Constructing the Word's First JPEG XL MD5 Hash Quine

(stackchk.fail)

127 points by luispa9 days ago

6 comments

throw0101d1 day ago
One of my saved HN comments from @Retr0id:---<pre><code> Beware of having too-small fingerprint hashes though, or not checking enough of the digits. $ echo -n retr0id_662d970782071aa7a038dce6 | sha256sum 307e0e71a409d2bf67e76c676d81bd0ff87ee228cd8f991714589d0564e6ea9a - $ echo -n retr0id_430d19a6c51814d895666635 | sha256sum 307e0e71a4098e7fb7d72c86cd041a006181c6d8e29882b581d69d0564e6ea9a -</code></pre> ---* <a href="https://news.ycombinator.com/item?id=38668893">https://news.ycombinator.com/item?id=38668893</a>
- Retr0id1 day ago
 I later wrote an article explaining how I computed that: <a href="https://www.da.vidbuchanan.co.uk/blog/colliding-secure-hashes.html" rel="nofollow">https://www.da.vidbuchanan.co.uk/blog/colliding-secure-hashe...</a>(Doing it the "obvious" way would involve infeasible amounts of storage space)
 - wizzwizz41 day ago
 I'd be interested in seeing even your messy non-working code for that.
zygentoma1 day ago
This is soo cool! Especially the prediction machine stuff. I had no clue this was possible.And also at the same time a good reminder for everyone to find a browser that supports JPEG XL. I wonder if that was part of the reason to do this. :)
- embedding-shape1 day ago
 > And also at the same time a good reminder for everyone to find a browser that supports JPEG XLThat's probably furthest down on my list of features I look for in browser, where the top two are "Not run by a for-profit company living on extracting data from users" and "Can have tabs vertically in sidebar in a tree-based structured format".
 - MrAlex941 day ago
 Waterfox might be what you’re after?- Supports JXL out of the box (including support for alpha transparency and animations)- Vertical tabs with optional tree tabs (hired the original tree style tab developer to implement the feature)- For profit, but I don’t want your data, collect it or use it to earn a living (telemetry/analytics/experiments disabled at build time and alongside a fair few patches on top to make sure external connections are limited to what’s necessary)Sidebar, I’m the developer of Waterfox
 - embedding-shape1 day ago
 Firefox (with minor changes + addons) is what I use today, works well for what I care about. Thanks for the recommendation though!While you're here, last time I came across your website (and it seems like it looks the same currently), I noticed that your browser comparison is not including Firefox, which is what you've forked from (as far as I can tell at least, it isn't made clear by the landing page actually, but the UI and name makes it obvious), which feels like it's a bit misleading almost intentionally.
 - MrAlex941 day ago
 Not intended to be misleading in a way, but it is on purpose as Mozilla don’t like it when there’s mention of Firefox on the website so I make any references sparingly.
 embedding-shape1 day ago
 Huh, interesting. Is it that you're avoiding Mozilla from some sort of retribution, preventing you from effectively working on Waterfox in case you anger them? I'm not sure it should matter too much what Mozilla thinks about other browsers comparing themselves to Firefox, it's definitely fair usage as long as you don't try to trick people into believing Mozilla is also building Waterfox / Waterfox is somehow exactly the same as Firefox.Just adding Firefox in your comparison table really should be fine, and kind of makes me want to ask someone at Mozilla why others would be afraid of doing so.
 - progbits1 day ago
 Also one which doesn't add new image decoder with built-in VM that is rawdogged in C, like Safari.Chrome and Firefox are making a very reasonable decision to wait for a memory safe decoder.
 - F3nd01 day ago
 Chrome's involvement in the past few years has (until very recently) been anything but reasonable.That said, have any of them subjected WebP or AVIF to the same strict requirements, or should we reserve those only for less complex codecs actually designed with images in mind?
wild_pointer1 day ago
In the era of LLM-generated content, such a high-quality writeup is a breath of fresh air. Well done!
bigbuppo1 day ago
Nobody was this excited about WEBP.
- QuaternionsBhop1 day ago
  Webp was not as exciting. JpegXL has cool features like 20% improved lossless jpeg recompression and progressive decoding. Not to mention all the cool stuff used in the writeup like implementing a font in the prediction engine.
  - bigbuppo1 day ago
    And best of all, it's not a google product, so it can be trusted.
smokel1 day ago
Shouldn't that be "World"?
b16m3 days ago
[flagged]
- blenderob1 day ago
 This is an automated bot incorrectly claiming posts are dupe: <a href="https://news.ycombinator.com/threads?id=b16m">https://news.ycombinator.com/threads?id=b16m</a>Looks like it was banned: <a href="https://news.ycombinator.com/item?id=46188453">https://news.ycombinator.com/item?id=46188453</a>How is it still posting?
 - embedding-shape1 day ago
 > How is it still posting?Banned accounts show up as [dead] as soon as they post, so most users don't see those comments, only those with showdead enabled. Commonly referred to as "shadowbanned" but usually operators also don't tell shadowbanned users they've been shadowbanned.
 - blenderob1 day ago
 This one didn't show up as "[dead]" for some reason.
 - philipkglass1 day ago
 Somebody must have clicked the "vouch" link on the comment, probably not realizing that it was a misleading post by a bot.
 - poly2it1 day ago
 Looking at the posts, there are many formatting differences added across the comments. Either the account owner are posting the comments themselves, or they are manually modifying the bot script to add mistakes over time.
- jsnell1 day ago
 It's fine to have a few duplicate submissions for articles that did not get any attention originally.