Can't say this one is hardcore, but it's certainly not a light read. On ZKRP (Zero-Knowledge Range Proof). The idea is simple: prove to someone that some number of yours is from a particular interval, without revealing the number itself. They list a number of applications, a bunch of different approaches, plus links to the original works to dig deeper.

#zk #cryptography #math

An explanation of bloom filters. This data structure allows to check if a value is in a set with constant time and small memory overhead. Subject to false positives though.

#cs #datastructure

Well, next time shit hits the fan, you know what to do. Blame Terry. Have you already found yours?)

#humor

Some guy's popularizing HTML tags. Two ideas in essence. 1) HTML is a nice markup lang, machines would be more comfortable parsing it and using the data to learn. 2) No need to invent the wheel, there are a lot of ready to use components that will work nice almost everywhere.

#html #web #ml

Several techniques Android malware uses to protect itself from analysis. My favorite is non-standard APK compression method. Most of the tools weren't able to decompile such archive, API 28+ devices however weren't complaining at all.

#android #cybersec

I often try to encourage simple systems. In this post you'll find thoughts about the problem from a different angle. In short, they say that "simple for other devs" won't really work, so we should aim at "simpler for the user". Even if our user is a dev.

#complexity #code

We saw a toy JVM in Rust recently. Here's a bit more serious and ambitious project - JVM in Go. This post is about method discovery. Also try this page if you decide to dive deeper.

#jvm #go #java

The original idea behind Proof-of-Work was to fight email spam. Small computation puzzle is barely noticeable when you want to send a single message, it becomes rather slow and expensive in case of mass email. It's nice to see that Tor now uses adaptive PoW defence to fight DoS attacks.

#network #tor #cybersec

A nice story about a guy who crafts beautiful wooden computers. Not a bad hobby for retirement, hm?)

#hardware #story

This is insane. 2 minute video. Obtaining personal email address and access to mobile network account by the means of call to support and social engineering.

#cybersec #hack

A little bit about how concurrency and parallelism are done in the realm of Erlang and Elixir.

#elixir #erlang #concurrency

Turns out this story is rather well known, but I've just discovered it. It's about the problem with block ciphers when you need to encrypt more data than a single block fit.

#cybersec #cryptography #history

There's a nice overview of Android 14 TLS certs updates on http toolkit blog. In short, it's not yet clear whether it'll be possible to use your own custom certificates or not. Things aren't good, by the looks of it.

#certificate #network #tls

These guys here are doing one hell of a great job. GNU coreutils exploration. How they work, which patterns and idioms are there in the code, they even have diagrams for them!

#gnu #cli

AR version of Space Invaders by Google. I thought AR on Android is dead, but it seems they're still trying to hang in there. Cool that it's doable on a phone now. I've played a similar game on Microsoft HoloLens, it was another level of hardware, compared to mobile.

#gamedev #ar #google

You've probably heard about Outline VPN. Here's a cool thing: they've released SDK that can be used directly in a product. It means that users will be able to continue using censored app without their own VPN.

#google #network #vpn

Not even close to IT, moreover, it's a longread, but it worth your time, I promise. An excellent systemic dive into the industry of small credit card debt collectors in the US.

#bank #finance #debt

Capslock by Google. Tool to check your dependencies for unexpected file and network access, arbitrary code execution, etc. One of the goals is to fight supply-chain attacks. Only available for Go at the moment, but they promise other languages later.

#google #cybersec #vulnerability

This one is just for fun. A game. Programming Language Inventor or Serial Killer. Take a look at the photo, have you seen this person?

#humor #game #language

On challenges of testing a sensor-based indoor positioning SDK. They've recorded a bunch of real sessions and found a way to use them instead of real sensor data for tests. @Dryupa is the author of the post. Long time ago he attended our very first offline peerlab ❤️

#android #sensor #test