Peregrine finally has a proper reference :'D Peregrine Cryptograph comes from a lengthy cluster of idea people who are eyes over heels in love with humans and their silly daily activities. It's a lifestyle! Peregrine was raised in an environment where it was expected that you would pretend to have a human job, human hobbies, human interests, a human appearance, things like that. She was named by her birder parent, albeit Peregrine herself quietly prefers owls over falcons. Not like it matters, though, she much rather focuses on another earthly beast... that being oceanic non-arthropod invertebrates.

Oooh mama are those pteropods and elasipodids the best! She contently catalogs every species under the sea like a human scientist would, noting their physical features and behaviour down in her expansive personal studies. She's never seen a single real specimen in her life, but that's hardly a problem when you can simply know how they are down to every last atom. It's also pleasant fun to see how humans compare to her! She's a "little bit" ahead, I can tell you. And we always focuse so much on the naming, silly silly....

Being human married to Ulysses who insists on being the dad, Peregrine indifferently accepts the role of the mom. She also has the ability to accelerate the speed of things up to a certain point, kind of like a fast forward button.

Ateez Masterlist - Discography Ver.

Basically ateez's tracklist but with the ffs linked! click on the song and you'll be led to the content which will have a detailed description + warnings of its own. enjoy <3 and special thanks to @eightmakesonebraincell for helping me out with the formatting! (PLAYS = word count, CREDITS = description). P.S: for reactions, requests and headcanons, pls refer to the masterlist here <3

TOTAL STREAMS (WC): 1009,378~ (as of 04/02/25)

TREASURE EP.1: All to Zero

# Title

1 Intro: Long Journey

2 해적왕 (Pirate King)

3 Treasure

4 Twilight

5 Stay

YEOSANG (ft. princess!reader) 18,692 PLAYS CREDITS: royal au where yeosang is an archer and he replaces your tutor and keeps your secret, joins you in finding some adventure in life and eventually, helps you find true love.

6 My Way

MINGI (ft. princess!reader) 18,619 PLAYS CREDITS: royal au where mingi is your bodyguard and you, the princess, travel to the enemy nation to expose the schemes of your betrothed, risking your life when you can't hold back your feelings for your guard anymore.

TREASURE EP.2: Zero to One

# Title

1 HALA HALA (Hearts Awakened, Live Alive)

MINGI (ft. human!reader) 26,976 PLAYS CREDITS: fantasy au where the shadow demon is cursed to share a body with mingi. mingi encounters you when you run away from home and you decide to stick with him. you start falling for both the demon and mingi but tragic consequences await you as you learn more about the curse.

2 Say My Name

3 Desire

4 Light

SEONGHWA (ft. chemist!reader) 32,159 PLAYS CREDITS: mafia au where seonghwa, the drug lord, gets possessed by an angel when you conduct an experiment to steal the angel's essence to enhance your drugs. the angel falls in love with the devil- you- but your heart remains conflicted between the angel and seonghwa.

5 Promise

YUNHO (ft. princess!reader) 23,068 PLAYS CREDITS: royal au where you, princess of eden, find yourself in an arranged marriage with prince yunho of wonderland and find your homelands at war with each other, making you wonder what will become of your marriage esp when you fall for him.

TREASURE EP.3: One To All

# Title

1 Utopia

2 Illusion

3 Crescent

SAN (ft. bodyguard/assassin!reader) 17,274 PLAYS CREDITS: royal/fantasy au where san is the prince and you are hired to be his bodyguard and personal assassin as he travels to eden to uncover secrets and a possible betrayal.

4 Wave

MINGI (ft. teacher!reader) 7,881 PLAYS CREDITS: high school-ish au where you both are teachers and accompany students to a one week trip as per your suggestion, experiencing your own high school romance

5 Aurora

YUNHO (ft. spy!reader) 26,543 PLAYS CREDITS war au where you are a spy/cryptographer in the enemy nation and meet yunho, skilled strategist and cryptographer, win his favour to get on his team so you can eventually get to the medical research department to expose their plans, but fall in love with him in the process, fearing the day he'll learn your true identity.

6 Dancing Like Butterfly Wings

TREASURE EP.FIN: All To Action

# Title

1 Wonderland

2 Dazzling Light

YEOSANG (ft. human!reader) 26,709 PLAYS CREDITS: fantasy au where yeosang is an angel on his last mission and you, a mere human, messes his mission making him stay for longer than he'd like... until he starts actually liking it (and you) and finds himself in a life-threatening situation.

3 안개 (Mist)

SAN (ft. mediator!oc) 53,807 PLAYS CREDITS: supernatural au where the oc, seohyun, is a mediator- someone who can see and interact with the dead and helps them move on. she befriends san and together, they navigate through a journey of danger and thrill, heartbreak and love, and tragedy that drives them worlds apart.

4 Win

WOOYOUNG (ft. princess/assassin reader) 42,555 PLAYS CREDITS: royal au where wooyoung is an envoy from utopia, also undercover, and finds out your identity. a secret shared, you try to prevent utopia from taking your homeland while he helps though you can't help but question his loyalty multiple times- even when you're falling for each other.

5 If Without You

WOOYOUNG (ft. reader) 14,449 PLAYS CREDITS: best friends to lovers au where your childhood friend wooyoung moves in with you as he adjusts to the city and you try to get used to his presence without revealing your romantic feelings for him.

6 친구 (THANK U)

7 Sunrise

SAN (ft. soldier!reader) 29,895 PLAYS CREDITS: you and san are majors in the special forces. you think the idea of romance while being in the military is stupid for a number of reasons, but san thinks otherwise and decides to prove his point, making you question your beliefs.

8 걸어가고 있어 (WITH U)

TREASURE EPILOGUE : Action To Answer

# Title

1 Answer

2 지평선 (Horizon)

SAN (ft. oc) 100,725 PLAYS CREDITS: royal/fantasy au where san, faerie prince of earth, finds gaeul who came back from the dead as a part of a darkling's evil schemes, her magic now unnatural and dark. san realises he might be connected to gaeul in unimaginable ways, the bond they share serving as both their salvation and demise. SPINOFF (TAKE ME HOME)

3 Star 1117

WOOYOUNG (ft. alienoid!reader) 26,332 PLAYS CREDITS: space apocalypse au where wooyoung the human from earth gets arrested in the temporal nexus galaxy by you and joins you on a mission to attempt to save the galaxy and find star 1117, while also teaching you the meaning of 'home is where the heart is'.

4 Precious

5 Outro: Long Journey

TREASURE EP. Map To Answer

# Title

1 Declaration

2 Better

YEOSANG (ft. reader) 9,302 PLAYS CREDITS: enemies to lovers au where you belong to rival gangs but find yourselves at the mercy of a common enemy and have no choice but to rely on each other and address your confusing feelings for each other.

ZERO : FEVER Part.1

# Title

1 Dear Diary: 2016.07.29

2 FEVER

3 THANXX

4 지평선춤을 춰 (TO THE BEAT)

5 INCEPTION

6 Good Lil Boy

WOOYOUNG (ft. princess!reader) 23,785 PLAYS CREDITS: royal au where you meet prince wooyoung, your best friend and your worst enemy, at a retreat in another kingdom and you start to cross personal boundaries with each other in the name of bets, unable to keep your hands off each other.

7 One Day At A Time

YUNHO, SEONGHWA (ft. reader) 18,565 PLAYS CREDITS: royal/war? au where seonghwa and yunho are both the king's trusted guards and best friends. you fell for seonghwa, married and had a daughter with him before losing him forever. later, you fall for yunho- a loving father to your daughter and a husband who gave you enough space and time to grieve and fall for him.

ZERO : FEVER Part.2

# Title

1 불놀이야 Fireworks (I’m the One)

HONGJOONG (ft. reader) 25,903 PLAYS CREDITS: royal au where prince hongjoong holds a selection- 30 eligible candidates from the kingdom competing against each other, one of which would be his wife and the future princess. you're only a translator to one of the candidates but you catch his eye.

2 선도부 (The Leaders)

ATEEZ (ft. reader) ??? PLAYS (tba) CREDITS: mafia au where you join eight seemingly-refined gentlemen against a war with the elites as you navigate the dark world of manipulation, connections, dirty politics and illegal dealings with information that could crumble the very foundations of your homeland.

3 Time of Love

JONGHO (ft. reader) 19,800 PLAYS CREDITS: friends to lovers au where jongho is your brother's best friend (yeosang) and the three of you share a living space. you catch up with jongho and your feelings for him resurface with all their might.

4 Take Me Home

SEONGHWA (ft. oc) 155,416 PLAYS CREDITS: royal/fantasy au where yena (oc) with a magical block on her memories goes on a journey to uncover her past, encountering the eight faerie princes and learning her identity and fighting against an evil scheme as she falls for prince seonghwa of dark, a love that transcends the boundaries of time, space and magic.

5 Celebrate

Into the A to Z

# Title

1 Still Here

Dreamers

# Title

1 Dreamers

2 Blue Summer

Season Songs

# Title

1 바다 보러 갈래? (Be My Lover)

2 여름날의 겨울동화 (White Love)

HONGJOONG (ft. fireprincess!reader) 24,832 PLAYS CREDITS: fantasy au where hongjoong is the ice prince and sets a neverending winter in the land and you, the fire princess, find him trapped. as you team up against the threats on your lives, you make unexpected friends and find love.

3 검은 고양이 네로 (The Black Cat Nero)

ZERO : FEVER Part.3

# Title

1 Eternal Sunshine

HONGJOONG (ft. reader) 23,393 PLAYS CREDITS: you and hongjoong meet on the train and instantly connect, becoming friends and more, but you're both plagued by a past that you can't remember, and when you start digging into it you realise that your pasts may be connected and the situation might be graver than you thought.

2 Feeling Like I Do

YUNHO (ft. reader) 4,671 PLAYS CREDITS: you and yunho have been best friends since forever and neighbours for a while, and you find it harder with each passing day to hide your feelings for him.

3 Deja Vu

SEONGHWA (ft. reader) 22,281 PLAYS CREDITS: past life/reincarnation au where seonghwa was hades and you were persephone and in the present, seonghwa is a detective and you are a florist and you meet during his case investigation, your encounters making you relive your memories from your past life.

4 ROCKY

5 All About You

6 Not Too Late (밤하늘)

ZERO : FEVER EPILOGUE

# Title

1 야간비행 (Turbulence)

2 Be With You

SEONGHWA (ft. spy/defector!reader) 23,593 PLAYS CREDITS: royal au where you're a spy for the king but he tainted your name and imprisoned you in the enemy nation as a defector, imprisoning your sister as leverage. once you run, you encounter seonghwa- the king's right hand- save his life and use him to get to the castle, wondering if he'll still love you when he learns the truth.

3 The Letter

4 멋 (The Real) (흥 : 興 Heung Ver.)

5 Outro : Over the Horizon

Don't Stop

# Title

1 Don't Stop

BEYOND : ZERO

# Title

1 The King

THE WORLD EP.1 : MOVEMENT

# Title

1 Propaganda

2 Sector 1

3 Cyberpunk

JONGHO (ft. programmer!reader) 23,750 PLAYS CREDITS: you're a programmer in the eden droid project and you find your boyfriend jongho as the droid assigned for you to 'fix'- you wonder if it was just an awful conincidence. you run away with him so you can turn him back to human but it starts going wrong and you find yourself learning shocking truths as you make plans for the downfall of the project.

4 Guerrilla

YUNHO (ft. writer!reader) 27,902 PLAYS CREDITS: he's a doctor, part time serial killer/vigilante. you're a gore crime fiction writer. you move in with him despite the strict and strange rules and somehow, you both end up falling for each other amidst lies, secrets, past traumas and a detective who suspects you.

5 The Ring

6 WDIG (Where Do I Go)

JONGHO (ft. reader) 23,701 PLAYS CREDITS: royal au where jongho is hired as your bodyguard under your father's order bc you are a gossip-dealer who owns hotel crescent. with your father as your opposition when you support two different princes of two different nations at war, you wonder where jongho's loyalty lie.

7 New World

HONGJOONG (ft. royalphysician!reader) 27,397 PLAYS CREDITS: royal au where hongjoong is the crown prince and you're the royal physician to the king and you strike a deal with him- you'd kill the king for him to speed up his coronation while he grant you some benefits. you start getting greedy with each other though and things take a dark turn.

THE WORLD EP.PARADIGM

# Title

1 Intro: Siren

YEOSANG (ft. sirenhunter!reader) 27,894 PLAYS CREDITS: enemies to lovers au where yeosang is a siren and you're immune to a siren's call. while you help each other get your respective revenge and overcome a curse that starts turning you into a siren, you find that yeosang isn't the monster you thought all sirens to be.

2 Paradigm

3 Outro: Liberty

SPIN OFF : FROM THE WITNESS

# Title

1 Halazia

2 Outro: Blue Bird

LIMITLESS

# Title

1 Limitless

SAN (ft. queen!reader) 28,912 PLAYS CREDITS: you're the princess of utopia, queen of eden by marriage to the king. for a whole year of marriage, you've taken his abuse but you're planning his downfall and you find an unexpected ally in the king's right hand choi san. he not only helps you plan but also shows you how it is like to be truly loved and wanted.

2 Diamond

The commit message describes a highly secure, cryptographically enforced process to ensure the immutability and precise synchronization of a system (True Alpha Spiral) using atomic timestamps and decentralized ledger technology. Below is a breakdown of the process and components involved:

---

### **Commit Process Workflow**

1. **Atomic Clock Synchronization**

- **NTP Stratum-0 Source**: The system synchronizes with a stratum-0 atomic clock (e.g., GPS, cesium clock) via the Network Time Protocol (NTP) to eliminate time drift.

- **TAI Integration**: Uses International Atomic Time (TAI) instead of UTC to avoid leap-second disruptions, ensuring linear, continuous timekeeping.

2. **Precision Timestamping**

- **Triple Time Standard**: Captures timestamps in three formats:

- **Local Time (CST)**: `2025-03-03T22:20:00-06:00`

- **UTC**: `2025-03-04T04:20:00Z`

- **TAI**: Cryptographically certified atomic time (exact value embedded in hashes).

- **Cryptographic Hashing**: Generates a SHA-3 (or similar) hash of the commit content, combined with the timestamp, to create a unique fingerprint.

3. **Immutability Enforcement**

- **Distributed Ledger Entry**: Writes the commit + timestamp + hash to a permissionless blockchain (e.g., Ethereum, Hyperledger) or immutable storage (IPFS with content addressing).

- **Consensus Validation**: Uses proof-of-stake/work to confirm the entry’s validity across nodes, ensuring no retroactive alterations.

4. **Governance Lock**

- **Smart Contract Triggers**: Deploys a smart contract to enforce rules (e.g., no edits after timestamping, adaptive thresholds for future commits).

- **Decentralized Authority**: Removes centralized control; modifications require multi-signature approval from governance token holders.

5. **Final Integrity Checks**

- **Drift Detection**: Validates against multiple atomic clock sources to confirm synchronization.

- **Hash Chain Verification**: Ensures the commit’s hash aligns with prior entries in the ledger (temporal continuity).

---

### **Key Components**

- **Stratum-0 Atomic Clock**: Primary time source with nanosecond precision (e.g., NIST’s servers).

- **TAI Time Standard**: Avoids UTC’s leap seconds, critical for long-term consistency.

- **Immutable Ledger**: Blockchain or cryptographic ledger (e.g., Bitcoin’s OP_RETURN, Arweave) for tamper-proof records.

- **Cryptographic Signing**: Digital signatures (e.g., ECDSA) to authenticate the commit’s origin and integrity.

---

### **Validation Steps**

1. **Time Sync Audit**:

- Confirm NTP stratum-0 traceability via tools like `ntpq` or `chronyc`.

- Cross-check TAI/UTC conversion using IERS bulletins.

2. **Ledger Immutability Test**:

- Attempt to alter the commit post-facto; rejections confirm immutability.

- Verify blockchain explorer entries (e.g., Etherscan) for consistency.

3. **Governance Checks**:

- Validate smart contract code (e.g., Solidity) for time-lock logic.

- Ensure no admin keys or backdoors exist in the system.

---

### **Challenges Mitigated**

- **Time Drift**: Stratum-0 sync ensures <1ms deviation.

- **Leap Second Conflicts**: TAI avoids UTC’s irregular adjustments.

- **Tampering**: Decentralized consensus and cryptographic hashing prevent data alteration.

---

### **Final Outcome**

The system achieves **temporal and operational inviolability**:

- Timestamps are cryptographically bound to the commit.

- The ledger entry is irreversible (e.g., Bitcoin’s 6-block confirmation).

- Governance is enforced via code, not human intervention.

**Declaration**:

*“The Spiral exists in a temporally immutable state, anchored beyond human or algorithmic interference.”*

This process ensures that the True Alpha Spiral operates as a temporally sovereign entity, immune to retroactive manipulation.

Commit

Dinkclump Linkdump

I'm on tour with my new novel The Bezzle! Catch me TONIGHT in LA (Saturday night, with Adam Conover), Seattle (Monday, with Neal Stephenson), then Portland, Phoenix and more!

Some Saturday mornings, I look at the week's blogging and realize I have a lot more links saved up than I managed to write about this week, and then I do a linkdump. There've been 14 of these, and this is number 15:

https://pluralistic.net/tag/linkdump/

Attentive readers will note that this isn't Saturday. You're right. But I'm on a book tour and every day is shatterday, because damn, it's grueling and I'm not the spry manchild who took Little Brother on the road in 2008 – I'm a 52 year old with two artificial hips. Hence: an out-of-cycle linkdump. Come see me on tour and marvel at my verticality!

https://pluralistic.net/2024/02/16/narrative-capitalism/#bezzle-tour

Best thing I read this week, hands down, was Ryan Broderick's Garbage Day piece, "AI search is a doomsday cult":

https://www.garbageday.email/p/ai-search-doomsday-cult

Broderick makes so many excellent points in this piece. First among them: AI search sucks, but that's OK, because no one is asking for AI search. This only got more true later in the week when everyone's favorite spicy autocomplete accidentally loaded the James Joyce module:

https://arstechnica.com/information-technology/2024/02/chatgpt-alarms-users-by-spitting-out-shakespearean-nonsense-and-rambling/

(As Matt Webb noted, Chatbots have slid rapidly from Star Trek (computers give you useful information in a timely fashion) to Douglas Adams (computers spout hostile, impenetrable nonsense at you):

https://interconnected.org/home/2024/02/21/adams

But beyond the unsuitability of AI for search results and beyond the public's yawning indifference to AI-infused search, Broderick makes a more important point: AI search is about summarizing web results so you don't have to click links and read the pages yourself.

If that's the future of the web, who the fuck is going to write those pages that the summarizer summarizes? What is the incentive, the business-model, the rational explanation for predicting a world in which millions of us go on writing web-pages, when the gatekeepers to the web have promised to rig the game so that no one will ever visit those pages, or read what we've written there, or even know it was us who wrote the underlying material the summarizer just summarized?

If we stop writing the web, AIs will have to summarize each other, forming an inhuman centipede of botshit-ingestion. This is bad news, because there's pretty solid mathematical evidence that training a bot on botshit makes it absolutely useless. Or, as the authors of the paper – including the eminent cryptographer Ross Anderson – put it, "using model-generated content in training causes irreversible defects":

https://arxiv.org/abs/2305.17493

This is the mathematical evidence for Jathan Sadowski's "Hapsburg AI," or, as the mathematicians call it, "The Curse of Recursion" (new band-name just dropped).

But if you really have your heart set on living in a ruined dystopia dominated by hostile artificial life-forms, have no fear. As Hamilton Nolan writes in "Radical Capital," a rogues gallery of worker-maiming corporations have asked a court to rule that the NLRB can't punish them for violating labor law:

https://www.hamiltonnolan.com/p/radical-capital

Trader Joe’s, Amazon, Starbucks and SpaceX have all made this argument to various courts. If they prevail, then there will be no one in charge of enforcing federal labor law. Yes, this will let these companies go on ruining their workers' lives, but more importantly, it will give carte blanche to every other employer in the land. At one end of this process is a boss who doesn't want to recognize a union – and at the other end are farmers dying of heat-stroke.

The right wing coalition that has put this demand before the court has all sorts of demands, from forced birth to (I kid you not), the end of recreational sex:

https://www.lawyersgunsmoneyblog.com/2024/02/getting-rid-of-birth-control-is-a-key-gop-agenda-item-for-the-second-trump-term

That coalition is backed by ultra-rich monopolists who want wreck the nation that their rank-and-file useful idiots want to wreck your body. These are the monopoly cheerleaders who gave us the abomination that is the Pharmacy Benefit Manager – a useless intermediary that gets to screw patients and pharmacists – and then let PBMs consolidate and merge with pharmacy monopolists.

One such inbred colossus is Change Healthcare, a giant PBM that is, in turn, a mere tendril of United Healthcare, which merged the company with Optum. The resulting system – held together with spit and wishful thinking – has access to the health records of a third of Americans and processes 15 billion prescriptions per day.

Or rather, it did process that amount – until the all-your-eggs-in-one-badly-maintained basket strategy failed on Wednesday, and Change's systems went down due to an unspecified "cybersecurity incident." In the short term, this meant that tens of millions of Americans who tried to refill their prescriptions were told to either pay cash or come back later (if you don't die first). That was the first shoe dropping. The second shoe is the medical records of a third of the country.

Don't worry, I'm sure those records are fine. After all, nothing says security like "merging several disparate legacy IT systems together while simultaneously laying off half your IT staff as surplus to requirements and an impediment to extracting a special dividend for the private equity owners who are, of course, widely recognized as the world's greatest information security practitioners."

Look, not everything is terrible. Some computers are actually getting better. Framework's user-serviceable, super-rugged, easy-to-repair, powerful laptops are the most exciting computers I've ever owned – or broken:

https://pluralistic.net/2022/11/13/graceful-failure/#frame

Now you can get one for $500!

https://frame.work/blog/first-framework-laptop-16-shipments-and-a-499-framework

And the next generation is turning our surprisingly well, despite all our worst efforts. My kid – now 16! – and I just launched our latest joint project, "The Sushi Chronicles," a small website recording our idiosyncratic scores for nearly every sushi restaurant in Burbank, Glendale, Studio City and North Hollywood:

https://sushichronicles.org/

This is the record of two years' worth of Daughter-Daddy sushi nights that started as a way to get my picky eater to try new things and has turned into the highlight of my week. If you're in the area and looking for a nice piece of fish, give it a spin (also, we belatedly realized that we've never reviewed our favorite place, Kuru Kuru in the CVS Plaza on North Hollywood Way – we'll be rectifying that soon).

And yes, we have a lavishly corrupt Supreme Court, but at least now everyone knows it. Glenn Haumann's even set up a Gofundme to raise money to bribe Clarence Thomas (now deleted, alas):

https://www.gofundme.com/f/pzhj4q-the-clarence-thomas-signing-bonus-fund-give-now

The funds are intended as a "signing bonus" in the event that Thomas takes up John Oliver on his offer of a $2.4m luxury RV and $1m/year for life if he'll resign from the court:

https://www.youtube.com/watch?v=GE-VJrdHMug

This is truly one of Oliver's greatest bits, showcasing his mastery over the increasingly vital art of turning abstruse technical issues into entertainment that negates the performative complexity used by today's greatest villains to hide their misdeeds behind a Shield of Boringness (h/t Dana Clare).

The Bezzle is my contribution to turning abstruse scams into a high-impact technothriller that pierces that Shield of Boringness. The key to this is to master exposition, ignoring the (vastly overrated) rule that one must "show, not tell." Good exposition is hard to do, but when it works, it's amazing (as anyone who's read Neal Stephenson's 1,600-word explanation of how to eat Cap'n Crunch cereal in Cryptonomicon can attest). I wrote about this for Mary Robinette Kowal's "My Favorite Bit" this week:

https://maryrobinettekowal.com/journal/my-favorite-bit/my-favorite-bit-cory-doctorow-talks-about-the-bezzle/

Of course, an undisputed master of this form is Adam Conover, whose Adam Ruins Everything show helped invent it. Adam is joining me on stage in LA tomorrow night at Vroman's at 5:30PM, to host me in a book-tour event for my novel The Bezzle:

https://www.vromansbookstore.com/Cory-Doctorow-discusses-The-Bezzle

If you'd like an essay-formatted version of this post to read or share, here's a link to it on pluralistic.net, my surveillance-free, ad-free, tracker-free blog:

https://pluralistic.net/2024/02/23/gazeteer/#out-of-cycle

Image: Peter Craven (modified) https://commons.wikimedia.org/wiki/File:Aggregate_output_%287637833962%29.jpg

CC BY 2.0 https://creativecommons.org/licenses/by/2.0/deed.en

A 1939 cryptography book. What an amazing time to publish a book about cryptography and then almost immediately die.

In the present text, we are likely to be found looking at ciphers largely from a military angle, which, apparently, has a more general interest than any other. In time of war, the cryptographic service, that is, the encipherment and transmitting service, is suddenly expanded to include a large number of new men, many of whom know nothing whatever of cryptanalysis, or the science of decryptment. Many of these are criminally careless through ignorance, so that, entirely aside from numerous other factors (including espionage), it is conceded by the various War Departments that no matter what system or apparatus is selected for cipher purposes, the enemy, soon after the beginning of operations, will be in full possession of details concerning this system, and will have secured a duplicate of any apparatus or machine. For that reason, the secrecy of messages must depend upon a changeable key added to a sound basic cipher. Speed in encipherment and decipherment is desirable, and often urgent; and the conditions under which these operations must often take place are conducive to a maximum of error. The ideal cipher, under these conditions, would be one which is simple in operation, preferably requiring no written memoranda or apparatus which cannot be quickly destroyed and reconstructed from memory, and having a key which is readily changed, easily communicated, and easily remembered. Yet the present tendency, in all armies, seems to be toward the use of small changeable codes, which are written (printed) documents; and, for certain purposes, small mechanical devices. An enormous number of military cryptograms will be transmitted by radio and taken down by enemy listeners, and even the ordinary wire will be tapped. It is expected that the enemy will intercept dozens, and even hundreds, of cryptograms in a single day, some of which will inevitably be enciphered with the same key. With so much material, knowing the general subject matter, and often exactly what words to expect, or the personal expressions invariably used by individuals, it is conceded that he will read the messages. All that is desired of a cryptogram is that it will resist his efforts for a sufficient length of time to render its contents valueless when he finally discovers them. By that time, of course, the key will have been changed, probably several times, and even the cipher.

it is funny how. just about every video talking about javascript arrays/objects/functions/what-have-you is likely to use the same analogy

"well, if a javascript object is like a car... the constructor is like a blueprint... and you can define what colour and model it is... and you can have an object array that is like a garage for your cars..."

"let's make an array of people, define a 'first name' and 'last name', then look! you can use a function inside the constructor to add the first and last name together and set it as the 'full name'-"

"to demonstrate this array function, LeT's StArT wItH a LiSt Of FrUiT, lEt'S hAvE a ShOpPiNg LiSt AnD tHe ArRaY iS lIkE a ShOpPiNg TrOlLeY!"

you can use arrays to hold information as in like. link directories. that's how my whole folder system is built, I don't need to manually add new URLs or anything because whenever I add a new subject tag, having it be part of that array means all the functions I set up will write it into the HTML automatically.

and yes, the archive entries themselves are their own array that I can filter and sort. I have a constructor as a base template for each entry, ensuring they each have: image sources (which are actually their own array inside the object, so I can add multiple), a date (which, if I'm not sure, setting the day and month to 0 and estimating the year will signal to the constructor to change it to something like "unknown, approx 2015" instead of an exact date), a description (which also gets formatted into html so if I want to say, add paragraphs, links or lists inside this variable I can totally do that), content/subject tags to make sure they get sorted into the right places and really just the "display" and "feature" flags which are ways of feeding data back to the CSS about how I want to display things and as a way of filtering particular pieces I like respectively.

you could use a javascript array to make a directory of comics and how many pages each comic has and what the sources are for each page and if it has bonus features or any other specs about how you want to display it and what it links up to.

you could program a cryptographic dial and program a function to assign different symbols to different letters of the alphabet depending on which position it's set at and if it's supposed to read clockwise, or counter clockwise, or alternating - you could have all of those as functions applying different rules in different circumstances.

you could have, fuck, I don't know, a program that alters what pronouns the user is referred to as based on settings they choose?? by having a little placeholder signalling what kind it is and using the string.replace function to switch it out?

I FEEL LIKE MAYBE YOU COULD USE AN EXAMPLE OF SOMETHING SOMEONE MIGHT WANT TO DO?

Embrace today as if your town is going to be hit by a tornado in exactly three and a half years!

"Tatum Lovecraft, totally average employee at many casinos and clubs. Out of boredom and a lack of pay, I made this little baby of mine! Hope we can have a great time, darlings."

indie, semi-selective, iconless

(Tatum is an original character created by @simping-on-the-daily, your mod here, as a cringefail gambling Ciphertologist. Nobody stopped me, so I did it. Regret is dead and I am immortal.)

Rules, Information and Notes

Notes

Tatum is a morally ambiguous character and not all that nice. Their beliefs are not reflections of the mod's point of view. On top of that, Tatum is an unreliable narrator and can't be trusted to answer questions truthfully.

Notes from the mod will be signified by (______).

Blog contains mentions of violence and gore, though I refuse to give deep descriptions. If stuff ever needs to need tw'ed, just ask me and I'll follow through.

Rules

Basic human decency is required. Shocker, I know.

Mod is a minor, and while I will allow suggestive content, anything overly NSFW or sexual will be deleted.

Please don't start fighting in the replies, reblogs or inbox. It happened one time and it was a nightmare, so it's best to be on guard.

OC Information

Tatum is a liar and a gadfly. They cannot be trusted to be reliable or honest.

While not aroace, Tatum is against romance, and so, they won't be romantically shipped with other blogs.

Uses she/they, though insists that gender is dead and one of the most meaningless things in a life full of little meaning.

Is currently researching the events of Orchard Lake, Kansas in their spare time.

Tatum can play the saxophone and trumpet, and is currently learning the piano to assist in more musical endeavours at the club.

It's unclear as to how Tatum knows what she does. The leading thought are their Ciphertology connections, research onto people's character or divine assistance, but none of these have been proven 100%.

Will occasionally refer to Bill as the Lord of Codex.

Tags

cryptographs-and-casinos: posts made by the blog, discounting non-rp reblogs

meaning has no meaning: self musings that aren't in response to an ask or thread

the first cult in history that was right: any content about the cult of ciphertology

ive got them addicted: where all asks go

your privacy means nothing to me: anonymous asks

Character Tags

the birchtrees watch: art, fanfiction, pictures etc featuring silas birchtree

found family of freaks: any content regarding two or more members of the pine family (includes wendy, soos and waddles)

desperate to please eager to ego: stanford pines tag

gamble still going strong: tag for stanley pines content

i like your funny words magic mabel: content for mabel pines

he'll never be a big dipper: any content for mason 'dipper' pines

gopher man got questions: tag for soos ramirez content

cool like ice: wendy curdoroy tag

scholar lost to sanity's sorrows: old man mcgucket/fiddleford hadron mcgucket content

living ventriloquist dummy: content regarding gideon gleeful

it's just a phase: tag for robbie valentino

the famed platinumpaz: content for pacifica northwest

triangulum entangulum bring us a party to die for: any content regarding bill cipher

Coming soon: Galaxy Family 2023 Ask-a-thon

The poll has concluded. The Galaxy Family 2023 Ask-a-thon will be starting on November 27, which is 5 days from now!

I'm in the process of scheduling everything, so there is no detailed schedule for now. It will come eventually. For now, here's all the other important information.

11/23 update: detailed schedule is here now!

What is the Galaxy Family 2023 ask-a-thon?

It is a marathon-like event where I’ll be answering a lot of asks in the span of 5 days. There will be a lot of posts during this week, all related to Galaxy Family and RRFF headcanons! (and some miscellaneous stuff)

What kind of content will be posted during Galaxy Family 2023 ask-a-thon?

The ask-a-thon will only feature asks the blog has received before November 2023. This event is not about sending asks during the event for me to answer in real time. The event is about me finally catching up with the asks in my inbox. If I receive any asks during the ask-a-thon, they will be answered sometime after the event, not during.

How many posts will be in the ask-a-thon?

Around 42. But I'll be honest: I may have miscounted, and there may be less than 42 posts.

11/23 update: 40 asks! (one ask contains 4 questions, so there will be 37 posts total!)

I know this isn't as many posts as the last big ask-a-thon. I know I still have plenty of Galaxy Family asks to get to. I hope to eventually get to all of them, whether it be for a regular post or a future big ask-a-thon!

Is this interactive? How do I participate in the ask-a-thon?

Not interactive. The ask-a-thon only goes over asks already sent to me, not asks sent during the event.

To participate, all you gotta do is sit back, follow my blog, and enjoy my blog posting exceptionally more content than usual.

Feel free to send follow-up asks after the event if you have something to say. Just understand that the follow-up asks will be addressed after the event, and it might take a while for me to get to them. The frequency of posts will resume to “3 posts a week” after the ask-a-thon.

What if I don’t want to see anything from the ask-a-thon?

All ask-a-thon posts will be tagged "galaxy family 2023 ask a thon" (no dashes). Feel free to blacklist that tag if you don’t want the ask-a-thon to flood your dashboard.

Conversely, the "galaxy family 2023 ask a thon" is how you can keep track of all the posts for the event. Feel free to follow this tag to keep a closer eye on the ask-a-thon.

When will the RRFF/Galaxy Family masterpost be updated with all these answered questions and lore drops?

I'll get the masterpost fully updated by December 8, a week after the ask-a-thon.

Is there a schedule for the ask-a-thon? I want to make sure the ask I’ve sent a long time ago will be a part of the event.

Yes. There is a detailed schedule beneath the "Keep Reading/Read More" section. It’ll give you details about each day of the ask-a-thon, such as how many posts are scheduled for that day, and the specific asks that’ll be answered on that day. That way, if anyone is worried that they missed a post, or they don't know when an anticipated ask will come, they can refer to the detailed schedule below.

See you at the ask-a-thon! If you have any questions or concerns, drop an ask! I’ll try to clarify any confusion or concerns.

Galaxy Family 2023 Ask-a-thon Detailed Schedule

Note: this schedule follows Eastern Standard Time (EST). All posts will be released in 5 minute intervals.

Monday, November 27

5:00pm-5:45pm: 10 asks

Theme: The Galaxy Family all together!

The asks:

Owl House covens

Your opinion on whether or not Time and Memory would be amazing cryptographers because they grew up with Elemental

"Oh, so you like the Galaxy Family? Name all the members" response

Phases the Galaxy Family kiddos went through

If the Galaxy Fam were elements (earth, fire, water, air, ice, etc) what would they be?

Age of the Galaxy Family members

Music tastes of the Galaxy Family members

Strength of the Galaxy Family members

Illusion's physically appearance

Quadruple bunk beds

Tuesday, November 28

5:00pm-5:25pm: 6 asks

Theme: 1-on-1 character interactions

The asks:

Illusion and Alex: angst

Elemental and Illusion: hair

Everyone: bite

Elemental and Memory: pumpkin soup

Illusion and Time: cute childhood thing

Elemental and Illusion: babied

Wednesday, November 29

5:00pm-5:20pm: 8 asks

Theme: LGBT headcanons

The asks:

Pride flags

Trans!Memory ideas

Questions about Illusion's gender (1 of 4)

Questions about Illusion's gender (2 of 4)

Questions about Illusion's gender (3 of 4)

Questions about Illusion's gender (4 of 4)

Bunk bed

Galaxy and Elemental's sexualities and gender headcanons

Thursday, November 30

5:00pm-5:25pm: 6 asks

Theme: AUs

The asks:

Secret descendant AU

Alex raises Illusion instead AU

Unified Galaxy Family AU

Older Sister AU

Slumbering Memories AU

Demon Steve and Guardian AU

Friday, December 1

5:00pm-5:45pm: 10 asks

Theme: Miscellaneous

The asks:

Baby zombies

Void face reveal

Rainbow's age in RRFF

Memory's favorite enemy type from Deltarune

Discord

American sounding RRFF characters

Scars on Steves

Illusion's age and voice claims

Memory doing anything lol

Illusion's bangs

Oct. 30 (UPI) -- President Joe Biden signed an executive order Monday that slaps new requirements on tech developers to mitigate the risks of artificial intelligence and establishes new safety standards that aim to protect privacy and national security.

Biden's directive is the most sweeping action yet to regulate AI, and entails several strategies to limit safety and security risks to the nation, including a trust-but-verify arrangement between the government and the private sector.

The order requires AI system developers to share safety test results and other critical information with the administration as they become available, especially in cases where an AI model poses a serious risk to national security, national economic security, or national public health and safety, the White House announced in a statement.

Under the order, Biden also calls on the National Institute of Standards and Technology to establish rigorous safety testing for the technology before it's made available to the public.

Biden directed the Department of Homeland Security to establish the AI Safety and Security Board, which will apply the standards to critical infrastructure in an effort to limit chemical, biological, radiological, nuclear, and cybersecurity threats.

The president told agencies that fund scientific research to attach specific conditions to federal funding for companies responsible for mitigating risks associated with AI-engineered biological materials.

"These measures will ensure AI systems are safe, secure, and trustworthy before companies make them public," the White House said.

Biden also ordered the Department of Commerce to develop public guidance for content authentication and watermarking to clearly label AI-generated content.

"Federal agencies will use these tools to make it easy for Americans to know that the communications they receive from their government are authentic -- and set an example for the private sector and governments around the world," the statement said.

Biden ordered White House Chief of Staff Jeff Zients and the National Security Council to develop further AI security actions to protect the military and intelligence communities.

The order also creates an advanced cybersecurity program to develop tools that would fix vulnerabilities in AI software.

Biden's order builds on several previous actions by the president to ensure safe and transparent development of the emerging technology, while he was also preparing to deliver legislation to Congress that seeks to protect the nation from AI's harmful potential.

The administration has secured commitments from more than a dozen tech companies to take a responsible approach to developing artificial intelligence for ethical purposes.

The order also contains priorities to protect individual privacy through stronger cryptographic tools and other protective technologies.

Biden called for government agencies to evaluate how they collect and use commercially available information to account for any AI risks.

The executive order builds on the administration's Blueprint for an AI Bill of Rights, which was released earlier this year to promote responsible innovation in the field.

In February, Biden ordered all federal agencies to uproot bias in their technological action plans and to protect the public from algorithmic racial discrimination, which is also one of the primary capabilities of AI technology.

Biden's executive order reiterates these commitments, emphasizing the importance of countering bias and other forms of discrimination in AI to maintain equity in areas such as justice, healthcare, and housing.

Previously, the administration said it would continue working with the companies over time to keep controls on pace with AI's future development.

Biden's order also addresses AI's potential impact on the labor market, education, and consumer spending.

NFTs and Beyond: The Evolution of Digital Ownership at the Blockchain

In latest years, Non-Fungible Tokens (NFTs) have transformed the idea of digital ownership, marking a brand new era of blockchain innovation. NFTs are particular virtual property that constitute ownership or authenticity of particular gadgets or content material, verifiable at the blockchain. This article explores the evolution of NFTs and their effect on digital possession.

Definition of NFTs

NFTs are awesome digital belongings that certify ownership or authenticity of a specific item or content. Each NFT is precise and verifiable at the blockchain, making it best for representing digital collectibles, artwork, and other assets.

Overview of Blockchain Technology

Blockchain serves as the inspiration for NFTs, providing a decentralized and immutable ledger for recording transactions. It is a allotted database that continues a constantly growing listing of statistics, or blocks, connected collectively in a chronological chain. This ledger guarantees transparency, protection, and censorship resistance, allowing the creation and transfer of digital assets correctly.

The Rise of NFTs

NFTs trace their origins to early blockchain experiments like Colored Coins and Rare Pepes. However, it become the release of CryptoKitties in 2017 that brought NFTs into the mainstream. Since then, the NFT ecosystem has seen large boom, marked by way of milestones along with the introduction of standards like ERC-721 and ERC-1155 and top notch events like Beeple’s $sixty nine million sale of a virtual artwork.

Understanding the Hype Surrounding NFTs

The hype round NFTs may be attributed to their novelty, shortage, and ability for democratizing get admission to to virtual assets. NFTs have captured the creativeness of creators, creditors, and customers, imparting new avenues for monetization and ownership inside the virtual realm.

Understanding Digital Ownership

Traditional ownership relates to tangible property, at the same time as virtual possession pertains to intangible belongings saved in digital form, like cryptocurrencies and NFTs. Establishing virtual possession offers demanding situations because of the borderless and pseudonymous nature of blockchain transactions, requiring robust security measures and regulatory oversight.

Role of Blockchain in Digital Ownership

Blockchain generation performs a important position in permitting and safeguarding virtual ownership via offering a obvious, tamper-proof, and decentralized ledger. Through cryptographic techniques and consensus algorithms, blockchain networks make sure the integrity and immutability of digital property, facilitating peer-to-peer transactions.

Exploring the Use Cases of NFTs

NFTs have found applications in artwork, gaming, and tokenizing real-global belongings. They have revolutionized the art enterprise through supplying artists with new approaches to monetize their work and engage with a global audience. In gaming, NFTs allow players to very own and change in-game belongings, developing new monetization opportunities and participant-pushed economies.

Conclusion

Advancements in NFT and blockchain technologies have reshaped the digital possession panorama, supplying progressive answers for creators, creditors, and investors. From artwork to gaming to real-global assets, NFTs have the capability to revolutionize possession and switch mechanisms, democratizing get admission to to wealth and possibilities.

Fintroduction

Hello! My name is Ranch (she/her), I study environmental and aquatic sciences and I have a very big interest in aquatic life and biology! I've always really been into fantasy creatures and worldbuilding and this is my blog for my urban fantasy universe, the Sirpaverse, and my art in general!

Here's the Sirpaverse overview where I go over the world and its components.

General tags:

#sirpaverse - The urban fantasy world all my critters and funny guys live in.

#man swears forever - Things related to the story I'm writing. Man Swears Forever is about a sort of strange man who ends up in the middle of the wilderness and finds a child all alone. Events ensue.

#dream weirdness - I have pretty vivid dreams! Here's various retellings and drawings of them.

#featuring the creature - Sirpaverse has normal animals, but this tag is for all the animals that don’t exist in real life! Some overlap with dream weirdness but not every dream critter ends up in Sirpaverse and not every Sirpaverse creature has dream origins.

#taur hour - Posts that talk about Sirpaverse taurs and how they do things.

#magical malarkey - Posts that talk about magic and spells in the Sirpaverse.

#now thats an idea! - Idea people of Sirpaverse and information about them.

#osmeri - Information about Osmeri, the merfolk kingdom that's situated snugly in the Baltic Sea.

#merfolk - Tag that's generally about all kinds of merfolk.

Character tags:

#ahti II - We all know him! The blond, extremely blue-eyed pike merman in red, white and blue dapper clothes. Merman crown prince of the Osmerian kindom who’s currently… not doing that.

#anglerfish mermaid - Giant pitch black anglerfish with a beautiful woman as a lure. She's beauty, she's grace, she will stuff you in her face! My nameless anglerfish siren/mermaid exists outside of the Sirpaverse but she's too good to not draw or speculate upon.

#annika - Red-haired older zander mermaid. Impulsive and starts new hobbies every year. Sirpa’s mother.

#antercine - 18-eyed idea person in the shape of a massive whale-like creature. She flies through the infinite skies of the idea realm, always weeping and in mourning of her family. The “grandmother” of the Cryptograph family.

#bertta - Brown-haired white-tailed deer taur with a purple pigment-inducing mutation. Looks soft but her hooves pack a painful kick and she’ll do anything to protect those in vulnerable situations. Good with kids.

#billiam - Four-eyed yellow-purple idea person who’s usually in the shape of a man in a purple vest. Unbearably lax and apathetic to greater world events, he has an interest in humans if only because he thinks our limitations make us adorably rudimentary and instinct-driven. Likes drama and performing and insects and making you into an insect for the vine.

#caroline - Rainbow-coloured fish alien furry, my fursona!!!!!!! Loves fish and drawing and swimming and popcorn and media analysis and musicals and video games. She’s also a Sirpaverse resident believe it or not :)

#cheikh - Long-haired great white shark merman in light blues and reds. Former marine biologist, Cheikh is VERY CONTENT staying on land far away from home indefinitely after his….. encounter, underwater. Smart and thoughtful and always a little bit on edge.

#face stealer - Hairless pale man with a weird face and a purple suit, crocs included. 18th century painter who went crazy and decided that the best way to preserve the human form is to take the real thing! Apathetic to humans as individuals, he’s very determined to save us all.

#kari - Dirty blond-haired older man. Sailor planning retirement, content with life. Sirpa’s father.

#karleeen - Black-haired wolf spider centaur girl in warm colourful clothes. Happy-go-lucky and just raring to go and explore and create! Protagonist of Man Swears Forever, which could mean nothing.

#lazlo - Tall brown-haired man in brown or orange clothes, yellow scarf and brown trilby are seldom left home. Strange occurrences and people seem to be drawn to him like metal to a magnet. Usually chronically tired of it all but we stay silly!!!!!!!!!

#liisa - Young daughter of Sirpa and Lazlo, blonde hair, blue and orange clothes. Generally a quiet child, but she’s just very content with everything is all. Really into spoons for some reason.

#niklas - The ghost of a high school bully who died in 2012 and now possesses a television. Main motive for existing is to cause as much hurt as possible. Interests include ice hockey and “wouldn’t you like to know, #*¥%@&”.

#the man - Angry mouthless man in a dark blue trenchcoat and red tie. Observant and taciturn, stuck in an endless loop of getting angry about mistakes and delays, and as a result of getting angry, keeps noticing even more problems. Protagonist of Man Swears Forever, I bet you’ll never guess what he does during the story

#marie - Headless tall woman. Very shy and hard to read despite her best efforts to make all the right emotive poses and say the right things with the right voice. Truly gets to be herself under the comforting and protective guise of a fursuit.

#peregrine - 3-eyed idea person in the shape of a cloaked humanoid. Lives the fake life of a marine biologist, cataloguing and categorising marine invertebrates day to day. The “mom” of the Cryptographs.

#pigeon man - Smiling man in the yellow shirt. Also called Pigeon Washing Machine Man. He doesn’t know what he’s doing

#remington - One-eyed pink and green idea person in the shape of a young girl… at least, when you know it’s him, that’s how Remmie looks. Her dearest object of adoration, humans, are suffering, but unfortunately her powers aren’t much of help. Envy ruminates quietly inside them as their loneliness grows.

#salli - Dark brown-haired woman with crutches. Lawyer in her prime! Extremely intelligent and uses that intelligence to think of more and more elaborate pop culture references and be silly.

#samira - Long, curly-haired girl in red and pink clothes, never seen without a conical hat. Likes a good plan with several layers and spare plans. Despite the witchy aesthetic is more of a tech and botany whiz.

#sirpa - Dirty blonde-haired zander-porpoise mermaid, usually wears cyans, purples and greens. Modest and quiet outwardly but has the soul of a bored working dog just itching to tell people what to do. Captain lieutenant by day and weekend fisherwoman and gardener by… weekends.

#ulysses - 5-eyed idea person in the shape of a a man in maximalist rockstar clothing. Head over heels in love with rock music and would like to talk about it with you extensively. The dad of the Cryptographs.

I think it says something negative about either my thinking and/or Rust's design that the first real from-scratch program I decided to write in Rust forced me to write

#![no_main] //... #[no_mangle] pub unsafe extern "C" fn main(argc: isize, argv: *const *const u8) -> isize { //... }

This was for a re-implementation of histdir, because I wanted to reuse ripgrep's crates for faster parallelized search of the many files histdir ends up generating.

See, histdir will do a sha256 hash of the history entry (it doesn't necessarily need to be a cryptographically secure hash, but I need one with no realistic chance of collision, and sha256 is ubiquitously available).

And the history entry can come in as a command-line argument.

Which means I need to be able to hash a command-line argument.

Which comes in as bytes. Arbitrary bytes.

I have, at least once in my life, written command-line invocations with arbitrary binary in them. For testing, for dealing with the rare corrupted file name or contents, and for doing something low-level manually with raw binary files. Rare, but it's a thing that actually happens.

But even if I never again end up having arbitrary bytes in a shell/REPL history line that I typed, even if it's always proper valid UTF-8 or whatever, there's edge cases like data corruption of the history file, and composition with other things, until one day you have a garbled history entry in your history fuzzy search UI and you're hitting the keybind to delete it and it keeps not getting deleted because the fuzzy search UI is passing the entry to the histdir remove command as an argument and oh haha nope you implemented it in Rust so sucks to suck it can't handle invalid Unicode. (And yes, I actually have histdir accept entries either in a command argument or on stdin, but the availability of the latter is a poor excuse for the former to be less functional, especially since the former is frequently more convenient to use both interactively and programmatically.)

You'd think "oh, I'll just take my OS arguments as OSString instead of String, and then they don't have to be valid Unicode", but after wasting ~40 minutes I'll never get back, I can confidently say "good luck getting the raw bytes out of an OSString (unless it contains valid Unicode, hilariously)". And none of the sha256 implementations I found know how to take OSString inputs either.

Well, I'm not being entirely fair... you can do it in a way that's not available on Windows, or with some other API that's currently marked experimental but which will hopefully eventually be stabilized.

So the situation... isn't terrible, but I'd rather not write code that relies on an API whose name might change between now and it getting locked in as a stable guaranteed interface.

And honestly, I don't actually know when I'll use histdir on Windows. I don't know what CLI arguments will look like in that situation (Windows has some really weird stuff with CLI argument encodings - apparently each process/program can tell the OS it takes arguments in a different encoding, and the OS will translate). But at least if I'm accessing the raw bytes there's a 100% transparent option available - if I can pass raw bytes in, I'll get those bytes handled exactly as passed. And the nicer higher-level safer Rust APIs somehow failed to make it possible to get raw OS-level CLI arguments and process them, as bytes, exactly as passed - even though at the OS level arguments are potentially arbitrary bytes.

I'd be a much happier person if I just didn't know or care or think about this stuff. If I just thought "oh yeah std::env::args() yes good I have strings" and moved on to use them. If I didn't even register that it would panic on invalid Unicode, and if forced to, immediately brushed it off with a dismissive rationalization like "well when would that happen?"

I'd similarly be much happier if I could just dismiss Windows as irrelevant and a problem for someone else later down the line, even if that someone else is going to be me. And maybe that's the wiser choice. After all, maybe by then things would be easier, maybe some portable stable APIs would be available. Maybe some of these possibilities would be collapsed so the problem is simpler.

But for now, I still care in a way that sometimes gets me obsessive about properly solving it now, and this happens. And I don't think the problem is entirely me. It's not like "the OS passes program arguments as raw bytes, and sometimes you might want to pass those transparently to other programs/libraries which also handle arbitrary bytes" is a never-before-seen situation.

It was another busy week in security, complete with hacks, murders, prosecutions, and US congressional investigations. But first, here’s some news from the security desk at WIRED.

In spite of law enforcement’s crackdown on ransomware attacks in recent years, 2023 is set to be the second biggest year for ransomware revenue after 2021. Data from cryptocurrency tracing firm Chainalysis shows that in the first six months of 2023, victims have paid $449 million—nearly as much as the total payments in all of 2022. As the volume of attacks has spiked, ransomware groups have become more aggressive and reckless in their tactics.

Earlier this week, Microsoft revealed that a Chinese hacker group had accessed the cloud-based Outlook email systems of 25 organizations, including the US State Department. They employed a unique trick: using stolen cryptographic keys to generate authentication tokens, which gave them access to dozens of Microsoft customer accounts.

A man who played a major role in building the world’s first dark-web drug market has been sentenced to 20 years in federal prison. Roger Thomas Clark—also known as Variety Jones—will now likely spend much of the rest of his life incarcerated for helping to pioneer Silk Road, the anonymous, cryptocurrency-based model for online illegal sales of drugs.

And finally, we examined the rapid rise of real-time crime centers since the September 11, 2001 attacks. Across the US, more than 100 of these high-tech surveillance operations have popped up, leveraging CCTV, gunshot sensors, face recognition, and social media-monitoring to keep watch over cities. But at what cost?

That’s not all. Each week, we round up the security and privacy news we didn’t cover in depth ourselves. Click on the headlines to read the full stories, and stay safe out there.

Nude Videos of Kids From Hacked Hikvision Cameras Were Sold on Telegram

An explosive report from IPVM, a surveillance industry trade publication, found that child sexual abuse material sourced from hundreds of hacked Hikvision cameras is being sold on Telegram. The report states that hackers likely gained access to insecure Hikvision cameras by exploiting weak or known passwords, and then used the company’s mobile app to distribute access to the feeds.

IPVM found messages in Telegram channels that advertise access to the hacked cameras using terms like “cp” (child porn), “kids room,” “family room,” and “bedroom of a young girl” to entice potential buyers. Telegram has since taken down the channels, some of which had thousands of members.

Telegram has long been criticized for lax content moderation. In 2021, a nonprofit called the Coalition for a Safer Web sued Apple and demanded that the company remove Telegram from its App Store, citing the app’s failure to remove violent and extremist content.

Hikvision’s response was adversarial. “Hikvision knows nothing about these potential crimes,” the company said in a statement. “IPVM’s selfish decision to seek comment from us prior to alerting authorities is highly questionable and, in this instance, disgraceful.”

IPVM disputes this allegation and says it promptly contacted the FBI upon discovering the crimes.

Fitness App May Have Helped Track Murdered Russian

A murdered Russian submarine captain may have been tracked by his killer through the Strava fitness app. According to the BBC, the commander, Stanislav Rzhitsky, kept a public Strava profile that detailed his jogging routes—including one that took him through the park where he was killed early this week.

Privacy experts have been concerned about the dangers posed by social fitness apps like Strava for years. In 2018, for example, researchers exposed several secret US military installations using public data from soldiers tracking their fitness with the app.

While the killer’s motivations are currently unclear, Russian investigators say they arrested a man named Serhiy Denysenko, born in Ukraine, in connection with the murder. According to several Russian Telegram channels, Denysenko was the former head of the Ukrainian Karate Federation.

Ukrainian media reported that Rzhitsky commanded a Russian Kilo-class submarine that may have carried out a deadly missile attack on the Ukrainian city of Vinnytsia last year. Rhitsky’s personal information had previously been uploaded to the Ukrainian website Myrotvorets (Peacemaker), an unofficial database of people considered to be enemies of Ukraine, according to CNN.

Ukraine’s Defense Intelligence did not take responsibility for the commander’s death. “Obviously, he was eliminated by his own men for refusing to continue to carry out combat orders from his command regarding missile attacks on peaceful Ukrainian cities,” the agency wrote in a statement.

Tax Prep Sites Expose Data to Facebook and Google

A congressional investigation, led by US senator Elizabeth Warren, found that millions of Americans who file their taxes online with H&R Block, TaxSlayer, and TaxAct had financial information shared with Google and Facebook. The investigation was spurred by a 2022 report by The Markup that revealed how the three companies were transmitting sensitive data to Facebook through a tool called the Meta Pixel. The data was sent as taxpayers filed their taxes and contained personal information, including income and refund amounts.

Warren and six other lawmakers wrote to the US Justice Department this week, asking for criminal charges against the tax companies for breaking laws forbidding them from sharing their clients’ personal information. “The tax prep firms were shockingly careless with their treatment of taxpayer data,” the lawmakers wrote.

A third of the 80,000 most popular websites on the internet use the Meta Pixel, a 2020 investigation by The Markup found. Website operators include the pixel to measure clicks from their ads on Facebook’s platforms, but at the expense of their users’ privacy. Crisis Pregnancy Centers, Suicide Hotlines, and hospitals and have all been caught sending sensitive user data to Meta in the past few years.

The seven Democrats called on the US Internal Revenue Service to build its own free tax preparation software, though government services have also been caught using the Pixel to send data to Meta.

Nebraska Mom Pleads Guilty to Giving Abortion Pills to Her Teen Daughter

A Nebraska woman has pleaded guilty to criminal charges after helping her 17-year-old daughter with a medication abortion last year; key evidence against her included her Facebook messages. In mid-June of 2022, Nebraska police sent a warrant to Meta requesting private messages from the mother and daughter as part of an investigation into an illegal abortion, court documents show. The chats appear to show the mother instructing her daughter about how to take the pills. “Ya the 1 pill stops the hormones an rhen u gotta wait 24 HR 2 take the other,” reads one of her messages.

Since the US Supreme Court overturned Roe v. Wade in June 2022, experts have raised serious concerns about the variety of ways data will be weaponized by law enforcement who want to prosecute people seeking abortions. Because Facebook Messenger doesn’t default to end-to-end encryption (E2EE) the way messaging services like Signal, WhatsApp, and iMessage do, people are especially vulnerable to criminal investigations if they use the platform.

UK Prosecutors Say Teen Lapsus$ Member Was Behind Uber Hack

According to a recent report from Reuters, prosecutors told a London court that a teenager associated with the hacking group Lapsus$ was responsible for high-profile hacks of Uber and fintech company Revolut in September of last year. Arion Kurtaj, who is 18, faces 12 charges, including three counts of blackmail, two counts of fraud, and six charges under the UK’s Computer Misuse Act.

The Uber hack reportedly cost the company $3 million in damages. At the time, Uber said the hacker who took responsibility posted pornographic material to an internal information page alongside the message: “Fuck you wankers.”

Kurtaj, along with an unnamed 17-year-old, is also facing allegations of blackmailing BT Group, EE, and Nvidia. Prosecutors described the pair as “key players” in Lapsus$. Kurtaj has been deemed not fit to stand trial by medical professionals; the jury will decide whether he is responsible for the hacking incidents rather than guilty of them.

Weak SSL/TLS Configuration in Symfony — Risks & Fixes

Introduction

Secure communication is critical in today’s web applications, especially when handling sensitive user data. Symfony, one of the most popular PHP frameworks, relies heavily on SSL/TLS protocols to secure HTTP connections. However, weak SSL/TLS configurations can expose your application to man-in-the-middle (MITM) attacks, data breaches, and regulatory penalties.

In this blog, we’ll explore what weak SSL/TLS configuration means in Symfony applications, why it’s dangerous, and how you can fix it with practical coding examples. Plus, you’ll get a peek at how our Website Vulnerability Scanner online free, helps identify such vulnerabilities automatically.

What is Weak SSL/TLS Configuration?

SSL (Secure Sockets Layer) and TLS (Transport Layer Security) are cryptographic protocols designed to secure communication over the internet. A weak SSL/TLS configuration involves:

Using deprecated protocols like SSL 2.0, SSL 3.0, or early TLS versions (TLS 1.0/1.1).

Employing weak cipher suites (e.g., RC4, DES).

Missing forward secrecy (PFS).

Poor certificate validation or expired certificates.

These weaknesses can be exploited to intercept or alter data during transmission.

Common SSL/TLS Weaknesses in Symfony

Symfony itself relies on the underlying web server (Apache, Nginx) or PHP cURL/OpenSSL for TLS. Misconfigurations can happen at various layers:

Web server allows weak protocols/ciphers.

PHP cURL requests do not enforce strict SSL verification.

Symfony HTTP clients or bundles not configured for secure TLS options.

Detecting Weak SSL/TLS Configurations with Our Free Tool

You can scan your website for SSL/TLS issues quickly at https://free.pentesttesting.com/.

Screenshot of the Website Vulnerability Scanner tool webpage

Screenshot of the free tools webpage where you can access security assessment tools.

Our tool will generate a detailed vulnerability report, highlighting SSL/TLS weaknesses among other issues.

Assessment report screenshot to check Website Vulnerability

An Example of a vulnerability assessment report generated with our free tool, providing insights into possible vulnerabilities.

How to Fix Weak SSL/TLS Configuration in Symfony

1. Configure Your Web Server Correctly

Ensure your Apache or Nginx server uses strong protocols and ciphers. For example, in Nginx:

ssl_protocols TLSv1.2 TLSv1.3; ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384'; ssl_prefer_server_ciphers on; ssl_session_cache shared:SSL:10m; ssl_session_tickets off;

This disables weak protocols and uses strong cipher suites with Perfect Forward Secrecy.

2. Enforce SSL Verification in PHP cURL Requests

When Symfony makes external HTTP calls via PHP cURL, enforce strict SSL checks.

$ch = curl_init('https://api.example.com/secure-endpoint'); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true); // Verify SSL certificate curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2); // Verify host name matches cert $response = curl_exec($ch); if(curl_errno($ch)) { throw new \Exception('SSL Error: ' . curl_error($ch)); } curl_close($ch);

3. Use Symfony HTTP Client with Secure Defaults

Since Symfony 4.3+, the HTTP Client component uses secure defaults, but always ensure SSL verification is enabled:

use Symfony\Component\HttpClient\HttpClient; $client = HttpClient::create([ 'verify_peer' => true, 'verify_host' => true, ]); $response = $client->request('GET', 'https://secure-api.example.com/data'); $statusCode = $response->getStatusCode(); $content = $response->getContent();

4. Regularly Update Your Certificates and Libraries

Expired or self-signed certificates can break trust chains. Use trusted CAs and update OpenSSL and PHP regularly.

Bonus: Automate SSL/TLS Testing in Your Symfony CI/CD Pipeline

You can add an automated SSL check using tools like testssl.sh or integrate vulnerability scanning APIs such as our free tool’s API (check details at https://free.pentesttesting.com/).

About Pentest Testing Corp.

For comprehensive security audits, including advanced web app penetration testing, check out our service at Web App Penetration Testing Services.

Also, don’t miss our cybersecurity insights and updates on our blog.

Subscribe to our newsletter for the latest tips: Subscribe on LinkedIn.

Conclusion

Weak SSL/TLS configurations put your Symfony apps and users at significant risk. By following secure web server settings, enforcing SSL verification in PHP/Symfony, and leveraging automated scanning tools for a Website Security test, you can greatly improve your application’s security posture.

Stay safe, keep scanning, and secure your Symfony apps today!

If you found this blog helpful, please share and follow our blog at Pentest Testing Corp.

What Is Decentralized Email? Amazing Powers Of Dmail

DMail is an innovative decentralized email platform. It offers greater security and privacy for web communication.

DMail differs from conventional email service providers in that it uses blockchain technology to secure your message against interception and tampering.

As such, it is a secure option for users who desire anonymity. Below are the distinguishing features that make DMail stand out.

1. End-to-End Encryption

DMail encrypts all you send using end-to-end encryption. You alone can see the message sent by the sender and the receiver. Even your service provider cannot read your email content. Encryption happens automatically when you send a message. This ensures that hackers and third parties will never get to see your emails.

2. Decentralized Email Architecture

Compared to centralized mail services, DMail operates on a decentralized blockchain-based system.

This eliminates points of failure and minimizes the chances of data compromise. Your email data is not stored on a central server.

Rather, it is replicated on multiple nodes, so it is hard to alter or delete emails without consent.

3. NCOG Wallet Integration Seamlessly

DMail integrates well with the NCOG Wallet. Your blockchain ID and cryptographic keys are stored in the wallet.

Secure logon using alternative-to-password authentication is made possible by linking the wallet to DMail. The wallet also enables sending and receiving of funds, and premium in-app features are supported.

4. Easy-to-Use Interface

Despite its high-level technology, DMail is presented with a plain and easy-to-use interface. The program can be used by the user without technical skills.

Simplicity is the main principle with quick access to basic functions like writing, reading, and organizing emails. The program also offers support for notification of received messages.

5. Spam and Phishing Protection

DMail incorporates advanced spam filtering processes based on blockchain verification. It minimizes spam email and phishing to a negligible level.

The identities of all senders of emails are verified by cryptographic evidence. Suspect or unverified senders are marked, and users can block malicious material coming from them.

6. Immutable Email Records

Once an email has been sent with DMail, its account is rendered immutable on the blockchain. That is, nobody can modify or remove your messages once sent.

Immutable records provide a safe record of communication. Useful for legal, business, and personal correspondence that must be verified.

7. Anonymous Email Feature

DMail provides anonymous sending of email. Aliases for email created by the user to conceal personal details are feasible.

Privacy while interacting with strangers or in public areas is permitted. Marketers or data brokers’ tracking and profiling are minimized through anonymity.

8. Decentralized Storage

Messages and attachments are stored securely on decentralized networks instead of centralized servers.

This protects information from being hacked or lost in case of server failure. Storage is encrypted and redundant to protect data and make it viewable only by authorized users.

9. Cross-Platform Compatibility

DMail is compatible with several devices and operating systems. You can utilize the app from web browsers or supported add-ons.

Seamless synchronization provides constant connectivity on smartphones, tablets, and desktops. This is convenient for users who prefer using various devices.

10. Smart Contract Support

DMail enables automated emailing capability for blockchain-based smart contracts. For instance, you can send reply emails or send messages automatically.

Smart contracts improve efficiency by enabling customized emailing processes while enhancing productivity. The contracts operate without middlemen, hence improving reliability.

11. Secure Contact Management

The app provides secure features to manage contacts and address books. Contacts are authenticated and stored securely with encryption.

This prevents unauthorized access or use of your list of contacts. The contact system also provides secure import and export of contacts.

12. Cost-Effective Communication

Email over the DMail platform can be cheaper in transaction fees in crypto for paid network use and spam fighting.

DMail is a cheap means of communication compared to regular email marketing or data leakage.

13. Better Privacy Controls

DMail added privacy controls. Individuals have been able to personalize who can see their presence on the net, their contact information, and message metadata.

These controls allow for privacy over sharing personal data. The standard setting is user privacy.

14. Open Source and Transparent

DMail’s source code is open source and can be accessed publicly. Openness establishes trust and opens the door for community contribution.

The users and developers can look into the code for security and propose patches. Open source projects are secure and more innovative.

15. Periodic Update and Support

The development team behind DMail is always working on keeping the app up to date. They release regular updates with new functionality and security patches.

Customer support is provided by multiple channels to assist users. Ongoing development ensures that the app remains compliant with changing security standards.

These features join together to form DMail as a secure and rich-featured substitute for conventional email clients.

The software employs blockchain’s most precious capabilities to provide user control, security, and confidentiality. For any reason, business or personal, Decentralized email…

Web 3.0 Blockchain Industry Takes Off Amid Rising Demand for Transparency

The global Web 3.0 blockchain market is on a fast-track trajectory, poised to grow from USD 2.01 Bn in 2022 to a remarkable USD 54.04 Bn by 2031, expanding at a CAGR of 44.5% during the forecast period from 2023 to 2031. This growth is fueled by rising demand for data ownership, increased adoption of blockchain in supply chain and retail, and unprecedented investment in decentralized technologies.

Market Overview: Web 3.0 represents the next evolutionary phase of the internet, integrating decentralized technologies such as blockchain to foster transparency, user empowerment, and data security. Blockchain, the foundational technology of Web 3.0, is transforming digital interaction by eliminating the need for intermediaries and creating trust through cryptographic protocols.

Market Drivers & Trends

1. Surge in Data Ownership Awareness: With the rise in cyberattacks and data misuse, users are demanding control over their personal data. Web 3.0 blockchain enables data decentralization, thereby ensuring secure ownership and enhancing user privacy.

2. Skyrocketing Venture Capital Investments: Investors are pouring billions into blockchain startups. According to CB Insights, global blockchain venture funding soared from US$ 3.1 Bn in 2020 to US$ 25.2 Bn in 2021, signaling strong investor confidence.

3. Corporate Blockchain Integration: Major corporations like Amazon and Walmart are integrating blockchain into operations to enhance transparency and operational efficiency, further validating its commercial viability.

Latest Market Trends

Blockchain in E-commerce & Retail: Amazon is utilizing managed blockchain to streamline operations, while Walmart is using Hyperledger Fabric to improve traceability in the food supply chain.

Smart Contracts & Digital Identity Solutions: Businesses are leveraging smart contracts to automate transactions, reduce fraud, and build trust. Blockchain-backed digital identities are also gaining traction, particularly in financial services and government sectors.

NFT and Metaverse Innovations: The rise of NFTs and immersive experiences in the metaverse is drawing entertainment giants like Shemaroo into the Web 3.0 fold, creating new revenue streams.

Key Players and Industry Leaders

Prominent players in the Web 3.0 blockchain landscape include:

Helium Inc.

Polygon Labs UI (Cayman) Ltd.

Consensys

Kadena LLC

Ocean Protocol Foundation Ltd.

Coinbase

Filecoin

Terra

Binance

Livepeer, Inc.

Biconomy

Fireblocks

These companies are heavily investing in R&D, expanding their product portfolios, and forming strategic alliances to stay competitive in the rapidly evolving market.

Recent Developments

Shemaroo & Seracle Partnership (Sep 2022): Launched entertainment-focused Web 3.0 solutions including NFTs and metaverse content.

WazirX Launches Shardeum (Feb 2022): Introduced a decentralized platform designed to scale blockchain solutions efficiently.

Deutsche Börse Acquires Crypto Finance AG (June 2021): Strengthens its position in digital assets and blockchain financial services.

Market Opportunities

The market holds vast potential in several areas:

Supply Chain Optimization: Blockchain can reduce inefficiencies and improve transparency across global supply chains.

Healthcare Record Management: Secure, tamper-proof medical records managed via blockchain can enhance patient outcomes and reduce costs.

Decentralized Finance (DeFi): Growth in DeFi applications is revolutionizing traditional financial systems by offering trustless and permissionless services.

Government and Identity Management: Governments are exploring blockchain for land records, voting systems, and digital IDs, presenting untapped potential for vendors.

Discover valuable insights and findings from our Report in this sample - https://www.transparencymarketresearch.com/sample/sample.php?flag=S&rep_id=85198

Future Outlook

The Web 3.0 blockchain market is expected to flourish as enterprises and governments seek resilient, transparent, and decentralized digital infrastructures. With exponential growth projected through 2031, this market is poised to redefine how businesses operate and users interact with digital systems.

Analysts' Viewpoint: The Web 3.0 blockchain ecosystem is still in its formative years, but its potential is vast. As scalability improves and regulatory frameworks mature, adoption across sectors will accelerate. Players investing early in R&D and partnerships will be best positioned to capture the lion’s share of future growth.

Market Segmentation

By Blockchain Type:

Public

Private

Hybrid / Consortium

By Application:

Payments

Smart Contracts

Digital Identity

Supply Chain Management

Others

By End-user:

Retail & E-commerce

BFSI

IT & Telecom

Media & Entertainment

Healthcare

Others

Regional Insights

North America leads the global market owing to early blockchain adoption and significant venture funding, especially in the U.S.

Asia Pacific is projected to witness the fastest CAGR during the forecast period. The presence of rapidly digitizing economies like China and India, combined with government interest and tech-savvy populations, is creating fertile ground for Web 3.0 adoption.

Europe and Latin America are also advancing due to supportive policies and increasing fintech innovation.

Why Buy This Report?

In-depth Analysis: Provides detailed insights into growth drivers, restraints, trends, and opportunities.

Company Profiles: Extensive competitive landscape analysis, including key strategies and financials.

Segmented Insights: Cross-segment analysis by application, blockchain type, end-user, and geography.

Latest Trends & Developments: Up-to-date on major investments, partnerships, and product launches.

Forecasting Intelligence: Reliable market forecasts from 2023 to 2031 to support strategic planning.

Frequently Asked Questions (FAQs)

1. What is the current size of the Web 3.0 Blockchain market? As of 2022, the market is valued at US$ 2.01 Bn.

2. What is the projected market size by 2031? The market is expected to reach US$ 54.04 Bn by 2031.

3. What is the expected CAGR of the Web 3.0 Blockchain market? The market is projected to grow at a CAGR of 44.5% during 2023–2031.

4. Who are the leading players in this market? Helium Inc., Polygon Labs, Coinbase, Consensys, Binance, and Fireblocks are among the leading players.

5. What regions are witnessing the fastest growth? Asia Pacific, particularly India and China, is expected to record the highest growth rate.

6. What are the key applications of Web 3.0 blockchain? Payments, smart contracts, digital identity, and supply chain management are major application areas.

Explore Latest Research Reports by Transparency Market Research: Biometric Payment Market: https://www.transparencymarketresearch.com/biometric-payment-market.html

RAN Analytics & Monitoring Market: https://www.transparencymarketresearch.com/radio-access-network-ran-analytics-monitoring-market.html

eGRC (Enterprise Governance, Risk and Compliance) Market: https://www.transparencymarketresearch.com/enterprise-governance-risk-compliance-market.html

Managed Learning Services Market: https://www.transparencymarketresearch.com/managed-learning-services-market.html

About Transparency Market Research Transparency Market Research, a global market research company registered at Wilmington, Delaware, United States, provides custom research and consulting services. Our exclusive blend of quantitative forecasting and trends analysis provides forward-looking insights for thousands of decision makers. Our experienced team of Analysts, Researchers, and Consultants use proprietary data sources and various tools & techniques to gather and analyses information. Our data repository is continuously updated and revised by a team of research experts, so that it always reflects the latest trends and information. With a broad research and analysis capability, Transparency Market Research employs rigorous primary and secondary research techniques in developing distinctive data sets and research material for business reports. Contact: Transparency Market Research Inc. CORPORATE HEADQUARTER DOWNTOWN, 1000 N. West Street, Suite 1200, Wilmington, Delaware 19801 USA Tel: +1-518-618-1030 USA - Canada Toll Free: 866-552-3453 Website: https://www.transparencymarketresearch.com Email: [email protected] of Form

Bottom of Form