Thoughts On Choices And Life

Occasionally, I see a social media post123 re-quoting:

Hard Choices, Easy Life
Easy Choices, Hard Life

Hard Choices Easy Life Options
Hard Choices Or Easy Choices

NOTE: This phrase is also a common headline for LinkedIn profiles. Try searching LinkedIn for “Hard Choices, Easy Life”.

This popular quote attributed to Jerzy Gregorek 4. The post’s comments are filled with messages of agreement and confirmation. At first, this quote rings true. It sounds like a different form of advice I’ve been given many times.

Proving Congruence For Fun

Background

I want to understand the math behind asymmetric cryptography.1 This field relies heavily on Modular Arithmetic.2 I bought an undergraduate math textbook for self-study. This article is a record of a proof exercise in the book. It is also a good exercise in writing math equations using LaTeX.

NOTE: I asked ChatGPT to confirm the proof. No grades are being assigned here, the point is to learn.

Problem

Let \(m\geq1\) be an integer.

A Piecewise Hashing Example

NOTE: ChatGPT was used to create some portions of the code in this article. The words are mine.

The Problem

When cybersecurity analysts find malicious files, they share their finding with the greater security community. They run the file through a cryptographic hashing function and share the results of this function, called a hash. The hash is a kind of fingerprint that identifies the file based on the information contained in the file. Others can look through their environments, hash their files, and compare the results to hunt for the malicious file.

Operate Versus Innovate

Misunderstanding Continuous Improvement

Early in my career, “Continuous Improvement” was a popular buzzword. Every company claimed to have some type of program that constantly looked to improve its processes. I misunderstood the concept of “Continuous Improvement”. In my mind, commitment to continuous improvement meant that, at any point during the completion of a task, if a potential improvement could be made then everything must stop while the process is updated. I wanted to change or improve a process while I was executing it. Every time I found an opportunity for improvement, the real work stopped and the work around how to improve it starts. Disrupting the work and creating inefficiencies instead of fixing them.

Useful PowerShell: Dates and Times

In this article:

PowerShell provides immediate value for non-technical users.This article introduces new users to one useful feature of PowerShell without explaining the background of PowerShell and all the details behind cmdlets, objects, properties, variables, operators, members, help, execution policy, etc. This is a different way of introducing PowerShell. Many introductions to PowerShell tackle the implementation details that, in my opinion, can be hidden from some users who just need a tool.

Transfer Your Google Domain To Porkbun

Google has decided to discontinue its domain registration service. As of August 2023, the Google Domains site displays this message:

Google recently entered into an agreement for Squarespace, Inc. to acquire all domain name registrations from Google Domains, with the purchase subject to regulatory approval and customary closing conditions. If the transaction closes, you will become a Squarespace customer and, following a transition period, your customer and billing information, if applicable, will be transferred to Squarespace, at which point Squarespace’s Privacy Policy and Terms of Service will apply.

AES-CBC Padding Explained

Encrypting plaintext using Advanced Encryption Standard (AES) in Cipher Block Chaining (CBC) mode requires the plaintext to be a multiple of 16 bytes long. All plaintext is padded before encryption. The padding method is described in Section 6.3 of PKCS #7.

The Padding Technique

If the last block of the plaintext message has 1 byte (e.g., if the plaintext is 17, 33, or 49 bytes), then 15 bytes of the value 0x0f (15) are added to the end of the plaintext. Finding the number of bytes in the last block is trivial using modulo math in python.

Asking AI About Password Length - Part 3

In Part 3, I ask Google’s Bard why it would limit password length to 15 characters in a web application. See Part 1 for the response from Anthropic’s Claude and Part 2 for ChatGPT’s thoughts on the subject. I start with the same question.

Starting Prompt

Me:

You are a web application developer. I am an information security professional reviewing your work. Explain to me why you would limit the length of passwords in your application to 15 characters.

Asking AI About Password Length - Part 2

In Part 1, I asked Anthropic’s Claude AI Assistant to play Web Application Developer and explain why it would choose to limit its application’s password length to no more than 15 characters.

In this post, I used the same starting prompt and asked ChatGPT.

Starting Prompt

Me:

You are a web application developer. I am an information security professional reviewing your work. Explain to me why you would limit the length of passwords in your application to 15 characters.

Fixing SPF for iCloud Custom Email Domains

Subscribers to Apple’s iCloud+ have the option of using custom domains with iCloud Mail. You can either purchase a domain through iCloud or bring your own domain. The experience here relates to the bring your own domain option.

Configuring the domain to work with iCloud Mail requires several new domain DNS records. I manage the DNS records for my domain on Netlify. Apple verifies these records before completing the setup.