Beefy Boxes and Bandwidth Generously Provided by pair Networks Frank
Perl-Sensitive Sunglasses
 
PerlMonks  

(RhetTbull) Re: Silly "encryption".....just for fun ;)

by RhetTbull (Curate)
on Jul 30, 2002 at 02:01 UTC ( #186120=note: print w/ replies, xml ) Need Help??


in reply to Silly "encryption".....just for fun ;)

Just say no to lame encryption! While useful as a learning exercise, posting weak encryption code in a public forum like this just invites some poor newbie to come along and use it. Yes, even though you tell us it's lame I bet someday someone will come and cut and paste your code. I have seen a seemingly competent programmer do that with an XOR snippet he found to send "encrypted" credit card data over email. If you don't really understand encryption and aren't using a well validated library, then you shouldn't be using encryption at all.

Practice writing this stuff at home but please don't share with everyone.


Comment on (RhetTbull) Re: Silly "encryption".....just for fun ;)
Re: (RhetTbull) Down with Censorship!
by Guitarded (Novice) on Aug 01, 2002 at 18:39 UTC
    Really? Don't share it with anyone? It could be damaging? Perhaps I could email you a Kleenex?

    I think if anyone were to paste that out and try to use it for "encrypting" credit card data, they'd be wasting their time twice, not to mention that would fall under the category of NMFP.

    I'll take the chance that some knob will mistake weak encryption for strong encryption.

    Here, maybe this will make you feel better:

    use Digest::Perl::MD5; my $keystring="Enter a string here"; my @stack; push(@stack, $blahblahwhatever); my $digest=new Digest::Perl::MD5; $digest->add(@stack); my $serial=$digest->hexdigest();


    If that doesn't help, maybe you should write your congressman. ;) Or teach me a thing or two about encryption. Meanwhile, I'll continue to post whatever I please as long as smart cats like merlyn want to participate in the discussion. I think you're looking for www.pissandmoan.com.....You've got the wrong number. Have a bitchin day.
      Grow up.
      In my post, I didn't attack you, I didn't say you were stupid, I didn't say you shouldn't participate in the monastery. I didn't say you should be censored (as you imply). Heck, I didn't even downvote your node. I did give my opinion why I thought you shouldn't post such code here. If you are learning perl and have a question about your code, then it would have been (in my opinion) perfectly acceptable for you to post your snippet in the SOPW. But you didn't, you posted in in Cool Uses for Perl when in fact your code wasn't a cool use for perl (again, my perfectly valid opinion). Posting here thus implies that this is cool code that others might find interesting or useful. Having seen others make mistakes in the past by making such assumptions about such poor "encryption" I gave a warning. I was trying to help out you and others who might come later. I'm sorry if you got your feelings hurt.

      Also, your comment of "not to mention that would fall under the category of NMFP" shows a genuine lack of maturity. Perhaps you could learn a thing or two about interacting with others in a nice way by watching the posts of, as you put it, the "smart cats like merlyn." As a member of this fine monastery, I do care about the other users. All the code I post *IS* MFP. If I post code that I think is dangerous or bad, I'll tell people. It's called responsibility.

        No apology necessary--my feelings aren't hurt.

        Actually, I wasn't meaning to hurt your feelings either...I just thought it sounded like you were crying about it, rather than taking note of the little slice of The History of Encryption (at least so far as AutoComp '97 is concerned).

        But your condescending, chiding tone is grating, and what you said was off the subject.

        Anyone who wants to take that code and use it to encrypt credit card-related data will have to take Responsibility for their own ASSumptions. I have great faith that none of the readers here would mistake what I posted for strong encryption.

        The real problem here is that all you had to contribute in your 2 posts was a condescending admonishment. Your valid opinion that the code is not cool enough for you is an assertion of your coolness. Genuine lack of maturity, I guess...

        I care about the other users too. If I had dangerous code, I wouldn't post it. But even if I did, safety remains a matter of attitude.

        I agree to disagree on whether what I posted was dangerous.

        xxxooo
Re: (RhetTbull) Re: Silly "encryption".....just for fun ;)
by strfry() (Monk) on Aug 05, 2002 at 20:59 UTC
    If you don't really understand encryption and aren't using a well validated library, then you shouldn't be using encryption at all.

    i could not disagree more. IMHO, the less you know about encryption, the more you should use it -- how else is one to learn about it and how it works? don't get me wrong - i'm all for using those libraries that work, rather than reinventing the wheel. but if you learn better by breaking things and/or tinkering than by example, then by all means use what you can get your hands on.

    and frankly, if someone can't read past the disclaimers that the author placed, they deserve what falls on their heads. (yes, i'm a firm believer in Darwinism.)

    strfry()

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://186120]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others taking refuge in the Monastery: (9)
As of 2014-04-16 11:13 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    April first is:







    Results (424 votes), past polls