I enjoy reading your thoughts on all things security. Why the need for a port from python?

Thanks! Over time, I put together a lot of what I read in the thousands of CompSci, FOSS, and commercial works into a short summary of techniques for assuring software. We'll start with that:

https://pastebin.com/uyNfvqcp

So, there's a few concepts that apply here. You want the Trusted Computing Base, the part system depends on for security, to be as simple and easy to analyze as possible. The limit of verification that big spenders can afford is around 10,000 lines of code. You want it to be in a safe by default language (eg Ada + SPARK, Rust) or proven safe implementation (eg MISRA-C + RV-Match) that maps closely to resources of machine. Then, to catch leaks (important here), you must do a covert channel analysis of all shared resources in the system, esp memory or anything timed, to ensure an untrusted component can't acquire secrets from a trusted component. These were some basic requirements from 1980's security certification that prevented and detected problems in products from that time onward. One of biggest being cache-based, timing channels in VAX VMM in 1992.

Python doesn't map closely to hardware. Its implementation language isn't safe. You can't do covert channel analysis in it. It's also likely sitting on OS that's impossible to verify with tons of bugs each year. A nice, interim step before a verified OS is one we know they'll have trouble attacking or at least few can touch like OpenBSD. Currently, Rust or statically-analyzed C on OpenBSD for sender with full, memory safety for any components on Receiver and Transport. Simplified hardware that's up to date with hardware bugs. They need the extra work cuz the attackers will be hitting those with malicious input.

When you say you could not program - can you expand on How that manifested for you personally?

As KRACK is a client vulnerability, an access point shouldn't be vulnerable in the first place.

For real, or jesting?

You can make about $10 per month via Microsoft rewards with a limit of one account per person, five accounts per household. So unless you can survive on $50/month,this would violate the terms of service.

https://answers.microsoft.com/en-us/bing/forum/bing_other-bi...

Would those three tools be enough to get started/find some bug bounties?

Kindle? At least it should get updates.

I don’t have any stories to share, but it does seem to be a market to make something. It said there are over 500 million devices on w10. Someone has to be making a little cash.

Wow, really? Why?! Medicine seems to have a way bigger upside?

You can probably guess that it also has some downsides when you look at suicide rates. ;-)

Anyway, I am working on my own startup businesses. I find it very fulfilling, though in a different way to how I found medicine fulfilling.

I wouldn't have left medicine to work for someone else.

I took a large pay cut. I'd rather be more happy with less money than be less happy with more money.

What equipment do you use to mine with? How re your returns?

My farm consists mainly of rx 580 graphic cards. Due to depressed markets, my returns are just okay right now. Luckily my equipment has been paid off since December. To put things in perspective, a single 8GB rx 580 costs around $400 (if you're lucky) and only makes $0.80/day. During the peak at the end of last year, they were making well over $3/day each.

How many hundreds are we talking?