Can a random passerby enter a Rope Trick or Psychoportive Shelter?

Both effects have similar natures, end results, and wording. However, nothing in the wording of either power or spell seems to indicate that someone can’t come in wherever, assuming that they can reach the interface, pass through the plane of the interface, and assuming there is room for one more.

Area of effects and other special effects cannot cross the interface, as described, and the interface is one way visually (even when invisible), but the entrance of another creature after the fact does not seem to be contradicted?

Thus, can a random passerby enter a Rope Trick or Psychoportive Shelter, accidentally, or on purpose?

How do you generate random row order in a subquery?

I know other answers here (and here) say to order by newid(). However if I am selecting top 1 in a subquery – so as to generate a random selection per row in the outer query – using newid() yields the same result each time.

That is:

select *,     (select top 1 [value] from lookupTable where [code] = 'TEST') order by newid()) from myTable 

… yields the same lookupTable.value value on each row returned from myTable.

Probability of winning a turn-based game with a random element

I am preparing for a programming exam on probability theory and I stumbled across a question I can’t solve.

Given a bag, which contains some given amount of white stones $ w$ and some given amount of black stones $ b$ , two players take turns drawing stones uniformly at random from the bag. After each player’s turn a stone, chosen uniformly at random, vanishes, and only then does the other player take their turn. If a white stone is drawn, the player, who has drawn it, instantly loses and the game ends. If the bag becomes empty, the player, who played second, wins.

What is the overall probability that the player, who played second, wins?

I assume it’s a dynamic programming question, though I can’t figure out the recursion formula. Any help would be greatly appreciated. 🙂

Example input: $ w$ = 3, $ b$ = 4, then the answer is, I believe, 0.4, which I arrived at after computing by hand all possible ways for the game to go, so not very efficient.

Is using Argon2 with a public random on client side a good idea to protect passwords in transit?

Not sure if things belongs in Crypto SE or here but anyway:

I’m building an app and I’m trying to decide whatever is secure to protect user passwords in transit, in addition to TLS we already have.

In server side, we already have bcrypt properly implemented and takes the password as an opaque string, salts and peppers it, and compares/adds to the database.

Even though SSL is deemed secure, I want to stay at the "server never sees plaintext" and "prevent MiTM eavesdropping from sniffing plaintext passwords" side of things. I know this approach doesn’t change anything about authenticating, anyone with whatever hash they sniff can still login, my concern is to protect users’ plaintext passwords before leaving their device.

I think Argon2 is the go-to option here normally but I can’t have a salt with this approach. If I have a random salt at client side that changes every time I hash my plaintext password, because my server just accepts the password as an opaque string, I can’t authenticate. Because of my requirements, I can’t have a deterministic "salt" (not sure if that can even be called a salt in this case) either (e.g. if I used user ID, I don’t have it while registering, I can’t use username or email either because there are places that I don’t have access to them while resetting password etc.) so my only option is using a static key baked into the client. I’m not after security by obscurity by baking a key into the client, I’m just trying to make it harder for an attacker to utilize a hash table for plain text passwords. I think it’s still a better practice than sending the password in plaintext or using no "salt" at all, but I’m not sure.

Bottomline: Compared to sending passwords in plaintext (which is sent over TLS anyway but to mitigate against server seeing plaintext passwords and against MiTM with fake certificates), is that okay to use Argon2 with a public but random value as "salt" to hash passwords, to protect user passwords in transit? Or am I doing something terribly wrong?

Random question!

Hello! I have a random question, hope it doesn’t feel misplaced. Does any know how to export the sites where senuke post into SER? The problem is my  projects keeps telling me Im blocked by the engine or there no sites to post!  

New Bytes generated from an true random bytes, still true random?

I have a question regarding "True Random".

I have a true random byte generated binary sequence produced from a QRNG hardware unit.

From this true random binary input sequence, I’ producing a new sequence by a pure description process of the binary input.

There is absolute no mathematical or algorithmic transformation of the binary input, the way we are producing the result is only based on the way we are describing the input binary sequence bit-per-bit.

Process Example (all the binary values are fake and only represented to illustrate the the case) :

  1. QRNG True Random binary input sequence -> 10101011
  2. Description process of represented input binary sequence (absolutely no logical or mathematical transformation of the binary structure during this process)
  3. The new produced binary sequence obtained from the process (2) -> 1100011010111110001100111100011010

My question is to know if we can consider the newly produced binary sequence as a real true random binary sequence because there is absolutely no transformation of the input, only a descriptive representation?

How to explain that this notion does not alter the TRUE RANDOM character of the entry?

What are the rules to respect to preserve the TRUE RANDOM character of a binary output and what are the operations that are authorized or not ?!

Thank you in advance for you support :)​

Best regards.

Does RLNC (Random Linear Network Coding) still need interaction from the other side to overcome packet loss reliably?

I’m looking into implementing RLNC as a project, and while I understand the concept of encoding the original data with random linear coefficients, resulting in a number of packets, sending those packets, and thus the client will be able to reconstruct the original data from some of the received packets, even if a few of the packets are lost, if enough encoded packets have arrived to create a solvable equation system.

However, I have not seen any mention of the fact that if there is a non zero percent of packet loss, there is a possibility that the receiver of the encoded packets will not receive enough packets to reconstruct the original data. The only solution I see to this is to implement some type of sequencing so that the receiver can verify he hasn’t missed some packets that would allow him to reconstruct the original data, in other words interaction. Am I missing some part of the algorithm or not? If someone has solved this problem already, can you please show me where it has been solved so I can read about it?