Sniffs in Haskell. Or Forth, lol.

Back in the day those tricks were common. Some PDP-11 OS’s supported a “Radix-50” encoding (50 octal = 40 decimal) that packed 3 characters into a 16 bit word (40 codepoints=26 letters, 10 digits, and a few punctuation). So you could have a 6.3 filename in 3 words.

There’s an old joke about functional programming separating Church from state.

This is probably an ok use for a GADT. Something like:

{-# LANGUAGE DataKinds      #-}
{-# LANGUAGE GADTs          #-}
{-# LANGUAGE KindSignatures #-}

data Bap = Baptized | Unbaptized

data Person :: Bap -> * where
   Baptize :: Person Unbaptized -> Person Baptized
   NewPerson :: Person Unbaptized

conditionalBaptize :: Person a -> Person Baptized
conditionalBaptize p =
    case p of NewPerson -> Baptize p
              Baptize _ -> p

main = return ()

I use it and am happy with it, not sure what I’d want to use instead, except maybe guix, which I wouldn’t suggest to a newbie.

It’s probably best to get someone to help you in person. See if you are near a Linux user group since they often supply installation help.

The method I always recommend is buy a new hard drive or SSD and swap it into the place of the old one, so you can swap back if something goes wrong. Then do a clean Linux install onto the new, empty drive.

Don’t bother with dual boot, it’s complicated and often goes wrong, and anyway you’re trying to escape from Windows.

As for installation, you may have to go to your Bios setup to allow booting from USB. Then, on another computer, go here:

https://cdimage.debian.org/images/release/current-live/amd64/iso-hybrid/

Download your favorite iso image. I’ll suggest “amd64-mate” if you don’t have a preference, since it should be pretty familiar looking to Windows users. Then you want to write a bootable image to a flash drive. I only know how to do that with Linux, but https://duckduckgo.com/?q=write+iso+image+to+flash+drive finds a bunch of pages for other OS’s.

Finally, plug the flash drive into your ASUS machine and boot. You should get a bunch of installation prompts and you can generally follow the defaults. It will install a lot of packages one at a time and take around half an hour, so do something else for a while, but also keep an eye on the install process because it will occasionally prompt you for something.

Come back after the installation finishes.

Do I really have to have written “stop changing the defaults”? Like if Firefox kept changing its keyboard shortcuts would that be non-annoying as long as you can reset them? Oh yes, they DO that.

Could they stop changing stuff like this? Oh well, I gave up on GNOME years ago anyway.

Gristedes is an expensive yuppie supermarket chain like Whole Foods, in some rich areas. I don’t think they have to worry about some city-run stores in underserved neighborhoods. It’s just pouting.

For Windows users it might be simplest to start with Debian MATE. There is an install image on debian.org. No idea about Mint.

Meh, in Emacs you can use https://github.com/halfwhole/pride-mode every month.

1. if it’s for critical systems, why not Ada?

2. it would be nice to have some more technical description of exactly how it works, both for the shared memory operations and what happens with complicated data structures

3. I presume there are the usual locks/futexes but it could be way cool to also have software transational memory (STM) if that’s not already there

4. at the end of the day if you really want super low latency, you probably have to run on a realtime CPU intended for such stuff, rather than a general purpose CPU under a full blown OS. Otherwise, cacne misses can be almost as bad as page faults used to be.

It’s so the server can generate any of the API keys as needed, instead of having to store them all. This matters more when you want to do the authentication on a low resource device like an HSM, or otherwise keep the authentication process away from the main server app, to lower the attack surface. Again, depending on the application, it might not be worth it.

This is more of a cryptography question than a Rust question, but typically you’ll use a so-called key diversification function (KDF) for this. See: https://en.wikipedia.org/wiki/Key_derivation_function (another term for the same thing, with slightly different connotations).

For an API key, you might have a user ID sent in the clear, and a secret key SK on the server. The KDF you would use would be something like HMAC-SHA256 truncated to 128 bits. Then the API key would be KDF(SK, ID). You will want a way to invalidate ID’s and issue new ones so the person can cycle or change their API key. You could add a parameter P to the UID for this purpose, but again you have to be able to invalidate it.

You want to be very careful with SK on the server side. In financial apps (where the key can steal real money) you’d encapsulate it in a hardware security module (HSM). For less high-value apps you could still wrap it in its own HSM-like interface in its own process, that the rest of the app queries through a local socket. The idea is that the KDF process has a smaller attack surface than the big complicated web app. It can also implement throttling (limit the number of queries per second) in case a compromise app starts trying to spew API keys, and so on.

Added: your idea of just generating keys randomly and storing them in the database is also ok, but again you have to pay some attention to security, dealing with the possibility of the key table spilling, etc.