love it when things like this show up
She thought they were a normal couple until she found a passport in a glovebox – and then her world shattered. Now she is finally getting compensation and a police apology for that surreal, state-sponsored deception. But she still lies awake and wonders: did he ever really love me?I can’t believe this was going on in the 2000s!
Using SHA-1 [to generate random numbers] in this way, with a random seed and a counter, is just building a (perfectly sound) CSPRNG with, I believe, an 80-bit security level. If you trust the source of the random seed, e.g. /dev/urandom, you may as well just use /dev/urandom itself. If you don’t, you’re already in trouble. And if you somehow need a userspace PRNG, the usual advice about not rolling your own crypto unless you know what you’re doing applies. (Especially for database IDs, the risk of collisions should be considered a security problem, ergo this should be considered crypto, until proven otherwise.) In this case, using BLAKE2 instead of SHA-1 would get you a higher security level and faster hashing. Or, in tptacek’s words: http://sockpuppet.org/blog/2014/02/25/safely-generate-random-numbers/
Nice approach to package authentication UX using Keybase/PGP.
When you go to install a package, Sandstorm verifies that the package is correctly signed by the Ed25519 key. It looks for a PGP signature in the metadata, and verifies that the PGP-signed assertion is for the correct app ID and the email address specified in the metadata. It queries the Keybase API to see what accounts the packager has proven ownership of, and lists them with their links on the app install page.