jboveHi all. Paul Frazee is live coding "Uplink" now. https://www.youtube.com/watch?v=-yYKMFsKNSM&feature=youtu.be
nettlesubstack: but if you altered the file wouldn't the signature become invalid?
substackyou could publish a new version with a new signature, i mean
substackbut yes that signature would be invalid if the file changed
nettledo most apps just sign the hashes, or does a signature produce a fixed-length output like hash functions?
substackand there are certain things like replay attacks you may need to worry about, depending on the other circumstances of the arrangement
substacki think signatures might also be much slower than hashes if i remember correctly, so it's typical to sign hashes
substackbut to verify a signature you need to download the public key and run some openssl command probably
substackbut what is the threat model you're concerned about?
nettlebut it seems that ed25519 prehashes its signature input anyways
nettlesituation is sending android APKs p2p between phones, which are always signed
nettleso i'm trying to determine if a hash is even necessary for the verification phase
bencevansbenjamink152: > Dat makes no attempt to hide IP addresses. ref: 3rd paragraph under Discovery Keys @ https://datprotocol.github.io/how-dat-works/ I think Beaker has moved to using Hyperdrive but from my understanding the networking hasn't changed in terms of sharing IPs as the sharing is required to establish connections with others peering the
bencevansarchive of interest
substackif anyone wants to try, i'm sending a jpg of my cat tux:
hyperbeam tux > tux.jpg
decentral1seill get on that
decentral1serad cat, success
decentral1sebeamed to the netherlands
substacki used that photo a lot to debug my ntsc encoder/decoder
substackbecause it has good variety of colors
decentral1sethats cool! yeah it is a nice constructive critique, i like the work https://www.openprivacy.ca do
fleekyloving all these small utilities :)