25 replies to this topic

[CLNinja]

Okay, I'm going to try my best to put both sides of this argument to bed:

He's allowed to make this, don't tell him otherwise. Yes, it probably isn't very good, therefor what point does it have? It really doesn't, but to be fair, security in CC is pointless. if you're really trying to conceal something, why computercraft? Why not go out of game with it?

You should probably put a disclaimer saying that it isn't a proper algorithm and should be used with caution, as it may be easy to crack if someone knows what it is.

Stop telling people what they can/can't do, and just provide constructive criticism.

Anavrins is right, you shouldn't really be advertising this as secure, but go ahead and do as you like.

[Gumball]

Why would you make the password have a limit of 4 characters?

Line 8.

Edited by BlueBird, 23 April 2017 - 06:41 PM.

[hbomb79]

Gumball, on 23 April 2017 - 06:41 PM, said:

Why would you make the password have a limit of 4 characters?

Line 8.

That just means it masks the input from the user with the character '4'.

KidBrine, on 23 April 2017 - 03:48 PM, said:

from my understanding Anvarins is saying it's easy but time consuming.

It is easy, and quick to break your current algorithm -- much like the Caesar cipher you were using earlier.

KidBrine, on 23 April 2017 - 03:48 PM, said:

D3matt & Restioson are saying not to make it yourself.

Only because cryptography isn't easy. If you want to make a file encryption software, it should be secure by using an encryption algorithm already available on the forum, it isn't a bad thing to use someone else's library.

KidBrine, on 23 April 2017 - 03:48 PM, said:

and you're saying it's guaranteed that every one on this website knows more than me.

Not guaranteed, but Anavrins does know more than you (and me, and a lot of the users on the forum) about cryptography. He is trying to help you, perhaps you should take his advice?

You aren't being attacked, this is constructive criticism, and an opportunity to learn more about cryptography. Up to you.

Edited by hbomb79, 23 April 2017 - 09:22 PM.

[TheZen]

CLNinja, on 23 April 2017 - 05:00 PM, said:

Okay, I'm going to try my best to put both sides of this argument to bed:

He's allowed to make this, don't tell him otherwise. Yes, it probably isn't very good, therefor what point does it have? It really doesn't, but to be fair, security in CC is pointless. if you're really trying to conceal something, why computercraft? Why not go out of game with it?

You should probably put a disclaimer saying that it isn't a proper algorithm and should be used with caution, as it may be easy to crack if someone knows what it is.

Stop telling people what they can/can't do, and just provide constructive criticism.

Anavrins is right, you shouldn't really be advertising this as secure, but go ahead and do as you like.

I never said it was secure, and it is a beta so should you expect it to be secure?

hbomb79, on 23 April 2017 - 09:20 PM, said:

-snip-

my thing with this is that if we all use the same programs then there will be nothing new.

[hbomb79]

KidBrine, on 23 April 2017 - 11:16 PM, said:

my thing with this is that if we all use the same programs then there will be nothing new.

Not true; you are making something, and you still would be even when using another, more secure algorithm. Many programs can be used to better your own (program integration, frameworks, APIs, etc...)

[D3matt]

KidBrine, on 23 April 2017 - 06:08 AM, said:

D3matt, on 23 April 2017 - 05:23 AM, said:

You're still just trying to make your own encryption algorithm without any knowledge of cryptography and it's not going to work. Focus on using one of the existing, tried and proven algorithms for this.

Try breaking it if you know so much about cryptography.
Also I like to make my own programs and the reason it's in 2.0B is because it is not confirmed to be secure so i'm seeing if anyone on the forums finds a bug.

I'm not a cryptographer. I'm a sysadmin an amateur programmer. That's why I don't write algorithms, because I know they're going to end up vulnerable. Instead I take feedback from people who do know cryptography and do what they say is best.

Being in beta is irrelevant. This is not a bug, this is a fatal and fundamental flaw. Cryptography is hard. That's OK. That's why we use only a few proven algorithms written by some incredibly smart people, instead of writing our own. There are plenty of ways to create something new while still using an algorithm that's already been written. Even single program I use at work all use the same encryption algorithms but they're all vastly different. You don't need to write your own algorithm to write a file encryption program. I'm writing a login server, which uses several other people's APIs. I'm still creating my own entirely new program that's undoubtedly my own creation.

Edited by D3matt, 24 April 2017 - 02:25 AM.