A lot of the advice on password hashing says that client-side password hashing is not necessary, provided you are using HTTPS or another secure protocol, for instance in
A belated Happy New Year and Best Wishes for 2017!
This site and news have been neglected for much of 2016, this year’s resolution will be to try and revive it a bit.
In particular announcements and articles have fallen way behind the code as far as DWScript is concerned. So I will start the year by attempting to rectify that.
Despite having “lite” in its name, SQLite can handle very large databases quite efficiently. The single largest I am currently dealing with just passed 100 GB, and occasionally when backing it up with the SQLite standard Command Line utility it would take many hours.
After some asking on the sqlite-users list (thanks Clemens Madish & Simon Slavin), and some experimenting, I have gotten the backup time down to 4-5 minutes on a live 100 GB database, which is just fine in my book. Below are the findings and an utility, sql3bak, which wraps the results of the findings.
DWScript now has support for the BigInteger type, which supports numbers with as many decimals as the memory allows.
This support comes in two flavors, either through a MPIR dll (a GMP fork) or through Rudy Velthui’s BigIntegers unit.
It occurred to me that SHA-3 being a cryptographic hash, it is one of those peculiar bits of code that are fully self-testing. Any bug in a cryptographic hash will quickly cascade to a different result, no matter the bug or the input.
This means the ad-hoc-compiler-monkey can be unleashed “safely”, and can be allowed to try “improper changes.”