PHP Becomes First Programming Language To Add 'Modern' Cryptography Library In Its Core (bleepingcomputer.com)

← Back to Stories (view on slashdot.org)

PHP Becomes First Programming Language To Add 'Modern' Cryptography Library In Its Core (bleepingcomputer.com)

Posted by BeauHD on Tuesday February 21, 2017 @10:00AM from the center-of-the-earth dept.

An anonymous reader writes from a report via BleepingComputer: The PHP team has unanimously voted to integrate the Libsodium library in the PHP core, and by doing so, becoming the first programming language to support a modern cryptography library by default. Developers approved a proposal with a vote of 37 to 0 and decided that Libsodium will be added to the upcoming PHP 7.2 release that will be launched towards the end of 2017. Scott Arciszewski, the cryptography expert who made the proposal, says that by supporting modern crypto in the PHP core, the PHP team will force the WordPress team to implement better security in its CMS, something they avoided until now. Additionally, it will allow PHP and CMS developers to add advanced cryptography features to their apps that run on shared hosting providers, where until now they weren't able to install custom PHP extensions to support modern cryptography. Other reasons on why he made the proposal are detailed here. Arciszewski also says that PHP is actually "the first" programming language to support a "modern" cryptography library in its core, despite Erlang and Go including similar libraries, which he claims are not as powerful and up-to-date as PHP's upcoming Libsodium implementation.

204 comments

Min score:

Reason:

Sort:

Oh please by Anonymous Coward · 2017-02-21 10:07 · Score: 5, Insightful

Any language where the default equality comparison operator is *true* given two string-type variables with values "0E54321" and "0E12345" is not a cryptographically secure language. In fact there is a nonzero chance of the default equality operator returning true between two different MD5 or SHA256 hashes if they happen to fall into a hexadecimal form that is all digits except for one E or F.
Anyone who claims that PHP is somehow more secure as a language because it has added *new optional library calls* without doing anything about the fundamental language defects is demented.
1. Re:Oh please by Anonymous Coward · 2017-02-21 10:19 · Score: 0, Insightful
  
  Just because one operation is allowed, doesn't preclude doing another. Your proof is trivially invalid.
2. Re:Oh please by Anonymous Coward · 2017-02-21 10:30 · Score: 0
  
  But zero does equal zero. What's your problem?
3. Re:Oh please by Vairon · 2017-02-21 10:43 · Score: 5, Informative
  
  PHP has a comparison operator === that evaluates if the two things it is comparing are equal and of the same type.
  $ php -r "if (\"0E54321\" === \"0E12345\") { echo 'equal'; } else { echo 'not equal'; } "
  not equal
  Without ===, variable type conversion can cause a string containing numbers to be converted to an integer. See these links for details:
  http://php.net/manual/en/langu...
  http://php.net/manual/en/langu...
4. Re:Oh please by Anonymous Coward · 2017-02-21 10:45 · Score: 0
  
  PHP even has a constant-time function for comparison that doesn't leak data about how much of the strings matched.
5. Re:Oh please by Lisandro · 2017-02-21 10:54 · Score: 4, Interesting
  
  Except for objects, where a === b is true only if a and b are the same object. Such a beautifully designed language.
6. Re:Oh please by Anonymous Coward · 2017-02-21 10:56 · Score: 0
  
  Ipso facto doogly blum blum ad hominem nerf
7. Re:Oh please by Dogtanian · 2017-02-21 11:05 · Score: 4, Interesting
  
  Any language where the default equality comparison operator is *true* given two string-type variables with values "0E54321" and "0E12345" is not a cryptographically secure language. In fact there is a nonzero chance of the default equality operator returning true between two different MD5 or SHA256 hashes if they happen to fall into a hexadecimal form that is all digits except for one E or F.
  Technically, that (in itself) doesn't necessarily mean that the built-in cryptography nor the language itself are inherently insecure. In theory, that is, provided you understand the language and use it correctly.
  
  And that's the problem. Because in practice, PHP's design philosophy of trying to be clever- often too clever by half- when it comes to comparisons, equality, automatic coercion, data types, etc. etc. too often gives unpredictable and unexpected results from people who weren't aware of that behaviour.
  
  You absolutely do *not* want any risk of this happening when you're designing a system that has to be secure. You want boringly explicit and utterly predictable data and type handling.
  
  My prediction is that far, *far* more security holes will be down to bugs caused by unforeseen subtle aspects- i.e. pitfalls- of PHP's type handling and equality behaviour (etc.) in the apps using it rather than bugs in the cryptographic module itself.
  
  PHP being a language more favoured by inexperienced users, this is likely to be made far worse. Expect lots of newbies with misplaced confidence designing what they think are "secure" apps that are in fact full of holes- either because they've misused or misunderstood the cryptographic module, or because they've overlooked some basic aspect of computer security elsewhere (e.g. failure to parse input securely) that makes the use of cryptography irrelevant.
  
  And those are the sorts of mistakes newbies would make when using any language- with PHP's language design issues on top of that, it has the potential to be far worse.
  
  So, yeah. I trust that the module will be secure. The main problems- I guarantee- will be caused by caused by overlooked (or not known about) aspects of PHP's too-clever-by-half data handling (in client apps using it) leading to exploitable holes, and by the fact that too many of PHP's newbie-skewing userbase will overconfidently assume it makes their apps foolproof while using it incorrectly and ignoring security holes elsewhere that make it redundant.
  
  --
  "Slashdot - News and Chat Sites Deviant". (Click "homepage" link above for details).
8. Re:Oh please by deKernel · 2017-02-21 11:08 · Score: 1
  
  Please tell me you are kidding me on this? I haven't touched PHP so this is all new to me...if it is true.
9. Re:Oh please by Anonymous Coward · 2017-02-21 11:09 · Score: 0
  
  Yes. Now go ahead and guesstimate the percentage of major PHP software packages accidentally using == where the developer should have used ===.
10. Re:Oh please by Anonymous Coward · 2017-02-21 11:11 · Score: 0
  
  Many would consider such unintuitive behavior as "ugly" or "prone to misuse" when it is so radically at odds with most people's idea of pseudocode.
  Hell, even the double equals of C is one of the least "beautiful" design decisions ever made.
11. Re:Oh please by Lisandro · 2017-02-21 11:11 · Score: 2
  
  Oh, how i wish i was: https://developers.slashdot.or...
12. Re:Oh please by Anonymous Coward · 2017-02-21 11:23 · Score: 0
  
  At the time of this writing, the quote or the day at the bottom of the page was: "Things equal to nothing else are equal to each other." I chuckled a bit at how well it aligned with your sentiment. -PCP
13. Re:Oh please by Lisandro · 2017-02-21 11:28 · Score: 0
  
  Agreed. The problem is not the library - PHP is intrinsically insecure. I'm not aware of any other language out there that can reliably be made to segfault and whose developers argue such behavior is working as intended.
14. Re:Oh please by Anonymous Coward · 2017-02-21 11:38 · Score: 0
  
  Yes, and also the comparison operators are nontransitive. What type of nut does that?
15. Re:Oh please by Anonymous Coward · 2017-02-21 11:40 · Score: 0
  
  Even better than that, php's comparison operators are nontransitive.
  Imagine how hard it is to sort things.
16. Re:Oh please by Anonymous Coward · 2017-02-21 11:56 · Score: 0
  
  PHP is an extremely polished turd. It will wither and die, and this cannot happen soon enough!
17. Re:Oh please by hcs_$reboot · 2017-02-21 12:10 · Score: 0
  
  if ("0E54321" === "0E12345") { echo 'equal'; } else { echo 'not equal'; }
  
  Too bad your example is useless (like 80% of PHP's doc examples anyway), since if ("0E54321" == "0E12345") (only 2 '=') yields also 'not equal'. A more relevant example is if ("123" === 123) (yields false but '==' yields true).
  
  --
  Slashdot, fix the reply notifications... You won't get away with it...
18. Re:Oh please by hcs_$reboot · 2017-02-21 12:14 · Score: 1
  
  Except for objects, where a === b is true only if a and b are the same object
  In Java, a == b is true if a and b references are identical, which is probably what does PHP under the hood.
  
  --
  Slashdot, fix the reply notifications... You won't get away with it...
19. Re:Oh please by hcs_$reboot · 2017-02-21 12:18 · Score: 1
  
  even the double equals of C is one of the least "beautiful" design decisions ever made.
  It's not because some not so good programmers confuse '=' with '==' that '==' is not "beautiful". On the contrary, I think this is one of the many genius ideas K&R had at the time ('a = b', 'a == b'... think about it!)
  
  --
  Slashdot, fix the reply notifications... You won't get away with it...
20. Re:Oh please by JustAnotherOldGuy · 2017-02-21 12:20 · Score: 1
  
  Without ===, variable type conversion can cause a string containing numbers to be converted to an integer.
  
  Yep, and as much as I like php, I'll be the first to say that php's "converting a string to an integer" as a default behavior is idiotic. It's just an accident waiting to happen.
  
  --
  Just cruising through this digital world at 33 1/3 rpm...
21. Re:Oh please by hcs_$reboot · 2017-02-21 12:23 · Score: 0
  
  Yes. Now go ahead and guesstimate the percentage of major PHP software packages accidentally using == where the developer should have used ===.
  Whose fault is that?
  
  --
  Slashdot, fix the reply notifications... You won't get away with it...
22. Re:Oh please by Anonymous Coward · 2017-02-21 12:29 · Score: 1
  
  Came for the PHP haters, was not disappointed.
23. Re:Oh please by Ksevio · 2017-02-21 12:36 · Score: 1
  
  I can get a segfault pretty reliably in C with this code:
  char *s = "hello world"; *s = 'H';
24. Re:Oh please by fahrbot-bot · 2017-02-21 12:43 · Score: 4, Funny
  
  PHP has a comparison operator === that evaluates if the two things it is comparing are equal and of the same type.
  The next version will support "====" for things are really, *really* equal.
  
  --
  It must have been something you assimilated. . . .
25. Re: Oh please by Edgewize · 2017-02-21 12:45 · Score: 4, Informative
  
  Or more relevantly, I think this is what the original poster was referring to:
  https://www.whitehatsec.com/bl...
  Here are some examples of PHP doing mind boggling things with md5 and sha1 hashes.
  https://3v4l.org/tT4l8
26. Re:Oh please by Lisandro · 2017-02-21 12:54 · Score: 2
  
  I think you meant s = 'H'; there....
  But again, this is to be expected. C is a low level language without memory management; PHP is neither. There is no sane reason why it is supposed to segfault (according to the developers, "infinite recursion crashes") and i'm not aware of any other high level language which does the same. How hard is to add a recursion counter?
27. Re:Oh please by Anonymous Coward · 2017-02-21 12:58 · Score: 0
  
  I always wonder why Java did that ( == = true only if both references are identical) I guess my problem is with the primitive data types that don't follow that rule. Just another thing that irks me about java.
28. Re:Oh please by sconeu · 2017-02-21 13:03 · Score: 1
  
  It was needed for Animal Farm Simulation support, because some objects are more equal than others.
  
  --
  General Relativity: Space-time tells matter where to go; Matter tells space-time what shape to be.
29. Re:Oh please by Anonymous Coward · 2017-02-21 13:14 · Score: 0
  
  This is defined in the spec though.
30. Re:Oh please by Anonymous Coward · 2017-02-21 13:19 · Score: 0
  
  Any language where the default equality comparison operator is *true* given two string-type variables with values "0E54321" and "0E12345" is not a cryptographically secure language.
  Ever heard of strcmp?
  Library functions are there for a reason, idiot.
31. Re:Oh please by Anonymous Coward · 2017-02-21 13:39 · Score: 0, Informative
  
  The comparison operators are transitive as long as you don't mix types.
  Don't feel bad, a lot of beginners don't realize that comparison and automatic type conversions are separate operations...
32. Re:Oh please by Anonymous Coward · 2017-02-21 13:45 · Score: 0
  
  Yeah, too bad that PHP supports two *different* string types (NULL-terminated and "binary strings", a.k.a. Pascal strings) which can break strcmp(). That's what happens when your idea of "language" is thin wrappers around C standard functions.
33. Re:Oh please by Anonymous Coward · 2017-02-21 13:50 · Score: 1
  
  Funny how the rest of the languages out there which do type conversion manage to avoid this shit: http://phpsadness.com/static/p...
34. Re:Oh please by Anonymous Coward · 2017-02-21 13:54 · Score: 0
  
  This is one point I'm fully in agreement with you on. There is no sane reason for the core interpreter to permit a crash from an uncaught SIGSEGV. For the specific case of recursion, having a user definable maximum frame nesting limit would be quite useful, and in any event the interpreter itself should be capable of tracking stack utilization and intelligently handling cases where further internal allocations would clearly exceed available total stack resources. Having sane defaults for these situations should indeed be the norm, but the PHP core team's apparently ongoing view that sudden, unhandled interpreter crashes are okay is just nutty. This is precisely the sort of issue I was alluding to in my last note about my personal dislike for PHP. -PCP
35. Re:Oh please by Anonymous Coward · 2017-02-21 13:58 · Score: 0
  
  hahahahaha fucking HELL, a philosophical meditation on complete mediocrity condensed into this perfect kidney stone of tautological wordshitting:
  
  "Just because one operation is allowed, doesn't preclude doing another. Your proof is trivially invalid."
  slashdot really is a peanut gallery
36. Re: Oh please by Anonymous Coward · 2017-02-21 14:24 · Score: 0
  
  C isn't an interpreted language though. PHP has NO excuse for not crashing gracefully when it hits a resource exhaustion point.
37. Re:Oh please by Anonymous Coward · 2017-02-21 14:51 · Score: 0
  
  As a minor nitpick, automatic variables are the block-level default in C, and are thus dynamically allocated on the stack with a lifetime not exceeding the runtime duration of the respective enclosing block. Thus, a very basic form of dynamic memory management is indeed provided, but without any guarantees regarding resource availability.
  Additionally, it should be noted that your attempted correction of the GP "sefault in C" example is itself incorrect. The original code does indeed produce a segfault (whereas your [s = 'H';] revision alone does not), but for a reason which is distinct from the general problem under discussion in this thread. The original code initializes the char pointer s such that its dereferenced value is stored in the read-only data [.rodata or equivalent] segment of the resulting binary executable under many platforms, which is immutable; attempting to modify this symbol's dereferenced value is not permitted. In contrast, your modification is permissible, as it merely changes "s" to point to another memory location. Depending on the platform in question, that memory location (integer value 72 on most platforms) may or may not be a valid/permitted real or virtual memory address (think embedded with a flat unprotected memory model for a potentially valid case), but no segfault would occur based on it unless/until it were actually dereferenced under invalid conditions. -PCP
38. Re:Oh please by goose-incarnated · 2017-02-21 16:07 · Score: 1
  
  I think you meant s = 'H'; there....
  No, he is correct that *s = 'H' can segfault. You aren't allowed to modify string literals, only char arrays.
  
  --
  I'm a minority race. Save your vitriol for white people.
39. Re:Oh please by mysticgoat · 2017-02-21 17:15 · Score: 1
  
  To repeat: quit blaming the language for the lack of skills of the programmer.
  Programmers who are incompetent in PHP should not attempt to build secure systems with it. Those who do attempt to do so should really not be involved in making secure systems in any language, since they have demonstrated that they do not know how to assess the limitations of their tools, let alone work properly within those limitations.
  It is a poor craftsman who blames his tools for his shoddy workmanship.
40. Re:Oh please by Anonymous Coward · 2017-02-21 17:28 · Score: 0
  
  I always have found this to be strange default behaviour. Is it part of the C spec, or just what GCC does by default?
  Why can't one specify that string literals go into the .data section rather than the .text, so that they can be modified?
  From an low-level (embedded) standpoint, there's no good reason why one can't modify a string literal if it's in a writable section.
41. Re:Oh please by Anonymous Coward · 2017-02-21 17:39 · Score: 0
  
  If you use a programming language incorrectly, you're going to get incorrect results. That is the case of your example. You should understand the limitations of the language you're using and use the proper methods to work around these limitations.
  The below examples return the correct results:
  $foo = '0E54321'; $bar = '0E12345';
  if ($foo === $bar) { echo "The two values are equal.\n"; } else { echo "The two values are not equal.\n"; } /* returns: The two values are not equal. */
  if (strcmp($foo, $bar) == 0) { echo "The two values are equal.\n"; } else { echo "The two values are not equal.\n"; } /* returns: The two values are not equal. */
42. Re:Oh please by Anonymous Coward · 2017-02-21 17:46 · Score: 0
  
  Alright, this just floors me. I've never done any PHP, but why in Jehovah's name is scientific notation accepted without a decimal point in this language? Really, "0e..." is considered a string representation of a float?!?!
  It seems on first examination that simply requiring the decimal eg., ".0e..." would prevent an entire class of confusion like this.
  Then again, the entire concept of introducing yet another-subtly-different-operator such as "===" vs. "==" (which was bad enough) always seemed insane to me.
  1. C should have gone with := ala PASCAL, or -, for assignment, to avoid any confusion with the equality operator;
  2. OO languages should have chosen something totally dissimilar to '=' or '==' to test if two objects are actually the same copy in memory.
43. Re:Oh please by Anonymous Coward · 2017-02-21 17:51 · Score: 0
  
  EDIT: Point 1. above, I meant '... <-, for assignment ...'. Markup fail.
44. Re: Oh please by p91paul · 2017-02-21 18:40 · Score: 1
  
  Object comparison is not easy, you have to compare every field and if fields are objects, compare their fields and so on. And I did not take into account recursive objects, where an object contains a reference to itself, either directly or through a contained object. Nor thread safety: what should happen if an object is modified while the comparison (which is at this point not atomic) occurs? Hiding all that in a == would be very bad. And well, objects are pointers, so with == you are comparing them (if you think about it this way, you see that when passing parameters to functions, objects, like primitive types, are passed by value since their pointer is passed by value)
45. Re:Oh please by gweihir · 2017-02-21 18:59 · Score: 0
  
  Very much this. PHP is a language for idiots that have no clue they are idiots. It is designed by the same class of people, as it ignores most, if not all, principles of good language design.
  Without a large group of people that consider themselves "coders", but are anything but (unless you include the lowest level of amateur-activity) a language like PHP would never have stood any chance. It is just too much of an insult to anybody with real skills in the area.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
46. Re:Oh please by gweihir · 2017-02-21 19:01 · Score: 0
  
  Looks like they were trying to come up with a competitor for "brainfuck" and then too many people did not get the joke and though this was a language intended fro real work...
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
47. Re:Oh please by gweihir · 2017-02-21 19:04 · Score: 2
  
  It is a sign of very junior and inexperienced language designers with very big egos. And no concept of personal responsibility.
  Writing good code is hard enough with good tools.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
48. Re:Oh please by gweihir · 2017-02-21 19:07 · Score: 1
  
  And there we have the core problem: Clueless language designers with big egos. A segfault is like scramming a reactor. It is an absolute least resort, it may do significant damage, it is always a sign of something having gone terribly wrong and it should never, ever happen in normal operation.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
49. Re:Oh please by gweihir · 2017-02-21 19:15 · Score: 1
  
  C is not an interpreted language with memory safety.Your example does not apply and it is completely clueless in addition.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
50. Re:Oh please by gweihir · 2017-02-21 19:17 · Score: 1
  
  Because modifying string _constants_ is a bad idea?
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
51. Re:Oh please by gweihir · 2017-02-21 19:19 · Score: 4, Insightful
  
  It is a poor craftsman that uses shoddy tools in the first place. Selecting good tools is a core skill for any craftsman. Those that do not have it will never amount to anything.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
52. Re:Oh please by Anonymous Coward · 2017-02-21 20:59 · Score: 0
  
  I think the biggest issue is while( a = get_b() ), now are we assigning a variable and checking the result or did we want to compare a to the result and mistyped == ? Just like with == and === a single missing = can cause a hard to detect bug. The only way to detect it is to either forbid assignment in a conditional statement completely or have the programmer confirm that it is intended - I think gcc supports an additional ( ) in while ( ( a = get_b() ) ) to confirm the intend .
53. Re:Oh please by Anonymous Coward · 2017-02-21 21:06 · Score: 0
  
  Having done web development in PHP and Java (and even a little in C++) I have to agree.
  Whether crypto is in the core or not is nomenclature, nothing more. It doesn't mean anything to the developer, because there's always a good crypto module that you can use nowadays. (Which is why not using it when appropriate is always inexcusable, regardless of your language of choice.)
  But PHP's language features make it inherently insecure. You already touched upon the type handling, but it's even worse than you make it sound. The rest of the language, including its library functions, isn't designed taking the sloppy type system in consideration. We have had security bugs because one of the library functions can return both 0 and false. Given PHP's type system, that's inexcusable.
  Another big problem is that although PHP claims to be designed for the web, its web development tools are actually quite weak. Other languages often have stable and safe methods to template HTML and show data to the user and get data back on POST in a safe way, and their communication with the back-end database is usually inherently safe. But in PHP those things often don't exist or aren't as fully-featured and mature. Your reliant on external libraries and frameworks of dubious quality, which break often and which themselves have security problems. And it's just easier to do it wrong in PHP than to do it right. So every now and then a junior dev in a hurry concatenates a SQL string and bam! we've got an SQL injection problem.
54. Re:Oh please by TheRaven64 · 2017-02-21 21:13 · Score: 1
  
  That's pretty common for OO languages (or, in fact, any language with a notion of subtyping), where individual classes implement their own comparison operators. In C++ you can overload the comparison operators, but most OO languages that don't do operator overloading just use a named method. If you write a.equals(b), then you'll call the equals method implemented by the class of a. If you write b.equals(a) then you'll call the method implemented by the class of b. One may know about the other, but the converse is not guaranteed. The Objective-C collection classes document certain invariants for inserting objects into sets (or as keys in a dictionary), including that [a isEqual: b] implies [b isEqual: a] (and that [a isEqual: b] implies that [a hash] equals [b hash]), but this is impossible to statically verify in the general case.
  
  --
  I am TheRaven on Soylent News
55. Re:Oh please by TheRaven64 · 2017-02-21 21:15 · Score: 1
  
  If one developer makes a mistake, it's the fault of the developer. If most developers make the same mistake, it's the fault of the language.
  
  --
  I am TheRaven on Soylent News
56. Re:Oh please by TheRaven64 · 2017-02-21 21:21 · Score: 2
  
  The type of "hello world" is const char *, so your compiler should warn that you're dropping the const in an implicit cast (and if you're a sensible person and compile with -Werror, then your compiler will reject the code). You can get the behaviour that you want with:
  
  const char s[] = "hello world";
  
  This will copy the contents of the string literal into a mutable array. If you write this at the global scope, the copy will be done at compile time, so you'll end up with the string in the data section, not the rodata section (if you do it in a variable with automatic storage, you'll get a copy every time the variable comes into scope). Putting constant strings in the rodata section is important for optimisation, because it allows them to be coalesced. If you write "hello world" in two place, then you'll end up with a single string in the rodata section. With some linkers, if you also write "world" somewhere else, then you'll just get two pointers into the same string (this is also one of the reasons that C uses null-terminated strings: you can't do this with Pascal strings, and it saved a useful amount of memory on the PDP-11). Once you're sharing the string, it becomes a really bad idea to allow someone to modify it, because that modification will then become visible in a different bit of code.
  
  --
  I am TheRaven on Soylent News
57. Re:Oh please by Anonymous Coward · 2017-02-21 21:27 · Score: 0
  
  Agreed. The problem is not the library - PHP is intrinsically insecure. I'm not aware of any other language out there that can reliably be made to segfault and whose developers argue such behavior is working as intended.
  If you're quoting bug reports from 2009 to back up anything you say, then you're falling into the standard trap of knowing that PHP was bad but believing that nothing has changed in the last decade.
  Things have moved on.
  Yes, it still has some quirks, but it is not the same language that you hated ten years ago. Virtually all of the big issues that people had with the language have been dealt with.
58. Re:Oh please by angel'o'sphere · 2017-02-21 21:59 · Score: 1
  
  But that depends on many things like operating system and Compiler, and I would not wonder if you forgot a 'const' to force the crash ;D
  
  --
  Cost free eBook I read (by iBook/Kobo/Amazon/ObookO/Gutenberg etc.): "The Green Odyssey" by Philip Jose Farmer.
59. Re: Oh please by Lisandro · 2017-02-21 22:09 · Score: 1
  
  Oh, it certainly isn't. Too bad on PHP, == when used on objects compares both value and type of every attribute in them, which is what === does for all other types.
60. Re:Oh please by Lisandro · 2017-02-21 22:11 · Score: 1
  
  Oh, it can. It just won't do it reliably. Setting a string pointer to 0x72 will certainly do.
61. Re:Oh please by Lisandro · 2017-02-21 22:14 · Score: 1
  
  You do know that "feature" is present on all PHP versions up to the 7.x line, right?
62. Re:Oh please by goose-incarnated · 2017-02-21 22:34 · Score: 1
  
  Oh, it can. It just won't do it reliably. Setting a string pointer to 0x72 will certainly do.
  It can. It might not though. It depends, actually, on whether it is ever deferenced or not. The original *s = 'H' can crash without ever needing any more derefencing. Your correction can (not 'will', but 'can') crash only if it is dereferenced.
  Setting it is not enough, you have to dereference it as well. Although now that I think about it, depending on the platform, simply dereferencing it may still not be enough.
  For example, I just tried it now, verbatim, in the OS kernel I hobby-developed and it worked just fine reading from it. Of course, it returned some random address stored in the interrupt vector table, but it did not crash!
  I can also write to it too - I've not yet filled in the IVT so no interrupt number is using those numbers ... yet! The OS is probably going to use int-0x80 and storing 12 bytes at 0x72 will not reliably overwrite address 0x80. At the current alignment it certainly will not. A single character more will take the total to 13 + alignment padding = 16 bytes total, which is 0x72. A bad jump here will probably reboot, which we can safely judge to be a crash.
  
  --
  I'm a minority race. Save your vitriol for white people.
63. Re:Oh please by Anonymous Coward · 2017-02-21 23:54 · Score: 0
  
  Dereferencing the virtual address 0x72 is guaranteed to crash an application when the OS is designed never to map the first (usually 4K) addresses. Accessing that memory causes a page fault, the OS searches the page table for the corresponding page mapping, fails to find a valid mapping, so you get a segmentation fault.
  This has nothing to do with C though. C says the behavior is "undefined" if you set a pointer to a location that is not used to store a C object.
64. Re:Oh please by Anonymous Coward · 2017-02-22 00:27 · Score: 1
  
  B===D is much better than B=D. Trust me, I'm an engineer.
65. Re:Oh please by goose-incarnated · 2017-02-22 00:40 · Score: 1
  
  Dereferencing the virtual address 0x72 is guaranteed to crash an application when the OS is designed never to map the first (usually 4K) addresses. Accessing that memory causes a page fault, the OS searches the page table for the corresponding page mapping, fails to find a valid mapping, so you get a segmentation fault.
  This has nothing to do with C though. C says the behavior is "undefined" if you set a pointer to a location that is not used to store a C object.
  We've already agreed that it's undefined behaviour. What we're arguing are the circumstances that this particular invocation of UB would result in a crash. Just because something is UB doesn't mean that it consistently crashes at the point of UB.
  
  --
  I'm a minority race. Save your vitriol for white people.
66. Re:Oh please by Anonymous Coward · 2017-02-22 01:09 · Score: 0
  
  I'm more expecting them to have a method like "IsValid(encryptedData, secretKey, IV)" where the method returns the bool "false" if it fails and the int "0" if it succeeds. Except False(bool) and 0(int) are equal because.. PHP! They're already followed this pattern in other areas.
67. Re:Oh please by rp · 2017-02-22 02:02 · Score: 1
  
  Please note that the article claims nothing of the kind.
68. Re:Oh please by Anonymous Coward · 2017-02-22 02:42 · Score: 0
  
  This is one thing I like about Python, it has comparison (==) and reference comparison (is).
  It is a lot easier to see that "a is b" means they are the same object while "a == b" means they have the same value.
  A slight oddity comes about because some values (None, and ints) are singletons, so if a = 1, a is 1 will be True.
69. Re:Oh please by Anonymous Coward · 2017-02-22 02:45 · Score: 0
  
  Pascal did this right I think by making assignment different
  a := 1
  while leaving equality
  a = 1
70. Re:Oh please by Anonymous Coward · 2017-02-22 03:04 · Score: 0
  
  point 2, Python uses "is"
  if this is that: [Stuff that only runs if this and that are the same object.]
71. Re:Oh please by Anonymous Coward · 2017-02-22 03:07 · Score: 1
  
  Pascal's notation is better:
  a = b : the value of variable a is equal to the value of variable b (as = is used in mathematics, == in most other current languages)
  a := b : variable a takes the value from variable b (unfortunately = in most other current languages)
72. Re:Oh please by mysticgoat · 2017-02-22 04:58 · Score: 1
  
  It is a poor craftsman who blames his tools for his shoddy workmanship.
  It is a poor craftsman that uses shoddy tools in the first place. Selecting good tools is a core skill for any craftsman.
  Same thing.
  The take-away: If you don't know how to use PHP to build secure systems, use some other tool. If you don't know how to use any other tool, don't try to do secure systems.
  In every case, the fault is with the programmer, not PHP.
73. Re:Oh please by Anonymous Coward · 2017-02-22 05:31 · Score: 0
  
  Depends on the tool anyway. If get a power tool, I usually get top of the line craftsmen, but if I just need a replacement screwdriver, i'll get dollar store brand.
74. Re:Oh please by djinn6 · 2017-02-22 07:05 · Score: 1
  
  If s = 'H' actually compiled, it would be very bad, because s is a pointer, and 'H', being a char, can be converted to an int value of 72. What this code would do is to set the pointer s to a memory address of 72.
  
  What's can you find at byte #72 in memory? Who knows! But it's probably not the character "H".
75. Re:Oh please by AndroSyn · 2017-02-22 07:49 · Score: 1
  
  gcc used to accept -fwritable-strings to allow for writable strings as mentioned in the sample. Generally only really, really old code needed this I believe gcc 4.x removed this feature. I think this was always an implementation defined feature, one where the spec is silent on how to treat these strings.
  Most people these days will do something like the following to simulate:
  char s[] = "hello world";
  *s = 'H';
  The assignment will work this way, since the string literal is copied to the stack.
76. Re:Oh please by gweihir · 2017-02-22 08:01 · Score: 1
  
  Actually, quite a bit of fault is with PHP, as novices may just not know any better without really being at fault. Poor tools play a role in creating poor craftsmen. It can also not be disputed by anybody sane that the makers of PHP are exceptionally poor craftsmen.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
77. Re:Oh please by gweihir · 2017-02-22 08:02 · Score: 1
  
  I would recommend to pay more for that screwdriver. It pays off.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
78. Re:Oh please by Anonymous Coward · 2017-02-22 08:54 · Score: 0
  
  const char s[] = "hello world";
  You need to get rid of the leading const if you want s to be writable. Const means, constant, you know :)
79. Re:Oh please by Vairon · 2017-02-22 12:30 · Score: 1
  
  You are wrong. In my example, using ==, it will report equal. Using ===, it will report not equal.
  $ php -r "if (\"0E54321\" === \"0E12345\") { echo \"equal\n\"; } else { echo \"not equal\n\"; } " not equal $ php -r "if (\"0E54321\" == \"0E12345\") { echo \"equal\n\"; } else { echo \"not equal\n\"; } " equal
  The string "0E54321" and "0E12345" both get converted into the integer 0 for comparison purposes when you only use ==.
  The documentation clearly explains this behavior. I'll link it again for you.
  Type Juggling
  String Conversion
80. Re:Oh please by Anonymous Coward · 2017-02-22 12:30 · Score: 0
  
  Learn the difference between stack and heap. Just because you are writing for execution in the JVM doesn't mean you don't still need to understand the nuts and bolts.
81. Re:Oh please by Anonymous Coward · 2017-02-22 12:51 · Score: 0
  
  > Yeah, too bad that PHP supports two *different* string types (NULL-terminated and "binary strings", a.k.a. Pascal strings)
  Incorrect, PHP supports one kind of string - a binary-safe stream of bytes that can contain nulls. Anything else (e.g. a null-terminated array) is not a "string" and you shouldn't be passing it into strcmp() anyway. Funny how these problems disappear when you know what you're doing.
82. Re:Oh please by Dashiva+Dan · 2017-02-22 13:25 · Score: 1
  
  Call me an idiot, but if programming something that needs to be secure in PHP, you simply don't rely on the default equality comparator. It's there for simpler noncritical issues where it's behaviour is expected. So yeah, working around the "fundamental language defects" is something unfortunately most (all?) programmers need to do regardless of language. Adding better tools can only help.
  
  --
  "lt;dr" is the correct response to most of my posts.
83. Re:Oh please by Anonymous Coward · 2017-02-22 14:19 · Score: 0
  
  No, PHP support two kinds of strings, incompatible with each other. There is even a comment on the official documentation for strcmp: http://php.net/manual/en/funct...
84. Re:Oh please by Anonymous Coward · 2017-02-22 17:49 · Score: 0
  
  I don't know what you're looking at, but that page says nothing about two kinds of strings.
  If you're referring to the comment about the backtick execution operator, all it says is that the string returned may be null-terminated.
  Which means strcmp() is comparing "/var/www\0" to "/var/www" which is nonzero. Same kind of string; one contains a null, the other doesn't.
85. Re:Oh please by spongman · 2017-02-23 14:33 · Score: 1
  
  $ gcc -Wwrite-strings -Werror a.c
  a.c: In function ‘main’:
  a.c:3:12: error: initialization discards ‘const’ qualifier from pointer target type [-Werror=discarded-qualifiers]
  char *s = "hello world";
  ^~~~~~~~~~~~~
  cc1: all warnings being treated as errors
86. Re:Oh please by michael_wojcik · 2017-02-24 07:32 · Score: 1
  
  The next version will support "====" for things are really, *really* equal.
  We won't be safe until PHP adds the ===== operator, which is always false.
  PHP also could really use the stricter ====== operator, which terminates your program and wipes the disk regardless of its operands.
  Of course I jest. PHP will never get better, we will never be safe, and the former is only one of many causes of the latter. But given the PHP designers' inclination to add everything plus a kitchen sink with swapped hot and cold valves and a clogged trap to the language, it's surprising that they haven't added operators for doxastic logic:
  x ?= y is true if the program believes x is equivalent y.
  x ?== y is true if the program believes x and y are the same entity.
  x ??= y is true if the program believes that it believes that x is equivalent to y.
  A few more rules, and PHP becomes Godel-complete!
87. Re:Oh please by Anonymous Coward · 2017-02-24 14:43 · Score: 0
  
  > A few more rules, and PHP becomes Godel-complete!
  But it will never be Heisenberg-complete. Or it might be.
SubjectsSuck by aardvarkjoe · 2017-02-21 10:09 · Score: 4, Informative

Arciszewski also says that PHP is actually "the first" programming language to support a "modern" cryptography library in its core, despite Erlang and Go including similar libraries, which he claims are not as powerful and up-to-date as PHP's upcoming Libsodium implementation.
So it's the first to support a modern cryptography library, as long as you define "modern" to mean "the one that we're using."
It's easy to be first to do something if you place enough arbitrary restrictions on what that something is.

--

How can we continue to believe in a just universe and freedom to eat crackers if we have no ale?
1. Re:SubjectsSuck by NotInHere · 2017-02-21 10:13 · Score: 3, Insightful
  
  "Modern" is for CS people like "Alternative facts" is for politicians.
2. Re:SubjectsSuck by MightyMartian · 2017-02-21 10:18 · Score: 3, Interesting
  
  I don't even understand the point of the claim. So the interpreter has a baked-in crypto library? And how is that different than simply #including a crypto library, which has the added bonus that you can pick any number of crypto libraries.
  
  --
  The world's burning. Moped Jesus spotted on I50. Details at 11.
3. Re:SubjectsSuck by Anonymous Coward · 2017-02-21 10:26 · Score: 0
  
  It's not. PHP has seen its "market share" dropping like a stone and this is gimmick to make itself more relevant again.
4. Re:SubjectsSuck by SCY.tSCc. · 2017-02-21 10:29 · Score: 1
  
  It's easy to be first to do something if you place enough arbitrary restrictions on what that something is.
  Hey, you're the first user in this thread whose user id starts with 15680 to say THAT.
5. Re:SubjectsSuck by Anonymous Coward · 2017-02-21 10:30 · Score: 0
  
  > So it's the first to support a modern cryptography library, as long as you define "modern" to mean "the one that we're using."
  What are the best alternatives to NACL for cryptographic primitives?
  "the one that we're using" could be said for their http library. It's a "modern" http library to mean "that one protocol" PHP is using?
6. Re:SubjectsSuck by Chuck+Chunder · 2017-02-21 10:47 · Score: 2
  
  What are the best alternatives to NACL for cryptographic primitives?
  I think the point is "first" is a weird word to use when you are talking about "modern" as "modern" changes with time.
  
  OpenSSL or mcrypt or whatever else you might point to were "modern" when they were "first" used, even if they aren't "modern" any more.
  
  "Only" might be a better choice if you are talking about the current time.
  
  --
  Boffoonery - downloadable Comedy Benefit for Bletchley Park
7. Re:SubjectsSuck by Anonymous Coward · 2017-02-21 11:18 · Score: 2, Insightful
  
  Libsodium is an extended fork of Daniel J. Bernstein's original NaCl project (not to be confused with Google Native Client), which is a cryptography library developed with the overarching aim of simplifying (and improving the implementation-level safety of) the practical use of strong cryptographic constructs. The "big idea" behind NaCl was to abstract away many of the low-level choices and technical details associated with various cryptographic primitives in favor of more "generic" interfaces, utilizing implementations of algorithms that are widely deemed strong and safe behind the scenes. Thus, the potential for human error via misuse or misunderstanding of various primitives would ideally be reduced, and overall security posture could be improved for many applications, without every developer needing to spend years becoming a cryptography expert. For additional background on NaCl, you might reference the following paper: The security impact of a new cryptographic library. Like its predecessor, libsodium is freely licensed, and developers are encouraged to embed and distribute the library along with their projects.
  Hope this helps. -PCP
8. Re:SubjectsSuck by Darinbob · 2017-02-21 16:47 · Score: 1
  
  Tomorrow there may be a new security library and the first language that uses it will be the "first" language to use a "modern" security library.
  Pity the person who's been campaigning to include SSL into a language only to be told "we're deferring this because it's no longer modern enough so we will continue providing no security library."
9. Re:SubjectsSuck by Anonymous Coward · 2017-02-21 18:25 · Score: 0
  
  I'm sure the library is so uniquely modern that they had to write it themselves.
10. Re: SubjectsSuck by Sledgy · 2017-02-21 22:41 · Score: 2
  
  It's different in that if a vulnerability is discovered in the underlaying library an new release of PHP is required to fix it. Note you will need to convince the hosting provider/infrastructure team to test and deploy the latest release. This is the reason the cryptography library for Python (and requests) don't want to be made part of the core so they can be agile and respond quickly to security problems.
11. Re:SubjectsSuck by Waccoon · 2017-02-21 22:50 · Score: 1
  
  Well, it certainly makes things easier for us hobby programmers that make redistributable projects designed to run on shared servers. I can't count on people installing a framework or keeping a library up to date if they have no admin access to the server. A lot of PHP projects, like Wordpress, still aren't aimed at serious, large-scale enterprises. Don't assume the owners have shell access with enough permission to install dependencies.
  I started working with PHP over a decade ago because it had a graphics library built directly into its core, so I could always depend on it being there. GDlib isn't great, but it works well enough for generating thumbnails. Saved me a lot of trouble trying to dick around with detecting ImageMagick or doing stupid shell calls that might not even work on hardened shared environments.
  Granted, I only do small, trivial stuff, which is all I recommend PHP be used for.
12. Re:SubjectsSuck by Anonymous Coward · 2017-02-22 02:23 · Score: 0
  
  Libsodium uses elliptic curve. That's not alternative, elliptic curve is the only secure thing around if you assume the NSA based algorithms have backdoors.
13. Re:SubjectsSuck by bluefoxlucid · 2017-02-22 03:12 · Score: 1
  
  More ridiculous is the claim that including crypto will force WordPress to implement better security. WordPress can just ignore this; and getting hacked by shitty REST API authentication verification isn't fixed by pouring on more crypto sauce.
  This guy is a crypto nerd who thinks crypto solves all problems. It doesn't. He probably has databases with columns (UserID, UserName, CryptedPassword, AESKey) so the password is AES-encrypted with an individual key per-user.
  
  --
  Support my political activism on Patreon.
14. Re:SubjectsSuck by Trailer+Trash · 2017-02-22 05:16 · Score: 1
  
  I don't even understand the point of the claim. So the interpreter has a baked-in crypto library? And how is that different than simply #including a crypto library, which has the added bonus that you can pick any number of crypto libraries.
  More to the point - this is the main problem with PHP. The idiots who "design" it think that something like this should be compiled into their interpreter and made into even more built-in function calls. The better way to handle it is exactly as you describe - allow people to add their own code and make your language robust enough to allow them to code the crypto library (or whatever) in your language.
  Historically, PHP was terrible at handling binary data and such, so there was no way to do a lot of these sorts of actions in straight PHP. The workaround was to write your functionality in C and then include it as a PHP module - meaning that PHP would have a new set of functions when your module was included. This caused namespace issues and idiocy such as two sets of "functions" for handling MySQL connectivity: the "mysql_" set and the "mysqli_" set. It's like the "Attack of the Killer Tomatoes" of programming languages, except "it's so bad, well, it's just bad".
  Now their idea is to encourage WordPress programmers to do better by including a crypto library in their already polluted function namespace.
  <facepalm>
  
  --
  Do you have ESP?
15. Re:SubjectsSuck by dougTheRug · 2017-02-22 10:13 · Score: 1
  
  NSA published EC algorithms and even specific curves.
16. Re:SubjectsSuck by Anonymous Coward · 2017-02-22 10:30 · Score: 0
  
  EC isn't really proven safe, there are a lot of curves being used that aren't really all that secure. To a great extent RSA and DH is still more secure, you'll just need to use slightly more absurdly sized keys, 8192 bit keys are probably secure against three letter agencies, at the cost of massive CPU increase of course.
  Personally I don't trust EC crypto, just one of those funny feelings.
17. Re:SubjectsSuck by Anonymous Coward · 2017-02-22 19:11 · Score: 0
  
  I don't even understand the point of the claim. [...]
  What you have to look at is PHP's experience with building in their database access. This meant that they introduced insecure function interfaces over functions that could have been seacure. Then they had to release new ones whilst keeping the old ones for backwards compatibility and then it turned out that the new ones were insecure too. Rinse and repeat.
  This meant that security problems that could have been fixed with a new library release (people who prefer compatibility to security can simply stick to the old version until they upgrade) instead becomes a multi-year vulnerability which is probably still active somewhere on the internet almost twenty years later.
  Think of all those server hacks which wouldn't have worked if someone chose a different technology from PHP.
18. Re:SubjectsSuck by wimg · 2017-02-23 05:51 · Score: 1
  
  And you're claiming this stone dropping based on which source ?
Yeah but... by downright · 2017-02-21 10:10 · Score: 0

they will reinvent the function prototype so it wont look like or behave like any of the other functions in the language so you'll still spend all you time looking up whether to camel case or underscore or to swap the parameter order versus the legacy functions. Even though it is "by default" they will still make you recompile from source to get it to work and it will still get hacked by a script kiddy who will just alter the source on the production server. *shudder* :-) JAVA RULES! *mic drop*
1. Re:Yeah but... by Anonymous Coward · 2017-02-21 11:04 · Score: 0
  
  they will reinvent the function prototype
  Your problem is that they DON'T reinvent function prototypes. Your functions are named exactly like they are in libc or libmysql or whatever. Yes, even "mysql_real_escape_string()". That function name is taken straight from the MySQL library. You don't like how the array parameter comes last? Tough tits, that's how perl's join() works, along with all their other list functions PHP used.
2. Re:Yeah but... by Anonymous Coward · 2017-02-22 00:35 · Score: 0
  
  I love how they hardcode the RDBMS name right in the function name. Makes it really easy to migrate databases.
Queue the Rust is better people by Anonymous Coward · 2017-02-21 10:10 · Score: 0

... and the Go people... and Java... and Ruby....zzzz
1. Re: Queue the Rust is better people by cyber-vandal · 2017-02-21 11:29 · Score: 1
  
  Cue*
2. Re: Queue the Rust is better people by PCM2 · 2017-02-21 12:34 · Score: 1
  
  Well, technically you could have them line up for comment.
  
  --
  Breakfast served all day!
3. Re: Queue the Rust is better people by Anonymous Coward · 2017-02-21 12:49 · Score: 0
  
  There certainly are a lot of them. And they're probably all right about their respective languages being better than PHP.
4. Re:Queue the Rust is better people by Anonymous Coward · 2017-02-22 00:18 · Score: 0
  
  Yeah. And, you know, they'd all be right.
5. Re: Queue the Rust is better people by Anonymous Coward · 2017-02-22 07:06 · Score: 0
  
  Cue the queue?
How about an additional escape string by Anonymous Coward · 2017-02-21 10:12 · Score: 0

Maybe a new way to screw up typecasting? I know you're good for it, PHP.
So they'll be the first to do it wrong? by OverlordQ · 2017-02-21 10:14 · Score: 3, Interesting

I'll stick to every other language that has had libsodium bindings for a while now.

--
Your hair look like poop, Bob! - Wanker.
1. Re:So they'll be the first to do it wrong? by c · 2017-02-21 10:17 · Score: 4, Funny
  
  I'll stick to every other language that has had libsodium bindings for a while now.
  I'm just waiting for them to release the libsodium bindings for C...
  
  --
  Log in or piss off.
2. Re:So they'll be the first to do it wrong? by thegarbz · 2017-02-21 11:04 · Score: 1
  
  The only way to really get libsodium to bind with C is to use Google's Native Client environment.
3. Re:So they'll be the first to do it wrong? by Anonymous Coward · 2017-02-21 11:45 · Score: 0
  
  No problem! I'll just whip up a wrapper that forks and synchronously calls PHP. I just hope you're not planning to make more than a few dozen calls per second...
4. Re:So they'll be the first to do it wrong? by gweihir · 2017-02-21 19:22 · Score: 1
  
  They probably only care to be the "first" at something.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Now that that's done... by Anonymous Coward · 2017-02-21 10:18 · Score: 1

... let's get proper multibyte support.
1. Re:Now that that's done... by AlphaBro · 2017-02-21 19:09 · Score: 1
  
  Hilarious this was modded down to troll. It's a legitimate request.
libsodium is a C library by adam.voss · 2017-02-21 10:20 · Score: 2

For those who don't know, libsodium is a C library that PHP will be utilizing. It is not a PHP library.
1. Re:libsodium is a C library by Anonymous Coward · 2017-02-21 14:43 · Score: 1
  
  That's actually a good point. PHP is a bit unlike most other "interpreted" languages in that there are two kinds of libraries. There are the mods, written in native C, and included in the PHP+Apache runtime environment. That reflects PHP's basic structure as more-or-less a fancy wrapper around a bunch of C libraries. Then there are libraries written in PHP, such as the stuff in the PEAR libraries.
  AFAIK (but I'm ignorant on this topic), Java, Javascript/node.js, etc. don't have a way to include C libraries in the runtime environment (no equivalent to "#include stdio.h"), so if you want a library to do "X", it has to be written in Java or Javascript. So in that sense, PHP may in fact be the first to include a crypto library in the default runtime.
2. Re: libsodium is a C library by p91paul · 2017-02-21 18:56 · Score: 1
  
  Java has support for calling C (actually, any compiled library) through JNI (Java Native Interface)
3. Re:libsodium is a C library by Anonymous Coward · 2017-02-22 06:25 · Score: 0
  
  That's actually a good point. PHP is a bit unlike most other "interpreted" languages in that there are two kinds of libraries. There are the mods, written in native C, and included in the PHP+Apache runtime environment. That reflects PHP's basic structure as more-or-less a fancy wrapper around a bunch of C libraries. ..
  You don't seem to realize you are also describing Python (at least the most popular implementation, CPython), Perl, R, Matlab... In fact, most interpreted languages are thin wrappers around native library code.
Too little... too late... by __aaclcg7560 · 2017-02-21 10:20 · Score: 3, Informative

I got tired of script kiddies banging down my PHP/MySQL servers. I'm using Pelican (Python) to convert my websites into static websites. With nothing to hack, script kiddies go away.
1. Re:Too little... too late... by tepples · 2017-02-21 11:23 · Score: 1
  
  I'm using Pelican (Python) to convert my websites into static websites. With nothing to hack, script kiddies go away.
  How do you edit your Pelican-powered website while away from your home PC? Skiddies can hack through that.
2. Re:Too little... too late... by __aaclcg7560 · 2017-02-21 13:36 · Score: 2
  
  How do you edit your Pelican-powered website while away from your home PC? Skiddies can hack through that.
  I don't allow outside access to my file server at home. From my file server I can make whatever changes needed to the website, run pelican to generate the static files, and rsync the output directory to the hosting server. Since I don't use PHP or MySQL, the script kiddies have no attack vector into my website.
3. Re:Too little... too late... by tepples · 2017-02-21 14:02 · Score: 1
  
  I don't allow outside access to my file server at home. From my file server I can make whatever changes needed to the website
  If you get an idea for an update while away from home, particularly for an extended period, what do you do with that idea?
4. Re:Too little... too late... by __aaclcg7560 · 2017-02-21 14:19 · Score: 2
  
  If you get an idea for an update while away from home, particularly for an extended period, what do you do with that idea?
  I write it down in my dead tree notebook.
5. Re:Too little... too late... by thegarbz · 2017-02-21 23:43 · Score: 1
  
  I don't allow outside access to my file server at home. From my file server I can make whatever changes needed to the website
  If you get an idea for an update while away from home, particularly for an extended period, what do you do with that idea?
  Sorry but this is a silly thread. Security is an inconvenience and you have to live with it. That said your problem is not solvable:
  1) write it down.
  2) email it to myself.
  3) ssh.
  4) outright VPN.
  Me I take the last option. There's no dynamic content accessible on my site which isn't behind at the least HTTP auth. There's no dynamic content on my website which takes user input that doesn't also limit it's scope to the local network.
  And despite all of these restrictions, content is still easier to update than it was back in the mid 2000s, and I managed just fine then too.
Ahhh PHP.... by cmdrbuzz · 2017-02-21 10:22 · Score: 1

PHP, the "Speak 'n Spell" of programming languages.... More marketing fluff.
1. Re:Ahhh PHP.... by Anonymous Coward · 2017-02-21 11:12 · Score: 0
  
  Nah, Speak'n Spell of programming languages is basic. PHP is the hooked on phonics version.
2. Re:Ahhh PHP.... by Anonymous Coward · 2017-02-21 14:02 · Score: 0
  
  C is the 'Operation' of programming languages.
  "It takes a very steady hand... BZZZT! Butterfingers!"
3. Re:Ahhh PHP.... by Anonymous Coward · 2017-02-21 18:59 · Score: 0
  
  C++ is Chutes and Ladders + Mousetrap!
4. Re:Ahhh PHP.... by AlphaBro · 2017-02-21 19:08 · Score: 1
  
  Unless it's a buffer over-read, in which case there might not be a 'BZZZZT!' You know, like Heartbleed.
BULLSHIT! by allo · 2017-02-21 10:24 · Score: 2

BULLSHIT! BULLSHIT! BULLSHIT!
PHP is one of the programming languages, which load all stuff into the core (which can be quite a disadvantage), but other languages use a library by a single include. So what?
And even php has it into a .so file, which can be loaded, but isn't required to be used. So the "core" is relative as well. Actually its a bundled module.
1. Re:BULLSHIT! by Anonymous Coward · 2017-02-21 14:46 · Score: 0
  
  I may be wrong as I don't keep up with these things, but I don't recall Java or Javascript (for example) having any equivalent method for including a .so file into their runtime either permanently or on demand. If so then any crypto library would have to be written in those languages - which in that case would be equivalent to PHP's PEAR library of modules written in PHP (and presumably slower and less secure since they are not binary.)
2. Re:BULLSHIT! by allo · 2017-02-21 20:12 · Score: 1
  
  > but I don't recall Java or Javascript (for example) having any equivalent method for including a .so file into their runtime either permanently or on demand.
  Javascript isn't the best example, as it doesn't have any good standard library (which leads to the whole npm fuckup).
  Java can load binary modules, but much stuff is written in java and performs good enough.
  But the actual point is, that you link against a libsodium binding and php does it as well. They have build some lib, which then provides functions to the php interpreter. And they bundle it. That's it. You can just download libsodium and link it to your C program and get a similiar result without using a library for binding it to something, as it is written for C.
3. Re:BULLSHIT! by rp · 2017-02-22 02:10 · Score: 1
  
  Bullshit. PHP doesn't load everything into its core: it has a well-developed system for managing optional extensions (PEAR). "Core" extensions are the ones that come with PHP.. This is pretty standard terminology. You just can't be bothered to look it up. Then why reply at all?
4. Re:BULLSHIT! by allo · 2017-02-22 02:42 · Score: 1
  
  you're confusing php modules with php extensions. Pear installs php scripts, not modules. The modules are stuff like libgd for graphics and so on, coming as shared library (.dll or .so).
5. Re:BULLSHIT! by Anonymous Coward · 2017-02-22 04:53 · Score: 0
  
  it still depends on how its compiled. Most distros have the "core" modules as php extensions. But if you WANT to, you can compile php to include these modules into the lib/exe so you don't have to load the shared libraries. In fact, I believe you can compile ANY php extension INTO php so you don't have to load it every time. This saves the interpreter startup time. Everything has its pluses and minus'. This is no different from being able to compile any library that was built with static bindings to include the library directly in the executable using c/c++. I have done this many times (esp when building linux from scratch) because binding with a static library allows the software to function even if the underlying shared libraries have been updated.
  But this is rarely done anymore. The point here is that once this library is included, distros will have this in by default, and it won't require you to install a compiler and pear/pecl software to get the extension into your php (it still pains me that php doesn't come with uuid generators and I have to build them every time)
6. Re:BULLSHIT! by allo · 2017-02-23 00:57 · Score: 1
  
  > it still depends on how its compiled. Most distros have the "core" modules as php extensions. But if you WANT to, you can compile php to include these modules into the lib/exe so you don't have to load the shared libraries.
  Of course, you can do.
  And in a C program you can statically link the libsodium.a. So what?
  > I believe you can compile ANY php extension INTO php so you don't have to load it every time
  You won't notice.
  > because binding with a static library allows the software to function even if the underlying shared libraries have been updated.
  That's a reason. On the other hand, you update your libs and your php stays insecure. No good idea.
  > The point here is that once this library is included, distros will have this in by default, and it won't require you to install a compiler and pear/pecl software to get the extension into your php
  Yep. But that's still a strange definition of "the first langauge to add modern cryptography" (btw. why the quotes in the title, libsodium IS modern cryptography).
Proud to be stupid by Anonymous Coward · 2017-02-21 10:24 · Score: 0

So PHP are proud to be the first to make a braindead decision that everyone else has been smart enough to realise this is something that is best kept as a loadable module or to use the baked in libraries of the various OS's. PHP isn't exactly known for its security to start with.
1. Re:Proud to be stupid by gweihir · 2017-02-21 19:25 · Score: 1
  
  You have to admit that they are consistent at the bad decisions though. Making bad decisions seems to be their most important guiding principle.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Perhaps instead of building everything and ..... by aix+tom · 2017-02-21 10:26 · Score: 2

.... a kitchen sink into the core, they could have instead done a *sane* way to include additional modules.
Perl and Python for example have no problem loading user-specific or script-specific modules, not like the "system wide or nothing" approach of PHP. ( which of course doesn't work with shared hosting. )
Other languages did this first by MobyDisk · 2017-02-21 10:32 · Score: 4, Interesting

I remember when Java was the first language to do this. Shortly after that, C# was the first language to do this. Now PHP is the first language to do this. So who will be the next one to do it first?
1. Re:Other languages did this first by Agripa · 2017-02-24 05:05 · Score: 1
  
  I remember when Java was the first language to do this. Shortly after that, C# was the first language to do this. Now PHP is the first language to do this. So who will be the next one to do it first?
  It is not first until Apple does it.
Re:Perhaps instead of building everything and .... by Anonymous Coward · 2017-02-21 10:32 · Score: 0

Shared hosting, HAHAHAHAHA. This fucking deadpan joke from the last decade is hilarious.
slow news day? by Anonymous Coward · 2017-02-21 10:34 · Score: 0

News Flash. Some program links with a library! Wow!! What a brilliant innovation!
Too Little Too Late by Anonymous Coward · 2017-02-21 10:35 · Score: 0

As much as I love/hate using PHP, this is something that should have existed in PHP as of version 5.0
The one piece of software where I actually use crypto in php, requires using language extensions that may get depreciated, so how do we prevent that? By not updating PHP.
And that is the problem with Wordpress. People who run it, always get burned by hacking at least once, and by having their theme or plugins get broken by a wordpress core update. The lack of encryption in PHP core, is the same problem Wordpress has with the lack of MySQLi support until it was dragged kicking and screaming to update, because in turn PHP depreciated the MySQL library. Wordpress also should have had caching built in and turned on by default, because that is something that nobody knows how to setup properly, or even install, so the average Wordpress site on a bulk hosting system like Dreamhost, runs extremely slow, and takes up extremely large amounts of CPU time and Memory. Then Dreamhost suggest upgrading to a VPS instead of... installing an opcode cache (Which is insecure on bulk hosts.)
Doesn't Java have a cryptographic library? by Anonymous Coward · 2017-02-21 10:39 · Score: 0

Doesn't Java have a cryptographic library in the language? So is PHP really first?
1. Re:Doesn't Java have a cryptographic library? by rubycodez · 2017-02-21 11:52 · Score: 1
  
  guess back in the late 80s ANSI weren't smart enough to include block cipher libraries we were calling from FORTRAN and C into the languages. pfft, php never disappoints, it's like the QBASIC of the 21st century
2. Re:Doesn't Java have a cryptographic library? by Anonymous Coward · 2017-02-21 11:57 · Score: 0
  
  Safely implementing crypto in java is a nightmare, thanks to the JVM. Java also doesn't provide modern algorithms like Curve25519 for key exchange or ChaCha20-Poly1305 authenticated encryption, both of which are very fast and secure even in software, and designed to avoid common pitfalls in implementation. RSA is slow with stupid-huge keys, and the NIST ECC curves are not safe, slow, difficult to implement correctly, and possibly compromised by the NSA. Ed25519 is also available in libsodium and available for golang, if not present in the standard library.
3. Re:Doesn't Java have a cryptographic library? by Anonymous Coward · 2017-02-22 03:38 · Score: 0
  
  Please don't insult QBASIC like that. It was a well defined, predictable implementation of a well defined dialect of BASIC. PHP can't lay honest claim to any of these attributes. -PCP
Dunning-Kreuger, thy language is PHP. by Anonymous Coward · 2017-02-21 10:56 · Score: 0

Yet another feature that PHP can't manage properly.
I'm not sure this is a good idea by jandrese · 2017-02-21 10:57 · Score: 1

I'm torn on the idea of having one particular crypto implementation having first class citizen status in the language. It should help adoption and alleviate deployment headaches, but if that library turns out to have problems or just becomes obsolete it's even more of a hassle to work around it. Crypto algorithms are unusual in computer science in that they come with use-by dates. Most algorithms are timeless, but crypto changes constantly. What are the odds that in 5 years this becomes "that thing you shouldn't use but everybody uses it anyway because it's the default and its built in"?

--

I read the internet for the articles.
1. Re:I'm not sure this is a good idea by gweihir · 2017-02-21 19:30 · Score: 1
  
  This is PHP. The language is saturated with bad decisions. This is just one more of those.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Gotta love PHP ... by Qbertino · 2017-02-21 11:04 · Score: 3, Funny

I'm smiling while I read this.
Every single bit of this news is sooo PHP and one of the reasons this awkward mess of a PL is so successful.
They find something new or something they need and bolt it on. Just like that. End of story. A vote on the core team, a little coding and *BAM* PHP has a new inner API function with what has to be the most over-the-top all-out-PHP-style name for an inner API function ever - sodium_crypto_box_keypair_from_secretkey_and_publickey($ecdh_secret, $ecdh_public); (seriously, this is no joke).
Totally LOL. Takes the cake for inner function names ten times over, even by PHP standards, which is quite a stunt. And right away PHP has up-to-date hard crypto that even a simpleton can use.
You have to hand it to the PHP crew - they actually get shit done, no matter what. :-)

--
We suffer more in our imagination than in reality. - Seneca
1. Re:Gotta love PHP ... by phantomfive · 2017-02-21 12:48 · Score: 1
  
  You have to hand it to the PHP crew - they actually get shit done, no matter what. :-)
  They should make that their motto: "Getting shit done, no matter what!"
  
  --
  "First they came for the slanderers and i said nothing."
2. Re:Gotta love PHP ... by Anonymous Coward · 2017-02-21 14:25 · Score: 0
  
  Just wait -- five years from now, they'll find a bug in the implementation and need to make a non-backwards-compatible change to fix it, and you'll be advised to call sodium_real_crypto_box_keypair_from_secretkey_and_publickey($ecdh_secret, $ecdh_public); instead.
3. Re:Gotta love PHP ... by Anonymous Coward · 2017-02-22 04:17 · Score: 0
  
  hey dont forget
  sodium_crypto_box_keypair_from_secretkey_and_publickey_real($ecdh_secret, $ecdh_public);
4. Re:Gotta love PHP ... by michael_wojcik · 2017-02-24 07:36 · Score: 1
  
  You have to hand it to the PHP crew - they actually get shit done, no matter what.
  Indeed. Shit is precisely what they get done. Indeed, despite PHP's lack of originality in most areas, it has been quite inventive in the production of shit.
Monte beat PHP by a year! by MostAwesomeDude · 2017-02-21 11:04 · Score: 2

My beloved Monte https://monte.rtfd.org/ beat PHP to this by a wide stretch. While it's true that PHP is a big established language, that doesn't mean that they get to claim sudden leaps in innovation which didn't happen. I've tweeted at the author of the blog post https://twitter.com/corbinsimpson/status/834175224736157696 with timestamped commits from the Monte codebase.

--
~ C.
1. Re:Monte beat PHP by a year! by Anonymous Coward · 2017-02-21 11:22 · Score: 0
  
  More fake news from the liberal media. Sad.
So, you're embedding libsoduim... by Lisandro · 2017-02-21 11:06 · Score: 4, Interesting

...which effectively prevents me from updating it. Great choice for a security library guys.
1. Re:So, you're embedding libsoduim... by Anonymous Coward · 2017-02-21 11:44 · Score: 1
  
  Most software is (or should be) subject to maintenance updates for various reasons. Embedding libsodium in an application simply shifts the distribution point for updates. If you're using software (PHP in this case) distributed as a package in a common Linux or BSD distribution, you'll have the ability to install updates/fixes whenever the distribution's package maintainers make them available from new or patched upstream sources. If you're compiling from source, you'll have the option of tracking updates and doing rebuilds yourself whenever they're made available by the core PHP development team (which would have the responsibility to track updates to libsodium and other included libraries).
  In the end, you're still responsible for monitoring update announcements for the various components which comprise the systems you depend on, regardless of which model of integration and deployment you decide is best for your use case. There's no free lunch in any event, only various decisions to be made regarding which parties have which duties in the maintenance pipeline. -PCP
2. Re:So, you're embedding libsoduim... by Lisandro · 2017-02-21 11:49 · Score: 1
  
  Sorry, that is not enough. There's a vast difference from updating a crypto library (which can happen, f.ex, due to security updates) to updating the whole damn language, which can have system-wide implications.
3. Re:So, you're embedding libsoduim... by Anonymous Coward · 2017-02-21 12:23 · Score: 0
  
  Please re-read everything I wrote; it covers your sentiments. However, to expand a bit further, when we speak of updating it's important to define the changes an update represents. This is typically defined in terms of an encompassing policy or set of policies. Some distributions (whether the "distribution" is a complete operating system environment, a specific set of userland packages which comprise follow a particular application environment, a single application/library, etc) follow a "rolling release" model, where new versions of applications and libraries are continually released in lockstep with upstream development. Other distributions follow a model where specific major versions of each piece of software are included in periodic distro releases, and updates are only performed in concert with minor upstream releases; major bug fix and security updates are typically tracked and independently backported/patched into the distro sources in these cases.
  What it all comes down to is this: there is no single "one size fits all" model for everything. Different environments have different needs, and it's important to understand exactly what the maintenance/update process for any given environment entails. Regardless of the model chosen, updating anything (no matter what supposed assurances are given by upstream actors) without rigorous testing is a bad idea, and people responsible for any production environment will always bear the responsibility for change management, which includes the responsibility to define and maintain awareness of which parties hold "delegated" responsibilities at each level. There is no free lunch. -PCP
4. Re:So, you're embedding libsoduim... by Lisandro · 2017-02-21 12:38 · Score: 1
  
  I understand what you're saying; my point is that the problem is not the release model.
  First off, i'm not aware of any languages which do rolling releases - PHP certainly doesn't - and with good reason. The problem is that PHP makes a security component part of the language itself and provides no other way of updating it; a libsodium update becomes now a PHP update, which means you're at the whim and mercy of the language creators when it comes to managing it.
  This is specially annoying in PHP, where language installs cannot be made but system wide. Ever tried to run two different versions on the same machine?
5. Re:So, you're embedding libsoduim... by Anonymous Coward · 2017-02-21 13:13 · Score: 0
  
  Uh, you didn't think someone out there was going to make an organizational change that made you MORE secure... did you? hahahaha
6. Re:So, you're embedding libsoduim... by Anonymous Coward · 2017-02-21 13:31 · Score: 0
  
  The term "rolling release" is policy descriptor for the method by which updates are made available, and is not necessarily indicative of which other updates are available. In practice, the term is generally (but not always) used with an implicit silent qualifier denoting a particular software "branch" which is tracked on a rolling basis (latest stable revision, latest testing revision, latest repo commit). A key aspect of this model is the idea that the distributor doesn't take many, if any, special measures aimed at deciding whether an update satisfies any independently considered fine-grained criteria for release. It should be noted that I'm not advocating for the suitability of such models for any particular use cases, merely clarifying terminology.
  As a specific policy goal, libsodium development is conservative in nature with regard to "breaking" changes, with the objective of permitting inclusion in other applications/libraries in a manner which makes it trivial to independently update it. In the case of PHP, yes, you'll be electing to trust the upstream core PHP developers, or your distribution's PHP source maintainers, or whoever maintains PHP source in your organization, to update it whenever necessary. This doesn't necessarily mean having to accept all changes provided in an official/top-level PHP update, though; nothing would stop anyone from simply rebuilding a particular PHP source version with an updated libsodium release.
  The same considerations apply to "system" shared libraries utilized by larger numbers of applications. You're still trusting someone to decide when the library gets updated, how it gets updated, etc, and you still have to assess the potential (and via testing, hopefully, actual) production impact to everything using those libraries.
  Nothing is stopping you (or any distribution) from building PHP to link against a libsodium library you maintain yourself, one maintained by another third party, etc. With regard to multiple versions, I actually have a system that includes three distinct versions of PHP right now, each compiled with different options and linking against libraries in different trees. Each PHP environment is fully separate and distinct from the others, but all three environments reside within the same system. This is really dictated by your choice of operating system/distribution, not the core language itself.
  The key end result of all this stuff is the PHP project essentially saying "hey, people using home-grown crypto junk or random crap from dodgy/random third parties is probably a bad idea, and libsodium seems to do a good job in this area; a bunch of environments may not include it, so now it's included int PHP itself."
  As a totally separate concern from all of the above, I have a rather profound personal dislike for PHP, based on a number of concrete issues with the language itself and how its core developers have historically handled various issues. I certainly don't use it, or generally advocate for its use, in anything I consider important. -PCP
7. Re:So, you're embedding libsoduim... by Anonymous Coward · 2017-02-21 13:47 · Score: 0
  
  The key end result of all this stuff is the PHP project essentially saying "hey, people using home-grown crypto junk or random crap from dodgy/random third parties is probably a bad idea, and libsodium seems to do a good job in this area; a bunch of environments may not include it, so now it's included int PHP itself."
  Yeah. Installing libraries is rocket science.
8. Re:So, you're embedding libsoduim... by Anonymous Coward · 2017-02-21 22:30 · Score: 0
  
  Ever tried to run two different versions on the same machine?
  Most hosting providers provide multiple PHP installations. It involves a little bit of tinkering with the VHOSTS. Works easily on both Nginx and Apache. I don't see what's so hard about it. In fact it's even easier on Nginx. You launch your PHP pools as CGI/FPM upstreams and have your Nginx connect to those and run your scripts through it. The funny thing about all this is, you can have multiple servers running multiple versions of PHP and you don't need to have PHP installed on the webserver machine. Firewall those servers to only accept connections from the webserver and you kind of have a round-robin load balancing. It's cool. Add memcache instances to that so that all PHP instances share the same cache and you are golden :)
9. Re:So, you're embedding libsoduim... by Lisandro · 2017-02-22 00:41 · Score: 1
  
  That's quite more than "a bit of thinkering", specially compared with pretty much any other interpreted language in the *nix word, which allow multiple language/library versions on a single system in a much saner way.
10. Re:So, you're embedding libsoduim... by Anonymous Coward · 2017-02-22 01:23 · Score: 0
  
  To each their I guess. Personally I utterly hate and despise the whole NodeJS/NPM ecosystem and I find it a lot more insane than a simple PHP installation as CGI/FPM. Thanks but no thanks to work with a package manager that needs a package manager to get installed, then transpiled and browserified and packaged afterwards or whathaveyou and adding watchers that monitor file changes and "recompile" afterwards. In my ecosystem all I need to sync my sources across 10 servers are git and rsync and nothing else
Same type inequality comparison operators? by tepples · 2017-02-21 11:09 · Score: 1

Is there also a "less than and of the same type" operator? Or is calling strcmp() the best practice for this?
Would you prefer an interpreted crypto library? by tepples · 2017-02-21 11:15 · Score: 3, Insightful

And how is that different than simply #including a crypto library, which has the added bonus that you can pick any number of crypto libraries.
I can see three ways to proceed:
A built-in crypto library This runs at full speed and is available by default to the shared hosting customer. An add-on crypto library compiled to native code and distributed as a PHP extension This runs at full speed but requires the shared hosting customer to convince the hosting provider to install it. An add-on crypto library written in pure PHP This is available by default to the shared hosting customer but can run unacceptably slowly due to interpreter overhead.
1. Re:Would you prefer an interpreted crypto library? by Anonymous Coward · 2017-02-22 19:06 · Score: 0
  
  And how is that different than simply #including a crypto library, which has the added bonus that you can pick any number of crypto libraries.
  I can see three ways to proceed:
  A built-in crypto library This runs at full speed and is available by default to the shared hosting customer. An add-on crypto library compiled to native code and distributed as a PHP extension This runs at full speed but requires the shared hosting customer to convince the hosting provider to install it. An add-on crypto library written in pure PHP This is available by default to the shared hosting customer but can run unacceptably slowly due to interpreter overhead.
  4) switch to perl, python, Swift, C, or almost any other modern language use an add on binary library that runs at full speed but that the user can install together with their scripts through dynamic loading.
2. Re:Would you prefer an interpreted crypto library? by tepples · 2017-02-23 03:12 · Score: 1
  
  An add-on crypto library compiled to native code and distributed as a PHP extension
  use an add on binary library that runs at full speed but that the user can install together with their scripts through dynamic loading
  That depends on two things: whether the shared hosting provider has configured the interpreter to allow such dynamic loading, particularly from within the subscriber's home directory, and whether the shared hosting provider allows the subscriber to install a compiler and corresponding headers to compile said library. As the PHP manual states:
  
  The main reason for turning dynamic loading off is security. With dynamic loading, it's possible to ignore all open_basedir restrictions.
Selling point? I think not by Anonymous Coward · 2017-02-21 11:18 · Score: 0

PHP... <vomits> <tries_hard_not_to_throw_up_again> <fails_miserably>
IMHO whoever uses PHP already (masochists) will keep using it but I doubt building crypto capabilities into the language will attract significantly more new coders to it.
Every time I see a PHP job ad I think by FryingLizard · 2017-02-21 11:37 · Score: 1

"...man, you guys must have some serious technical debt"
I built a startup's entire stack on PHP back in the 2003-2006 time, now I look back and SMH at the foolishness. If you want a quick'n'weakly-typed language (which I often do), Python beats the crap out of PHP, as well as being ten times more readable.

--
[FrLz]
System.Security.Cryptography by Anonymous Coward · 2017-02-21 11:50 · Score: 0

All they way back to .NET Framework 1.1....
https://msdn.microsoft.com/en-us/library/system.security.cryptography(v=vs.71).aspx
1. Re:System.Security.Cryptography by AlphaBro · 2017-02-21 19:07 · Score: 1
  
  Yes, but you see, Microsoft didn't statically link all the crypto stuff into a monolithic binary. Because, uh... I guess loading a bunch of unused stuff into memory is newsworthy.
The crypto is the easy part of this by thogard · 2017-02-21 12:34 · Score: 2

The cryptography algorithms are the easy part. The vary hard part is protecting keys so I hope someone provides plenty of examples of how to do that properly. I hope they don't go down the Java route of showing how to use the functions without proper key management.
And it'll be a shitshow because of course it is by Just+Some+Guy · 2017-02-21 13:03 · Score: 4, Funny

Sneak preview of the API:

crypto_really_encode(plaintext, algorithm); // Simplest crypto_really_encode(plaintext, mode, algorithm); // Next arg goes in the middle crypto_really_encode(block_size, plaintext, algorithm, mode); // Switch it up yo lol

...where AES will somehow be a valid value for both mode and algorithm (which will silently override to "NULL" if plaintext starts with a zero or the letter "p").

--
Dewey, what part of this looks like authorities should be involved?
1. Re:And it'll be a shitshow because of course it is by AlphaBro · 2017-02-21 19:05 · Score: 1
  
  Lots of gold in this thread, but this one should be a 5. The PHP API design decisions are the shittiest I've ever seen in my life.
2. Re:And it'll be a shitshow because of course it is by Anonymous Coward · 2017-02-21 23:45 · Score: 0
  
  Lots of gold in this thread, but this one should be a 5. The PHP API design decisions are the shittiest I've ever seen in my life.
  Shittiest ever huh?? Im guessing you are either young or think hyperbole is the greatest thing ever.
Dynamic Type Comparing [Re:Oh please] by Tablizer · 2017-02-21 13:32 · Score: 1

In my opinion, dynamic languages should require, or at least encourage, one to specify what comparison type to use rather than rely on parameter (operand) analysis. The hard part is coming up with a nice syntax for such. I've had various discussion groups consider different suggestions, and found no consensus.
In the shorter term, one can roll their own functions and hope staff coders follow along. Example:

if (strCompare(a, '>', b)) {...} if (numCompare(a, '<=', b)) {...}

--
Table-ized A.I.
Re:Perhaps instead of building everything and .... by Anonymous Coward · 2017-02-21 19:20 · Score: 0

there is still have a shit ton (and by that I mean billions of lines of code) written 3+ decades ago running in production, you are fucking delusional if you think shared hosting is going to be any different to any other system, it doesn't matter that the world has mostly moved on there will be a fuckton of shared hosting for decades to come.
Oh LOL! PHP! by dschiptsov · 2017-02-21 22:43 · Score: 1

FYI Golang has a "modern" cryptography library in its core. PHP in 21th century. What a lunacy.
"make Wordpress more secure" by Anonymous Coward · 2017-02-22 01:41 · Score: 0

I'm intrigued how adding crypto support to php will somehow make Wordpress more secure, or how the php team will "force them to implement better security".
I use php regularly and don't really have any problem with it, I think it's a perfectly good language for the odd web app. I'm not a fan of Wordpress though. The way they expose everything, hundreds if not thousands of utilities and functions in the global namespace is a complete mess. I also don't see how they can have a system designed specifically to allow idiot end users to update the entire codebase by clicking a button, which requires the web app itself to have full write access to all source files, including adding third party plugins, and somehow think that it will ever be secure
So where's the NIST FIPS-140 certification by Anonymous Coward · 2017-02-22 02:12 · Score: 0

When you get that I might be interested.
Wordpress ? by Anonymous Coward · 2017-02-22 03:56 · Score: 0

What in the world does crypo have to do with SQL injection and web client ability to rewrite server code ?