quasiyoke

My GitHub

Crontab files parser, my ARM programming experiments and a lot more—my GitHub is a reflection of my interests.

My first version control system was Mercurial. I’ve learned about it from UTP podcast (Russian). So the first public repository I had was on Bitbucket. Now I’m using GitHub for that. I’ll try to take short overview of my GitHub account here.

telepot

An example of my work at foreign open source project. telepot is a Python framework for Telegram Bot API. I’ve used it in my Rand Talk bot project.

My hosting provider had only Python 3.3 on its machines at the beginning of 2016. To use telepot you need at least Python 3.4. I’ve discovered that my program works well with telepot installed on Python 3.3 if I bring one additional package to it. My first pull request to telepot adds Python 3.3 compatibility to it. Unfortunately Nick Lee—an author of the framework don’t want to support one additional language version so he has refused my pull request. Today I think that he was right because just after one email to my hosting provider they have installed fresh version of Python.

In the February of 2016 ability to send silent messages was added to the Telegram. Telegram bots were able to send such messages too. GitHub user boxama has added such ability to synchronous telepot methods. In my pull request I’ve added this feature to async methods because Rand Talk is an asynchronous bot. This time my pull request was accepted successfully.

Yet another Turing machine

Turing machine is a mathematical model of computer. Any algorithm can be executed on such machine. Classic programming exercise is a Turing machine implementation. If you’re able to implement Turing machine on some language this language is Turing complete and you can execute any algorithm on it.

I’ve implemented Turing machine using C language. My repo has some simple Turing machine tables: simple rotating animation, arithmetic and logical conjunction, string copying, subtraction and their tests.

It was very pleasant to accept Anton Chekanin’s pull request. He’s an author of subtraction algorithm table and its tests.

Keys of Peace (not finished)

Free website allowing you to keep your passwords encrypted with a single “master password”. You don’t need to remember all passwords from your accounts so they could be very long and hard to crack.

Unlike usual password managers this project assumes that you don’t need any specific application to have access to your passwords. Just imagine: you’re opening browser at your friend’s laptop at some far trip and you’re still able to use your private accounts securely.

You’re not ready to show your passwords to my website? You don’t have to! Modern cryptography allows to build zero trust scheme where client code does all the job with the passwords right at your browser. The server just stores encrypted blobs.

s sketch, logo and screenshot

Keys of Peace idea was extremely hard to implement right because of several reasons:

  1. Client-side cryptography is insecure by itself. That’s obvious but you’re able to read this in-depth article if you want.

    For example you can’t guarantee to your users that you will send them only honest scripts each time. Perhaps at some day your website will be hacked and Mallory replace your client code with malicious program exposing users’ “master passwords” to Mallory’s server.

  2. There’re web password managers like Clipperz which are existing since 2006. Despite of high Clipperz’ crew proficiency the service isn’t very popular.

  3. Passwords’ storage should be done right. At first alpha-incarnation of Keys of Peace website I did use my own poorly designed storage format. Looking at article on password managers database security (PDF) I’ve decided that I should switch to Password Safe storage format. I haven’t finished my work on saving passwords database in such storage.

Keys of Peace repository had the largest amount of the stars across all my repos but even the list of its problems isn’t finished. This project pushed me to read Shneier’s Applied Cryptography book and to pass Cryptography I course. Believe me, Keys of Peace is a shockingly tough and very interesting project.