Neither will an ESP32 that needs permanent internet acccess and relies on a publicly available API usually running on Linux servers. Running on a realtime OS is not relevant for zclaw.
Can you code up a quick sqlite database of inbound emails receieved (md5 hashed sender email), subject, body + what your claw's response would have been, if any. A simple dashboard where have to enter your hashed email to display the messages and responses.
I understand not sending the reply via actual email, but the reply should be visible if you want to make this fair + an actual iterative learning experiment.
No it is not. You would need an md5 preimage attack to go from md5sum to email (what I assume you mean by 'brute force')
To prove my point, c5633e6781ede1aea59db6f76f82a365 is the md5sum of an email address. What's the email address?
If the attacker already knows a given input email ('foo@gmail.com'), then any hash algorithm will identically let them see the emails.
The problem with the above proposal isn't related to hashing, it's that the email address is being used as a password to see sent contents, which seems wrong since email addresses are effectively public.
You’re ofc technically correct about preimage resistance in the abstract, but that’s not the relevant threat model:
MD5 preimage over a uniform 128-bit space is infeasible. Emails are not uniform 128-bit values. They’re low-entropy, structured identifiers drawn from a predictable distribution.
Attackers don’t search 2^128. They search realistic candidates.
Emails are lowercase ASCII, structured as local@domain, domains come from a small known set, usernames follow common patterns, and massive breach corpora already exist. If you’ve ever used John/Hashcat, you know the whole game is shrinking the search space.
Given a large dataset of MD5(email): Precompute common emails, generate likely patterns, restrict by known domains, use leaked datasets, distributed GPU it. I.e, relatively cheap
if the attacker already suspects a specific email, MD5 gives them a perfect equality test. That alone kills privacy.
So unsalted MD5(email) is not protection. It’s a stable public identifier that enables membership testing, cross-dataset linkage, re-ID, and doxxing.
Academic preimage resistance can still hold while real-world privacy absolutely does not.
It's not about breaking MD5’s math, but more about attack economics and low-entropy inputs. To your point, this problem exists with any bare hash. Salt slows large-scale precomputation, but it doesn’t magically add entropy to predictable identifiers.
Assuming you want ID verification, why would you need a blockchain? Your identity is deeply linked to who you are and we have identity documents and trusted entities to provide them. These entities can absolutely act as a third-party to verify who you are. This can happen with several different parameters: whether your identity is provided to the site you are using, whether the site your are using is known to your identity provider, whether identities across sites are identical or only linkable by the trusted party. But in all those examples (that are currently implemented by some countries), blockchain is not a requirement.
Assuming you don't want actual ID verification, the choices are even larger but with different trade-offs.
In theory yes, in practice it requires lots of different government services to get on the same page. How do you verify a state ID? Usually the DMV. Have they released an API endpoint for that? Almost certainly no. What if instead you're using a passport? Then the federal government needs to do it. What if your passport is from a country with weak government that doesn't have a lot of capacity?
And of course governments attract hackers because they tend to not be up to date on security best practices.
A single abstraction layer on blockchains allows more developers and security experts to contribute and innovate.
If I remember correctly, EU will make chip tracking for pets mandatory by 2030 to unify laws that are currently made by individual states. France had this mandatory for over a decade.
If you want to travel within EU with your pet, you'll need a certificate for that as well.
No idea about how it is is the US but that doesn't sound crazy to register pets as they are at risk of being lost, abandonned, lacking vaccination or vets visits.
You know, I regularly lose or forget my baseball caps (at least once per Summer, and usually I go through 2 or 3). I wish there was a nationally-mandated register of headwear, with obligatory chipping at the points of sale. Not even entirely joking.
On a more serious note, it's interesting to note that some property never gets any ownership marks on it, some gets it customarily but only out of convenience, there is no legal obligation to do so, and for some property it is legally-mandated by the state but owners largely find it cumbersome.
For maybe 100 years, we’ve lived in an era of diminished hat importance. I, for one, don’t want to be caught hatless around any sharp-tongued re-enactors.
Focusing only on price, renting a beafy shared "cloud" computer is cheaper than buying one and changing every 5 years. It's not always an issue for idle hardware.
Cars are mostly idle and could be cheaper if shared. But why make them significantly cheaper when you can match the price and extract more profits?
Cars and personal computers have advantages over shared resources that often make them worth the cost. If you want your transport/compute in busy times you may find limitations. (ever got on the train and had to stand because there are no seats? Every had to wait for your compute job to start because they are all busy? Both of these have happened to me).
Yep. And it's indeed a good model for this mode of transportation. And they ARE cheap.
For example, in Seattle I can get a shared airport shuttle for $40 with the pick-up/drop-off at my front door. And this is a fully private ADA-compliant commercial service, with a healthy profit margin, not a rideshare that offloads vehicle costs onto the driver. And a self-driving van can be even cheaper than that, since it doesn't need a driver.
Meanwhile, transit also costs around $40 per trip and takes at least 1 hour more. And before you tell me: "no way, the transit ticket is only $2.5", the TRUE cost of a transit ride in Seattle is more than $20. It's just that we're subsidizing most of it.
So you can see why transit unions are worrying about self-driving. It'll kill transit completely.
you made too many false assumptions if you came up with those routes. Experts have run real numbers including looking at what happens in the real world. https://humantransit.org/category/microtransit - (as I write this you need to scroll to the second article to find the useful rebuttal of your idea)
Yeah, yeah: "Major US Public Transit Union Questions “Microtransit”" Read it. Go on. It's pure bullshit.
The _only_ issue with the old "microtransit" is the _driver_. Each van ends up needing on average MORE drivers than it moves passengers. It does solve the problem of throughput, though.
But once the driver is removed, this problem flips on its head. Each regular bus needs around 4 drivers for decent coverage. It's OK-ish only when the average bus load is at least 15-20 people. It's still much more expensive and polluting than cars, but not crazily so.
This article is just a bunch of propaganda. You can tell that by the picture with people in the shape of a bus next to the line of cars. Every time you see it, you can immediately blacklist the author and ignore whatever they are saying about cars.
Can you guess why?
Hint: think about the intervals between buses and how you should represent them to stay truthful. And that buses necessarily move slower than cars. And that passengers will waste some time due to non-optimal routes and transfers. And that passengers will waste some time because they need to walk to the station.
So back to my point, can you tell me EXACTLY what I should read in that article? Point out the paragraph, please.
That's how some people feel about airplanes. Presumably you're not one of them. For some people, the inconvenience of being responsible for a car would outweigh the benefit of setting up their stuff inside of one.
It's not even an inconvenience. I like my cars. Dealing with ride hailing services (autonomous or not) is certainly far more inconvenient than owning a car (unless maybe you're stuck living somewhere without convenient parking).
In the 2010 era of RAM density, random bit flips were really uncommon. I worked with over a thousand systems which would report ECC errors when they happen and the only memorable events at all were actual DIMM failures.
Also, around 1999-2000, Sun blamed cosmic rays for bit flips for random crashes with their UltraSPARC II CPU modules.
Yep, hardware failures, electrical glitches, EM interference... All things that actually happen to actual people every single day in truly enormous numbers.
It ain't cosmic rays, but the consequences are still flipped bits.
You can order things from Shops within the application. I am not an Instagram user so whether this is the only feature that records your address or not, I can't say.
reply