Skip to content

Instantly share code, notes, and snippets.

atoponce / index.html
Last active Apr 19, 2019
JavaScript entropy proof-of-concept
View index.html
<meta http-equiv='Content-Type' content='text/html; charset=utf-8' />
<title>JavaScript Entropy Proof-of-Concept</title>
<script language='javascript'>
// the main crytpographic object
const crypto = window.crypto || window.mscrypto;
// collect cryptographic quality randomness
var entropy = new Uint32Array(8);
atoponce /
Last active Apr 5, 2019
Best practices for examples in documentation

Reserved Examples

Below are examples for best practices that have been set aside specifically for writing documentation, fictional stories, source code, or anything else where an example needs to be given without the fear of resolving to an actual phone number, domain, website, etc.

Domain Names

In 1999, the "" domains have been set aside by the IETF in RFC 2606 specifically for documentation and source code. They include,, and The domain was added by ICANN in 2000. Later, the ".example" top-level domain name has since been added explicitly for documentation purposes.

While the pseudo-top-level domain ".local" carries no meaning, it is commonly deployed in multicast DNS, local DNS, and private networks. While it too could be used for documentation, it's better left alone, and to use the "" and ".example" domains.


If you wanted to document getting a specific resource via a REST API

atoponce /
Created Aug 31, 2018
Proposed improvements to EFF's FANDOM wordlists

There are some text encoding errors in the initial EFF word lists:

Game of Thrones:

  • 5-15-4 & 15-15-4: "donÕt" in txt, "don’t" in PDF (non-ASCII apostrophe)
  • 9-20-18 & 19-20-18: "m?ole" in txt, 'mole' in PDF (0x0a between "m" and "o")
  • 4-9-3 & 14-9-3: "weÕre" in txt, "we’re" in PDF (non-ASCII apostrophe)
  • 6-19-20 & 16-19-20: "Òfuck" in txt, "“fuck" in PDF (non-ASCII double-quote)

Assuming "don't" in 5-15-4/15-15-4 and "we're" in 4-9-3/14-9-3, I removed those entries, as there are no other word contractions anywhere else in any of the lists.

atoponce /
Last active Dec 5, 2018
Password generation in the shell

Simple Shell Password Generation

Just using the shell, either with built-in tools, or 3rd party generators, for building passwords with at least 70-bits of entropy (1 in at least 1,180,591,620,717,411,303,424 possibilities).

Each provide their own advantages and disadvantages.

Built-in Tools

All graphical keyboard characters

All possible 94 graphical characters (not the <Space> or <Tab>) are

atoponce /
Created Jul 30, 2018
Extracting entropy from mouse movement events

Extracing Entropy From Mouse Movement Events

Here are my findings of entropy extraction estimates from mouse movement events in the browser. Tables below show the results sorted by the minimum entropy extraction. Timing events, keyboard events, and other potential sources of entropy that can be collected from the user are not considered here.

A [visual representation][1] of slow, medium, and fast mouse movements can help visualize why the entropy estimation increases as the mouse velocity increases. The recorded data was plotted with Gnuplot as follows:

atoponce /
Last active Jul 7, 2018
Some solutions removing bias from loaded dice
import random
# Simple script to simulate biased throws of a single d6 die.
# bias should sum to 1
# pips ( 1, 2, 3, 4, 5, 6 )
BIAS = (0.125, 0.125, 0.25, 0.25, 0.125, 0.125)
atoponce / trump.js
Created Jun 8, 2018
Uncut Trump passphrase wordlist
View trump.js
atoponce / index.html
Created Jun 6, 2018
Twemoji font testing
View index.html
<!doctype html>
<meta charset="utf-8">
<title>Emoji Font Test</title>
@font-face {
font-family: "emoji";
src: url("./fonts/TwitterColorEmoji-SVGinOT.ttf") format("truetype");
atoponce / random.js
Last active Mar 11, 2018
Uniform random number generators
View random.js
// Citation:
* Getting a random number from [0, max)
// DO THIS (unbiased)
function getRandomInt(max) {
var low = (-max >>> 0) % max;
do { var n = Math.random() * 0x100000000 >>> 0; } while(n < low);
View jp_hiragana.txt
Hash: SHA512
# This word list has included material from the JMdict (EDICT, etc.)
# dictionary files in accordance with the licence provisions of the
# Electronic Dictionaries Research Group, and is covered under their
# Creative Commons Attribution-ShareAlike Licence.
You can’t perform that action at this time.