp, "Hello!" The reporter replies, "Hi!" You now have a big problem -- you don't KNOW that it was the reporter who replied to you, it might've been a nefarious 3rd party who already intercepted your original message and is now replying. WhatsApp's only mechanism for checking if that's the case is comparing some numbers out-of-band (e.g. in person, with QR codes). What's even more tragic is that WhatsApp doesn't track/show which contacts you may have already authenticated.. good luck remembering which of your 100 contacts are verified

Palo Alto shows no positions available...