go – search for suitable secrets in different structures, but with the same scheme

I'm using the Go client library to run code on my Kubernetes cluster.
My code works and runs, but I have duplicated code.

I am looking for secrets in the work.
In my example, we have two workloads: daemonset and deployments,
You are in a map workloads *map(string)interface{},
Although both are different objects, they have a similar structure:

type DaemonSet struct {
    metav1.TypeMeta `json:",inline"`
    metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
    Spec DaemonSetSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"`
    Status DaemonSetStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"`
}


type Deployment struct {
    metav1.TypeMeta `json:",inline"`
    metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
    Spec DeploymentSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"`
    Status DeploymentStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"`
}

Since they have the same structure, the code looks almost the same, which looks like a duplicate:
Enter image description here

How can I make it more beautiful and efficient without using this duplication?

My code:

func getRelatedWorkloads(secret *v1.Secret, workloads *map(string)interface{})  {
    for controllerName, _ := range *workloads {
        if controllerName != "pods"{
            switch controllerName {
            case "daemonset":
                controller := ((*workloads)(controllerName)).(*v1beta2.DaemonSetList)
                var controllerList ()v1beta2.DaemonSet
                workloadItems := controller.Items
                for _, item := range workloadItems {
                    for _, volume := range item.Spec.Template.Spec.Volumes {
                        if volume.Secret != nil {
                            for _, volumeSecret := range volume.Secret.Items {
                                if volumeSecret.Key == secret.Name {
                                    fmt.Print("equal")
                                    controllerList = append(controllerList, item)
                                }
                            }
                        }
                    }
                }
            case "deployments":
                controller := ((*workloads)(controllerName)).(*v1beta2.DeploymentList)
                var controllerList ()v1beta2.Deployment
                workloadItems := controller.Items
                for _, item := range workloadItems {
                    for _, volume := range item.Spec.Template.Spec.Volumes {
                        if volume.Secret != nil {
                            for _, volumeSecret := range volume.Secret.Items {
                                if volumeSecret.Key == secret.Name {
                                    fmt.Print("equal")
                                    controllerList = append(controllerList, item)
                                }
                            }
                        }
                    }
                }
            }
        }
    }

}

Authentication – How does the authentication scheme of MariaDB (ed25519) work?

Newer versions of MariaDB (a MySQL database server branch) have a new password-based authentication scheme called "ed25519". The documents are very sparse in terms of how it works and how it works.

https://mariadb.com/kb/en/library/authentication-plugin-ed25519/

What is the value stored in the database? How is it generated from the password? What value does the client send when logging on to the server? How is it generated from the password? Is the scheme safe to use without TLS? How resilient is it against password dumps? What is the correct full name of this authentication scheme? Is it used by anything other than MariaDB? Are there any other implementations?

Scheme design for double accounting

We implement software that makes it possible to internally send "virtual" money between users. We started our database with a single entry as follows (simplified table). We only record a transaction where the user initiates the transaction (send money) is recorded. So it will always be a direct debit.

TransactionLog
------------------
TransactionLogID
UserIDFrom
UserIDTo
CurrencyID
CurrencyAmount 
Remarks
TransactionDateTime

Then a request changes, stating that we need a duplicate billing schema in our database. Then I made a new table like this.

TransactionLogDoubleEntry
----------------------------
TransactionLogDoubleEntryID
TransactionLogID
UserID
CounterPartyUserID
CreditOrDebit
CurrencyID
CurrencyAmount
Remarks
TransactionDateTime

My question:
1) Do I do this in a correct direction that I add? TransactionLogDoubleEntry Credit / debit table means that this is already a double entry scheme?

2) Should I stay the table TransactionLog? Or with TransactionLogDoubleEntry is enough enough?

3) If I stayed TransactionLog Table, it is necessary that I duplicate the currencyID, currencyAmount, remarks, TransactionDateTime in the TransactionLogDoubleEntry? Or is that enough to get the appropriate value TransactionLog Table.

Hash – What's wrong with my electronic voting scheme?

I am a theoretical physicist (doctoral student) and I try to get to know cryptography as a hobby. One of the interesting aspects that I have found is that many respected scientists say electronic voting is not safe, so I started following the arguments they use. For example, if you leave the trust of authority to do your job honestly or if you sacrifice anonymity. Or the impossibility of dealing with anonymous bribes on the Internet. However, there was no formal proof. Therefore, I was interested in developing a better electronic voting system that is anonymous, transparent, and has a mechanism to combat bribery and coercion.

The device

  • The citizen receives a pass with PIN code
  • The card contains a private key and a random string that was burnt in when the card was made. In addition, the card contains a log file for the created signatures. (required to prevent identity theft).
  • The public key is published when the card is handed over to the person without identity. To prevent manipulation of the ledger, the person would sign a previous most recent public key from the public key list. The citizen checks whether the device contains the correct private key and the algorithm. To prevent unauthorized keys from being registered in the general ledger, the person's ID data such as name, city of residence (such as a city without a specific address), the first digits of a phone number are sent to another database that is published. This would allow citizens to verify legitimacy and to be able to make a paper choice. Another preventive option is that the key is signed by a public key that is already in the general ledger.

Choose

The citizen has a device with display and number pad that connects the ID card. No internet connection is allowed to ban malware. Voting for a user is accomplished by the following steps:

  • The user unlocks the card with his PIN code
  • The user enters the information about the voice to be delivered.
  • The ID card calculates the hash sum from the information.
  • The message contains a hash sum and a random number (generated when the software is burned).
  • A private key signs the message. The signature contains the complete message and its encryption.
  • The person sends the message anonymously (eg with Tor) to one of the many websites where votes are collected or to a physical ballot box. (necessary to prevent DDOS attacks).
  • The voter anonymously checks whether the vote has been cast and recognized as valid in a central public register.

counting

The public ledger contains signatures. On the other hand, we have public keys that must have been used for a valid vote. The steps are as follows:

  • For each signature, a valid public key from the general ledger is determined by traversing all.
  • The valid signatures are published in a central public ledger with a corresponding public key.
  • Then – count. A protocol for changing the vote can be implemented.

Antibiotic and forced mechanism

The power of anonymity on the Internet is the biggest weakness for many electronic voting systems, as it is so easy to buy votes without having to deal with consequences. Here I propose a defense based on the will of activists to search for bribes and sell their votes in order to exhaust the bribe capital. Afterwards, when the transaction is completed, activists hand in their real ballots. This could be done in secret to prevent bribes from gaining knowledge of the list of activists for the next election.

To distinguish free voices from forced voices, another login can be made to the ID card that knows the random string added to the message of the department holding the order. The voter could have had the choice of electing the police department that he believes does not pass the information on to the bribes. The steps to set up such a system are thus:

  • The voter creates a new login for the ID card and chooses a PIN2 code.
  • For a new login, the random string that the card adds before signing for the message must also be entered. The voter generates this on the local computer to have a cryptographic strength.
  • Then he generates another random number and signs this random number.

The voter goes to the police station he trusts and gives them the signature for safekeeping.

  • The police place the signature in a secure database.
  • Then they generate a hash of the signature, which they enter in a public ledger.
  • The voter will receive a paper-based certificate if the police does not recognize the right to vote after the elections.

In order to carry out a fake vote, the voter executes all steps of the voting area, but only with the PIN2 code. The police would continuously search the ledger for random strings and fulfill their duty if the vote had been found. It's also pretty clear that no one would dare to use social relationships to collect card and PIN codes because there's no way to distinguish real from counterfeit ones.

Color Scheme – Practically & # 39; brightest & # 39; Gray tone for contrast to white

I often use a light shade of gray like rgb (242,242,242) in my designs to create a subtle contrast to white, eg. for the background of alternating lines in a table.

I can easily distinguish between gray and white on my display (27 "4K), but this is not always the case with other displays, which negatively impacts my designs and can affect usability.

This may be due to poorly calibrated / poor quality displays.

Assuming that all accessibility standards have been met, there is a "brightest" shade of gray that:

  • Provides a contrast with a white background
  • Does not significantly affect the readability of dark foreground text
  • Reliable for most users under normal conditions

GUI design – Which color scheme to choose for the background color of different parts of a website?

I have a website with different headings about us and contact us. I've learned something about color schemes, but it's still unclear whether I should use a complementary or analogous scheme for successive sections of the website.

Would you please give me an explanation? Although I've noticed that many pages only use white and gray backgrounds for different consecutive pages, why?

Color Scheme – Is there a natural (or algorithmic) way to switch from a light to a dark mode?

I've written a launch dashboard that displays text in different fonts and colors. Part of the text is in captions (eg the temperatures below).

A fragment of the dashboard is below:

Enter image description here

This is a light mode that is great for the day but too bright for the night. I would like to automatically turn it into a dark mode at sunset.

Is there an algorithm that turns bright colors into dark colors?

At the moment, I'm keeping two sets of colors, but apart from the fact that this is not practical, when there are many independent components (each of which is independently designed), there may be a more formal way to switch between modes.