OCB can be a bit faster than GCM, the only reason GCM took over is because OCB was patented. That patent has now lapsed, but since everyone uses GCM the performance advantage of OCB isn't likely worth switching for. Especially since GCM has hardware acceleration, and IIRC OCB can't benefit from that so it may actually decrease performance on modern CPUs.

IIRC GCM offers additional authenticated data whereas OCB doesn't (or you would have to roll it yourself), right? That would be another reason to pick GCM over OCB.

OCB3 also allows associated data (AD). Rogaway's faq[1] describes the history of the versions. OCB1 didn't have AD, OCB2 tried to fix that but was less efficient. OCB3 is the final version of OCB, and is a proper AEAD cipher. After OCB3 was created OCB2 was broken, but OCB1 and OCB3 remain secure. OCB3 is provably secure, and at least 2x as fast as GCM without hardware acceleration. In theory it'd be faster with hardware acceleration, but that's only likely in an FPGA or ASIC implementation since GCM is fast enough and accelerated in modern CPUs. Intel & AMD aren't going to spend the die area on OCB.

I like OCB, it's an elegant construction, but I'm more likely to use and recommend GCM because GCM is good enough and allows much easier interop since it's more widely used. Since AEGIS is nicer as a high-performance cipher system, and Ascon is better for constrained systems OCB doesn't really have a niche where it's the best choice.

[1] https://www.cs.ucdavis.edu/~rogaway/ocb/ocb-faq.htm

It's also a pretty good cutting fluid for aluminum. If you don't have a dedicated coolant setup a spray bottle of WD40 works nicely.

They still have that, it's just `My Documents\My Games` now. And Visual Studio makes a folder in My Documents for every annual release. And…

"/home/${USER}" for whatever junk programs are going to stick there, "/home/${USER}/home" for my "real" home directory.

The same as any other computer program: the operator of the program.

This is why I hate the common pushback against "TODO:" comments. They're an extremely fast way to leave a trail of what alternative path would have been taken had there been more time. They're part of the code, so they don't get caught up in a "backlog grooming" the way a Jira ticket will, and don't break flow the way switching to Jira will.

If you're not scared, you can't be brave. Bravery is doing something despite fear, it's quite distinct from fearlessness.

It's OSS with no warranty. You can compile it yourself with the option disabled. It's only ever on for pty connections (physical user with a keyboard), there's no added traffic for ttys.

They could also, with a breaking change, enforce addons register what sorts of files they'll execute when a folder is opened in trusted mode. If no matching files are found, then opening the folder is safe and no prompt is needed. If matching files are found, then prompt the user and replace "may" with "will". Fewer permission requests, and a clearer message.

People will still inevitably ignore the message and open everything in trusted mode, but it'd be more reasonable to consider that user error.

Metric-using machinists tend to default to 0.01mm (about 4 tenths) increments, with a default tolerance somewhere around 0.02mm. Default to one gradation on the indicator dial for US, 2 for metric.