Yeah, except for the first few bytes. PKCS8 has some initial header information, but most of it is the OCTET_STRING of the private key itself.

The PEM (human “readable”) version is Base64, so you can craft up a string and make that your key. DER is that converted to binary again:

/**
 * @see https://datatracker.ietf.org/doc/html/rfc5208#section-5
 * @see https://datatracker.ietf.org/doc/html/rfc2313#section-11
 * Unwraps PKCS8 Container for internal key (RSA or EC)
 * @param {string|Uint8Array} pkcs8
 * @param {string} [checkOID]
 * @return {Uint8Array} DER
 */
export function privateKeyFromPrivateKeyInformation(pkcs8, checkOID) {
  const der = derFromPrivateKeyInformation(pkcs8);
  const [
    [privateKeyInfoType, [
      [versionType, version],
      algorithmIdentifierTuple,
      privateKeyTuple,
    ]],
  ] = decodeDER(der);
  if (privateKeyInfoType !== 'SEQUENCE') throw new Error('Invalid PKCS8');
  if (versionType !== 'INTEGER') throw new Error('Invalid PKCS8');
  if (version !== 0) throw new Error('Unsupported PKCS8 Version');
  const [algorithmIdentifierType, algorithmIdentifierValues] = algorithmIdentifierTuple;
  if (algorithmIdentifierType !== 'SEQUENCE') throw new Error('Invalid PKCS8');
  const [privateKeyType, privateKey] = privateKeyTuple;
  if (privateKeyType !== 'OCTET_STRING') throw new Error('Invalid PKCS8');
  if (checkOID) {
    for (const [type, value] of algorithmIdentifierValues) {
      if (type === 'OBJECT_IDENTIFIER' && value === checkOID) {
        return privateKey;
      }
    }
    return null; // Not an error, just doesn't match
  }

  return privateKey;
}

I wrote a “plain English” library in Javascript to demystify all the magic of Let’s Encrypt, ACME, and all those certificates. (Also to spin up my own certs in NodeJS/Chrome).

https://github.com/clshortfuse/acmejs/blob/96fcbe089f0f949f9eb6830ed2d7bc257ea8dc32/utils/certificate/privateKeyInformation.js#L40

Edit: To be specific, PKCS8 is usually a PKCS1 (RSA) key with some wrapping to identify it (the OID). The integers (BigInts) you pick for RSA would have to line up in some way, but I would think it’s doable. At worst there is maybe a character or two of garbage at the breakpoints for the RSA integers. And if you account for which ones are absent in the public key, then anybody reading it could get a kick out of reading your public certificate.

No. Microsoft is not liable, at least when it applies to HIPAA.

The HIPAA Rules apply to covered entities and business associates.

Individuals, organizations, and agencies that meet the definition of a covered entity under HIPAA must comply with the Rules’ requirements to protect the privacy and security of health information and must provide individuals with certain rights with respect to their health information. If a covered entity engages a business associate to help it carry out its health care activities and functions, the covered entity must have a written business associate contract or other arrangement with the business associate that establishes specifically what the business associate has been engaged to do and requires the business associate to comply with the Rules’ requirements to protect the privacy and security of protected health information. In addition to these contractual obligations, business associates are directly liable for compliance with certain provisions of the HIPAA Rules.

If an entity does not meet the definition of a covered entity or business associate, it does not have to comply with the HIPAA Rules. See definitions of “business associate” and “covered entity” at 45 CFR 160.103.

https://www.hhs.gov/hipaa/for-professionals/covered-entities/index.html

HIPAA doesn’t even require encryption. It’s considered “addressable”. They just require access be “closed”. You can be HIPAA compliant with just Windows login, event viewer, and notepad.

(Also HIPAA applies to healthcare providers. Adobe doesn’t need to follow HIPAA data protection, though they probably do because it’s so lax, just because you uploaded a PDF of a medical bill to their cloud.)

Burn-in is a misnomer.

OLEDs don’t burn their image into anything. CRTs used to burn in right onto the screen making it impossible to fix without physically changing the “glass” (really the phosphor screen).

What happens is the OLED burns out unevenly, causing some areas to be weaker than others. That clearly shows when you try to show all the colors (white) because some areas can no longer get as bright as their neighboring areas. It is reminiscent of CRT burn-in. LCDs just have one big backlight (or multiple if they have zones) so unevenness from burnout in LCDs is rarely seen, though still a thing.

So, OLED manufacturers do things to avoid areas from burning out from staying on for too long like pixel shifting, reducing refresh rate, or dimming areas that don’t change for a long time (like logos).

There is a secondary issue that looks like burn-in which is the panel’s ability to detect how long a pixel has been lit. If it can’t detect properly, then it will not give an even image. This is corrected every once in a while with “compensation cycles” but some panels are notorious for not doing them (Samsung), but once you do, it removes most commonly seen “burn-in”.

You’d have to really, really leave the same image on your screen for months for it to have any noticeable in real world usage, at least with modern OLED TVs. You would normally worry more about the panel dimming too much over a long period of time, but I don’t believe lifetime is any worse than standard LCD.

TL;DR: Watch RTings explain it

The meme format is awesome, but JSON differentiates strings with ".

{ "key": 1337 } vs { "key": "1337" }.

You might be thinking yaml? (Though it supports ' and " for explicit string types, technically)

But integer vs float? Good luck.

There is no section 15 or 16 in GPLv3, but I did find section 7 saying:

Requiring preservation of specified reasonable legal notices or author attributions in that material or in the Appropriate Legal Notices displayed by works containing it; or

But that’s an optional thing that you must add onto the GPLv3 license. I’ll have to keep that in mind for the future.

That would explain why what I’ve read mentioned it’s not guaranteed in GPLv3 (when comparing to MIT). I’ll have to figure out what that notice would look like.

GPL has no requirements for author attribution which is contrary to the entire point of an MIT license.

That’s why I described it as joining the Borg. You release individualism and freely give it to the collective. That’s cool, and I get the ethos behind all that, but I don’t want to add any of those constraints to my code. I just don’t want credit for my work or the others to get lost. I don’t think it’s a hard ask.

Regardless, we ended up ultimately being a full replacement for the other project.

I don’t care if people make money to use my code. I just want my name attached to it somehow, even if you make it closed sourced which is MIT and OpenBSD. I hope you do use my code and even if you heavily reference it to make something new, carry that forward so more can learn and benefit.

I also don’t understand “better for the end user” arguments either. I have a library that people want to be included in another project, but that project is GPL. They won’t merge my code unless I change my code to be GPL. So everyone who wants them merged is out of luck. I can’t merge their code either with mine. What is supposed to happen is I freely give up my name to the code and restrict it to only being GPL and for GPL projects. Essentially, assimilate and join with the Borg. No, thanks.

And while that’s from my experience, I’ve also seen good projects get traction, have excitement over it, and fall off the earth because they end up making it GPL. Everyone interested in adopting it, personal or business, just disappear. Then something with less restrictions comes along and gets adopted.

End-users move to what’s better for them, and if you have a library that is only for GPL, you can end up limiting your options with a wasteful purity test. If you want it to be free you’d give freely with no restrictions. And if you think, “You can contact me to discuss licensing” that doesn’t happen. It’s still a restriction and almost nobody actually bothers.

Phone material stopped mattering the moment camera bumps became a thing. Now, nearly everyone slaps a case to balance out the bump.

That said, I miss my completely mirrored-back Sony Xperia Z5 Premium.

People can beat this game with their eyes closed.

I didn’t really care about this thread until I read this comment.

Of course they have milk! With vodka and some Kalua/Bailey’s!

The Who were kinda silly (eg: Boris the Spider) in their early years.

I have a PS5. Got FF7:Remake the minute it came out. Now I’m in a position where I want to play Rebirth so much I want to experience it on my best device, my PC.

VSCode will add a yellow box around the character and tell you it’s an uncommon glyph.

https://code.visualstudio.com/updates/v1_63#_unicode-highlighting

To note, this came about because it could be valid code and it’s a security risk from copy/pasting malicious code. See:

https://certitude.consulting/blog/en/invisible-backdoor/

Show me potato salad!

AmazFit BIP series watches are pretty good. It’s amazing how horrible the Android OS is for watches but Apple set the tone saying 18 hours is enough.

It appears as though they did not like to gamble.

Steam has limited rollback support from the command line which we had to do plenty of times for Starfield when working on Luma. Sometimes updates are small. Sometimes the entire exe gets reshuffled so you have to find where to patch the exe all over again.

All the versions are apparently there. You just need to download the “depot” and it’ll dump into a folder. From there you copy that folder over your game directly.

It also works the other way around. I can download the depot for the latest version and stay on the version I’m at. It’s useful to pick apart and diff what was actually changed.

Why they can’t add that as an option I’m not sure. That seems more of a UX/UI issue rather than a technical one (like avoiding people using old versions on the web server).

I was about to mod the game for HDR and then found out news of FO4 getting updated.

Updates break mods. Just how it is. Though, after seeing the work needed for modding Starfield after each exe change, I’m doing shader replacement now. As long as they don’t change from DirectX, I should be good.

Edit: Nevermind. Somebody asked me for help and got roped in. Got HDR working. Let’s see if it actually lasts.

Edit2: Just gotta fix TAA. Source