• 3 Posts
  • 37 Comments
Joined 2 years ago
cake
Cake day: July 2nd, 2023

help-circle






  • Anybody using obfuscation for securing algorithms is fooling themselves. It can be useful in fringe scenarios when you know and accept the limitations but for general use it is not. There is no obfuscation clever enough that can not be broken down and figured out.

    Example - delaying cracking of copy protection for the first few weeks of a game release. It will be cracked eventually though, regardless the obfuscation and protection. Nobody expects it to be secure - but complicated enough to buy some time.

    Other example - obfuscating assets loader for your game app to make it slightly harder to steal the graphics for scams and knock offs. It will not stop anybody dedicated to it but it can make the lazy skip it and go for the next game instead. Nobody expects it to be secure, but it might work as a deterrent because the next bicycle has a simpler lock to cut.

    Counter example - thinking you’re clever by obfuscating your homebrew cryptographic algorithm. Just don’t. Use a FOSS crypto library, learn how to secure keys and be done with it. It’s not secure or safe in any possible way ever and it is a really bad idea all over.









  • whaleross@lemmy.worldtoProgrammer Humor@programming.devJavaScript
    link
    fedilink
    arrow-up
    24
    arrow-down
    2
    ·
    6 days ago

    It was never intended to run full applications but only the small business scripts and hobbyist homepage stuff that were the thing in the 90s, across inconsistent browsers that were a jungle of hit and miss behaviour where it was preferred that menus keep working even if the mouse effect was not. Anything of scale was expected to be done in Java. Dynamic web pages did not exist and as anything not static was generated server side into a static html file to be rendered on the client.

    Anyway, back then it wasn’t considered the job of the programming language to hold the hand of the aspiring developer as it is common today. It’s not a bad thing that IDE and even compilers and preprocessors try to help you write better code today, but then it simply didn’t exist.

    JavaScript is from a different time and because it has the hard requirement or backwards compatibility there is no changing it and has not been for thirty years except to add stuff to it.

    I think it’s just silly to ask the past to keep up with the present. Bad code is not the fault of the language regardless, even though junior devs and even seasoned ones like to think so to protect their ego. I think it is better to accept it, learn from it and roll with it because every single platform and language has their weird quirks anyway.

    Signed, old dude that learned programming in 8 bit BASIC and 6502 machine code without an assembler, where code bad enough would freeze your machine that required a cold boot and starting over from your last save that you didn’t do.


  • whaleross@lemmy.worldtoProgrammer Humor@programming.devJavaScript
    link
    fedilink
    arrow-up
    51
    arrow-down
    8
    ·
    6 days ago

    People that try to do mathematical operations with strings blaming the programming language that had a stated design goal to do its best and try to keep running scripts that make no sense because they realized it would be used by people that have no idea what they are doing. Clearly they were right.



  • I’ve been trying to configure ChatGPT tell me if I’m wrong in a question or statement but damn it never does unless I keep probing for support or links. I’ve been having the feeling that it has become worse with latter models. Glad but also sad to see I was right.

    Anybody know other LLM that are more “trustworthy”* and capable of searching online for more information?

    Edit; *trustworthy in quotes because of course people will jump on this. I know the limitations of LLM, I don’t need you to tell me how much you hate everything AI. And I know LLM aren’t AI.