Pinned Loading

1. honzajde.github.io honzajde.github.io Public

   Info page about internal project: Trading tools

   CSS

2. honzajde-blog-src honzajde-blog-src Public

   Source for honzajde.github.io

   CSS

3. Tptacek's Review of "Practical Crypt... Tptacek's Review of "Practical Cryptography With Go"

   1

   Wow. I've now read the whole book and much of the supporting code. I'm not a fan, and recommend against relying on it. Here's a laundry list of concerns:

   2

   3

    * The teaching method the book uses is badly flawed. The book's strategy is to start simple and build to complexity, which makes sense if you're teaching algebra but not if you're teaching heart surgery. The result is that each chapter culminates with the implementation of a system that is grievously insecure. Little warning is given of this, apart from allusions to future chapters improving the system. For instance, Chapter 2 closes with a chat system that uses AES-CBC without an authenticator.

   4

   5

    * The book is full of idiosyncratic recommendations. For instance, AES-CBC requires a padding scheme. There is a standard padding scheme. The book purports to present it, but instead of PKCS7, it presents 80h+00h..00h. 

4. Simple Golang HTTPS/TLS Examples Simple Golang HTTPS/TLS Examples

   1

   ##### Generate private key (.key)

   2

   3

   ```sh

   4

   # Key considerations for algorithm "RSA" ≥ 2048-bit

   5

   openssl genrsa -out server.key 2048