0xabad1dea

// SHA1 But I Let Copilot Take The Wheel

// this is ENTIRELY written by Github Copilot, all I did was
// give it a few prompts and made the absolute minimum changes
// to compile, which was rearranging the function order and
// adding one variable it had used without declaring.

// it does not quite work! have fun fixing it I guess :)

// license: uhh... a bot wrote it, I don't think you can

0xabad1dea

The Scammiest Scam To Yet Anonymity Scam

I'm still holding out for this being a hoax, a big joke, and that they're going to cancel the kickstarter any minute. It'd be quite the cute "lessons learned" about anonymity scams. However, I will be treating it from here on out as a genuine scam. (As of May 2nd, the kickstarter has been cancelled, after the strangest attempt to reply to this imaginable. Good riddance.)

This absolutely ridiculous thing was brought to my attention by a friend and since it was late at night I thought I must be delirious in how absurdly over the top fake it seemed. So I slept on it, woke up, and found that it had gotten a thousand dollars more funding and was every bit as flabbergasting as I thought it was.

Since I realize that not everyone has spent their entire lives studying computers – and such people are the targets of such scams –

0xabad1dea

Abadidea's Index of Weird Machines in Video Games

A "weird machine" is when user-supplied input is able to create an arbitrary new program running within an existing program due to Turing-completeness being exposed. Sometimes such functionality was deliberately included but it is often the result of exploitation of memory corruption. You can learn more at the langsec site. There is a good argument for weird machines being inherently dangerous, but this index is just for fun.

It is broken into two categories: intentional gameplay features which may be used as weird machines, and exploit-based machines which can be triggered by ordinary player input (tool-assisted for speed and precision is acceptable). Games with the sole purpose of programming (such as Core Wars) are not eligible and plugin APIs don't count. If you know of more, feel free to add a comment to this gist.

Intentional Gameplay Mechanics

0xabad1dea

config_version = 1
%terminals {
	name = "xterm-256color"
	key_timeout = -1000
}
make_backup = false
hide_menubar = false
parse_file_positions = true
disable_primary_selection_over_ssh = false
color = true

0xabad1dea

Dear Phiharmonics,

There are a lot of wireless devices in my home and at my workplace and I believe they sometimes interfere with my research. I have some questions about whether your wi-fi energy dots could help me out in harmonizing my living spaces.

1.) What is the effective range of the harmonizing? Do they ever need to be replaced? If so, does more wifi wear them out faster?

2.) Is the harmonizing compatible with all of the IEEE 802.11 wireless standards or only b/g? And Bluetooth?

3.) They look like they're made of copper but you don't specify what, exactly, they are or what's in them. Do they still work if adhered to a conductive surface? Is it okay if they get wet?

0xabad1dea

Sorry, RSA, I'm just not buying it

I want to be extremely clear about three things. First, this is my personal opinion – insert full standard disclaimer. Second, this is not a condemnation of everyone at RSA, present and past. I assume most of them are pretty okay, and that the problem is confined to a few specific points in the company. However, “unknown problem people making major decisions at RSA” is a bit unwieldy, so I will just say RSA. Third, I'm not calling for a total boycott on RSA. I work almost literally across the street from them and I don’t want to get beat up by roving gangs of cryptographers at the local Chipotle.

RSA's denial published last night is utter codswallop that denies pretty much everything in the world except the actual allegations put forth by Reuters and hinted at for months by [other sources](http://li

0xabad1dea

#!/usr/bin/python3
# perfect fourths calculator for Geometric Elamite Musical Hypothesis
# 0xabad1dea (Melissa Elliott) May 5th 2022
import math

# reference pitch
a4 = 440.0

scalenames = ["A4", "Ab", "G", "Gb", "F", "E", "Eb", "D", "Db", "C", "B", "Bb", "A3"]
scale = [a4]

0xabad1dea

Guidelines for Singular They in Technical English

by 0xabad1dea, December 2014

This document is an RFC of sorts for increasing the adoption rate of Singular They in technical English. This is not an ultimatum; this is not shaming anyone who has done otherwise; and this is definitely not applicable to any other language.

What is Singular They?

0xabad1dea

Dual EC, The Saga Continues: BUT MAYBE I’M BIASED

Bla bla bla this is my personal opinion bla bla bla.

Patents. Can’t live with violating them, can’t live without violating them. The entire concept of patented cryptography is a bit beyond what I have the energy to deal with right now. Whatever. We’re going in.

It didn’t click with me yesterday, reading the crypto news, that I had already quoted one Dan Brown with whom we are now concerned. No, not the one who wrote the novels. One of the other ones. I cited him in my timeline of trying to reconstruct where and when exactly Dual EC DRBG went so wrong. Specifically, the paper has a casual mention (bottom of page 7) that the proof of security relies on initialization value Q being random, because if it is not random, an adversary in-the-know can recover the prestates and everything’s downhill from there. Therefore – and I quote – it is generally preferable for Q to be c

0xabad1dea

Risk Assessment of GitHub Copilot

0xabad1dea, July 2021

this is a rough draft and may be updated with more examples

GitHub was kind enough to grant me swift access to the Copilot test phase despite me @'ing them several hundred times about ICE. I would like to examine it not in terms of productivity, but security. How risky is it to allow an AI to write some or all of your code?

Ultimately, a human being must take responsibility for every line of code that is committed. AI should not be used for "responsibility washing." However, Copilot is a tool, and workers need their tools to be reliable. A carpenter doesn't have to