[Chicken-users] [ANN] CHICKEN 5.0.0 has been released

From: Peter Bex
Subject: [Chicken-users] [ANN] CHICKEN 5.0.0 has been released
Date: Wed, 7 Nov 2018 19:53:30 +0100
User-agent: NeoMutt/20170113 (1.7.2)

Dear CHICKEN users,

We are proud to announce the immediate availability of
CHICKEN 5.0.0 at the following URL:

This tarball has the following SHA256 checksum:

It has been a long stretch, but we finally made it!

This release contains the largest number of big-impact changes
we've made since the CHICKEN 4.0.0 release.

Most importantly, we have completely overhauled the module layout so
that it should make more sense where each identifier is located.
For a quick overview of where things are, see the page we used for
discussion of these changes:

The manual has of course also been updated to reflect these new modules:

Other notable features are:
- Full numeric tower
- A new declarative egg description format for chicken-install
- Improved support for static linking (eggs are now also compiled statically)
- "Deployment" mode has been dropped as it was less portable and reliable
  than static linking.
- Builds are fully bit-for-bit reproducible (for core, but user code too)
- Random numbers now use a better PRNG than libc rand() (namely, WELL512)
- Core has gone on a diet: several libraries have been moved to eggs, like
   srfi-1, srfi-13, srfi-14, srfi-18, srfi-69, and several other things.

The (very long!) complete list of changes since version 4.13.0 is
available here: https://code.call-cc.org/dev-snapshots/2018/08/11/NEWS

Because the testing period has been quite long, we've managed to port
many of the most important eggs to CHICKEN 5 already.  You can view them
at the new subdomain, see https://eggs.call-cc.org/5

Of course for the time being, not everyone can immediately switch to
CHICKEN 5 for everything, so https://eggs.call-cc.org/4 also works.

If you have code you want to port, we've created a porting guide that
covers the most important pitfalls:

Many thanks to everyone in the community for their enthusiasm, mental
support and help with testing all this new code and enthusiastically
porting stuff to CHICKEN 5 even back when it was barely ready!


Attachment: signature.asc
Description: PGP signature

The Bcrypt Protocol… is kind of a mess

While writing my own bcrypt library, being unsatisfied with the current Java de-facto standard implementation jBcrypt, I discovered a lot of odd things surrounding the bcrypt protocol (mind you: not the underlying cryptographic primitive ‘Eksblowfish’).

Bcrypt is a password hashing function designed by Niels Provos and David Mazières in 1999 which became popular as the default password hash algorithm for OpenBSD¹. In comparison to simple cryptographic hash functions (like SHA-256), the main benefit of using bcrypt is that a developer can set how expensive it is to calculate the hash. This is called key stretching and should be used with any (usually weak) user provided password to protect against brute force attacks (i.e. simple guessing).


Introduction to Bcrypt

So how does it work? First you need a password and set the iteration count as a logarithmic work factor between 4–31, doubling the required computation every increment. So for example it could look like this:

bcrypt("secretPassword", 8)

which may output

Continue reading “The Bcrypt Protocol… is kind of a mess”

Why Americans are sticking with older phones

Source: https://www.wsj.com/articles/upgrade-no-thanks-americans-are-sticking-with-their-old-phones-1540818000

Americans are holding on to their smartphones for longer than ever.

Pricier devices, fewer subsidies from carriers and the demise of the two-year cellphone contract have led consumers to wait an average of 2.83 years to upgrade their smartphones, according to data for the third quarter from HYLA Mobile Inc., a mobile-device trade-in company that works with carriers and big-box stores. That is up from 2.39 years two years earlier.
Continue reading “Why Americans are sticking with older phones”

Understanding How Apache Pulsar Works

Source: https://jack-vanlightly.com/blog/2018/10/2/understanding-how-apache-pulsar-works

I will be writing a series of blog posts about Apache Pulsar, including some Kafka vs Pulsar posts. First up though I will be running some chaos tests on a Pulsar cluster like I have done with RabbitMQ and Kafka to see what failure modes it has and its message loss scenarios.

I will try to do this by either exploiting design defects, implementation bugs or poor configuration on the part of the admin or developer.

Continue reading “Understanding How Apache Pulsar Works”


1. The Key to Becoming a Software Consultant


But, to achieve your objective, you need to position yourself as an actual consultant, getting paid for advice.

He talks about four phases of solving problems for companies.  Those include diagnosis, prescribing a cure, application of the cure, and re-application of the cure.  Software developers and most so-called software consultants involve themselves almost exclusively in phase three: application.  But that’s a pretty low leverage place to be. Consultants exist almost exclusively in phases one and two: diagnosing and prescribing.  They let laborers take care of phase three and even lower status laborers take care of phase four.

2. How Lisp Became God’s Own Programming Language


But people learn Lisp instead because they know that, for twenty years or so, the Lisp point of view was thought to be so useful that MIT taught Lisp to undergraduates before anything else.

What happened instead is that more and more Lisp-y features have been incorporated into everyone’s favorite programming languages.

Do not buy a Huawei phone

Source: https://threader.app/thread/1051204370543648770

THREAD: I’m looking at a Huawei P20 from China, let see what can I found

The 1st app I reversed is an app called Decision

Look at the name of the files contains in the assets folder:
– airport_china.txt
– city_china.txt
– cityinfo.db
– parkinglot_china.txt
– railwayinfo.db
– trainInfo.db
– trainstation.db

Interesting, no?

Continue reading “Do not buy a Huawei phone”

Why Nobody Understands Blockchain

Source: https://patrickmn.com/security/why-blockchain-is-so-hard-to-understand/

One of the biggest problem with blockchain (“crypto”) seems to be that nobody really understands it. We’ve all heard the explanation that you have blocks, and transactions go into blocks, and they’re signed with signatures, and then somebody mines it and then somehow there’s a new kind of money…? My friend says so, anyway.

Continue reading “Why Nobody Understands Blockchain”

Calculating longitude length in miles?


It doesn’t matter at what longitude you are. What matters is what latitude you are.

Length of 1 degree of Longitude = cosine (latitude in decimal degrees) * length of degree (miles) at equator.

Convert your latitude into decimal degrees ~ 37.26383

Convert your decimal degrees into radians ~ 0.79863

1 degree of Longitude = ~0.79863 * 69.172 = ~ 55.2428 miles

More useful information from the about.com website:

Degrees of latitude are parallel so the distance between each degree remains almost constant but since degrees of longitude are farthest apart at the equator and converge at the poles, their distance varies greatly.

Each degree of latitude is approximately 69 miles (111 kilometers) apart. The range varies (due to the earth’s slightly ellipsoid shape) from 68.703 miles (110.567 km) at the equator to 69.407 (111.699 km) at the poles. This is convenient because each minute (1/60th of a degree) is approximately one [nautical] mile.

A degree of longitude is widest at the equator at 69.172 miles (111.321) and gradually shrinks to zero at the poles. At 40° north or south the distance between a degree of longitude is 53 miles (85 km)

Note that the original site (about.com) erroneously omitted the “nautical” qualifier.