i cant believe theHumanagen would make a spelling mistake 😔 the nerve he has to be anything short of perfect in every way smh

@@ShadowKestrelTheDyslexiagen

also, reading "services" in the title, brain telling the mouth to say "interfaces". can we get some stats whether colored hair made it worse or better?

For those in the future - it’s was Cloudflair in the original title. DAMN IT FLIP!

Oh actually, I thought it could be intentional. Sometimes literally mentioning trademarks by their exact name can cause problems as you can be blamed for promoting those.

Tom could probably do that.

In my head: /ŋɪŋs/ (IPA lmao)

God dammit another n-jinx 😂

for me it's "en-ginks". (g like gif)

I got laughed at on my first job for calling it like that since I had never heard anyone pronounce it. Turns out some people do actually call it like that so I wasn’t that wrong

Nuh-ginks

it's all gibberish to me :D, but I know how to generate a pair of SSH keys :D

@@SandraWantsCokeAnd I can pretty much guarantee they are broken by a quantum computer running Shor's algorithm, we've known of the issue for 20 years, we have an algorithm to run on quantum computer but no quantum computers to run it on. RSA, Diffie-Hellman, and Elliptic Curve Diffie-Hellmen are all known to be breakable by this one algorithm. We also have Lenstra elliptic-curve factorization and by applying the quantum search algorithm Grover's algorithm to also breaks these algorithms in theory even easier that Shor's algorithm. Your SSH keys are probably the third, though a decade ago would have been the 1st potentially. Put simply most assymetric cryptography in use today (seperate public and private keys) is known to be vulnerable via an algorithm that we know solves the hard mathematics problem they are based on (factorization of the product of two large primes and similar problems that can be reformulated as this problem) given a computer capable of running the algorithm. The industry has been hard at work coming up with new algorithms to fix this and these are just starting to be implemented now in 2024.

Are they also known as CRYSTALS-KYBER and CRYSTALS-DILITHIUM (much like AES is also known as Rijndael)? Mostly I want to make sure my information here is good.

@@Omnifarious0Yeah, and SLH-DSA is SPHINCS before the standardisation, that said, like AES I expect the NIST names are the ones we'll come to know hence why I specified that is the NIST naming.

@@EwanMarshall - I got the names I used from the NIST website for the contest. I'm sad the page I looked at wasn't really explicit about the NIST names because I think you're right.

Porque maria!

Haskell mentioned?

I know the Tom is genius video is from the JDSL video. Where is the porque Maria and Lua, Brasil references from?

lol Tom is a genius tho for real.

​@@earthling_parthporque Maria is from a soap opera. Lua was invented in Brazil.

It only uses the c subset of the language and is compiled with a formal verification tool.

Its trivial to create a verifiably safe C++ program. Allocate no dynamic memory or allocate it all at start (btw, OOM crashes rust too). No need to use references counters if you don't want, just bump allocate everything and bind every dynamic objects lifetime to the lifetime of the program. Bonus points: wrap every pointer in a new smart ptr which will check bounds before dereferencing. Bonus bonus points: make your smart pointer address reference a vector index, so you can grow your memory space independent of refs. Now its safe to hold arbitrary pointers or references. To be clear, this is just the trivial way. Another way is only using smart_ptr or unique_ptr, ever, but this will raise the complexity. Some languages (like Swift) operate that way and that's how they achieve memory safety. In essence a reference counter IS a garbage collector.

They mentioned Go? Or what do you mean let's Go?

@@SandraWantsCoke GO MENTION LETS GO

@SandraWantsCoke "let's go" means "let us go". I think he is imprisoned or something. I dont know who exactly he refers to as "us", but I for one think they should be let free. He is clearly in distress.

He wants us to Go program the Us Go V.

This, very toastmasters style. Seat their brain with a key points coming up. Give them the information. Anchor that information by giving them all the key points again at the end.

Are there any post-quantum encryption methods that do not require really have handshake? Something like x25519 require transmitting 32 bytes but every post-quantum encryption I know about requires a lot of data which doesn't scale well for any TLS-like protocol.

@@MikkoRantalainen - About the only thing I can think of here is actual quantum encryption. But that requires specialized hardware all the way along the path between you and the person you're communicating with. Any kind of public key algorithm is going to require a handshake.

@@Omnifarious0 I totally agree that handshake is required. The question is can to create a quantum safe protocol that can run on regular computers and require less than 1 KB for the handshake instead of multiple megabytes that quantum safe algorithms seem to typically have. The whole point of the handshake is to come up with a random 256 bit (32 byte) shared secret on both ends because AES-256 will be safe even with quantum computers.

@@MikkoRantalainen - Unfortunately, I don't know enough about exactly how they work to be able to give you an answer. One thought I have is that it might be possible to distribute the keys separately from engaging in the handshake. And since a given key is likely to be re-used many times, that should do a lot to reduce the total bandwidth used. But, it's possible that there really isn't a way to get around a massive information exchange at the beginning of the conversation. :-/

could i get some context? i'm a bit out of the loop here.

@raffimolero64 I'm just referring to their recent viral momemt after firing one of their employees

I work with it almost everyday, writing configs and I love it! Cannot say the same about apache/caddy/lightspeed though. I also do net get why people can hate nginx

Not tailwind 😂

what's wrong with openssl? Afaik openssl is used in everything related to ssl/tls

@@oleksiistri8429 You never heard of heartbleed and how it caused a lot of vulnerabilities issues 10y ago, allowing attackers to "bleed" infos from the server? Yes, it was patched, and yes, it's used a lot and considered almost a defacto standard, but there are alternatives, that got a lot more popular since that huge vulnerability discovery back then. You should take a look at rustls.

@@oleksiistri8429 OpenSSL isn't unsafe by itself, but the C OpenSSL API - Rust HTTP integration sounds like a pain when trying to be secure.

The Pingora peak is a mountain in Wyoming i believe and there's also "ping" in there which hints at i/o and communications. The higher level proxy/balancer that will be built on top of Pingora is called River (a river originates from a mountain) I feel like the naming is clever.

This comment is the best

“I bet he wants this Pingora”

Pingora, hardening your network since 2024.

Debería llamarse Pingota. Sería la risa

that's what I did back then lol

Then you are even more of a genius than Tom himself

yeah, did that too, because if you read it in german, thats how you would pronounce it😅

There are libraries out there, but they're not mainstream. The degree program I am in does cover it I think.

It's because Ferris(the crab) was not created by the Rust Foundation

Or use a real backend language

@@logantcooper6 I am still trying to find a surreal one :D

No, it is framework to build http proxy servers, like nginx. It probably uses tokio as the async runtime thou

You shouldn't. Unless you have an advanced usecase, it's trivial.

Just go serverless and spin up one instance per transaction… serverless!