Re: Another security question
Steve D'Aprano : > https://www.schneier.com/blog/archives/2005/10/scandinavian_at_1.html EDITED TO ADD: Here's a related story. The Bank of New Zealand suspended Internet banking because of phishing concerns. Now there's a company that is taking the threat seriously. That's the trouble both in nature and in business: in order to make a living, you must expose yourself to predators. Marko -- https://mail.python.org/mailman/listinfo/python-list
Re: Another security question
Steve D'Aprano writes: > You say that as if two-factor auth was a panacea. Of course it's not a panacea, but it helps quite a lot. > That's the sort of thinking that leads to: ... Beyond that, web browsers are the new Microsoft Windows with all of its security holes and bloat and upgrade treadmill. Depending on the application, delivering it over the web might simply never be ok. -- https://mail.python.org/mailman/listinfo/python-list
Re: Another security question
Chris Angelico writes: > Correct. However, weak passwords are ultimately the user's > responsibility, where the hashing is the server's responsibility. No, really, the users are part of the system and therefore the system designer must take the expected behavior of actual users into account. The idea is to prevent breaches, not to allow them as long as the blame can be shifted to someone else. -- https://mail.python.org/mailman/listinfo/python-list
Re: Another security question
On Sat, Dec 24, 2016 at 7:08 PM, Paul Rubin wrote: > Chris Angelico writes: >> Correct. However, weak passwords are ultimately the user's >> responsibility, where the hashing is the server's responsibility. > > No, really, the users are part of the system and therefore the system > designer must take the expected behavior of actual users into account. > The idea is to prevent breaches, not to allow them as long as the blame > can be shifted to someone else. I agree, but that's why I said "ultimately". As an end user of a system, I have no control over the hashing used, and lots of control over the password I use; as a sysadmin, I have lots of control over the hashing, and very little on passwords. I could enforce a minimum password length, but I can't prevent password reuse, and I can't do much about the other forms of weak passwords. ChrisA -- https://mail.python.org/mailman/listinfo/python-list
Re: Another security question
"Steve D'Aprano" wrote in message
news:585d57d5$0$1587$c3e8da3$54964...@news.astraweb.com...
There is a stdlib PBKDF2. If you want to avoid third-party dependencies,
use that.
https://docs.python.org/3.4/library/hashlib.html#hashlib.pbkdf2_hmac
Thanks for the pointer.
From the docs - 15.1.3. Key derivation -
"The number of iterations should be chosen based on the hash algorithm and
computing power. As of 2013, at least 100,000 iterations of SHA-256 are
suggested."
So FWIW, this is what I have come up with -
from hashlib import pbkdf2_hmac as kdf
from secrets import token_bytes
from json import loads, dumps
def gen_password(pwd):
hash_name = 'sha256'
salt = token_bytes(16)
iterations = 10
dk = kdf(hash_name, pwd.encode('utf-8'), salt, iterations)
return dumps([hash_name, salt.hex(), iterations, dk.hex()])
def chk_password(pwd_hash, pwd):
hash_name, salt, iterations, dk = loads(pwd_hash)
return (kdf(hash_name, pwd.encode('utf-8'), bytes.fromhex(salt),
iterations)
== bytes.fromhex(dk))
pwd = 'this is my secret passphrase'
pwd_hash = gen_password(pwd)
print(pwd_hash)
print(chk_password(pwd_hash, pwd))
["sha256", "2cd1150b98dab7219136c8deceda00e3", 10,
"6301857d79554c3e2035fc779e4903f098ba2df36536028b72952426a5773f0a"]
True
I know that 'rolling your own' is a no-no when it comes to security. I don't
know whether this falls into that category or not, but I will run with it
for now.
Frank
--
https://mail.python.org/mailman/listinfo/python-list
Re: Another security question
"Frank Millman" wrote in message news:o3lcfk$pah$1...@blaine.gmane.org... By the way, I have realised how I ended up getting sidetracked by Blake2 in the first place. If you call up the online documentation for Python3.6 and select modules>h> hashlib, it takes you straight to 15.2. hashlib — BLAKE2 hash functions¶ It should take you to 15.1. hashlib — Secure hashes and message digests I think I should raise a 'documentation issue' to report this. Frank -- https://mail.python.org/mailman/listinfo/python-list
Re: Another security question
Chris Angelico writes: > as a sysadmin, I have lots of control over the hashing, and very > little on passwords. I could enforce a minimum password length, but I > can't prevent password reuse, and I can't do much about the other > forms of weak passwords. Right, 2FA helps with re-use, and difficult hashes like Argon2 help against dictionary attacks. Whether 2FA is worth the hassle to depends on what's being secured. You can also assign system-generated passwords rather than having people choose their own. It's ok for them to write down the system-generated passwords as long as they keep the paper in a safe place (similar to how they would carry cash). There's a Schneier blog post about that someplace. -- https://mail.python.org/mailman/listinfo/python-list
I need a lot of help...
I do not know how to do this exercise, does anyone help me? Define the matrix_range (m) function that returns the range of an array calculated by the Gaussian method. It should work with any number of rows and columns. No punctuation will be given to deliveries that do not respect this requirement. Operating example: >>> matrix_range ([[1,0,0], [0,1,0], [0,0,1]]) 3 -- https://mail.python.org/mailman/listinfo/python-list
Re: I need a lot of help...
El sábado, 24 de diciembre de 2016, 11:27:16 (UTC+1), raulmaq...@gmail.com escribió: > I do not know how to do this exercise, does anyone help me? > > Define the matrix_range (m) function that returns the range of an array > calculated by the Gaussian method. > > It should work with any number of rows and columns. No punctuation will be > given to deliveries that do not respect this requirement. > > > Operating example: > > >>> matrix_range ([[1,0,0], [0,1,0], [0,0,1]]) > 3 I need to do it in python -- https://mail.python.org/mailman/listinfo/python-list
Re: I need a lot of help...
raulmaqueda6...@gmail.com wrote: > I do not know how to do this exercise, does anyone help me? > > Define the matrix_range (m) function that returns the range of an array > calculated by the Gaussian method. > > It should work with any number of rows and columns. No punctuation will be > given to deliveries that do not respect this requirement. > > > Operating example: > matrix_range ([[1,0,0], [0,1,0], [0,0,1]]) > 3 If this were not a homework problem you'd use numpy.linalg.matrix_range(). In your case, however, your teacher wants you to implement the algorithm yourself. Do you know how to calculate the matrix range with pen and paper? Write down the steps in plain english and then try to implement them one after another in Python. Once you have some code and run into a problem you have something to show us, and we'll happily give you the hints necessary to fix it. -- https://mail.python.org/mailman/listinfo/python-list
Re: Python 3.6 on Centos 6
thinkwell writes:
> I'm trying to build Python 3.6 on Centos 6, and am successful in doing
> so, except for the sqlite3 library. I started with a brand new install
> of Centos 6 and installed devtoolset-2 to build with a newer
> compiler. But whether with default compiler or 4.82, I get the
> following errors when building the sqlite3 module. sqlite &
> sqlite-devel are installed.
>
> [code]
> building '_sqlite3' extension
> gcc -pthread -Wno-unused-result -Wsign-compare -DNDEBUG -g -fwrapv -O3
> -Wall -Wstrict-prototypes -fPIC -DMODULE_NAME="sqlite3"
> -IModules/_sqlite -I/usr/include -I./Include -I. -I/usr/local/include
> -I/tmp/Python-3.6.0/Include -I/tmp/Python-3.6.0 -c
> /tmp/Python-3.6.0/Modules/_sqlite/cache.c -o
> build/temp.linux-x86_64-3.6/tmp/Python-3.6.0/Modules/_sqlite/cache.o
> gcc -pthread -Wno-unused-result -Wsign-compare -DNDEBUG -g -fwrapv -O3
> -Wall -Wstrict-prototypes -fPIC -DMODULE_NAME="sqlite3"
> -IModules/_sqlite -I/usr/include -I./Include -I. -I/usr/local/include
> -I/tmp/Python-3.6.0/Include -I/tmp/Python-3.6.0 -c
> /tmp/Python-3.6.0/Modules/_sqlite/connection.c -o
> build/temp.linux-x86_64-3.6/tmp/Python-3.6.0/Modules/_sqlite/connection.o
> gcc -pthread -Wno-unused-result -Wsign-compare -DNDEBUG -g -fwrapv -O3
> -Wall -Wstrict-prototypes -fPIC -DMODULE_NAME="sqlite3"
> -IModules/_sqlite -I/usr/include -I./Include -I. -I/usr/local/include
> -I/tmp/Python-3.6.0/Include -I/tmp/Python-3.6.0 -c
> /tmp/Python-3.6.0/Modules/_sqlite/cursor.c -o
> build/temp.linux-x86_64-3.6/tmp/Python-3.6.0/Modules/_sqlite/cursor.o
> /tmp/Python-3.6.0/Modules/_sqlite/cursor.c: In function
> ‘_pysqlite_query_execute’:
> /tmp/Python-3.6.0/Modules/_sqlite/cursor.c:517:5: warning: implicit
> declaration of function ‘sqlite3_stmt_readonly’
> [-Wimplicit-function-declaration]
> if (self->connection->begin_statement &&
> !sqlite3_stmt_readonly(self->statement->st) && !self->statement->is_ddl) {
> ^
> gcc -pthread -Wno-unused-result -Wsign-compare -DNDEBUG -g -fwrapv -O3
> -Wall -Wstrict-prototypes -fPIC -DMODULE_NAME="sqlite3"
> -IModules/_sqlite -I/usr/include -I./Include -I. -I/usr/local/include
> -I/tmp/Python-3.6.0/Include -I/tmp/Python-3.6.0 -c
> /tmp/Python-3.6.0/Modules/_sqlite/microprotocols.c -o
> build/temp.linux-x86_64-3.6/tmp/Python-3.6.0/Modules/_sqlite/microprotocols.o
> gcc -pthread -Wno-unused-result -Wsign-compare -DNDEBUG -g -fwrapv -O3
> -Wall -Wstrict-prototypes -fPIC -DMODULE_NAME="sqlite3"
> -IModules/_sqlite -I/usr/include -I./Include -I. -I/usr/local/include
> -I/tmp/Python-3.6.0/Include -I/tmp/Python-3.6.0 -c
> /tmp/Python-3.6.0/Modules/_sqlite/module.c -o
> build/temp.linux-x86_64-3.6/tmp/Python-3.6.0/Modules/_sqlite/module.o
> gcc -pthread -Wno-unused-result -Wsign-compare -DNDEBUG -g -fwrapv -O3
> -Wall -Wstrict-prototypes -fPIC -DMODULE_NAME="sqlite3"
> -IModules/_sqlite -I/usr/include -I./Include -I. -I/usr/local/include
> -I/tmp/Python-3.6.0/Include -I/tmp/Python-3.6.0 -c
> /tmp/Python-3.6.0/Modules/_sqlite/prepare_protocol.c -o
> build/temp.linux-x86_64-3.6/tmp/Python-3.6.0/Modules/_sqlite/prepare_protocol.o
> gcc -pthread -Wno-unused-result -Wsign-compare -DNDEBUG -g -fwrapv -O3
> -Wall -Wstrict-prototypes -fPIC -DMODULE_NAME="sqlite3"
> -IModules/_sqlite -I/usr/include -I./Include -I. -I/usr/local/include
> -I/tmp/Python-3.6.0/Include -I/tmp/Python-3.6.0 -c
> /tmp/Python-3.6.0/Modules/_sqlite/row.c -o
> build/temp.linux-x86_64-3.6/tmp/Python-3.6.0/Modules/_sqlite/row.o
> gcc -pthread -Wno-unused-result -Wsign-compare -DNDEBUG -g -fwrapv -O3
> -Wall -Wstrict-prototypes -fPIC -DMODULE_NAME="sqlite3"
> -IModules/_sqlite -I/usr/include -I./Include -I. -I/usr/local/include
> -I/tmp/Python-3.6.0/Include -I/tmp/Python-3.6.0 -c
> /tmp/Python-3.6.0/Modules/_sqlite/statement.c -o
> build/temp.linux-x86_64-3.6/tmp/Python-3.6.0/Modules/_sqlite/statement.o
> gcc -pthread -Wno-unused-result -Wsign-compare -DNDEBUG -g -fwrapv -O3
> -Wall -Wstrict-prototypes -fPIC -DMODULE_NAME="sqlite3"
> -IModules/_sqlite -I/usr/include -I./Include -I. -I/usr/local/include
> -I/tmp/Python-3.6.0/Include -I/tmp/Python-3.6.0 -c
> /tmp/Python-3.6.0/Modules/_sqlite/util.c -o
> build/temp.linux-x86_64-3.6/tmp/Python-3.6.0/Modules/_sqlite/util.o
> gcc -pthread -shared -Wl,--rpath=/usr/lib
> build/temp.linux-x86_64-3.6/tmp/Python-3.6.0/Modules/_sqlite/cache.o
> build/temp.linux-x86_64-3.6/tmp/Python-3.6.0/Modules/_sqlite/connection.o
> build/temp.linux-x86_64-3.6/tmp/Python-3.6.0/Modules/_sqlite/cursor.o
> build/temp.linux-x86_64-3.6/tmp/Python-3.6.0/Modules/_sqlite/microprotocols.o
> build/temp.linux-x86_64-3.6/tmp/Python-3.6.0/Modules/_sqlite/module.o
> build/temp.linux-x86_64-3.6/tmp/Python-3.6.0/Modules/_sqlite/prepare_protocol.o
> build/temp.linux-x86_64-3.6/tmp/Python-3.6.0/Modules/_sqlite/row.o
> build/temp.linux-x86_64-3.6/tmp/Python-3.6.0/Modules/_sqlite/statement.o
> build/temp.linux-x86_64-3.6/tmp/Python-3.6.0/Modules/_sqlite/util.o
> -L. -L/usr/local/lib -lsqlite3 -lpython3.6m -o
> build
Re: data frame
Thank you Peter and Christ.
It is was a white space and the fix fixed it.
Many thanks.
On Friday, December 23, 2016 5:26 PM, Peter Otten <__pete...@web.de> wrote:
Val Krem via Python-list wrote:
> Here is the first few lines of the data
>
>
> s1.csv
> size,w1,h1
> 512,214,26
> 123,250,34
> 234,124,25
> 334,213,43
Did you put these lines here using copy and paste? The fix below depends on
the assumption that your data is more like
size, w1, h1
512, 214, 26
123, 250, 34
...
> a=pd.read_csv("s1.csv", skipinitialspace=True).keys()
You should use the keys() method call for diagnosis only. The final script
that might work if your problem is actually space after the commas is
import pandas as pd
a = pd.read_csv("s1.csv", skipinitialspace=True)
a["test"] = a["h1"] + a["w1"]
print(a)
--
https://mail.python.org/mailman/listinfo/python-list
--
https://mail.python.org/mailman/listinfo/python-list
Re: I need a lot of help...
raulmaqueda6...@gmail.com wrote: > I do not know how to do this exercise, does anyone help me? If you have a specific, precise question, that's one thing. Otherwise: http://lmgtfy.com/?q=Academic+Dishonesty Phil -- AH#61 Wolf#14 BS#89 bus#1 CCB#1 SENS KOTC#4 h...@philb.ca http://philb.ca -- https://mail.python.org/mailman/listinfo/python-list
Re: Python 3.6 on Centos 6
> What version of the sqlite3 libraries do you have? See > https://github.com/ghaering/pysqlite/issues/85 for example. > > -- > regards, > kushal I was using the system default for Centos 6 which is 3.6.20. I loaded a parallel version and now got 3.6 to build. Thanks! -- https://mail.python.org/mailman/listinfo/python-list
Re: I need a lot of help...
On Sat, 24 Dec 2016 02:27:05 -0800 (PST), raulmaqueda6...@gmail.com wrote: > I do not know how to do this exercise, does anyone help me? > > Define the matrix_range (m) function that returns the range of an > array calculated by the Gaussian method. > > It should work with any number of rows and columns. No punctuation > will be given to deliveries that do not respect this requirement. > > Operating example: > matrix_range ([[1,0,0], [0,1,0], [0,0,1]]) > 3 I don't know any definition of "matrix range" that fits this description. Is it possible that someone means "rank"? -- To email me, substitute nowhere->runbox, invalid->com. -- https://mail.python.org/mailman/listinfo/python-list
Re: I need a lot of help...
Peter Pearson writes: > I don't know any definition of "matrix range" that fits this description. > Is it possible that someone means "rank"? Yes, the rank is the dimension of the range unless I'm mistaken. I think rank is what was meant. To find the rank with Gaussian elimination, I guess you could diagonalize the matrix then count the number of nonzero elements. Maybe there's a better way. -- https://mail.python.org/mailman/listinfo/python-list
Re: UTF-8 Encoding Error
On 2016年12月22日 22時38分, subhabangal...@gmail.com wrote:
I am getting the error:
UnicodeDecodeError: 'utf8' codec can't decode byte 0x96 in position 15: invalid
start byte
The following is a reflex of mine, whenever I encounter Python 2 Unicode errors:
import sys
reload(sys)
sys.setdefaultencoding('utf8')
A relevant Stack Exchange thread awaits you here:
http://stackoverflow.com/a/21190382/2230956
--
https://mail.python.org/mailman/listinfo/python-list
