7 votes

Fortnightly Programming Q&A Thread

General Programming Q&A thread! Ask any questions about programming, answer the questions of other users, or post suggestions for future threads.

Don't forget to format your code using the triple backticks or tildes:

Here is my schema:

```sql
CREATE TABLE article_to_warehouse (
  article_id   INTEGER
, warehouse_id INTEGER
)
;
```

How do I add a `UNIQUE` constraint?

5 comments

  1. [2]
    suspended
    Link
    I've never worked on E2E before. Thus, I'm not sure that what I have been working on is, technically, considered E2E. It's basically a browser based private messaging system. The only two tidbits...

    I've never worked on E2E before. Thus, I'm not sure that what I have been working on is, technically, considered E2E. It's basically a browser based private messaging system.

    The only two tidbits that I'm certain about are:

    • All information in the database is encrypted.
    • All information is sent to and from the browser using TLS.

    What, precisely, is E2E?

    5 votes
    1. 9000
      Link Parent
      I assume you mean end-to-end encryption, often abbreviated as either "E2E encryption" or "E2EE". Essentially, E2EE means that the clients handle all cryptographic operations so that only the...

      I assume you mean end-to-end encryption, often abbreviated as either "E2E encryption" or "E2EE".

      Essentially, E2EE means that the clients handle all cryptographic operations so that only the sender and receiver of a message can read it. Adding TLS is only E2EE if you consider the client and the server to be the relevant parties, but usually this is not the case. For instance, Facebook Messenger (as currently written) is not considered to be E2E encrypted, despite using TLS, because the messages are not encrypted with the recipient's key by the browser, and so the Facebook servers can see the plaintext messages. However, Signal and WhatsApp are both considered E2E encrypted, because messages are encrypted before being sent to the server at all (even if this connection to the server is protected by TLS).

      Thus, it seems like your private messaging system is not E2E encrypted. According to your link, it looks like the database encryption is applied by the server, so the person running this server (you) could still see the plaintext messages if you want. You could even forge messages from other users, if you wanted. You would also be susceptible to legal pressure, since you would be capable of reading messages.

      E2E encrypted messaging services provide a lot of privacy, but they tend to be much more difficult to implement, because all of your clients have to know the keys for all of their contacts to be able to send them messages. Additionally, the more metadata you encrypt (to be more private), the more difficult it is to run an efficient, abuse-free service.

      I hope this helps!

      3 votes
  2. [3]
    Gyrfalcon
    Link
    Recently I was working on a Python project that I wanted to move from my desktop for development to my Raspberry Pi for execution. I knew I was going to do this, so I had a virtual environment and...

    Recently I was working on a Python project that I wanted to move from my desktop for development to my Raspberry Pi for execution. I knew I was going to do this, so I had a virtual environment and a requirements.txt ready. However, when I went to install my Python packages, several complained that they needed a particular compiler for the ARM platform, aarch64-linux-gnu-gcc. This compiler seemed to be installed on the system, but inaccessible from inside my virtual environment. The packages that I installed that finally seemed to dispel the error were in a command from here, about an entirely different package, as follows:

    sudo apt-get install python3 python-dev python3-dev \
         build-essential libssl-dev libffi-dev \
         libxml2-dev libxslt1-dev zlib1g-dev \
         python-pip
    

    I'm not sure which of these packages did the trick. Is there anyone with a little more Python experience who could point me in the right direction? I'm hoping to document what I am doing so others can use the software in a similar manner, but I don't want to just say "Install these packages and it will work" without really knowing why.

    1. [2]
      3d12
      Link Parent
      At a guess, I would say it's probably build-essential that included the ARM compiler, since I think build-essential comes with a few extras for gcc. But you are at an advantage since you have the...

      At a guess, I would say it's probably build-essential that included the ARM compiler, since I think build-essential comes with a few extras for gcc. But you are at an advantage since you have the list of packages -- the best way to know would be to image the Pi and start again, but install one package at a time until it works.

      1 vote
      1. Gyrfalcon
        Link Parent
        Yeah I think that's probably what I'm going to have to do. It's a shame that I'll have to just pave over the whole thing to make it work though. Thanks!

        Yeah I think that's probably what I'm going to have to do. It's a shame that I'll have to just pave over the whole thing to make it work though. Thanks!

        1 vote