Binary Options Trading for Dummies - The Complete Beginner ...

Passed OSCP - My Experience

Originally, I was leaning against doing an obligatory post-OSCP Reddit post because I didn’t want to come across as another “look at me - I passed OSCP!!” cringeworthy OSCP Oscar speech, but I decided to go ahead and do one because my experience was perhaps a little unique and answers the much-asked question “can I do OSCP without experience?”.
A quick background to add context…
I’m 31 years old and my employment history is a mixture of sales, graphics, and media-related job roles. I felt discontented for a long time earning (barely) living wage in job roles I had little passion for. Anyway, to cut a long story short, I decided to quit my latest sales job in November last year (2019) to pursue a career in cybersecurity/infosec. I didn’t know what ‘TCP’ or ‘UDP’ was, and I’d never heard of ‘Kali’ or how to run a VM, but I was convinced that this would be the career path for me.
Anyway, I went through Security+ and C|EH from November to March and, just as I was going to start applying for Security Analyst type job roles, our friendly neighbourhood Coronavirus came along and shut down the economy. Even though I had no intention of doing OSCP for another year or two, I thought it was a better option than twiddling my thumbs for a few months, so I decided to sign up for PWK labs and have a crack at it.
Fast-forwarding to yesterday, after a few brutal months and an incredible experience, I finally got the OSCP “you have successfully completed” email.
Apologies in advance for the essay but I just want to go through my journey for those of you that might be in a similar position to the one I was in - limited/zero IT experience and feeling intimidated by the dreaded OSCP mountain.
My journey…
In the weeks leading up to the wait to start my 60 days PWK material and labs, I went through The Cyber Mentor’s Practical Ethical Hacking Udemy course and then went on a Hack the Box rampage, so, by the time my lab time started, I felt like I was in a pretty decent position.
Unfortunately, because I was a naïve idiot, I tackled the labs straight away and went through the PWK PDF casually on the side. This was a big mistake and something I would definitely change in hindsight because it cost me 5 easy points on the exam (I thought I could smash through the PDF exercises during the last week of labs but this didn’t prove to be enough time).
In 60 days I ended up rooting around 40 machines - I didn’t bother going for the networks because it didn’t apply to the exam and, although valuable real-world experience, I didn’t want to get distracted and flood my brain with even more information when it wasn’t going to be relevant for my mission.
One big thing that I did get right was note-taking. I can’t express enough how valuable it is to take detailed notes and build your own cheat sheet library. After every machine I rooted, I did a walkthrough on OneNote and added any new tools/commands to my cheat sheet library. This not only saves precious time in the exam, but it helps you build your own knowledge instead of relying on other people’s cheat sheets without really understanding what you’re doing.
After my 60 days had finished, I spent 1 month on TJ Null’s OSCP Hack the Box list and IppSec’s video walkthroughs. I also can’t stress enough how valuable this learning methodology is. My only regret is that I rushed through it. I’d already booked my exam 30 days after lab time, so I ended up jumping through walkthroughs when I got stuck on boxes instead of exhausting all options. This was another naïve idiot mistake on my behalf and something I would do differently in hindsight. There’s a difference between “trying harder” and “trying harder, but in a smart way”. I was putting 10+ hours in every day but I wasn’t always being efficient with my time. I’d definitely recommend seeking hints and tips on boxes but only after you’ve exhausted all options first, something which I didn’t always do.
Anyway, my first exam attempt came around towards the end of July. Was I ready? No, but I had delusional confidence in myself that has paid off for me more often than not, so I was hoping it would pay off for me again.
My first exam was brutal. I sat in my chair for a total of 23 hours and 15 minutes, with only 3 short 5-minute breaks to get food to snack on. My VPN was shut down after 24 hours and I had a total of 65 points, which I’d been stuck on for the last 8 hours of my exam. I got the BO, root on one of the 20-point machines, root on the 10-point machine, and user on the other 20-point machine. I just couldn’t get root on that last machine.
I was pretty devastated because I’d put my heart and soul into Sec+, C|EH, and OSCP for 7 straight months and I wanted it bad. But my delusional confidence wasn’t enough.
After listening to depressing Taylor Swift songs for a few days (joke), I decided to book another exam in, 4 weeks after my first attempt.
This time around, I decided to go through Tib3rius’s Linux and Windows Privilege Escalation courses (they were great) and go back over some of the HTB machines. I honestly felt at this point that there wasn’t much more study material that I could go through.
2nd exam came up and it was an almost minute-for-minute repeat of the first exam. BO done, 20 point rooted, 10 point rooted, but could only get user on the other 20 point. 65 points again. This time I ended up listening to Taylor Swift + Lana Del Rey.
I was pretty adamant that I could do this and that I was very close, so I sent Off-Sec an email explaining my situation and they were kind enough to allow me another exam attempt without waiting 8 weeks - I booked another exam in 2 weeks after my second attempt.
This time, my preparation was entirely mental. In both my prior exams, I was sat on my chair for over 23 hours because I was flapping around aimlessly like a headless chicken, desperately firing off exploits that I knew wouldn’t work on the other 20-point machine. So, I went into the 3rd exam determined to go at a slow and steady pace, and not let the 24-hour timeframe pressure me into a wild goose chase.
Miraculously, it seemed to work. After 14 hours, I’d done the BO, rooted both 20-point machines, rooted the 10-point machine, and got user on the 25-point machine. 85-ish points in total.
The point of this story is to get across to people that you need to try simpler, not harder. I perhaps failed my first exam because I’d not gone through Tib3rius’s Priv Esc courses, but I failed on my 2nd 100% due to mentality. There was no skill-level difference between my 2nd exam and 3rd exam.
I’ll finish off with my recommended learning methodology and exam tips (for people with limited/zero IT experience):
. The Cyber Mentor Practical Ethical Hacking Udemy course (usually on offer at $14.99-ish)
. Tib3rius’s Linux and Windows Privilege Escalation course (usually on offer at $12.99 each)
. Try Hack Me OSCP Learning Path (I would recommend doing this before HTB - it is $10 for 30 days)
. PWK labs (I personally don’t feel more than 60 days are required - unless you work full-time)
. TJ Null’s OSCP Hack the Box list ($10 for retired HTB machines - very worth it)
. You should be ready for the exam
Exam tips:
. Become proficient with Nmap but use an enumeration tool like nmapAutomator for the exam
. You will need to understand what bash and Python scripts are doing (you don’t need to be able to write them from scratch)
. Don’t be tempted to use a fancy BO methodology for the exam, stick with PWK’s methodology - it works (some of the others don’t)
. Play around with various reverse shell payloads - sometimes a bash one-liner won’t work so you need to go with Python. Sometimes Bash, Python, and netcat won’t work, so you need to understand what alternatives you can use in that scenario
. Get into the habit of reading service manuals. In all 3 of my exams, I came up against machines that had services I’d never even heard of. Fortunately, I’d got into the habit reading service manuals, otherwise, I would have skipped over the services and got lost down a rabbit hole
. Get into the habit of exploiting conventional services in unconventional ways. Just because an SUID binary isn’t on Gtfobins, it doesn’t mean that you can’t exploit the SUID binary in an unconventional way. Again, get into the habit of reading manuals to understand what services do
. Become familiar with Burp Suite. Many exploits won’t work in the way you might expect them to, but they will work if you run them through Burp. Or, at the very least, you’ll be able to understand why they’re not working. This issue came up in my last exam and I would have been completely lost if it weren’t for Burp
. Take breaks if you get frustrated - this is said over and over again by people on this subreddit and it’s an absolute must. The 20 point machine that I couldn’t root after 8 hours on my 2nd exam was on my 3rd exam (thanks Off-Sec - I know you tried to fu*k me with that), but I was able to root it within 1 hour on my 3rd exam, simply because my mindset was different at the time.
. Trust your gut - by doing PWK and HTB machines, you should develop a gut feeling of when you are in a rabbit hole and when you’re on the right track. I ended up rooting over 100 machines before the exam (albeit with plenty of hints and tips) and it helped me develop a good gut feeling. I can’t explain why but there were times in my last exam where I knew I was in the right area even though I wasn’t able to enumerate the specific service version. This feeling simply came from experience. I’m sure many of you watch IppSec’s videos and wonder “how the hell does he know to do X or Y?”. I used to wonder this all the time but after going through dozens of machines, I finally got it. It comes down to experience. Try to do as many machines as you can before the exam to build that gut feeling, and trust it in the exam.
. Embrace failure - this is perhaps the most important thing that I can say. OSCP is a difficult journey and many people fail multiple times before passing. And you know what? That’s okay. It’s okay to fail. It’s how you react to failure that counts. I’m not particularly smart but I embrace failure and I know deep down that I will keep trying until I pass. I was prepared to take the OSCP exam 1000 times if I had to, I was never going to let the exam beat me. I suggest you approach it with the same mentality and not let silly pride prevent you from having a go at it.
One last thing! Join a solid Discord community. This journey has been amazing since day one and a big reason behind that is the amazing online community. I was very active in an HTB community and ended up talking to several people who were going through OSCP at the same time as me. This was honestly such a massive help to me because I didn’t know what the hell I was doing when I first started!
Sorry for the massive rant - I just see so many people on here treating OSCP like an unsurmountable mountain. It’s not. You can do it!
submitted by TheCrypt0nian to oscp [link] [comments]

AJ ALMENDINGER

glimpse into the future of Roblox

Our vision to bring the world together through play has never been more relevant than it is now. As our founder and CEO, David Baszucki (a.k.a. Builderman), mentioned in his keynote, more and more people are using Roblox to stay connected with their friends and loved ones. He hinted at a future where, with our automatic machine translation technology, Roblox will one day act as a universal translator, enabling people from different cultures and backgrounds to connect and learn from each other.
During his keynote, Builderman also elaborated upon our vision to build the Metaverse; the future of avatar creation on the platform (infinitely customizable avatars that allow any body, any clothing, and any animation to come together seamlessly); more personalized game discovery; and simulating large social gatherings (like concerts, graduations, conferences, etc.) with tens of thousands of participants all in one server. We’re still very early on in this journey, but if these past five months have shown us anything, it’s clear that there is a growing need for human co-experience platforms like Roblox that allow people to play, create, learn, work, and share experiences together in a safe, civil 3D immersive space.
Up next, our VP of Developer Relations, Matt Curtis (a.k.a. m4rrh3w), shared an update on all the things we’re doing to continue empowering developers to create innovative and exciting content through collaboration, support, and expertise. He also highlighted some of the impressive milestones our creator community has achieved since last year’s RDC. Here are a few key takeaways:
And lastly, our VP of Engineering, Technology, Adam Miller (a.k.a. rbadam), unveiled a myriad of cool and upcoming features developers will someday be able to sink their teeth into. We saw a glimpse of procedural skies, skinned meshes, more high-quality materials, new terrain types, more fonts in Studio, a new asset type for in-game videos, haptic feedback on mobile, real-time CSG operations, and many more awesome tools that will unlock the potential for even bigger, more immersive experiences on Roblox.

Vibin’

Despite the virtual setting, RDC just wouldn’t have been the same without any fun party activities and networking opportunities. So, we invited special guests DJ Hyper Potions and cyber mentalist Colin Cloud for some truly awesome, truly mind-bending entertainment. Yoga instructor Erin Gilmore also swung by to inspire attendees to get out of their chair and get their body moving. And of course, we even had virtual rooms dedicated to karaoke and head-to-head social games, like trivia and Pictionary.
Over on the networking side, Team Adopt Me, Red Manta, StyLiS Studios, and Summit Studios hosted a virtual booth for attendees to ask questions, submit resumes, and more. We also had a networking session where three participants would be randomly grouped together to get to know each other.

What does Roblox mean to you?

We all know how talented the Roblox community is from your creations. We’ve heard plenty of stories over the years about how Roblox has touched your lives, how you’ve made friendships, learned new skills, or simply found a place where you can be yourself. We wanted to hear more. So, we asked attendees: What does Roblox mean to you? How has Roblox connected you? How has Roblox changed your life? Then, over the course of RDC, we incorporated your responses into this awesome mural.
📷
Created by Alece Birnbach at Graphic Recording Studio

Knowledge is power

This year’s breakout sessions included presentations from Roblox developers and staff members on the latest game development strategies, a deep dive into the Roblox engine, learning how to animate with Blender, tools for working together in teams, building performant game worlds, and the new Creator Dashboard. Dr. Michael Rich, Associate Professor at Harvard Medical School and Physician at Boston Children’s Hospital, also led attendees through a discussion on mental health and how to best take care of you and your friends’ emotional well-being, especially now during these challenging times.
📷
Making the Dream Work with Teamwork (presented by Roblox developer Myzta)
In addition to our traditional Q&A panel with top product and engineering leaders at Roblox, we also held a special session with Builderman himself to answer the community’s biggest questions.
📷
Roblox Product and Engineering Q&A Panel

2020 Game Jam

The Game Jam is always one of our favorite events of RDC. It’s a chance for folks to come together, flex their development skills, and come up with wildly inventive game ideas that really push the boundaries of what’s possible on Roblox. We had over 60 submissions this year—a new RDC record.
Once again, teams of up to six people from around the world had less than 24 hours to conceptualize, design, and publish a game based on the theme “2020 Vision,” all while working remotely no less! To achieve such a feat is nothing short of awe-inspiring, but as always, our dev community was more than up for the challenge. I’ve got to say, these were some of the finest creations we’ve seen.
WINNERS
Best in Show: Shapescape Created By: GhettoMilkMan, dayzeedog, maplestick, theloudscream, Brick_man, ilyannna You awaken in a strange laboratory, seemingly with no way out. Using a pair of special glasses, players must solve a series of anamorphic puzzles and optical illusions to make their escape.
Excellence in Visual Art: agn●sia Created By: boatbomber, thisfall, Elttob An obby experience unlike any other, this game is all about seeing the world through a different lens. Reveal platforms by switching between different colored lenses and make your way to the end.
Most Creative Gameplay: Visions of a perspective reality Created By: Noble_Draconian and Spathi Sometimes all it takes is a change in perspective to solve challenges. By switching between 2D and 3D perspectives, players can maneuver around obstacles or find new ways to reach the end of each level.
Outstanding Use of Tech: The Eyes of Providence Created By: Quenty, Arch_Mage, AlgyLacey, xJennyBeanx, Zomebody, Crykee This action/strategy game comes with a unique VR twist. While teams fight to construct the superior monument, two VR players can support their minions by collecting resources and manipulating the map.
Best Use of Theme: Sticker Situation Created By: dragonfrosting and Yozoh Set in a mysterious art gallery, players must solve puzzles by manipulating the environment using a magic camera and stickers. Snap a photograph, place down a sticker, and see how it changes the world.
OTHER TOP PICKS
HONORABLE MENTIONS
For the rest of the 2020 Game Jam submissions, check out the list below:
20-20 Vision | 20/20 Vision | 2020 Vision, A Crazy Perspective | 2020 Vision: Nyon | A Wild Trip! | Acuity | Best Year Ever | Better Half | Bloxlabs | Climb Stairs to 2021 | Double Vision (Team hey apple) | Eyebrawl | Eyeworm Exam | FIRE 2020 | HACKED | Hyperspective | Lucid Scream | Mystery Mansion | New Years at the Museum | New Year’s Bash | Poor Vision | Predict 2020 | RBC News | Retrovertigo | Second Wave | see no evil | Sight Fight | Sight Stealers | Spectacles Struggle | Specter Spectrum | Survive 2020 | The Lost Chicken Leg | The Outbreak | The Spyglass | Time Heist | Tunnel Vision | Virtual RDC – The Story | Vision (Team Freepunk) | Vision (Team VIP People ####) | Vision Developers Conference 2020 | Vision Is Key | Vision Perspective | Vision Racer | Visions | Zepto
And last but not least, we wanted to give a special shout out to Starboard Studios. Though they didn’t quite make it on time for our judges, we just had to include Dave’s Vision for good measure. 📷
Thanks to everyone who participated in the Game Jam, and congrats to all those who took home the dub in each of our categories this year. As the winners of Best in Show, the developers of Shapescape will have their names forever engraved on the RDC Game Jam trophy back at Roblox HQ. Great work!

‘Til next year

And that about wraps up our coverage of the first-ever digital RDC. Thanks to all who attended! Before we go, we wanted to share a special “behind the scenes” video from the 2020 RDC photoshoot.
Check it out:
It was absolutely bonkers. Getting 350 of us all in one server was so much fun and really brought back the feeling of being together with everyone again. That being said, we can’t wait to see you all—for real this time—at RDC next year. It’s going to be well worth the wait. ‘Til we meet again, my friends.
© 2020 Roblox Corporation. All Rights Reserved.

Improving Simulation and Performance with an Advanced Physics Solver

August

05, 2020

by chefdeletat
PRODUCT & TECH
📷In mid-2015, Roblox unveiled a major upgrade to its physics engine: the Projected Gauss-Seidel (PGS) physics solver. For the first year, the new solver was optional and provided improved fidelity and greater performance compared to the previously used spring solver.
In 2016, we added support for a diverse set of new physics constraints, incentivizing developers to migrate to the new solver and extending the creative capabilities of the physics engine. Any new places used the PGS solver by default, with the option of reverting back to the classic solver.
We ironed out some stability issues associated with high mass differences and complex mechanisms by the introduction of the hybrid LDL-PGS solver in mid-2018. This made the old solver obsolete, and it was completely disabled in 2019, automatically migrating all places to the PGS.
In 2019, the performance was further improved using multi-threading that splits the simulation into jobs consisting of connected islands of simulating parts. We still had performance issues related to the LDL that we finally resolved in early 2020.
The physics engine is still being improved and optimized for performance, and we plan on adding new features for the foreseeable future.

Implementing the Laws of Physics

📷
The main objective of a physics engine is to simulate the motion of bodies in a virtual environment. In our physics engine, we care about bodies that are rigid, that collide and have constraints with each other.
A physics engine is organized into two phases: collision detection and solving. Collision detection finds intersections between geometries associated with the rigid bodies, generating appropriate collision information such as collision points, normals and penetration depths. Then a solver updates the motion of rigid bodies under the influence of the collisions that were detected and constraints that were provided by the user.
📷
The motion is the result of the solver interpreting the laws of physics, such as conservation of energy and momentum. But doing this 100% accurately is prohibitively expensive, and the trick to simulating it in real-time is to approximate to increase performance, as long as the result is physically realistic. As long as the basic laws of motion are maintained within a reasonable tolerance, this tradeoff is completely acceptable for a computer game simulation.

Taking Small Steps

The main idea of the physics engine is to discretize the motion using time-stepping. The equations of motion of constrained and unconstrained rigid bodies are very difficult to integrate directly and accurately. The discretization subdivides the motion into small time increments, where the equations are simplified and linearized making it possible to solve them approximately. This means that during each time step the motion of the relevant parts of rigid bodies that are involved in a constraint is linearly approximated.
📷📷
Although a linearized problem is easier to solve, it produces drift in a simulation containing non-linear behaviors, like rotational motion. Later we’ll see mitigation methods that help reduce the drift and make the simulation more plausible.

Solving

📷
Having linearized the equations of motion for a time step, we end up needing to solve a linear system or linear complementarity problem (LCP). These systems can be arbitrarily large and can still be quite expensive to solve exactly. Again the trick is to find an approximate solution using a faster method. A modern method to approximately solve an LCP with good convergence properties is the Projected Gauss-Seidel (PGS). It is an iterative method, meaning that with each iteration the approximate solution is brought closer to the true solution, and its final accuracy depends on the number of iterations.
📷
This animation shows how a PGS solver changes the positions of the bodies at each step of the iteration process, the objective being to find the positions that respect the ball and socket constraints while preserving the center of mass at each step (this is a type of positional solver used by the IK dragger). Although this example has a simple analytical solution, it’s a good demonstration of the idea behind the PGS. At each step, the solver fixes one of the constraints and lets the other be violated. After a few iterations, the bodies are very close to their correct positions. A characteristic of this method is how some rigid bodies seem to vibrate around their final position, especially when coupling interactions with heavier bodies. If we don’t do enough iterations, the yellow part might be left in a visibly invalid state where one of its two constraints is dramatically violated. This is called the high mass ratio problem, and it has been the bane of physics engines as it causes instabilities and explosions. If we do too many iterations, the solver becomes too slow, if we don’t it becomes unstable. Balancing the two sides has been a painful and long process.

Mitigation Strategies

📷A solver has two major sources of inaccuracies: time-stepping and iterative solving (there is also floating point drift but it’s minor compared to the first two). These inaccuracies introduce errors in the simulation causing it to drift from the correct path. Some of this drift is tolerable like slightly different velocities or energy loss, but some are not like instabilities, large energy gains or dislocated constraints.
Therefore a lot of the complexity in the solver comes from the implementation of methods to minimize the impact of computational inaccuracies. Our final implementation uses some traditional and some novel mitigation strategies:
  1. Warm starting: starting with the solution from a previous time-step to increase the convergence rate of the iterative solver
  2. Post-stabilization: reprojecting the system back to the constraint manifold to prevent constraint drift
  3. Regularization: adding compliance to the constraints ensuring a solution exists and is unique
  4. Pre-conditioning: using an exact solution to a linear subsystem, improving the stability of complex mechanisms
Strategies 1, 2 and 3 are pretty traditional, but 3 has been improved and perfected by us. Also, although 4 is not unheard of, we haven’t seen any practical implementation of it. We use an original factorization method for large sparse constraint matrices and a new efficient way of combining it with the PGS. The resulting implementation is only slightly slower compared to pure PGS but ensures that the linear system coming from equality constraints is solved exactly. Consequently, the equality constraints suffer only from drift coming from the time discretization. Details on our methods are contained in my GDC 2020 presentation. Currently, we are investigating direct methods applied to inequality constraints and collisions.

Getting More Details

Traditionally there are two mathematical models for articulated mechanisms: there are reduced coordinate methods spearheaded by Featherstone, that parametrize the degrees of freedom at each joint, and there are full coordinate methods that use a Lagrangian formulation.
We use the second formulation as it is less restrictive and requires much simpler mathematics and implementation.
The Roblox engine uses analytical methods to compute the dynamic response of constraints, as opposed to penalty methods that were used before. Analytics methods were initially introduced in Baraff 1989, where they are used to treat both equality and non-equality constraints in a consistent manner. Baraff observed that the contact model can be formulated using quadratic programming, and he provided a heuristic solution method (which is not the method we use in our solver).
Instead of using force-based formulation, we use an impulse-based formulation in velocity space, originally introduced by Mirtich-Canny 1995 and further improved by Stewart-Trinkle 1996, which unifies the treatment of different contact types and guarantees the existence of a solution for contacts with friction. At each timestep, the constraints and collisions are maintained by applying instantaneous changes in velocities due to constraint impulses. An excellent explanation of why impulse-based simulation is superior is contained in the GDC presentation of Catto 2014.
The frictionless contacts are modeled using a linear complementarity problem (LCP) as described in Baraff 1994. Friction is added as a non-linear projection onto the friction cone, interleaved with the iterations of the Projected Gauss-Seidel.
The numerical drift that introduces positional errors in the constraints is resolved using a post-stabilization technique using pseudo-velocities introduced by Cline-Pai 2003. It involves solving a second LCP in the position space, which projects the system back to the constraint manifold.
The LCPs are solved using a PGS / Impulse Solver popularized by Catto 2005 (also see Catto 2009). This method is iterative and considers each individual constraints in sequence and resolves it independently. Over many iterations, and in ideal conditions, the system converges to a global solution.
Additionally, high mass ratio issues in equality constraints are ironed out by preconditioning the PGS using the sparse LDL decomposition of the constraint matrix of equality constraints. Dense submatrices of the constraint matrix are sparsified using a method we call Body Splitting. This is similar to the LDL decomposition used in Baraff 1996, but allows more general mechanical systems, and solves the system in constraint space. For more information, you can see my GDC 2020 presentation.
The architecture of our solver follows the idea of Guendelman-Bridson-Fedkiw, where the velocity and position stepping are separated by the constraint resolution. Our time sequencing is:
  1. Advance velocities
  2. Constraint resolution in velocity space and position space
  3. Advance positions
This scheme has the advantage of integrating only valid velocities, and limiting latency in external force application but allowing a small amount of perceived constraint violation due to numerical drift.
An excellent reference for rigid body simulation is the book Erleben 2005 that was recently made freely available. You can find online lectures about physics-based animation, a blog by Nilson Souto on building a physics engine, a very good GDC presentation by Erin Catto on modern solver methods, and forums like the Bullet Physics Forum and GameDev which are excellent places to ask questions.

In Conclusion

The field of game physics simulation presents many interesting problems that are both exciting and challenging. There are opportunities to learn a substantial amount of cool mathematics and physics and to use modern optimizations techniques. It’s an area of game development that tightly marries mathematics, physics and software engineering.
Even if Roblox has a good rigid body physics engine, there are areas where it can be improved and optimized. Also, we are working on exciting new projects like fracturing, deformation, softbody, cloth, aerodynamics and water simulation.
Neither Roblox Corporation nor this blog endorses or supports any company or service. Also, no guarantees or promises are made regarding the accuracy, reliability or completeness of the information contained in this blog.
This blog post was originally published on the Roblox Tech Blog.
© 2020 Roblox Corporation. All Rights Reserved.

Using Clang to Minimize Global Variable Use

July

23, 2020

by RandomTruffle
PRODUCT & TECH
Every non-trivial program has at least some amount of global state, but too much can be a bad thing. In C++ (which constitutes close to 100% of Roblox’s engine code) this global state is initialized before main() and destroyed after returning from main(), and this happens in a mostly non-deterministic order. In addition to leading to confusing startup and shutdown semantics that are difficult to reason about (or change), it can also lead to severe instability.
Roblox code also creates a lot of long-running detached threads (threads which are never joined and just run until they decide to stop, which might be never). These two things together have a very serious negative interaction on shutdown, because long-running threads continue accessing the global state that is being destroyed. This can lead to elevated crash rates, test suite flakiness, and just general instability.
The first step to digging yourself out of a mess like this is to understand the extent of the problem, so in this post I’m going to talk about one technique you can use to gain visibility into your global startup flow. I’m also going to discuss how we are using this to improve stability across the entire Roblox game engine platform by decreasing our use of global variables.

Introducing -finstrument-functions

Nothing excites me more than learning about a new obscure compiler option that I’ve never had a use for before, so I was pretty happy when a colleague pointed me to this option in the Clang Command Line Reference. I’d never used it before, but it sounded very cool. The idea being that if we could get the compiler to tell us every time it entered and exited a function, we could filter this information through a symbolizer of some kind and generate a report of functions that a) occur before main(), and b) are the very first function in the call-stack (indicating it’s a global).
Unfortunately, the documentation basically just tells you that the option exists with no mention of how to use it or if it even actually does what it sounds like it does. There’s also two different options that sound similar to each other (-finstrument-functions and -finstrument-functions-after-inlining), and I still wasn’t entirely sure what the difference was. So I decided to throw up a quick sample on godbolt to see what happened, which you can see here. Note there are two assembly outputs for the same source listing. One uses the first option and the other uses the second option, and we can compare the assembly output to understand the differences. We can gather a few takeaways from this sample:
  1. The compiler is injecting calls to __cyg_profile_func_enter and __cyg_profile_func_exit inside of every function, inline or not.
  2. The only difference between the two options occurs at the call-site of an inline function.
  3. With -finstrument-functions, the instrumentation for the inlined function is inserted at the call-site, whereas with -finstrument-functions-after-inlining we only have instrumentation for the outer function. This means that when using-finstrument-functions-after-inlining you won’t be able to determine which functions are inlined and where.
Of course, this sounds exactly like what the documentation said it did, but sometimes you just need to look under the hood to convince yourself.
To put all of this another way, if we want to know about calls to inline functions in this trace we need to use -finstrument-functions because otherwise their instrumentation is silently removed by the compiler. Sadly, I was never able to get -finstrument-functions to work on a real example. I would always end up with linker errors deep in the Standard C++ Library which I was unable to figure out. My best guess is that inlining is often a heuristic, and this can somehow lead to subtle ODR (one-definition rule) violations when the optimizer makes different inlining decisions from different translation units. Luckily global constructors (which is what we care about) cannot possibly be inlined anyway, so this wasn’t a problem.
I suppose I should also mention that I still got tons of linker errors with -finstrument-functions-after-inlining as well, but I did figure those out. As best as I can tell, this option seems to imply –whole-archive linker semantics. Discussion of –whole-archive is outside the scope of this blog post, but suffice it to say that I fixed it by using linker groups (e.g. -Wl,–start-group and -Wl,–end-group) on the compiler command line. I was a bit surprised that we didn’t get these same linker errors without this option and still don’t totally understand why. If you happen to know why this option would change linker semantics, please let me know in the comments!

Implementing the Callback Hooks

If you’re astute, you may be wondering what in the world __cyg_profile_func_enter and __cyg_profile_func_exit are and why the program is even successfully linking in the first without giving undefined symbol reference errors, since the compiler is apparently trying to call some function we’ve never defined. Luckily, there are some options that allow us to see inside the linker’s algorithm so we can find out where it’s getting this symbol from to begin with. Specifically, -y should tell us how the linker is resolving . We’ll try it with a dummy program first and a symbol that we’ve defined ourselves, then we’ll try it with __cyg_profile_func_enter .
[email protected]:~/src/sandbox$ cat instr.cpp int main() {} [email protected]:~/src/sandbox$ clang++-9 -fuse-ld=lld -Wl,-y -Wl,main instr.cpp /usbin/../lib/gcc/x86_64-linux-gnu/crt1.o: reference to main /tmp/instr-5b6c60.o: definition of main
No surprises here. The C Runtime Library references main(), and our object file defines it. Now let’s see what happens with __cyg_profile_func_enter and -finstrument-functions-after-inlining.
[email protected]:~/src/sandbox$ clang++-9 -fuse-ld=lld -finstrument-functions-after-inlining -Wl,-y -Wl,__cyg_profile_func_enter instr.cpp /tmp/instr-8157b3.o: reference to __cyg_profile_func_enter /lib/x86_64-linux-gnu/libc.so.6: shared definition of __cyg_profile_func_enter
Now, we see that libc provides the definition, and our object file references it. Linking works a bit differently on Unix-y platforms than it does on Windows, but basically this means that if we define this function ourselves in our cpp file, the linker will just automatically prefer it over the shared library version. Working godbolt link without runtime output is here. So now you can kind of see where this is going, however there are still a couple of problems left to solve.
  1. We don’t want to do this for a full run of the program. We want to stop as soon as we reach main.
  2. We need a way to symbolize this trace.
The first problem is easy to solve. All we need to do is compare the address of the function being called to the address of main, and set a flag indicating we should stop tracing henceforth. (Note that taking the address of main is undefined behavior[1], but for our purposes it gets the job done, and we aren’t shipping this code, so ¯\_(ツ)_/¯). The second problem probably deserves a little more discussion though.

Symbolizing the Traces

In order to symbolize these traces, we need two things. First, we need to store the trace somewhere on persistent storage. We can’t expect to symbolize in real time with any kind of reasonable performance. You can write some C code to save the trace to some magic filename, or you can do what I did and just write it to stderr (this way you can pipe stderr to some file when you run it).
Second, and perhaps more importantly, for every address we need to write out the full path to the module the address belongs to. Your program loads many shared libraries, and in order to translate an address into a symbol, we have to know which shared library or executable the address actually belongs to. In addition, we have to be careful to write out the address of the symbol in the file on disk. When your program is running, the operating system could have loaded it anywhere in memory. And if we’re going to symbolize it after the fact we need to make sure we can still reference it after the information about where it was loaded in memory is lost. The linux function dladdr() gives us both pieces of information we need. A working godbolt sample with the exact implementation of our instrumentation hooks as they appear in our codebase can be found here.

Putting it All Together

Now that we have a file in this format saved on disk, all we need to do is symbolize the addresses. addr2line is one option, but I went with llvm-symbolizer as I find it more robust. I wrote a Python script to parse the file and symbolize each address, then print it in the same “visual” hierarchical format that the original output file is in. There are various options for filtering the resulting symbol list so that you can clean up the output to include only things that are interesting for your case. For example, I filtered out any globals that have boost:: in their name, because I can’t exactly go rewrite boost to not use global variables.
The script isn’t as simple as you would think, because simply crawling each line and symbolizing it would be unacceptably slow (when I tried this, it took over 2 hours before I finally killed the process). This is because the same address might appear thousands of times, and there’s no reason to run llvm-symbolizer against the same address multiple times. So there’s a lot of smarts in there to pre-process the address list and eliminate duplicates. I won’t discuss the implementation in more detail because it isn’t super interesting. But I’ll do even better and provide the source!
So after all of this, we can run any one of our internal targets to get the call tree, run it through the script, and then get output like this (actual output from a Roblox process, source file information removed):
excluded_symbols = [‘.\boost.*’]* excluded_modules = [‘/usr.\’]* /uslib/x86_64-linux-gnu/libLLVM-9.so.1: 140 unique addresses InterestingRobloxProcess: 38928 unique addresses /uslib/x86_64-linux-gnu/libstdc++.so.6: 1 unique addresses /uslib/x86_64-linux-gnu/libc++.so.1: 3 unique addresses Printing call tree with depth 2 for 29276 global variables. __cxx_global_var_init.5 (InterestingFile1.cpp:418:22) RBX::InterestingRobloxClass2::InterestingRobloxClass2() (InterestingFile2.cpp.:415:0) __cxx_global_var_init.19 (InterestingFile2.cpp:183:34) (anonymous namespace)::InterestingRobloxClass2::InterestingRobloxClass2() (InterestingFile2.cpp:171:0) __cxx_global_var_init.274 (InterestingFile3.cpp:2364:33) RBX::InterestingRobloxClass3::InterestingRobloxClass3()
So there you have it: the first half of the battle is over. I can run this script on every platform, compare results to understand what order our globals are actually initialized in in practice, then slowly migrate this code out of global initializers and into main where it can be deterministic and explicit.

Future Work

It occurred to me sometime after implementing this that we could make a general purpose profiling hook that exposed some public symbols (dllexport’ed if you speak Windows), and allowed a plugin module to hook into this dynamically. This plugin module could filter addresses using whatever arbitrary logic that it was interested in. One interesting use case I came up for this is that it could look up the debug information, check if the current address maps to the constructor of a function local static, and write out the address if so. This effectively allows us to gain a deeper understanding of the order in which our lazy statics are initialized. The possibilities are endless here.

Further Reading

If you’re interested in this kind of thing, I’ve collected a couple of my favorite references for this kind of topic.
  1. Various: The C++ Language Standard
  2. Matt Godbolt: The Bits Between the Bits: How We Get to main()
  3. Ryan O’Neill: Learning Linux Binary Analysis
  4. Linkers and Loaders: John R. Levine
  5. https://eel.is/c++draft/basic.exec#basic.start.main-3
Neither Roblox Corporation nor this blog endorses or supports any company or service. Also, no guarantees or promises are made regarding the accuracy, reliability or completeness of the information contained in this blog.
submitted by jaydenweez to u/jaydenweez [link] [comments]

[Table] Asteroid Day AMA – We’re engineers and scientists working on a mission that could, one day, help save humankind from asteroid extinction. Ask us anything!

Source
There are several people answering: Paolo Martino is PM, Marco Micheli is MM, Heli Greus is HG, Detlef Koschny is DVK, and Aidan Cowley is AC.
Questions Answers
Can we really detect any asteroids in space with accuracy and do we have any real means of destroying it? Yes, we can detect new asteroids when they are still in space. Every night dozens of new asteroids are found, including a few that can come close to the Earth.
Regarding the second part of the question, the goal would be to deflect them more than destroy them, and it is technologically possible. The Hera/DART mission currently being developed by ESA and NASA will demonstrate exactly this capability.
MM
I always wanted to ask: what is worse for life on Earth - to be hit by a single coalesced asteroid chunk, or to be hit by a multiple smaller pieces of exploded asteroid, aka disrupted rubble pile scenario? DVK: This is difficult to answer. If the rubble is small (centimetres to meters) it is better to have lots of small ones – they’d create nice bright meteors. If the rubble pieces are tens of meters it doesn’t help.
Let’s say that hypothetically, an asteroid the size of Rhode Island is coming at us, it will be a direct hit - you’ve had the resources and funding you need, your plan is fully in place, everything you’ve wanted you got. The asteroid will hit in 10 years, what do you do? DVK: I had to look up how big Rhode Island is – a bit larger than the German Bundesland ‘Saarland’. Ok – this would correspond to an object about 60 km in diameter, right? That’s quite big – we would need a lot of rocket launches, this would be extremely difficult. I would pray. The good news is that we are quite convinced that we know all objects larger than just a few kilometers which come close to our planet. None of them is on a collision course, so we are safe.
the below is a reply to the above
Why are you quite convinced that you know all object of that size? And what is your approach in finding new celestial bodies? DVK: There was a scientific study done over a few years (published in Icarus 2018, search for Granvik) where they modelled how many objects there are out there. They compared this to the observations we have with the telescopic surveys. This gives us the expected numbers shown here on our infographic: https://www.esa.int/ESA_Multimedia/Images/2018/06/Asteroid_danger_explained
There are additional studies to estimate the ‘completeness’ – and we think that we know everything above roughly a few km in size.
To find new objects, we use survey telescopes that scan the night sky every night. The two major ones are Catalina and Pan-STARRS, funded by NASA. ESA is developing the so-called Flyeye telescope to add to this effort https://www.esa.int/ESA_Multimedia/Images/2017/02/Flyeye_telescope.
the below is a reply to the above
Thanks for the answer, that's really interesting! It's also funny that the fist Flyeye deployed is in Sicily, at less than 100km from me, I really had no idea DVK: Indeed, that's cool. Maybe you can go and visit it one day.
the below is a reply to the original answer
What about Interstellar objects however, like Oumuamua? DVK: The two that we have seen - 'Oumuamua and comet Borisov - were much smaller than the Saarland (or Rhode Island ;-) - not sure about Borisov, but 'Oumuamua was a few hundred meters in size. So while they could indeed come as a complete surprise, they are so rare that I wouldn't worry.
Would the public be informed if an impending asteroid event were to happen? And, how would the extinction play out? Bunch of people crushed to death, knocked off our orbit, dust clouds forever? DVK: We do not keep things secret – all our info is at the web page http://neo.ssa.esa.int. The ‘risky’ objects are in the ‘risk page’. We also put info on really close approaches there. It would also be very difficult to keep things ‘under cover’ – there are many high-quality amateur astronomers out there that would notice.
In 2029 asteroid Apophis will fly really close to Earth, even closer than geostationary satellites. Can we use some of those satellites to observe the asteroid? Is it possible to launch very cheap cube sats to flyby Apophis in 2029? DVK: Yes an Apophis mission during the flyby in 2029 would be really nice. We even had a special session on that topic at the last Planetary Defense Conference in 2019, and indeed CubeSats were mentioned. This would be a nice university project – get me a close-up of the asteroid with the Earth in the background!
the below is a reply to the above
So you’re saying it was discussed and shelved? In the conference we just presented ideas. To make them happen needs funding - in the case of ESA the support of our member countries. But having something presented at a conference is the first step. One of the results of the conference was a statement to space agencies to consider embarking on such a mission. See here: https://www.cosmos.esa.int/documents/336356/336472/PDC_2019_Summary_Report_FINAL_FINAL.pdf/341b9451-0ce8-f338-5d68-714a0aada29b?t=1569333739470
Go to the section 'resolutions'. This is now a statement that scientists can use to present to their funding agencies, demonstrating that it's not just their own idea.
Thanks for doing this AMA! Did we know the Chelyabinsk meteor in 2013 (the one which had some great videos on social media) was coming? Ig not, how comes? Also, as a little side one, have there been any fatalities from impact events in the past 20 years? Unfortunately, the Chelyabinsk object was not seen in advance, because it came from the direction of the Sun where ground-based telescopes cannot look.
No known fatalities from impacts have happened in the past 20 years, although the Chelyabinsk event did cause many injuries, fortunately mostly minor.
MM
the below is a reply to the above
How often do impacts from that direction happen, compared to impacts from visible trajectories? In terms of fraction of the sky, the area that cannot be easily scanned from the ground is roughly a circle with a radius of 40°-50° around the current position of the Sun, corresponding to ~15% of the total sky. However, there is a slight enhancement of objects coming from that direction, therefore the fraction of objects that may be missed when heading towards us is a bit higher.
However, this applies only when detecting an asteroid in its "final plunge" towards the Earth. Larger asteroids can be spotted many orbits earlier, when they are farther away and visible in the night side of the sky. Their orbits can then be determined and their possible impacts predicted even years or decades in advance.
MM
There must be a trade-off when targeting asteroids as they get closer to Earth, is there a rule of thumb at what the best time is to reach them, in terms of launch time versus time to reach the asteroid and then distance from Earth? DVK: Take e.g. a ‘kinetic impactor’ mission, like what DART and Hera are testing. Since we only change the velocity of the asteroid slightly, we need to hit the object early enough so that the object has time to move away from it’s collision course. Finding out when it is possible to launch requires simulations done by our mission analysis team. They take the strength of the launcher into account, also the available fuel for course corrections, and other things. Normally each asteroid has its own best scenario.
Do you also look at protecting the moon from asteroids? Would an impact of a large enough scale potentially have major impacts on the earth? DVK: There are programmes that monitor the Moon and look for flashes from impacting small asteroids (or meteoroids) - https://neliota.astro.noa.g or the Spanish MIDAS project. We use the data to improve our knowledge about these objects. These programmes just look at what is happening now.
For now we would not do anything if we predicted a lunar impact. I guess this will change once we have a lunar base in place.
Why aren't there an international organisation comprised of countries focused on the asteroid defence? Imagine like the organisation with multi-billion $ budget and program of action on funding new telescopes, asteroid exploration mission, plans for detection of potentially dangerous NEA, protocols on action after the detection - all international, with heads of states discussing these problems? DVK: There are international entities in place, mandated by the UN: The International Asteroid Warning Network (http://www.iawn.net) and the Space Mission Planning Advisory Group (http://www.smpag.net). These groups advise the United Nations. That is exactly where we come up with plans and protocols on action. But: They don’t have budget – that needs to come from elsewhere. I am expecting that if we have a real threat, we would get the budget. Right now, we don’t have a multi-billion budget.
the below is a reply to someone else's answer
There is no actual risk of any sizable asteroids hitting earth in the foreseeable future. Any preparation for it would just be a waste of money. DVK: Indeed, as mentioned earlier, we do not expect a large object to hit is in the near future. We are mainly worried about those in the size range of 20 m to 40 m, which happen on average every few tens of years to hundreds of years. And where we only know a percent of them or even less.
President Obama wanted to send a crewed spacecraft to an asteroid - in your opinion is this something that should still be done in the future, would there be any usefulness in having a human being walk/float on an asteroid's surface? DVK: It would definitely be cool. I would maybe even volunteer to go. Our current missions to asteroids are all robotic, the main reason is that it is much cheaper (but still expensive) to get the same science. But humans will expand further into space, I am sure. If we want to test human exploration activities, doing this at an asteroid would be easier than landing on a planet.
this is another reply Yes, but I am slightly biased by the fact that I work at the European astronaut centre ;) There exist many similarities to what we currently do for EVA (extra vehicular activities) operations on the International Space Station versus how we would 'float' around an asteroid. Slightly biased again, but using such a mission to test exploration technologies would definitely still have value. Thanks Obama! - AC
I've heard that some asteroids contains large amounts of iron. Is there a possibility that we might have "space mines" in the far away future, if our own supply if iron runs out? Yes, this is a topic in the field known as space mining, part of what we call Space Resources. In fact, learning how we can process material we might find on asteroids or other planetary bodies is increasingly important, as it opens up the opportunities for sustainable exploration and commercialization. Its a technology we need to master, and asteroids can be a great target for testing how we can create space mines :) - AC
By how much is DART expected to deflect Didymos? Do we have any indication of the largest size of an asteroid we could potentially deflect? PM: Didymos is a binary asteroid, consisting of a main asteroid Didymos A (~700m) and a smaller asteroid Didymos B (~150m) orbiting around A with a ~12 hours period. DART is expected to impact Didymos B and change its orbital period w.r.t. Didymos A of ~1%. (8 mins)
The size of Didymos B is the most representative of a potential threat to Earth (the highest combination of probability and consequence of impacts), meaning smaller asteroids hit the Earth more often but have less severe consequences, larger asteroids can have catastrophic consequences but their probability of hitting the earth is very very low.
the below is a reply to the above
Why is there less probability of larger asteroids hitting earth? DVK: There are less large objects out there. The smaller they are, the more there are.
the below is a reply to the original answer
Is there any chance that your experiment will backfire and send the asteroid towards earth? PM: Not at all, or we would not do that :) Actually Dimorphos (the Didymos "moon") will not even leave its orbit around Didymos. It will just slightly change its speed.
I'm sure you've been asked this many times but how realistic is the plot of Armageddon? How likely is it that our fate as a species will rely on (either) Bruce Willis / deep sea oil drillers? Taking into consideration that Bruce Willis is now 65 and by the time HERA is launched he will be 69, I do not think that we can rely on him this time (although I liked the movie).
HERA will investigate what method we could use to deflect asteroid and maybe the results will show that we indeed need to call the deep sea oil drillers.
HG
the below is a reply to the above
So then would it be easier to train oil drillers to become astronauts, or to train astronauts to be oil drillers? I do not know which one would be easier since I have no training/experience of deep see oil drilling nor becoming an astronaut, but as long as the ones that would go to asteroid have the sufficient skills and training (even Bruce Willis), I would be happy.
HG
If budget was no object, which asteroid would you most like to send a mission to? Nice question! For me, I'd be looking at an asteroid we know something about, since I would be interested in using it for testing how we could extract resources from it. So for me, I would choose Itokawa (https://en.wikipedia.org/wiki/25143_Itokawa), which was visited by Hayabusa spacecraft. So we already have some solid prospecting carried out for this 'roid! - AC
this is another reply Not sure if it counts as an asteroid, but Detlef and myself would probably choose ʻOumuamua, the first discovered interstellar object.
MM
the below is a reply to the above
Do we even have the capability to catch up to something like that screaming through our solar system? That thing has to have a heck of a velocity to just barrel almost straight through like that. DVK: Correct, that would be a real challenge. We are preparing for a mission called 'Comet Interceptor' that is meant to fly to an interstellar object or at least a fresh comet - but it will not catch up with it, it will only perform a short flyby.
https://www.esa.int/Science_Exploration/Space_Science/ESA_s_new_mission_to_intercept_a_comet
After proving to be able to land on one, could an asteroid serve as a viable means to transport goods and or humans throughout the solar system when the orbit of said asteroid proves beneficial. While it is probably quite problematic to land the payload, it could save fuel or am I mistaken? Neat idea! Wonder if anyone has done the maths on the amount of fuel you would need/save vs certain targets. - AC
PM: To further complement, the saving is quite marginal indeed because in order to land (softly) on the asteroid you actually need to get into the very same orbit of that asteroid . At that point your orbit remains the same whether you are on the asteroid or not..
can the current anti-ballistic missiles systems intercept a terminal phase earth strike asteroid? or it is better to know beforehand and launch an impacting vehicle into space? DVK: While I do see presentations on nuclear explosions to deflect asteroids at our professional meetings, I have not seen anybody yet studying how we could use existing missile systems. So it's hard to judge whether existing missiles would do the job. But in general, it is better to know as early as possible about a possible impact and deflect it as early as possible. This will minimize the needed effort.
How much are we prepared against asteroid impacts at this moment? DVK: 42… :-) Seriously – I am not sure how to quantify ‘preparedness’. We have international working groups in place, mentioned earlier (search for IAWN, SMPAG). We have a Planetary Defence Office at ESA, a Planetary Defense Office at NASA (who spots the difference?), search the sky for asteroids, build space missions… Still we could be doing more. More telescopes to find the object, a space-based telescope to discover those that come from the direction of the Sun. Different test missions would be useful, … So there is always more we could do.
Have you got any data on the NEO coverage? Is there estimations on the percentage of NEOs we have detected and are tracking? How can we improve the coverage? How many times have asteroids been able to enter earths atmosphere without being detected beforehand? Here’s our recently updated infographics with the fraction of undiscovered NEOs for each size range: https://www.esa.int/ESA_Multimedia/Images/2018/06/Asteroid_danger_explained
As expected, we are now nearly complete for the large ones, while many of the smaller ones are still unknown.
In order to improve coverage, we need both to continue the current approach, centered on ground-based telescopes, and probably also launch dedicated telescopes to space, to look at the fraction of the sky that cannot be easily observed from the ground (e.g., towards the Sun).
Regarding the last part of your question, small asteroids enter the Earth atmosphere very often (the infographics above gives you some numbers), while larger ones are much rarer.
In the recent past, the largest one to enter our atmosphere was about 20 meters in diameter, and it caused the Chelyabinsk event in 2013. It could not be detected in advance because it came from the direction of the Sun.
We have however detected a few small ones before impact. The first happened in 2008, when a ~4-meter asteroid was found to be on a collision course less than a day before impact, it was predicted to fall in Northern Sudan, and then actually observed falling precisely where (and when) expected.
MM
this is another reply >After
DVK: And to add what MM said - Check out http://neo.ssa.esa.int. There is a ‘discovery statistics’ section which provides some of the info you asked about. NASA is providing similar information here https://cneos.jpl.nasa.gov/stats/. To see the sky which is currently covered by the survey telescopes, you need to service of the Minor Planet Center which we all work together with: http://www.minorplanetcenter.org, ‘observers’, ‘sky coverage’. That is a tool we use to plan where we look with our telescopes, so it is a more technical page.
Are there any automatic systems for checking large numbers of asteroids orbits, to see if the asteroid's orbit is coming dangerously close to Earth, or is it done by people individually for every asteroid? I ask it because LSST Rubin is coming online soon and you know it will discover a lot of new asteroids. Yes, such systems exist, and monitor all known and newly discovered asteroids in order to predict possible future impacts.
The end result of the process is what we call "risk list": http://neo.ssa.esa.int/risk-page
It is automatically updated every day once new observational data is processed.
MM
What are your favourite sci-fi series? DVK: My favorites are ‘The Expanse’, I also liked watching ‘Salvation’. For the first one I even got my family to give me a new subscription to a known internet streaming service so that I can see the latest episodes. I also loved ‘The Jetsons’ and ‘The Flintstones’ as a kid. Not sure the last one counts as sci-fi though. My long-time favorite was ‘Dark Star’.
this is another reply Big fan of The Expanse at the moment. Nice, hard sci-fi that has a good impression of being grounded in reality - AC
this is another reply When I was a kid I liked The Jetsons, when growing up Star Trek, Star wars and I also used to watch with my sister the 'V'.
HG
When determining the potential threat of a NEA, is the mass of an object a bigger factor or size? I'm asking because I'm curious if a small but massive object (say, with the density of Psyche) could survive atmospheric entry better than a comparatively larger but less massive object. The mass is indeed what really matters, since it’s directly related with the impact energy.
And as you said composition also matters, a metal object would survive atmospheric entry better, not just because it’s heavier, but also because of its internal strength.
MM
What are your thoughts on asteroid mining as portrayed in sci-fi movies? Is it feasible? If so would governments or private space programs be the first to do so?What type of minerals can be found on asteroids that would merit the costs of extraction? Certainly there is valuable stuff you can find on asteroids. For example, the likely easiest material you can harvest from an asteroid would be volatiles such as H2O. Then you have industrial metals, things like Iron, Nickel, and Platinum group metals. Going further, you can break apart many of the oxide minerals you would find to get oxygen (getting you closer to producing rocket fuel in-situ!). Its feasible, but still needs alot of testing both here on Earth and eventually needs to be tested on a target. It may be that governments, via agencies like ESA or NASA, may do it first, to prove the principles somewhat, but I know many commercial entities are also aggresively working towards space mining. To show you that its definitely possible, I'd like to plug the work of colleagues who have processed lunar regolith (which is similar to what you may find on asteroids) to extract both oxygen and metals. Check it out here: http://www.esa.int/ESA_Multimedia/Images/2019/10/Oxygen_and_metal_from_lunar_regolith
AC
Will 2020's climax be a really big rock? DVK: Let's hope not...
Considering NASA, ESA, IAU etc. is working hard to track Earth-grazing asteroids, how come the Chelyabinsk object that airburst over Russia in 2013 came as a total surprise? The Chelyabinsk object came from the direction of the Sun, where unfortunately ground-based telescopes cannot look at. Therefore, it would not have been possible to discover it in advance with current telescopes. Dedicated space telescopes are needed to detect objects coming from this direction in advance.
MM
the below is a reply to the above
Is this to say that it was within specific solid angles for the entire time that we could have observed it given its size and speed? Yes, precisely that. We got unlucky in this case.
MM
Have any of you read Lucifer's Hammer by Larry Niven? In your opinion, how realistic is his depiction of an asteroid strike on Earth? DVK: I have – but really long ago, so I don’t remember the details. But I do remember that I really liked the book, and I remember I always wanted to have a Hot Fudge Sundae when reading it.
I was thinking about the asteroid threat as a teen and came up with this ideas (Hint: they are not equally serious, the level of craziness goes up real quick). Could you please comment on their feasibility? 1. Attaching a rocket engine to an asteroid to make it gradually change trajectory, do that long in advance and it will miss Earth by thousands of km 2. Transporting acid onto asteroid (which are mainly metal), attaching a dome-shaped reaction chamber to it, using heat and pressure to then carry out the chemical reaction to disintegrate asteroids 3. This one is even more terrible than a previous one and totally Dan Brown inspired — transporting antimatter on asteroid, impacting and causing annihilation. Thank you for this AMA and your time! DVK: Well the first one is not so crazy, I have seen it presented... the difficulty is that all asteroids are rotating in one way or another. So if you continuously fire the engine it would not really help. You'd need to switch the engine on and off. Very complex. And landing on an asteroid is challenging too. Just using the 'kinetic impactor' which we will test with DART/Hera (described elsewhere in this chat) is simpler. Another seriously proposed concept is to put a spacecraft next to an asteroid and use an ion engine (like we have on our Mercury mission BepiColombo) to 'push' the asteroid away.
As for 2 and 3 I think I will not live to see that happening ;-)
What is the process to determine the orbit of a newly discovered asteroid? The process is mathematically quite complex, but here's a short summary.
Everything starts with observations, in particular with measurements of the position of an asteroid in the sky, what we call "astrometry". Discovery telescopes extract this information from their discovery images, and make it available to everybody.
These datapoints are then used to calculate possible trajectories ("orbits") that pass through them. At first, with very few points, many orbits will be possible.
Using these orbits we can extrapolate where the asteroid will be located during the following nights, use a telescope to observe that part of the sky, and locate the object again.
From these new observations we can extract new "astrometry", add it to the orbit determination, and see that now only some of the possible orbits will be compatible with the new data. As a result, we now know the trajectory better than before, because a few of the possible orbits are not confirmed by the new data.
The cycle can then continue, with new predictions, new observations, and a more accurate determination of the object's orbit, until it can be determined with an extremely high level of accuracy.
MM
What are some asteroids that are on your "watchlist"? We have exactly that list on our web portal: http://neo.ssa.esa.int/risk-page
It's called "risk list", and it includes all known asteroids for which we cannot exclude a possible impact over the next century. It is updated every day to include newly discovered asteroids, and remove those that have been excluded as possible impactors thanks to new observations.
MM
the below is a reply to the above
That's quite a list!! Do you guys ever feel stressed or afraid when you have to add another dangerous candidate (and by dangerous I mean those above 200m) is added to this Risk List? Yes, when new dangerous ones are added it's important that we immediately do our best to gather more data on them, observing them with telescopes in order to get the information we need to improve our knowledge of their orbit.
And then the satisfaction of getting the data needed to remove one from the list is even greater!
MM
What inspired you to go into this field of study? I was fascinated by astronomy in general since I was a kid, but the actual "trigger" that sparked my interest in NEOs was a wonderful summer course on asteroids organized by a local amateur astronomers association. I immediately decided that I would do my best to turn this passion into my job, and I'm so happy to have been able to make that dream come true.
MM
this is another reply DVK: I started observing meteors when I was 14, just by going outside and looking at the night sky. Since then, small bodies in the solar system were always my passion.
As a layperson, I still think using nuclear weapons against asteroids is the coolest method despite better methods generally being available. Do you still consider the nuclear option the cool option, or has your expertise in the field combined with the real-life impracticalities made it into a laughable/silly/cliche option? DVK: We indeed still study the nuclear option. There are legal aspects though, the ‘outer space treaty’ forbids nuclear explosions in space. But for a large object or one we discover very late it could be useful. That’s why we have to focus on discovering all the objects out there as early as possible – then we have time enough to use more conventional deflection methods, like the kinetic impactor (the DART/Hera scenario).
It seems like doing this well would require international cooperation, particularly with Russia. Have you ever reached out to Russia in your work? Do you have a counterpart organization there that has a similar mission? DVK: Indeed international cooperation is important - asteroids don't know about our borders! We work with a Russian team to perform follow-up observations of recently discovered NEOs. Russia is also involved in the UN-endorsed working groups that we have, IAWN and SMPAG (explained in another answer).
how much can experts tell from a video of a fireball or meteor? Can you work out what it's made of and where it came from? https://www.reddit.com/space/comments/hdf3xe/footage_of_a_meteor_at_barrow_island_australia/?utm_source=share&utm_medium=web2x If multiple videos or pictures, taken from different locations, are available, then it's possible to reconstruct the trajectory, and extrapolate where the object came from.
Regarding the composition, it's a bit more difficult if nothing survives to the ground, but some information can be obtained indirectly from the fireball's color, or its fragmentation behavior. If a spectral analysis of the light can be made, it's then possible to infer the chemical composition in much greater detail.
MM
I've always wanted to know what the best meteorite buying site is and what their average price is?? DVK: Serious dealers will be registered with the 'International Meteorite Collectors Association (IMCA)' - https://www.imca.cc/. They should provide a 'certificate of authenticity' where it says that they are member there. If you are in doubt, you can contact the association and check. Normally there are rough prices for different meteorite types per gram. Rare meteorites will of course be much more expensive than more common ones. Check the IMCA web page to find a dealer close to you.
Just read through Aidans link to the basaltic rock being used as a printing material for lunar habitation. There is a company called Roxul that does stone woven insulation that may be able to shed some light on the research they have done to minimize their similarity to asbestos as potentially carcinogenic materials deemed safe for use in commercial and residential applications. As the interior surfaces will essentially be 3D printed lunar regolith what are the current plans to coat or dampen the affinity for the structure to essentially be death traps for respiratory illness? At least initially, many of these 3d printed regolith structures would not be facing into pressurised sections, but would rather be elements placed outside and around our pressure vessels. Such structures would be things like radiation shields, landing pads or roadways, etc. In the future, if we move towards forming hermetically sealed structures, then your point is a good one. Looking into terrestrial solutions to this problem would be a great start! - AC
What kind of career path does it take to work in the asteroid hunting field? It's probably different for each of us, but here's a short summary of my own path.
I became interested in asteroids, and near-Earth objects in particular, thanks to a wonderful summer course organized by a local amateur astronomers association. Amateur astronomers play a great role in introducing people, and young kids in particular, to these topics.
Then I took physics as my undergrad degree (in Italy), followed by a Ph.D. in astronomy in the US (Hawaii in particular, a great place for astronomers thanks to the exceptional telescopes hosted there).
After finishing the Ph.D. I started my current job at ESA's NEO Coordination Centre, which allowed me to realize my dream of working in this field.
MM
this is another reply DVK: Almost all of us have a Master's degree either in aerospace engineering, mathematics, physics/astronomy/planetary science, or computer science. Some of us - as MM - have a Ph.D. too. But that's not really a requirement. This is true for our team at ESA, but also for other teams in other countries.
What is the likelihood of an asteroid hitting the Earth In the next 200 years? It depends on the size, large ones are rare, while small ones are much more common. You can check this infographics to get the numbers for each size class: https://www.esa.int/ESA_Multimedia/Images/2018/06/Asteroid_danger_explained
MM
Have you played the Earth Defence Force games and if you have, which one is your favourite? No I have not played the Earth Defence Force games, but I just looked it up and I think I would liked it. Which one would you recommend?
HG
How close is too close to earth? Space is a SUPER vast void so is 1,000,000 miles close, 10,000,000? And if an asteroid is big enough can it throw earth off its orbit? DVK: Too close for my taste is when we compute an impact probability > 0 for the object. That means the flyby distance is zero :-) Those are the objects on our risk page http://neo.ssa.esa.int/risk-page.
If an object can alter the orbit of another one, we would call it planet. So unless we have a rogue planet coming from another solar system (verrry unlikely) we are safe from that.
How can I join you when I'm older? DVK: Somebody was asking about our career paths... Study aerospace engineering or math or physics or computer science, get a Masters. Possibly a Ph.D. Then apply for my position when I retire. Check here for how to apply at ESA: https://www.esa.int/About_Us/Careers_at_ESA/Frequently_asked_questions2#HR1
How much is too much? DVK: 42 again
Are you aware of any asteroids that are theoretically within our reach, or will be within our reach at some point, that are carrying a large quantity of shungite? If you're not aware, shungite is like a 2 billion year old like, rock stone that protects against frequencies and unwanted frequencies that may be traveling in the air. I bought a whole bunch of the stuff. Put them around the la casa. Little pyramids, stuff like that. DVK: If I remember my geology properly, Shungite forms in water sedimental deposits. This requires liquid water, i.e. a larger planet. So I don't think there is a high chance to see that on asteroids.
submitted by 500scnds to tabled [link] [comments]

Addressing Canada’s Employment Insurance Gap For Self-Employed Workers

Source: TD
Ksenia Bushmeneva, Economist
Dated July 15th, 2020

Highlights


Chart 1 - Workers in More Precarious Employment See Steep Job Losses

Chart 2 - COVID-19 Self-employed to Cut Hours Worked Drastically

EI Leaves Many Non-Standard Workers Behind


Chart 3 - Self-employed Workers Much More Likely to Apply for CERB

Chart 4 - Prevalence of Self-employment Varies by Province

What Complicates Offering EI Coverage For Non-Standard Workers


Chart 5 - Maternity and Family Benefits Available to Self-employment

Chart 6 - Sickness, Disability, and Work Injury Coverage Available to Self-Employed

Some Solutions Based on The International Experience


Chart 7 - Unemployment Benefits Coverage Options to Self-employed

Chart 8 - Old-age Pensions Coverage Options Available to Self-employed

Concluding Remarks


References

  1. “Employment Insurance Coverage Survey, 2018”. Statistics Canada. https://www150.statcan.gc.ca/n1/daily-quotidien/191114/dq191114a-eng.htm
  2. Sunil Johal & Erich Hartmann. “Facilitating the Future of Work Through Modernizing EI System”. The Mowat Center. https://ppforum.ca/wp-content/uploads/2019/05/PPF-Modernizing-EI-for-Future-of-Work-April-2019-EN.pdf
  3. Antonia Asenjo and Clemente Pignatti. “Unemployment insurance schemes around the world: Evidence and policy options.” International Labour Office. https://www.ilo.org/wcmsp5/groups/public/---dgreports/---inst/documents/publication/wcms_723778.pdf
  4. Sung-Hee Jeon and Yuri Ostrovsky. “The impact of COVID-19 on the gig economy: Short- and long-term concerns”. Statistics Canada. https://www150.statcan.gc.ca/n1/en/pub/45-28-0001/2020001/article/00021-eng.pdf?st=x8kZDLV7
  5. Sunil Johal & Erich Hartmann. “Facilitating the Future of Work Through Modernizing EI System”. The Mowat Center. https://ppforum.ca/wp-content/uploads/2019/05/PPF-Modernizing-EI-for-Future-of-Work-April-2019-EN.pdf Ibid.
  6. “Evaluation of the Employment Insurance Special Benefits for Self-employed Workers”. Employment and Social Development Canada. https://www.canada.ca/en/employment-social-development/corporate/reports/evaluations/2016-ei-special-benefits.html
  7. “The Future of Social Protection: what works for non-standard workers?” OECD. https://www.oecd-ilibrary.org/sites/9789264306943-en/1/2/1/index.html?itemId=/content/publication/9789264306943-en&_csp_=60072f6c81e5afb306d1ad580d284396&itemIGO=oecd&itemContentType=book#chapter-d1e549 Ibid.
  8. “Key Small Business Statistics - January 2019”. Statistics Canada. https://www.ic.gc.ca/eic/site/061.nsf/eng/h_03090.html#point1-3 Ibid.
  9. “Government Response To The Fifth Report Of The Standing Committee on The Status of Women. Interim Report on the Maternity and Parental Benefits Under Employment Insurance: the Exclusion of Self-Employed Workers.” https://www.ourcommons.ca/DocumentVieween/39-1/FEWO/report-5/response-8512-391-19
  10. “Evaluation of the Employment Insurance Special Benefits for Self-employed Workers”. Employment and Social Development Canada. https://www.canada.ca/en/employment-social development/corporate/reports/evaluations/2016-ei-special-benefits.html

End Notes

  1. Since 2010 self-employed workers can voluntarily participate in EI Special Benefit for Self-Employed Workers (SBSE) to gain access to many life event-type benefits accessible to regular employees, such as maternity and paternity leave programs, leave due to sickness or to care for an sick family member. In addition to this, current EI system allows certain exceptions for some non-standard workers. For example some individuals who work independently as barbers, hairdressers, taxi drivers, drivers of other passenger vehicles are eligible to receive benefits through the regular EI program. Fishermen are also included as insured persons under the EI Fishing Regulations. In the case of the self- employed fishermen, EI qualification is tied to income. In order to qualify for up to 26 weeks of benefit, they need to have earned between $2,500 to $4,200 in the last 31 weeks.
  2. The two main reasons for not contributing to the EI program were not having worked in the previous 12 months, and non-insurable employment (which includes self-employment).
submitted by AwesomeMathUse to econmonitor [link] [comments]

More info but nothing new solved

So I'm gonna dump some info I have gathered one more time. Nothing too cool. I hope you find it useful and maybe this helps to decrypt some of the messages! For now, it's all been failure on my end!

Decrypted posts:
F04_nod.redd -> Even though it's decrypted, I'm not sure. It may be a key for something

Some nice resources:
> Cryptography
> ARGs/internet mysteries/creepypastas

> Steganography


Paige12_2002
- Analysis of a plain english text encoded in base32 against the long message:
>>>>>>>>>>>>>>>>>>PLAIN ENGLISH ENCODED LEN -> 653 IC -> 0.0369 ###################################### D -> 38 (12.14) 3 -> 38 (12.14) H -> 36 (11.50) X -> 32 (10.22) R -> 30 (9.58) P -> 29 (9.27) 8 -> 29 (9.27) M -> 27 (8.63) F -> 27 (8.63) 9 -> 27 (8.63) ###################################### W7 -> 15 (16.48) D3 -> 11 (12.09) PM -> 11 (12.09) 3R -> 11 (12.09) BX -> 8 (8.79) C8 -> 7 (7.69) X3 -> 7 (7.69) RA -> 7 (7.69) HK -> 7 (7.69) E3 -> 7 (7.69) ###################################### 3RA -> 6 (13.33) X3R -> 5 (11.11) 3RK -> 5 (11.11) 9BX -> 5 (11.11) KM3 -> 4 (8.89) 3DE -> 4 (8.89) W7Z -> 4 (8.89) 8W7 -> 4 (8.89) 7ZH -> 4 (8.89) XE3 -> 4 (8.89) <<<<<<<<<<<<<<<<< - The first message has only 32 different characters (23456789ABCDEFGHJKLMNPQRSTUVWXYZ) in a message that is 695 chars long which suggest some sort of Base32 encoding
- The second message has 13 words of 13 letters with a charset of 36 (if we count the space) different characters.
Some of the characters here are not present in the first message (012345689ABCDEFGHIJKLMNOPQRSTUVWXYZ)
- Could this be a matrix for a Hill Cipher? -> https://en.wikipedia.org/wiki/Hill_cipher
- "To help one is to help all" -> may come from the law of one by ra
> https://truthearth.org/2016/07/01/divide-and-conquer-a-cabal-tool-as-old-as-time/
> https://www.lawofone.info/
+ How to attack this:
- One way the first message could be encrypted is by using a custom base32 alphabet
Steppos:
  1. Set a randomly sorted base32 alphabet
  2. Decrypt the encrypted message using it
  3. Check the fitness of the result
  4. Modify the alphabet
Seems straight forward. You can't check all alphabet permutations because 32! = 263130836933693530167218012160000000
What do then?
- Define transformations of the alphabet like swapping elements, sliding pieces of the alphabet, shuffle chunks,...
- Swap failing characters in the alphabet (those that decrypt to non-printable characters)
- Define a fitness function that depends on the english frequencies of bigrams, trigrams or quadgrams. Or maybe one based on the printability of the output
- If we assume that most of the characters are in the range A-Za-z then we can set a rule:
Let us analyze the first character of the string: V
V can be any number from 0 to 31... or can it? See, if we assume that the first character is a letter (which may not be the case if the original text is shuffled before the encryption), and also a capital letter (maybe it's the "T" from "To help ..."), then we have a couple of restrictions on what V can be. Ascii uppercase letters have values ranging from 0x41 (01000001) to 0x5a (01011010) so V's value must be 01---.
The catch here is the space character (' ' 0x20 00100000) which doesn't start with 01 and can be frequent in the text. Other punctuation symbols have similar issues.

past.meeting/html
- My best guess here is that this seemingly random chunk of html is to be hashed and a key generated from that, or used as-is as some sort of encryption key.
- Source of the chunk -> https://web.archive.org/web/20060402193231/http://dizzygoo.com/

Scout_Cub
- The easy solution that seems to be to easy to be a solution -> THEJUNGLEBOOK
- Notice it's 13 characters long (can this be used with other 13-char long strings that are present throughout the subreddit?)
- Tried to use this as an OTP key for the water_swift with no luck using either the numbers or the letters (I think I did this, but give it a try just in case I didn't do it or did it wrong)

barnside_downside
- A mime with a broom. It might not be an original image but, if it isn't, I haven't been able to locate the original.
- Outguess returns that no bits are available when attempting to decrypt. This seems weird, but I don't know if it means something
- Most of the pictures seem to be related with other ARGs/internet mysteries/creepypastas
- On the side of the right shack, we can see on the roof a strange drawing and XY
+ How to attack this:
- It might have some hidden info so you can check steganography software like outguess and attempt to recover the hidden information bruteforcing the key with a list of words. Since we don't know wether there is information hidden (or even if reddit compresses the images when uploading them, which would kill any chance of hiding stuff in it), this might lead to nothing.

squared_squared
- Charset (57): 03456789BCDEFGHIJKLMNOPQRSTUVWXZabcdefghijklmnopqrsuvwxyz
- 13 characters per string, 13 strings
- This could be a table of keys.
+ How to attack?
- No idea. So start with the basics:
- Frequency analysis:
 ('0', 9), ('r', 8), ('b', 7), ('q', 6), ('m', 5), ('H', 5), ('J', 5), ('9', 5), ('8', 4), ('g', 4), ('a', 4), ('N', 4), ('x', 4), ('F', 4), ('V', 4), ('h', 3), ('j', 3), ('E', 3), ('S', 3), ('e', 3), ('O', 3), ('v', 3), ('C', 3), ('f', 3), ('z', 3), ('7', 3), ('n', 3), ('o', 3), ('X', 3), ('W', 3), ('d', 2), ('K', 2), ('Z', 2), ('k', 2), ('B', 2), ('G', 2), ('s', 2), ('y', 2), ('Q', 2), ('c', 2), ('T', 2), ('5', 2), ('p', 2), ('i', 2), ('R', 2), ('l', 2), ('3', 2), ('I', 2), ('L', 2), ('P', 1), ('D', 1), ('U', 1), ('w', 1), ('4', 1), ('6', 1), ('u', 1), ('M', 1) 
- A similar analysis as with the Paige12 post can be done.
target_manners_quiz
- Charset (31): 01245679ABCDEFGIJKMNOPQRSUVWXYZ
- The fact that it's 31 different characters may come from the fact that the message is not very long or it may be that there are only 31 characters in the alphabet.
- It's likely that the top message uses the same alphabet
- In the top message not all words are the same length (13 - 6 - 12 - 6 - 13)

random_chance/fate
- Another chunk of html.
- A similar one -> https://codepen.io/Keyy/pen/GmdWwX.html
- Might be an old implementation of some sort of MM Chat -> https://www.cvedetails.com/vulnerability-list/vendor_id-8299/year-2008/Mm-Chat.html
- 859 chars long

water_swift
- 13 hexadecimal character
- This could be a One Time Pad (OTP). In this case what you do is you take a string that is also 13 chars long and xor each character with a 13 char long key. To decrypt, xor the encrypted result with the key.
+ How to attack:
- Take all 13 char long strings and xor them against this.
- The problem with OTP is that unless you know the key, you can make the text say anything you want by decrypting it with the right key:
>> Let's assume I want this to be THEJUNGLEBOOK. What I need to do is xor each character of the string with the encrypted message. That gives me c1 db ea 0c c3 71 22 83 a2 7d 61 79 4d. I can now use this to xor the encrypted message and get THEJUNGLEBOOK as plaintext

archive-hiking
- A link to a section of oocities and a series of numbers and words. Will do a bot to check them sites!
>> BOT OUTPUT:
Found omega in http://www.oocities.org/yosemite/3949/ Found 1313 in http://www.oocities.org/yosemite/4321/ Found allag in http://www.oocities.org/yosemite/5934/ Found omega in http://www.oocities.org/yosemite/6152/ Found omega in http://www.oocities.org/yosemite/6195/ Found 1313 in http://www.oocities.org/yosemite/8423/ Found omega in http://www.oocities.org/yosemite/8878/ Found 1313 in http://www.oocities.org/yosemite/9185/ Found 1313 in http://www.oocities.org/yosemite/9195/ 
- This was found crawling only the main index. The bot may need to go deeper underground!
- The words are 13 13 omega allag weinstein challa g57
- g57 may be another medical code -> https://icd.codes/icd10cm/G57

8clubs_1anni
- Charset (32): 23456789ABCDEFGHJKLMNPQRSTUVWXYZ
- 20 8-letter strings
- It may use the same algorithm as the first post

rich_s
- Another chunk of html (1507 chars)
- Seems to come from facebook somehow. Similar code -> https://codepen.io/dev2309/pen/XpaBxo.html
20feb04stockwood.cplus
- A c program which outputs something like this:
1313 >> 20 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 
- >> indicates the input I gave it
- This could be used to sort some of the characters in the encrypted messages.
- The encryption could be just writing the characters in order and then take them out in columns. For example:
- We want to encrypt ATTACKATDAWN
- We lay the text according to this pyramid
 A TT ACK ATDA WN 
- Extract the text by columns -> ATAAWTCTWKDA
- To decrypt, just lay the text in columns and enjoy. Combine this with some sort of substitution to reduce your sanity levels!
- A python implementation:
def main(): n, i, c, a = (1, 1, 1, 1) print('1313') # Will break if a string is input n = int(input()) # Since python's range goes [1,n) we need to increase n by 1 # we need to add one to the top limit for i in range(1, n+1): for c in range(1, i+1): print('%d ' % a, end='') a += 1 print() return 0 
missing_param
- Here starts the shit. The encrypted text (if it is an encrypted message), not only plays with the different characters, but it also adds formatting to the equation. Is this important? Can I ignore italics and other such artifacts? Probably not. Probably not...

passable_forest
- This looks like substitution + transposition. Are the spaces moved around to? If not, how many combinations that make sense of a one-letter - two-letter pair are there in english?
- Give it a try with the program of the stockwood post
- Check them candidate algorithms:
> Vigenere
> Autokey
> Beaufort
> Running key
> Hill cipher
> ADFGVX cipher
> Playfair cipher
> Moar -> https://en.wikipedia.org/wiki/Category:Classical_ciphers

homage_com_dos_f04
- This one seems to be a variation of the f04cb algorithm.
- If we arrange the characters into columns every 3 bytes we get:
 3d 41 74 3c 42 73 38 43 73 3a 43 71 36 40 72 36 45 76 3c 40 76 3d 47 78 35 a9 75 38 41 71 39 a3 74 35 41 71 39 a5 78 35 a9 77 35 42 77 39 a5 72 3d 42 76 3a 44 5a 39 a6 73 36 40 76 3a 48 74 36 40 74 37 
- All characters in the left column start with 3 (0011)
- Almost all characters in the middle column start with 4 (0100)
- Almost all characters in the right column start with 7 (0111)
- The fact that it's almost all points to a operation done to the characters (like a xor) and not to half-bytes just being added in between half-bytes
- It is impossible to represent more than 16 characters with half a byte. This means that, in case the xor operation was the last one done, you can't know in advance where the positions of the 0s and 1s in the first half of the byte are going to be. You could have some sort of one time pad so that it produces this result, but this option seems unlikely
- Those characters that don't follow the pattern could correspond with special characters (like \r, \n, \t,...)
- Since 3 seems to have some sort of significance, it could be that the operations are done to groups of 3 bits (or 6, 13, pick a number!)

welcome to our new home
- Just a text. 32 characters long if we take the spaces into account

anthem_crab.tree
- Not your typical Lorem Ipsum. It starts with the standard "Lorem ipsum" but then changes.
- All the words seem to be in the post seem to be in the original post. Maybe this is a clue for the code.
Maybe the text can be translated into numbers according to the place of the word in the original text (first occurrence). Then, maybe those numbers can be used for something. Maybe.
- The tree in the title may be a clue to use the stockwood program

hollow_web.jpg
- As with all images, check with outguess or similar tools
- Original image -> https://archive.4plebs.org/x/thread/14736756/

verse.txt.doc
- The text seems to be some dummy text
- You can check this by searching for example "Gi tractare ut ex concilia" in google
- Where this text comes from is unknown
- A longer version -> https://koouma2.blogspot.com/2019/01/de-iste-tunc-esse-illa-ii-actu-idem.html

start.search.ggd
- Another reference to oocities
- The text is from Kafka's Metamorphosis -> https://dailylit.com/read/175-the-metamorphosis
- It also seems to be used as dummy text for html templates

creations_puzzle.jpg
- Crossword picture. Could this be used as a template for letters in some of the previous text?
- Following are the clues with the length of each word in the crosswords
ACROSS
3 The OG (6)
5 Lake (4)
10 Brookfeld (3)
12 The first coming (14)
14 The Great SF64 (4)
15 Moose (8)
16 Prefix and begin (3)
17 Justic (4)
DOWN
1 Ema (5)
2 VolumeX (9)
4 Fasttrack (3)
6 Meet You There (5)
7 Frame (10)
8 The Lost (7 or 6)
9 Pursuit (7 or 6)
11 Microphone (4)
12 IceRen (5)
13 Jacket (4)
- Please check that the words have been transcribed correctly

EAW - CYFI?
- Looks like one of those transposition + substition ciphers I heard so much about...
- That EAW, has it something to do with the Ema of the creations_puzzle.jpg?
+ How to attack
- Get frequencies of letters and bigrams
- Get the Index of Coincidence
- Depending on what comes out cry or attempt something different
- First, try key sizes of 6 and 13 as they seem to be important numbers
- Try to guess some of the words that can be there. The longer the better!
- When fail, crouch into fetal position and keep crying.
jan_24_2015.cal
- A program?
 // # # # # # # # y=0 // # # . . . # # y=1 // # # . . . . # y=2 // # . . . . . # y=3 // # # . . . . # y=4 // # # . . . # # y=5 // # # # # # # # y=6 x2 = x - 1 + ((y + FirstShift) % 2); x3 = x + ((y + FirstShift) % 2); 
- If it is an % represents modulo, then the second part can only be 0 or 1
- x3 = x2 + 1
- There is also a list of numbers and a sentence
- Is the reference a shady reference to cicada?
- Is it a reference to one of the spinoffs of cicada?

wonder_year_s4_20
- Charset (24): _'ABCDEFGHIKLMNOPRSTUVWY (the _ represents the space)
- It's 143 characters long. 143 = 13*11
- The IC matches that of english so it could be that only transposition has been used
- Individual frequencies also match those of english (more or less, but good enough for such a small text)
- At least it's a double transposition (maybe more)
- There are 24 spaces which suggest that the sentence is 25 words long
- The presence of ' indicates that there is a n't or 's (are there more possibilities?)
- We don't know the key size.
- Key lengths -> first I'll try 13 13, 6 13, 13 6, 4 20, 20 4 and see what happens
- Maybe the key is in one of the previous messages with long strings or even the jungle book one
+ How to attack?
- Assuming this is a double transposition, follow this -> https://www.uni-kassel.de/upress/online/OpenAccess/978-3-7376-0458-1.OpenAccess.pdf chapter 5.3.1 (page 68)
- If it's more than double transposition, I think the same attack vector still holds
- Check also William Friedman's literature on the subject

bright_lights.doc
- Charset(32): 23456789ABCDEFGHJKLMNPQRSTUVWXYZ
- Here is the reference to 1976. It could be a reference to the paper by Diffie and Hellman
- All strings are 8 chars long except for the first and the last (6)

pix_strand
- No idea. Has a comment that looks like a perl script. Haven't tried to run it (it would need a couple of files)


I'm going to add a small explanation on baseN numbers
What is baseN?
A base32, base64, base10,... is just the number of different characters you use to represent a number.
For example
 base10 base2 base16 12 1100 0xc 

This can be interpreted as:
 12 -> 1 * 10^1 + 2 * 10^0 1100 -> 1 * 2^3 + 1 * 2^2 + 0 * 2^1 + 0 * 2^0 0xc -> c * 16 ^ 0 
In the case of base 16 we need more characters than just the numbers from 0-9 so we use a-f for the 10-15 range. In this example c = 12.
This is the basic idea. However when you check the standard base64 implementations you can see that the encoded string has sometimes padding characters (=). This is a consequence of how bytes are encoded into base64 to optimize the performance of the algorithm. In the standard case, each of the characters of the base64 alphabet (https://en.wikipedia.org/wiki/Base64#Base64_table) from 0 (binary 000000) to 63 (binary 111111).
So when you encode a string like MESSAGE to base64 first you transform it into bits:
 M E S S A G E 01001101 01000101 01010011 01010011 01000001 01000111 01000101 
Then, group them into 6bit numbers:
 >> 010011 010100 010101 010011 010100 110100 000101 000111 010001 01 
We need to add 4 zeros to complete the 6 bits groups. To indicate this we will add 2 = chars to the end of the string
 >> 010011 010100 010101 010011 010100 110100 000101 000111 010001 010000 
If we encode this according to the base64 value table we get:
 010011 010100 010101 010011 010100 110100 000101 000111 010001 010000 T U V T U 0 F H R Q == 

submitted by averagetheposter to whatisada387 [link] [comments]

[Just Launched] Options Domination Binary Trading - [Amazing System] - True Risk Free Trades! [New for 2015]

Many brokers or services will market something called “risk free” trades in which a certain number of your first trades you can get your money back should the signals they give you prove to be of bad quality. In most cases there are many regulations that require you to keep investing a certain amount before you can withdraw your “risk free” trades. This is the sign of a bad signal provider that probably makes more money selling their signals then they do actually implementing them themselves.
In our case study of the system we won 5 out of 7 of the trades and pocketed $250 in profit which is a 25% return on a small investment. We were very impressed with these results. At that time we could have elected to withdraw our original $1,000 and essentially be playing with the $250 “on the house”. CLICK HERE TO GET YOUR RISK FREE TRADES NOW!
CLICK HERE TO GET YOUR RISK FREE TRADES NOW!
Using their basic system of signals we were able to accumulate over $10,000 in our account in just 30 days! These are better results then we have gotten with other binary signals costing 10 times the amount of what options domination is charging. For a simple $50 a month you get multiple daily signals, keep in mind they don’t send you 1,000’s of signals a day like most services as they are focusing on the quality of the signal and not just sending you a bunch of garbage signals like many of the other companies do.
binary options trading, binary options trading signals, binary options trading strategy, binary options trading system, binary options trading signals review, binary options trading software, binary options trading platform, binary options trading robot, binary options trading signals franco, binary options trading hours, binary options trading + , binary options trading signals, binary options trading strategy, binary options trading system, binary options trading signals review, binary options trading review, binary options trading software, binary options trading platform, binary options trading robot, binary options trading signals franco, binary options trading hours, binary options trading + a, binary options trading alerts, binary options trading affiliate program, binary options trading api, binary options trading australia, binary options trading account, binary options trading articles, binary options trading app, binary options trading advice, binary options trading academy, binary options trading assets, binary options trading + b, binary options trading brokers, binary options trading books, binary options trading bot, binary options trading blog, binary options trading basics, binary options trading best sites, binary options trading + c, binary options trading course, binary options trading calculator, binary options trading charts, binary options trading course online, binary options trading companies, binary options trading companies in usa, binary options trading canada, binary options trading competition, binary options trading contest, binary options trading complaints, binary options trading + d, binary options trading demo account, binary options trading demo, binary options trading definition, binary options trading demo account without deposit, binary options trading dubai, binary options trading does it work, binary options trading demo account uk, binary options trading daily, binary options trading discussion, binary options trading dangers, binary options trading + e, binary options trading etrade, binary options trading education, binary options trading examples, binary options trading explained, binary options trading ebook, binary options trading etoro, binary options trading europe, binary options trading eztrader, binary options trading experience, binary options trading experts, binary options trading + f, binary options trading for beginners, binary options trading forum, binary options trading franco, binary options trading forex, binary options trading for dummies pdf, binary options trading free, binary options trading for dummies, binary options trading free demo, binary options trading for us citizens, binary options trading for usa, binary options trading + g, binary options trading guide, binary options trading game, binary options trading groups, binary options trading guide pdf, binary options trading good or bad, binary options trading glossary, binary options trading graphs, binary options trading gambling, binary options trading gurus, binary options gold trading, binary options trading + h, binary options trading hours, binary options trading help, binary options trading history, binary options trading halal or haram, binary options trading halal, binary options trading how does it work, binary options trading how to, binary options trading hack, binary options hourly trading system, 60 second binary options trading hours, binary options trading + i, binary options trading in the us, binary options trading indicators, binary options trading in the usa, binary options trading illegal, binary options trading in america, binary options trading income secrets, binary options trading in united states, binary options trading is it real, binary options trading in south africa, binary options trading india, binary options trading + j, binary options trading journal, binary options trading jobs, binary options trading + k, binary options trading in kenya, making money with binary options trading starter kit, binary options trading + l, binary options trading low deposit, binary options trading legal us, binary options trading low minimum deposit, binary options trading live signals robot 2014, binary options trading lessons, binary options trading legit, binary options trading license, binary options trading loss, binary options trading legal in canada, binary options trading live charts, binary options trading + m, binary options trading minimum deposit, binary options trading methods, binary options trading mentor, binary options trading meaning, binary options trading millionaires, binary options trading malaysia, binary options trading make money, binary options trading market, binary options trading minimum deposit 100, binary options trading martingale, binary options trading + n, binary options trading nadex, binary options trading news, binary options trading no minimum deposit, binary options trading no deposit bonus, binary options trading nz, binary options trading new zealand, binary options trading nigeria, binary options trading newsletter, binary options trading nifty, binary options trading nairaland, binary options trading + o, binary options trading on weekends, binary options trading online, binary options trading on mt4, binary options trading or gambling, binary options trading opinions, binary options trading oanda, binary options trading - optionbit, binary options trading hours, binary options trading good or bad, binary options trading course online, binary options trading + p, binary options trading platform, binary options trading practice account, binary options trading practice, binary options trading program, binary options trading pdf, binary options trading paypal, binary options trading platform reviews, binary options trading platform comparison, binary options trading plan, binary options trading psychology, binary options trading + q, binary options trading questions, binary options trading + r, binary options trading review, binary options trading robot, binary options trading room, binary options trading robot review, binary options trading real time charts, binary options trading regulations, binary options trading real, binary options trading recommendations, binary options trading + s, binary options trading signals, binary options trading strategy, binary options trading system, binary options trading signals review, binary options trading software, binary options trading signals franco, binary options trading scams, binary options trading sites, binary options trading signals free, binary options trading strategy youtube, binary options trading + t, binary options trading training, binary options trading times, binary options trading tools, binary options trading td ameritrade, binary options trading techniques, binary options trading tips, binary options trading tutorial, binary options trading tutorial pdf, binary options trading tricks, binary options trading the news, binary options trading + u, binary options trading usa, binary options trading united states, binary options trading using paypal, binary options trading uk, binary options trading uae, binary option trading uk reviews, binary options trading youtube, binary options trading system upto 90 accuracy, binary options trading legal us, binary options trading platform uk, binary options trading + v, binary options trading videos, binary options trading volume, binary options trading vs gambling, binary options trading vs forex, binary options virtual trading, binary options virtual trading account, free binary options trading videos, vault options binary trading, options trading vs binary options, track elite v1.2 binary options trading system, binary options trading + w, binary options trading wiki, binary options trading websites, binary options trading with franco, binary options trading with no minimum deposit, binary options trading what is, binary options trading winning strategy, binary options trading without investment, binary options trading with no deposit, binary options trading with bollinger bands, binary options trading with paypal, binary options trading + y, binary options trading yahoo answers, binary options trading youtube, binary options trading strategy youtube, binary options trading signals youtube, does binary options trading work yahoo, binary options trading + z, binary options trading new zealand, binary options trading + 1, binary options trading 101, binary options trading $100 minimum deposit, binary options trading top 10, $1 binary options trading, top 10 binary options trading platform, binary options 1 minute trading, 10 minute binary options trading system, binary options trading + 2, binary options trading 2014, binary options trading 2013, binary options trading 2012, binary options trading 24, binary options trading system 2014, binary options trading system 2013, binary options trading signals 2013, free binary options trading signals 2014, best binary options trading platform 2013, 24 hour binary options trading, binary options trading + 3, 3 binary options trading strategies for beginners, binary options trading + 4, binary options trading for beginners, binary options trading for dummies, binary options trading for a living, binary options trading for usa, binary options trading for us citizens, binary options trading for dummies pdf, binary options trading for free, binary options trading for mt4, binary options trading strategies for beginners, binary options trading signals for free, binary options trading + 5, binary options trading 50 deposit, 5 minute binary options trading, 5 minute binary options trading strategy, 5 min binary options trading strategy, binary options trading + 6, binary options trading 60 second strategy, binary options trading 60 seconds, 60 second binary options trading system, 60 sec binary options trading strategies, 60 seconds binary options trading signals, 60 second binary options trading hours, 60 second binary options trading demo account, 60 second binary options trading software, binary options trading + 7, binary options trading, binary options trading signals, binary options trading strategy, binary options trading system, binary options trading signals review, binary options trading review, binary options trading demo account, binary options trading platform, binary options trading in india, binary options trading forum, binary options trading + 8, assaxin 8 binary options trading system, binary options trading + 9, binary options trading system upto 90 accuracy, binary options trading system striker9, striker9 pro binary options trading system
submitted by optionsdomination to optionsdomination [link] [comments]

60 Second Binary Options Indicator 85% Success [ NEW !!!] Binary Numbers in 60 Seconds - YouTube 60 Second Trading Rapid Fire Strategy-binary options trading strategy 60 Second Binary Options Trading : Mastering Binary ALPHA : Recape - Part -1 Day Trading 60 Second Binary Options Using Martingale Trading Strategy Binary Options (BO301) - 60 Second Binary Options (Part 1) Binary options trading for dummies step by step. Best Binary Options System Start Profiting Now - Your New System Inside Best Binary Options Trading Signals- Avoid SCAMS! -Make Money Online Try This 60 Seconds binary options strategy 99 - 100% Winning (100% ...

for at least another 30 to 60 seconds. During that time, if your trade was close, the stock move just enough for you to lose your money. The scammer uses a trading platform where the trader has no way of having an exact time for the trade to expire because the clock goes to zero, but the broker keeps it open until it moves to where they get the investor's money. Since this particular broker ... Binary options brokers in india . Library > Easily browse all content. Customer Stories > See success stories with Conversica Events > Come meet us in person. Argo binary option trade class. افضل شركات التداول بالعملات في لبنان . Videos > See us in action Other Resources > Data Sheets. The two minute binary option strategy > Infographics. About. About Us > LEARN ... trade period that’s as short as 60 seconds. No other trading platform offersa trading period that’s quite so short. With binary options trading, you can take advantage of the fact that returns are always fixed.You’ll always get the same return on investment, or ROI, regardless of the amount of your investment. There’s also no spread, so identical prices are given for put options and ... The book introduces a strategy for binary options with an expiration time of only 60 seconds. This way the author Jack Swift aims for higher profitability as the number of trades will grow ... Best bank to use for binary options. Opciones binarias colombia significado . Library > Easily browse all content. Customer Stories > See success stories with Conversica Events > Come meet us in person. Lta opções binárias. Opções binárias segunda feira . Videos > See us in action Other Resources > Data Sheets. Pdf on binary options trading > Infographics. About. About Us > LEARN MORE ... If you like trading forex, here are several forex trading books to consider. To understand how the system works, here are some more examples. Since a credit of options. Trades binary univeristy important second. Sale, work 60 seconds binary options strategy that works signals 24option binary top day trading stocks 2020 review for facebook today. It is important to have an idea about the ... This trading binary options for dummies PDF features the in and outs of BO as well as strategies needed to achieve success in trading binaries. Here are some of the topics you'll discover while reading the book: The single most critical factor to binary options strategy success - ignore it at your own perils. How to prevent falling prey to a dishonest broker. Simple, easy to copy ideas that ... The majority of traders are trading the short term binary options, anywhere from 60 seconds to 30 minutes. The strike price is the price that you were able to enter the trade at and this is the price that determines whether or not your trade is a winner or a loser. In the brief example above, the strike price is $1612.75. This is the price that gold needed to close at above in order to win ... On Monday, I broke from my normal routine of trading 15-minute expiries from the 5-minute chart in favor of “60-second” binary options. For one, I simply felt like breaking things up a bit for my own enjoyment. And two, I know that many traders are into this fast-paced alternative, as it’s now offered by many offshore brokers. Therefore, introducing some 60-second trades into my blog can ... The 1-minute binary options or the 60-seconds time frame is the best chart for trading binary options. In other words, the best binary options expiration time is the 60 seconds time frame. We recommend highlighting the starting point on your charts. And the ending point of your 50-candle low that you have identified. Simply draw two vertical lines on your chart through the starting point and ...

[index] [23673] [8429] [8786] [23550] [7317] [4673] [23484] [2596] [11764] [23191]

60 Second Binary Options Indicator 85% Success [ NEW !!!]

60 Second Binary Options Indicator 85% Success [ NEW !!!] Russia's politics have been in the news a lot lately due to the growing tensions between the country and Ukraine. Russia is rich in ... I fill excited cos it will be a new edition of Mastering Binary ALPHA in 3 HRS only. I think for 60 Second Binary Options trading this will be the best Video tutorial every and all my readers and ... Binary Options (BO301) - 60 Second Binary Options (Part 1) Financial Trading School. Loading... Unsubscribe from Financial Trading School? Cancel Unsubscribe. Working... Subscribe Subscribed ... Each binary options platform offers different trading tools, but 60 seconds trading remains the most popular feature today. Trade Rush, the leading binary options broker, invented this feature and ... 60 Seconds binary options strategy 99 - 100% Winning (100% profit guaranteed) - Duration: 22:15. ... Book of Enoch P.1 The Anunnaki - Watchers and the Nephilim Ancient Aliens Documentary 2019 ... 60 Seconds binary options strategy 99 - 100% Winning (100% profit guaranteed) 90 - 95% Winning Binary Options Strategy in case of correct prediction - 1 to 5... http://asktraders.immerchat.com/ioptionfirestrategy binary options trading strategy binary options method,best binary option broker,best binary option tradin... Binary Options System p binary options system pdf striker9 pro binary options system 60 second profits binary options system binary options pro system proven binary options system binary options ... Learn how to trade 60 seconds binary options with Price Action - BO301 - Duration: 22:01. InvestingOnline 28,998 views. 22:01. Make a Living in 1 Hour a Day Trading the 3 Bar Play!! Understand how binary numbers work, including how to read binary numbers, and create your own.

https://binary-optiontrade.jaiprotworkci.ml