Randar: A Minecraft exploit that uses LLL lattice reduction to crack server RNG

https://github.com/spawnmason/randar-explanation/blob/master/README.md [github.com]

2024-04-19 01:22

tags:
gaming
java
math
opsec
programming
random

Every time a block is broken in Minecraft versions Beta 1.8 through 1.12.2, the precise coordinates of the dropped item can reveal another player’s location. “Randar” is an exploit for Minecraft which uses LLL lattice reduction to crack the internal state of an incorrectly reused java.util.Random in the Minecraft server, then works backwards from that to locate other players currently loaded into the world.

source: HN

Multiply - A Book About Calculators I Helped Create

https://benjamin.computer/posts/2022-08-17-calculators.html [benjamin.computer]

2024-03-15 20:07

tags:
book
design
hardware
math
retro

Now, by trade I’m a software engineer and a trainee scientist - I’ve never designed a book before. However, I’m no stranger to graphic design, having done a variety of things before now. But a book is a new proposition with different challenges. There was a lot of work ahead. But where to begin?

source: Dfly

How Good Are FiveThirtyEight Forecasts?

https://projects.fivethirtyeight.com/checking-our-work/ [projects.fivethirtyeight.com]

2023-05-19 16:30

tags:
factcheck
math
visualization

Here, we’re looking at two main things: the calibration of a forecast — that is, whether events that we said would happen 30 percent of the time actually happened about 30 percent of the time — and how our forecast compared with an unskilled estimate that relies solely on historical averages. We can answer those questions using calibration plots and skill scores, respectively.

A Cryptographic Near Miss

https://words.filippo.io/dispatches/near-miss/ [words.filippo.io]

2023-04-11 20:00

tags:
bugfix
crypto
go
math
security

Go 1.20.2 fixed a small vulnerability in the crypto/elliptic package. The impact was minor, to the point that I don’t think any application was impacted, but the issue was interesting to look at as a near-miss, and to learn from.

source: L

1 Billion is Tiny in an Alternate Universe: Introduction to p-adic Numbers

https://www.youtube.com/watch?v=3gyHKCDq1YA [www.youtube.com]

2023-03-11 08:22

tags:
math
video

The Unreasonable Effectiveness of JPEG: A Signal Processing Approach

https://www.youtube.com/watch?v=0me3guauqOU [www.youtube.com]

2022-05-08 03:26

tags:
compression
compsci
graphics
math
video

The JPEG algorithm is rather complex and in this video, we break down the core parts of the algorithm, specifically color spaces, YCbCr, chroma subsampling, the discrete cosine transform, quantization, and lossless encoding. The majority of the focus is on the mathematical and signal processing insights that lead to advancements in image compression and the big themes in compression as a whole that we can take away from it.

NaN Gates and Flip FLOPS

https://www.youtube.com/watch?v=5TFDG-y-EHs [www.youtube.com]

2022-05-01 22:19

tags:
compsci
hardware
math
programming
solder
video

A new kind of computer architecture that’s more elegant than 1s and 0s, being based directly on Mathematics.

Exponentially Better Rotations

https://thenumbat.github.io/Exponential-Rotations/ [thenumbat.github.io]

2022-04-19 02:58

tags:
gl
graphics
interactive
math

If you’ve done any 3D programming, you’ve likely encountered the zoo of techniques and representations used when working with 3D rotations. Some of them are better than others, depending on the situation.

source: HN

Emulating AMD Approximate Arithmetic Instructions On Intel

https://robert.ocallahan.org/2021/09/emulating-amd-rsqrtss-etc-on-intel.html [robert.ocallahan.org]

2021-09-13 04:29

tags:
cpu
debugging
math
programming
virtualization

Pernosco accepts uploaded rr recordings from customers and replays them with binary instrumentation to build a database of all program execution, to power an amazing debugging experience. Our infrastructure is Intel-based AWS instances. Some customers upload recordings made on AMD (Zen) machines; for these recordings to replay correctly on Intel machines, instruction execution needs to produce bit-identical results. This is almost always true, but I recently discovered that the approximate arithmetic instructions RSQRTSS, RCPSS and friends do not produce identical results on Zen vs Intel. Fortunately, since Pernosco replays with binary instrumentation, we can insert code to emulate the AMD behavior of these instructions. I just needed to figure out a good way to implement that emulation.

source: HN

The impossible chessboard puzzle

https://www.youtube.com/watch?v=wTJI_WuZSwE [www.youtube.com]

2021-03-25 22:55

tags:
compsci
math
video

Bit strings, error correcting, and coloring the corners of higher dimensional cubes.

Recovering A Full Pem Private Key When Half Of It Is Redacted

https://blog.cryptohack.org/twitter-secrets [blog.cryptohack.org]

2021-03-25 02:26

tags:
crypto
math
opsec
programming
security

The @CryptoHack__ account was pinged today by ENOENT, with a CTF-like challenge found in the wild: Source tweet. Here’s a write-up covering how given a partially redacted PEM, the whole private key can be recovered. The Twitter user, SAXX, shared a partially redacted private RSA key in a tweet about a penetration test where they had recovered a private key. Precisely, a screenshot of a PEM was shared online with 31 of 51 total lines of the file redacted. As ENOENT correctly identified, the redaction they had offered wasn’t sufficient, and from the shared screenshot, it was possible to totally recover the private key.

source: L

What are the most important statistical ideas of the past 50 years?

http://www.stat.columbia.edu/~gelman/research/unpublished/stat50.pdf [www.stat.columbia.edu]

2021-03-12 03:30

tags:
ideas
math
paper
pdf
science

We argue that the most important statistical ideas of the past half century are: counterfactual causal inference, bootstrapping and simulation-based inference, overparameterized models and regularization, multilevel models, generic computation algorithms, adaptive decision analysis, robust inference, and exploratory data analysis. We discuss common features of these ideas, how they relate to modern computing and big data, and how they might be developed and extended in future decades. The goal of this article is to provoke thought and discussion regarding the larger themes of research in statistics and data science.

source: danluu

donut.c without a math library

https://www.a1k0n.net/2021/01/13/optimizing-donut.html [www.a1k0n.net]

2021-01-20 05:39

tags:
c
math
programming

My little donut.c has been making the rounds again, after being featured in a couple YouTube videos (e.g., Lex Fridman and Joma Tech). If I had known how much attention this code would get over the years, I would have spent more time on it.

Re-Deriving the edwards25519 Decoding Formulas

https://buttondown.email/cryptography-dispatches/archive/cryptography-dispatches-re-deriving-the/ [buttondown.email]

2020-12-21 17:03

tags:
crypto
math

A lot of my job is implementing specifications, and sometimes in a crypto spec you’ll encounter something like this and what you do is nod, copy it into a comment, break it down into a sequence of operations, and check that the result matches a test case. However, the other day I was having a bit of an identity crisis because I could not remember basic algebra, so I went and re-derived the edwards25519 point decoding formulas as a sort of homework. It turned out to be pretty useful for understanding pieces of the implementation I had been just treating as black boxes. I’m going to try to take you along for the ride, to show that there is no dark magic involved, and that we can all get to the same result as the specification with step-by-step high-school algebra.

Floating-Point Formats

http://www.quadibloc.com/comp/cp0201.htm [www.quadibloc.com]

2020-12-13 07:05

tags:
compsci
format
math
reference
retro
systems

Baby Sharks - Injecting small order points to threshold EdDSA

https://medium.com/zengo/baby-sharks-a3b9ceb4efe0 [medium.com]

2020-12-11 07:03

tags:
blockchain
crypto
math
security

We showcase one example of how an attacker can inject a low order subgroup group element in threshold EdDSA protocol secure against malicious adversaries, bypassing existing protections.

source: green

Dissecting Lemire’s nearly divisionless random

https://veryseriousblog.com/posts/dissecting-lemire [veryseriousblog.com]

2020-10-03 03:40

tags:
math
perf
programming
random

The idea was simple, I’ve always felt that code readability is undervalued so I figured I’d put cold hard cash up. I announced a $1,000 pot, divided into $500, $300, and $200 prizes for the most readable implementations of Daniel Lemire’s nearly divisionless algorithm for selecting a random number from an interval. I now have winners to announce and congratulate, and they’re in this blog post, but there’s more to this story.

This equation will change how you see the world (the logistic map)

https://www.youtube.com/watch?v=ovJcsL7vyrk [www.youtube.com]

2020-08-17 04:46

tags:
math
science
video
visualization

That may be over selling it, but cool anyway.

Is X25519 Associative? Sometimes!

https://buttondown.email/cryptography-dispatches/archive/cryptography-dispatches-is-x25519-associative/ [buttondown.email]

2020-05-28 04:40

tags:
crypto
math

Extracting ROM constants from the 8087 math coprocessor's die

http://www.righto.com/2020/05/extracting-rom-constants-from-8087-math.html [www.righto.com]

2020-05-17 23:20

tags:
hardware
math
photos
retro

I opened up an 8087 chip and took photos with a microscope. The photo below shows the chip’s tiny silicon die. Around the edges of the chip, tiny bond wires connect the chip to the 40 external pins. The labels show the main functional blocks, based on my reverse engineering. By examining the chip closely, various constants can be read out of the chip’s ROM, numbers such as pi that the chip uses in its calculations.