I really appreciate that you came back on your past mistake of using md5
@owacs_ender2 жыл бұрын
This makes me happy, even if my original comment on the matter got deleted lol
@yassin_eldeeb2 жыл бұрын
and he has used it for the hacking challenge, very clever..no one thought that you'll use md5 again after correcting the past video mistake 😂😂
@beyondcatastrophe_2 жыл бұрын
Whoops
@rice58172 жыл бұрын
I was thinking "dude... MD5 was unsafe when I was in senior high 15 years ago..." 🤣 Good thing he owned up to his mistake 👍
@kaporos2 жыл бұрын
@@yassin_eldeebHe did that to give the proof that md5 is outdated
@alessiocosenza2952 жыл бұрын
9:44 Actually, HTTPS uses asymmetric encryption to establish the identity of the parties and to exchange a symmetric key. Then symmetric encryption is used since it's faster
@alexlotito38842 жыл бұрын
u right
@aba221252 жыл бұрын
I'm always doing that with my networking code, but I still don't understanding signing. So I simply require the client to give a shared password to the server to confirm its identity. If password is wrong for whatever reason or isn't provided in time, the thread simply raises an error and the client is kicked out from accessing the server in any way.
@jimbobur2 жыл бұрын
Came here to say this. It's just used for the handshake.
@gravy17702 жыл бұрын
@@FinlayDaG33k so that means TLS uses asymmetric encryption, right?
@FinlayDaG33k2 жыл бұрын
@@gravy1770 asymmetric to establish the shared secret before swapping to symmetric.
@hannes-2 жыл бұрын
So whose password are we collectively brute-forcing for you in the challenge? :D
@favourbede58892 жыл бұрын
😂😂😂 Good question 😂😂😂
@SirusStarTV2 жыл бұрын
Hahaha
@festyVAL212 жыл бұрын
loool 🤣🤣
@layeekromah47992 жыл бұрын
It's probably the lifetime account password, if you crack it is yours
@mulwelimushiana83882 жыл бұрын
😂😂😂 I did not see it that way at first but you make a lot of sense
@MrSamkots2 жыл бұрын
How to create a great KZbin channel? Step 1: automatically know what the viewers want in the next video Step 2: squeeze the complex content in shortest possible duration Step 3: throw in some smooth humour without changing the tone Step 4: throw in some cool animations Step 5: use dark background 💯% perfection!
@KangJangkrik2 жыл бұрын
This comment need to be pinned
@eliasziad78642 жыл бұрын
PX ODLT HXDABNUO 9 Let's see if you guys can decrypt this message.
@shokifrend772 жыл бұрын
@@eliasziad7864 rickroll would have been funnier
@eliasziad78642 жыл бұрын
@@shokifrend77 First tell me what the message said?
@slez83642 жыл бұрын
Can't get more accurate ♥️
@DenisTRUFFAUT2 жыл бұрын
Once you deep dive into cryptography you find that, even the strongest encryption algorithm in the world is weak if the user input is weak. The best course of action is to have an input that does not come from the user (I mean a generated password like a sha-512 hash). Ideally that entry is stored on the client device.
@catalintudorciurte3092 жыл бұрын
Garbage in... Garbage out
@marioytambor2 жыл бұрын
Definitely, only randomly generated or diceware are acceptable
@ikazuchi-san57722 жыл бұрын
yep
@chiragsingla.2 жыл бұрын
thats why 8 charcter is a standard
@SirusStarTV2 жыл бұрын
I started using password manager and updated most passwords to unrememberable computer generated ones.
@danvilela2 жыл бұрын
Jeff wants to crack his girlfriend's password and put it as a challenge on his youtube channel. Well played bro!
@ayushverma51512 жыл бұрын
I think he's married
@zakharkholboiev8422 жыл бұрын
@Daniel Vilela, 😂
@MrRaja6 ай бұрын
@@ayushverma5151 wife then it is
@bytesizedfeed2 жыл бұрын
I’m currently taking intro to security and this is exactly what we are learning. Thank you for explaining it so succinctly and with amazing visuals and code
@brucewayne24802 жыл бұрын
@02:08 you said that the hash is unique , given that the result has a fixed length you can't map infinite strings to a fixed length string without loosing unicity
@Fireship2 жыл бұрын
Good point, "unique as possible" would have been a better phrasing.
@yakov9ify2 жыл бұрын
Its unique for all practical purposes for the modern cyphers uses today. Afaik for SHA256 no one has ever been able to find a collision. That being said you are correct in that any hash by definition cannot be injective.
@brucewayne24802 жыл бұрын
@@yakov9ify Yes , by definition hash functions have low probability of collision. And like you said they are surjective functions
@YandiBanyu2 жыл бұрын
Well yes, that is what is called collision. But the idea of a hash is also that collision is hard to find (with a systematical method other than sheer brute force). Different input can be mapped to the same output. However, even the slightest change in the input (say, a bit flip) will change the output significantly. This, makes finding two input with the same output quite hard.
@skylark.kraken2 жыл бұрын
There's also the matter of that text converted to bytes which is then hashed, it's unlikely if there is a collision that the input can actually be created from the bytes from text, so there's some accidental security there. However random bytes which are hashed lack this "feature". If there is a collision with text inputs it's also likely that the password used is weaker than the other input that returns the same hash, so there's no downside.
@orzhovthief2 жыл бұрын
Another important feature of hash algos is that similar inputs yield very different outputs, that way, you cannot guess that your getting close.
@artemabovian48402 жыл бұрын
I think this the first KZbin video where I actually set playback time to value lower than 1
@GalacticApple2 жыл бұрын
10 hours of this topic at uni and I understood things about 80% of the way. I'm confident that if I watched this I would've been at 100% in 12 minutes.
@cybermoneyxchange32302 жыл бұрын
Hi how's the journey so far? Where can I get the 10 hrs lesson?
@lookupverazhou85992 жыл бұрын
@@cybermoneyxchange3230 at uni
@agungkrisna45442 жыл бұрын
@@berb_yt This is what I'm experiencing right now :>
@ekremaslan8068 Жыл бұрын
They teach most things so slow that it becomes impossible to understand
@jessh4016 Жыл бұрын
I always hate these comments tbh. It's just not possible a general, brief overview to give you more than 10hrs of uni classes. Idk if you were sleeping or drunk in class, but even though this video is great, it's simply not able to cover that much info in 12min. Hope you've learned how to pay attention.
@tranquility63582 жыл бұрын
@ around 02:12 argon2 is listed as a hashing algorithm. It's more accurate to refer to it as PBKDF (Password Based Key Derivation Function), especially since you stated that hashing algorithms need to be fast to compute. Argon2 doesn't fit that description. It's acceptably fast to compute (It's orders of magnitude slower than say sha256) and that's by design, so that it becomes unfeasible to brute force them. It's also designed to account for increases in computational power over the years as you can make it harder to compute by increasing the amount of memory used to generate the derivative.
@tfr11 ай бұрын
i’ve noticed this in my api. I use 512kb of memory to hash and store user passwords but 128kb for api keys. it takes the server about 1.5 seconds to hash using 512kb which isn’t unreasonably slow but compared to sha256 or bcrypt, it’s like a snail. verifying api keys on each request with just a hash is also somewhat computationally intensive so that’s why i dropped the api key memory to 128kb. somewhat decent security balanced with speed. besides, i’d rather have my limited permission based api key brute forced than my password
@tutorjonas41492 жыл бұрын
Thanks for making theses videos. You're creating a mind map for developers to get a grasp of the vast technology landscape - props to you, your content is truly unique and high quality too.
@nativeKar2 жыл бұрын
The quality of content and the presentation of it keeps getting better with each video. I cannot be any more thankful to you than I already am for putting this out for free. I've learnt tons from this channel.
@phpsoftwareengineering2 жыл бұрын
I second that!
@edgeofsanitysevensix Жыл бұрын
I've been a developer 20 years and never seen this topic explained so simply. Even I learned something.
@baddrivers7592 жыл бұрын
Great start. I'd also add that the Public/Private Certificate is actually used to negotiate a random symmetric key which is used once the channel is opened. Why? Public/Private encryption is SLOW. This would be a great segway into Diffie-Hellman key exchange.
@abh1yan2 жыл бұрын
The quality of this video is literally perfect...
@stachowi2 жыл бұрын
loved every minute,
@kaporos2 жыл бұрын
Every fireship's videos are perfect haha
@divyanshusah28092 жыл бұрын
I've used hash but not salt. Thanks for bringing this to me Jeff
@naheliegend52222 жыл бұрын
use salt & pepper
@VivekYadav-ds8oz2 жыл бұрын
I hope you didn't do this in production dawg 😯
@KatzeMelli10 ай бұрын
my lord, it took my professor 3 hours to explain those concepts in a completely messy way. This was clean, comprehensive and to the point. I love the practical application as well.
@britney_david2 жыл бұрын
Hello, I'm new to Biticon trade and l've been making huge losses but recently i see a lot of people earning from it. Please can someone tell me what to do?
@Jeffrey_Ambrose2 жыл бұрын
@Kelvin Well, you are saying the fact. I invested $4,000 with Mrs Annabelle Hartfield , and earned $12,000 in 7 working days.
@brucedylan83642 жыл бұрын
In Bitcoin investment, determination to take risk is one of the major factor required because it takes a brave heart to make money this days.
@salmakenzie68702 жыл бұрын
Being a newbie in Bitcoin investment and trading is very discouraging but since I met Mrs Annabelle Hartfield , she has really been careful in handling my investment.
@progressj27152 жыл бұрын
Many people are afraid to be invest because of the Scammers in the business
@progressj27152 жыл бұрын
Yes there are scammers in the business just like it's in every other business but there are also legit brokers out there for investors and Mrs Annabelle Hartfield is one of the real and legit brokers out there.
@arcticspacefox8642 жыл бұрын
Great vid, on RSA don't forget that it is getting really slow with increasing key size. This is why many providers are switching to elliptic curve cryptography ^^ That is way faster and needs smaller keys.
@tobiasaddicks96952 жыл бұрын
Also it's often implemented poorly when it comes to the generation of the required primes which leads to many public keys sharing prime-compartments
@arcticspacefox8642 жыл бұрын
@@tobiasaddicks9695 exactly, but id say is a good video for beginners
@aba221252 жыл бұрын
Ohh never heard about this. I'm still use RSA 1024bit keys. Not that anyone would care to hack me so I'll just keep using it for now.
@zer0x64-22 жыл бұрын
(Sorry for necroposting) I didn't want to go into details in my comment above, but there are multiple reasons why RSA isn't great nowadays. To make a short list: 1. You need quadratically increasing key size instead of linear increasing key size to get the same amount of security bits because of the reliance on prime numbers (AKA keys can get really big really fast and this will only get worse). 2. Key generation include a "brute-force" step, which makes key generate really slow. This is especially problematic for key exchanges, as this is a pattern seen in the wild. Apart from that, pretty much every operations is slower with RSA then with Elliptic Curves. 3. The way key generation work, your whole security model relies on the fact that your key is "probably" prime... 4. RSA design makes it a good target for timing attacks, depending on the implementation (this is also a reason why AES is slowly getting phased out in favor of chacha20) 5. RSA is badly broken with quantum computers because of Shor's algorithm. The danger with quantum computers isn't that they're so fast they could bruteforce any cryptographic primitives that classic computer can compute, it's more that quantum computers gets access to new quantum algorithms that can solve some previously "unsolvable" mathematical problem with way more ease then classical computers, so not all primitives are affected the same way.
@lawrencedoliveiro9104 Жыл бұрын
Quantum computers that can run Shor’s algorithm are vapourware, and destined to remain that way indefinitely.
@adyanrehan33602 жыл бұрын
Assembly in 100 seconds
@simondoesstuff2 жыл бұрын
You maniac
@bravo________873722 жыл бұрын
If he did a risc based architecture like ARM it might be doable
@multiarray23202 жыл бұрын
Assembly in 100 hours
@adyanrehan33602 жыл бұрын
Talking about assembly in a whole I mean all architectures including x86 and risc
@ikazuchi-san57722 жыл бұрын
that would be fun tbh
@suba_sah18 сағат бұрын
Never seen a video so succinctly put together yet wildly informative
@yassin_eldeeb2 жыл бұрын
my god. that was the best Cryptography video I've ever watched 🔥
@skillz72 жыл бұрын
Just thinking about cryptography 1 hr ago . This guy is a magician . First I share fireships video than I start watching it
@lucky-segfault2 жыл бұрын
Horray, I can now add cyber security expert to my resume. Thanks fireship!
@chauffeur15602 жыл бұрын
hackers would watch this in reverse
@c.e.o.99852 жыл бұрын
You've summarised entire Internet Security lessons in 11:54 minutes of video. It's incredible 💪
@rahesc2 жыл бұрын
Awesome sum up of crypto concepts for developers in under 12 minutes, really to the point, impressive
@wvdheuvel211510 ай бұрын
There's something I don't understand about the salting (4:07). You say an attacker with access to the database can use a rainbow table to reverse engineer a hashed password, when it's a common password, and salting the hash overcomes that. However, an attacker with access to the database can see the salts, no? So what is to let the attacker from generating a rainbow table using the salt of that user record? Am I missing something?
@yash11522 жыл бұрын
3:30 thanks for mentioning argon2 - didn't know about this 5:30 timingSafeEqual to prevent timing attack - wow, i had thoughts about that (timing attack) but didn't know it was a real thing
@azatecas2 жыл бұрын
how do you do those animations at the beginning of every video? it looks so awesome, this is killing me for the last few months
@funkyjoshk2 жыл бұрын
Check out his second channel 'Jeff Delaney' he provides some good insight over there!
@tristanbouchard99972 жыл бұрын
Exactly what I needed to get started with a user account system for my website. Thanks lots!
@khangle68722 жыл бұрын
For school or just knowing the basic, that ok, but you should not implementing your own authentication system in a real product
@omer08442 жыл бұрын
Always makes my day when Fireship uploads. Keep up the amazing work, I learned so much from your channel and website. :)
@knaz74682 жыл бұрын
The red light green light scene was subtle and terrific. Video taught me a lot as well as per usual.
@cmilkau2 жыл бұрын
Awesome to include HMAC and what it's used for. Unfortunately, it could be made more clear what the actual difference between hash and hmac is, as it is a common mistake to use hashes where hmacs should be used.
@kylector Жыл бұрын
what are the different use cases for a hash vs hmac?
@xbutterguy4x Жыл бұрын
@@kylector The use case for regular hash functions is to provide data integrity. If even one bit changes in the data, then when you run it through the hash, it would be very obvious the data was altered. The use case for hmac is to provide data integrity but also to provide authentication; AKA verifying the data was sent from the right person. This is because only the person with the correct password can produce the hash of the message they sent you.
@nagasaipurvaz42512 жыл бұрын
My diploma project is to make hash function for cryptography I took the 256 hash and 512 hash and my collage accepted it ,it was just hashing the hash function again
@shaikhshafeen2 жыл бұрын
You made JS look like a pancake! I wish I could get a good JS course from instructors like you.
@danbesu2 жыл бұрын
Hi! This is. so cool! How would it be if you guys made a playlist called "Every dev should know"??
@theocrob2 жыл бұрын
I love your videos! You have perfect graphics and damn I love that upload schedule.
@sunshinexs952 жыл бұрын
Sorry if you where meaning to communicate other thing, but, the output of a hashing algorithm is not truly unique, there can be clashes, and https, as almost every service, should be using a combination of private key and public key(for key exchange). I am sure that you already know that, but are the kind of thing I wish someone had taught me before. Apart from that, really cool video, very short and informative, u gain a sub.
@WesleyOverdijk2 жыл бұрын
On a side note, the salt works because it makes those rainbow tables useless. It also forces you to make a new table for every user since they all have their own salt. However, storing the salt like that is also not ideal because it makes it easier to use when generating your own tables. So when computing catches up you're more vulnerable in case of a data leak. Best is to also store those salts securely using for example a private key that rotates (updates). Although almost none of us need that level of security it's still fun to think about.
@flodderr2 жыл бұрын
If a hacker just splits the hash like he did in the code. Isnt that the same as having no salt at all?
@ojtechml2 жыл бұрын
@@flodderr yep seems like it.
@gerasTheMessiah Жыл бұрын
Joining them with “:” it’s like hinting it a la captain obvious 5:44
@PrinjuVaidyan2 жыл бұрын
You are so smart...knowing every aspect of this industry Respect bro
@vighnesh1532 жыл бұрын
"Angular is the best" - Jeff (2nd November 2021)
@elevatetechai20242 жыл бұрын
dude you are awesome, I read a book called Mastering bitcoin and I understood most of this but you just killed it in this short video as always. 🙌🏽
@ghodawalamoamanzahirabbas89962 ай бұрын
0:10 there is no secrets nor privacy lol
@ArpitKumarSuman2 жыл бұрын
You make hard concepts very easy. Thank you for the great contents.
@rajdave73572 жыл бұрын
sir please answer this 1. from where you learn such concepts?? 2. you have made video on almost every cs tech, how are you able to do it? 3. top 10 website or blog or something else you follow in order to be aware of what's going on around and in tech
@HECTORARTUROA2 жыл бұрын
7:45 AES: Advanced Encryptation Standard: many hashes for the same text. 8:30 Public Key Cryptosystem: public key and private key. 9:30 Asymetrics encryptation: https; RSA + SHA.
@Harmxn2 жыл бұрын
I just started learning this and now you made a video about it You have the best timing
@bbbbburton2 жыл бұрын
I believe browsers do not encrypt using the certs public key, and then the server decrypts. The TLS protocol let's browsers and web servers establish a symmetric key which is used to encrypt and decrypt traffic.
@hargunbeersingh89182 жыл бұрын
Um that was a whole month of reading articles on cryptography and you summarised that in 10 mins :_) appreciate your skill
@AnesuC2 жыл бұрын
I like how no one in the comments mentioned the "the british are coming!" Reference haha
@asdf8asdf8asdf8asdf2 жыл бұрын
Pretty sure if he had put “Let’s go Brandon” there would’ve been some response
@diablolaggo8702 жыл бұрын
Please do a tutorial on flask but not a crud system... An api with the key built-in for it 🙌🙌
@590af2 жыл бұрын
Hmmm, That was a lot to "digest"
@evaninadgn2 жыл бұрын
By far my fav channel on KZbin 😍
@midas66592 жыл бұрын
I'm subscribed to a f*ck ton of coding channels but this one is by far my favorite! So straight-forward and highly informative with a visual to complement it! I love how you explain a concept and then will proceed on with various examples as well as implementations. Keep it up bro!
@JustKeepOnFlying2 жыл бұрын
the timing safe equals was a nice touch
@Aminsx_2 жыл бұрын
I'm so early that the video is in 360p edit: superhacker
@RanjanKumar-bu7ws2 жыл бұрын
Sa.e
@abrarshahid39302 жыл бұрын
We want more of such challenges!
@snoozyboio Жыл бұрын
"Cryptography is scary. It's based on math" Was all I needed to hear to know that cryptography is some SPOOKY shit.
@Shogoeu2 жыл бұрын
Thanks to KZbin comments, Fireship learns about secure hashing :) Good job, people!
@vdemcak2 жыл бұрын
So early that it's still 360p
@halenuryesilova76312 жыл бұрын
The amount of knowledge in this channel is a lot better than my engineering class
@YandiBanyu2 жыл бұрын
Haha, that challenge was fast Edit: Also, adding to the awesome video, cryptography, no matter how strong the math behind it is, if badly implemented will still be vulnerable.
@soumyajitdey57202 жыл бұрын
How did you solve it?
@YandiBanyu2 жыл бұрын
@@soumyajitdey5720 check the hash type and then use a well known weakness for those hash. It is quite trivial and it shows the point of salting. Spoiler warning!!! . . . . . . . . . . . It is MD5 without a salt and then you just use a lookup table.
@soumyajitdey57202 жыл бұрын
@@YandiBanyu great! Was thinking along the same lines but you were quicker 😂 Good job! 👏
@YandiBanyu2 жыл бұрын
@@soumyajitdey5720 I didn't get the challenge either lol. Watched the vid 6 minute after release and the challenge were already solved.
@ioshaven4362 жыл бұрын
Lol Jeff we need something more challenging than MD5. Some guy had the answer before I could say "Yes, there's another Fireship video!"
@Remolhunter97 Жыл бұрын
A whole semester saved by this man, thank you brother
@filiecs32 жыл бұрын
I *literally* learned about the shaved head thing in my Secure Coding class a few weeks ago. Amazing.
@0jinx2 жыл бұрын
You just summarized my 3 month university course into 12 min 😂😂😂. I completely love your videos ❤️
@danieldosen52602 жыл бұрын
watched a couple of videos... top notch on pacing and editing! (and humor).
@bensingleton31282 жыл бұрын
I have a midterm for my IT Security class literally tomorrow, this video came out at the perfect time and was a great little review for me. How does Fireship always know exactly what I want when I want it?
@devnol2 жыл бұрын
Jeff is a friend of Zucc so he has all of our data and runs a simulation of all of our brains in virtual machines and can thus determine exactly what video everyone wants at any given time.
@johncardozo2 жыл бұрын
I really love every single video you post, they're so useful but this one... Wow! Thanks for sharing your knowledge 🤙🏼
@sebbes3332 жыл бұрын
2:13 -ish. Is "a hash of a hash" more secure than just a simple single "hash"? secret --> hash_1 --> hash_2 is hash_2 more secure than hash_1 ?
@lawrencedoliveiro9104 Жыл бұрын
Yes. For example, I saw a PHP password algorithm using MD5, which sounds bad. But it iterates the hash 8000 times, which is good. Not suitable for cryptographic message hashes, but good for password hashes.
@willemvdk48862 жыл бұрын
The mailbox analogy for public/private key is quite brilliant! Good job
@code913.2 жыл бұрын
6:47 THE BRITISH ARE COMING
@anshumaan102410 ай бұрын
What a coincidence! Today, I took my Cryptography exam
@siddiqueath9 ай бұрын
That's why you received this video as suggestion, it's feel like an incident to you, not for KZbin🤔🙉👂
@ALXG2 жыл бұрын
You know you're among the first viewers when you have to watch it in 360p lol 😂
@blessinghirwa2 жыл бұрын
wait, where do you get just background voice in your videos? Your Gifs and background voices are amazing 🙌
@nechilion2 жыл бұрын
One great book about cryptography and steganography (similar techniques to the bald guy moment) is "The Code Book" by Simon Lehna Singh. Highly recommend it as it explains the evolution of this "math thing" from the beginning to our days in a very intuitive and easy-to-understand way.
@RingsOfSolace2 жыл бұрын
I think md5 is still used for computer forensics, though, to verify the forensic image from the original drive.
@yournerdiness3135 Жыл бұрын
4:53 for the people confused on this (including past me), scrypt is not just a function for salting hashes, it also takes longer to compute (which it does by basically running SHA a bunch of times). It still only takes a few hundred milliseconds, so it can still be used, but it makes brute force attacks significantly harder.
@RudolfKlusal2 жыл бұрын
Finaly a video in which the half is not clickbaity claims and explaining what the Byte is ❤ Thank you 🙂
@flodderr2 жыл бұрын
If you store the salt appended to the password like that in the database. And said database gets hacked. Isnt it then super easy for the hacker to do the same split on the colon and run the password hash against the rainbow table again?
@chrissdehaan2 жыл бұрын
The salt is appended, but then gets mixed together with the password during the hash, so in the final result hash it's all jumbled together. There's no easy way to split it out.
@flodderr2 жыл бұрын
@@chrissdehaan yea but then he appends the salt to the hashed password and pushes that to the DB. So a hacker has the salt anyway if he sees a colon in the value
@chrissdehaan2 жыл бұрын
@@flodderr It's not quite in that order. It doesn't go: 1) Hash 2) Append salt It does go: 1) Append salt 2) Hash The salt is appended to the password first, then that whole string is hashed next. That means the salt mixed around through the whole result, and can't be seen or split out easily.
@flodderr2 жыл бұрын
@@chrissdehaan I understand what you're saying but look at his code again. On the 2nd line of the signup function he does exactly what you say. But then on line 4 of that function he makes a user variable to push to the DB that exists of again the salt + the hash of salt with password. Im confused why he does it like that
@artgreg22962 жыл бұрын
Thats why quantuum entanglement is the safest message transfer method as there CANT BE MIM attack because there is NO between 2
@rubenverster2502 жыл бұрын
this one, I like :P
@PatricioHondagneuRoig2 жыл бұрын
This is one of your best videos, hands down. Thanks for sharing Jeff!
@tallyschwenkmusic Жыл бұрын
Was already loving this video and then the spaceballs reference popped up and brought me true joy 😊😂
@miha4932 жыл бұрын
You forget main technology of widely used by both government agents and theirs not so legal opponents for decryption. Thermorectal cryptanalysis is very effective, fast, eco-friendly (because it uses really energy efficient hardware, 50 watt decription device is powerful than enough for most situations) and required relatively low qualification for operators.
@mlgpro61942 жыл бұрын
What are u talking about? Xd
@PeterPan-ev7dr2 жыл бұрын
Haha thermorectal, all your secrets belong to us 😂
@marcosandreslerin74702 жыл бұрын
It would be cool if you could create more videos like this to explain more every concept.. awesome work!
@CarolPLopez-qh9qj2 жыл бұрын
I'm actually tired of worrying about stocks...it's driving me nuts these days,I think crypto investment is far better than stock..
@wyattwilliam10662 жыл бұрын
Stocks are good but crypto is more profitable
@evelynhannah31472 жыл бұрын
I'm new to forex trade and I have been making huge losses but recently see a lot of people earning from it.can someone please tell me what I'm doing wrong
@avaelijah53932 жыл бұрын
@@evelynhannah3147 All you need now is a professional broker else you gonna continue blowing of your account
@jeremysanchez55452 жыл бұрын
Mr Dennis services is working for me at the moment and am making good profits from forex and crypto trading.
@user-mc6lh9sf7i2 жыл бұрын
@@jeremysanchez5545 Same here, it’s four months now I started investing with him and it's been good experience
@bjugdbjk2 жыл бұрын
Could u make explaining Solana - proof of time concept !! By the way I am a big fan of ur work !! It saves tons f time in understanding the concepts 👍
@sergeykosarchuk63882 жыл бұрын
Nice vid 🔥 But I can’t get one thing. Why did you use fixed separator (:) for storing hash and salt? Isn’t it oblivious for the attacker which part is what. Mb better option will be to use fixed length?
@YandiBanyu2 жыл бұрын
Sure it is oblivious. But to generate the resulting hash, you need to add the salt. This means that a password if hashed (say "abc") will be the result of "abc"+salt. Now if each user has unique salt, it means lookup table attack is pointless and the hacker need to attack each hash independently.
@mikelinsi2 жыл бұрын
@@YandiBanyu and i believed all the time, we should not save Salt in the DB. Just have it in the Application Ram. So if the Database lost. the Salt is independent..
@YandiBanyu2 жыл бұрын
@@mikelinsi Well, the problem with that is, if you have an upgrade to your application, those salt are lost. Remember, to check the password you need the salt and then hash them then compare the result. Without salt, you cannot check the user anymore. Also, you should use different salt for each user.
@softwarelivre23892 жыл бұрын
It was used as an example. One should use fixed size salts for the reason you showed.
@leisti2 жыл бұрын
It's just a technical detail. If the salt and password lengths are constant, a separator wouldn't be needed. Or they could even be stored in different columns. Doesn't really matter. Also, if using a single field that combines the salt and the hash, trying to depending on an attacker not knowing where in the field the divide is would be a type of security-by-obscurity, which doesn't work anyway, so you might as well put the separator there, for your own convenience.
@regineurtegard54602 жыл бұрын
Feels like a video more on implementation of security, and not the actuall math's behind it. Would recommend anyone to check it out, as that's quite interesting as well.
@toniferic-tech87332 жыл бұрын
It‘s easier to understand the concept of public key, when it is represented with a padlock symbol, rather than a key. The private key then unlocks the closed padlock.
@jacobyoung20452 жыл бұрын
I usually see this kind comments on fireship and laugh but now I can't believe I'm leaving it too "I really needed this video and fireship made it"
@_timestamp2 жыл бұрын
Laravel in 100 seconds
@mgsxx2 жыл бұрын
I would add handshake to this mix of cryptography patterns. The way to establish secure channel over insecure medium.
@threesidecreaters25722 жыл бұрын
A video on making a portfolio website pls. 😭
@TheKrister22 жыл бұрын
Maybe search first next time? kzbin.info/www/bejne/h2ikgKmNpa6Jfrc
@FusionDeveloper Жыл бұрын
3:11 MD5 Hash. People in cryptography got a good laugh at that. Thank You for the smile and laugh.
@kimchang42602 жыл бұрын
*When it comes to the world of investing,most people don't know where to start.fortunately,great investors of the past and present can provide us with guidance*
@goochoi49282 жыл бұрын
I'm so happy ☺️ my life is totally changed. I've been earning $10,250 returns from my $4,000 Investment every 13 days
@lucasoliver23782 жыл бұрын
Same here, I made $12,400 profits on investing since I started trading with Mr Grey Smith his trading strategies are too notch am winning consistently trading with Mr Grey Smith . He really the best broker I've made a lot of profit investing with him.
@christophercox64522 жыл бұрын
I heard a lot of investing with Mr Grey Smith and how good he is, please how safe are the profit?
@melashnikistna21512 жыл бұрын
@@christophercox6452 I trade with him, The profit are secured and over a 100% return on investment directly sent to your wallet.
@feliciaputri1232 жыл бұрын
After watching so many KZbin tutorial videos about trading I was still making losses untill Mr Grey Smith started managing my investment now, I make $6,800 weekly. God bless Mr Grey Smith . His been a blessing to my family.
@po350 Жыл бұрын
always have very little understanding the pub and priv key pairs until now. thank you for the mail box analogy. it helps clearing the concept cloud...