• 73 Posts
  • 295 Comments
Joined 1 year ago
cake
Cake day: June 19th, 2023

help-circle
  • I understand what you’re saying, and that in the real world, bad security practices abound among average users who are likely to have passwords like “12345678” or “password”

    But in this fictional scenario, my advice is directed at someone who has something valuable enough to protect behind a 121 character passphrase against a very determined adversary who has a Planck Cruncher at their disposal and is willing to run it for 100 years to crack that someone’s data.

    A little extra security protocol might be worth the extra effort.

    I can see how that would be unclear, and I apologize for the misunderstanding.


  • You’re describing the best case scenario for the person wishing to protect their password, where the Planck Cruncher guesses the password on the very last possible combination, taking 100 years to get there.

    The Planck Cruncher might guess the password correctly on the first try, or it might guess correctly on the last possible combination in 100 years.

    What we really want to measure are the odds of a random guess being correct.

    The most “realistic” scenario is the Planck Cruncher guessing correctly somewhere between 0 and 100 years, but you want to adjust the length of the password to be secure against a powerful attack during the realistic life of whatever system you’re trying to protect.

    On average, assuming the rate of password testing is constant, it’ll take the Planck Cruncher 50 years to guess the 121 character password.

    And that assumes the password never changes.

    If the password is changed while the Planck Cruncher is doing its thing, and it changes to something that the PC has already guessed and tested negative, the PC is screwed.

    Hint: Change your password regularly. edit: The user should change their password regularly during the attack.

    Each password change reduces the risk of a lucky guess by that many years of PC attack.












  • zabadohOPtoLemmyShould Lemmy buy ads on Reddit?
    link
    fedilink
    English
    arrow-up
    4
    ·
    7 months ago

    It’s fear of calcification. Lemmy is tiny, in terms of our user base.

    If we don’t get fresh blood, and most importantly the rare active contributors, we’ll just get used to talking to each other, we’ll get bored or burned out and leave.


  • zabadohOPtoLemmyShould Lemmy buy ads on Reddit?
    link
    fedilink
    English
    arrow-up
    1
    arrow-down
    1
    ·
    edit-2
    7 months ago

    You’d be surprised.

    I have a RL friend who’s on Reddit all the time, and he didn’t even hear about the shutdown, much less /r/place, or anything like lemmy. I’ve been trying to sell it to him…

    Re: The “We’re elite” becomes “We’re bored talking among the same old people” or “We’re burned out”, leading to users leaving and formerly thriving communities dying.

    I’ve been around long enough to see this happen on multiple forums.









  • It’s part of the ol’ Big Tech playbook:

    If a promising emerging competitor emerges:

    1. Acquire the emerging competitor for cheap when it’s still small
    2. Copy the competitor’s best features to make them irrelevant
    3. Co-opt them with integration so the competitor’s users won’t see any advantage to staying with them
    4. Pollute the competitor’s content to make your own offering look better
    5. Steal the competitor’s best talent


  • I’m not sure how extensive the spam wave was, nor how quickly the user was able to create an account, make the comments.

    I doubt that the quantity in that I came across would be enough to take down a server, but that may be the point: To test lemmy’s collective defenses and response without drawing too much attention.

    A common IP address or address range ban file that’s frequently updated and downloaded by each instance might be another way to boost security.

    If this is actually an org attack, I’m guessing that we’ll see botnet DDOS comment and post attacks next.




  • zabadohtoLemmyI love Lemmy!
    link
    fedilink
    English
    arrow-up
    1
    ·
    8 months ago

    I disagree that people suck.

    I think that enshittification on any SM platform, whether free and open, or built for commerce, happens when companies try to exploit it for commercial gain.

    Take Usenet for example: At the beginning it was great, then spammers found they could post unlimited spam across the newsgroups for free, and it became shit, barring a few groups where mods had to work very hard to weed out the spam to keep them readable, but eventually collapsed, and people moved on to the new platforms.

    Reddit, was built for ads and tracking its users to start with, so the gradual creep of enshittification was no surprise there.

    And now we have nation-state backed disinformation campaigns to deal with in addition to commercial spam.

    I could see Lemmy and the Fediverse in general taking a similar path to Usenet, if the devs, admins, and mods aren’t vigilant about keeping bad actors out.

    I like the Fediverse’s guarantor feature for adding new instances, but we’ll have to see how well it holds up under assault from spammers.




  • I watched this Saturday.

    There was so much good stuff artistically in this movie!

    The changes to the story worked really well, IMO, towards updating it for modern cynical sensibilities:

    I loved Zendaya’s portrayal of Chani and her girl friend calling out Paul and Jessica’s colonialist bullshit.

    Jessica’s “strange” behavior as a pregnant woman. I agree with others that having Jessica speak for Alia worked better than having a child actor like Lynch’s version.

    Stilgar’s parody of religious fanaticism was hilarious!

    Visually, making the worm riding look like some kind of extreme sport worked well

    The Giedi Prime black and white/infrared sequences were brilliant, although seeing the Baron and Feyd in regular flesh tones afterwards felt strange.

    The Atreides nuke missiles flying across the sky felt apocalyptic

    The Sardukar ranks were notably not as rigidly disciplined as we saw in the first film.

    Unlike others, I thought that Christopher Walken’s emperor was good. Age decrepit on the verge of doddering, but with dark intelligent thoughts behind his sullen face. The only problem with casting Walken was that he’s too recognizable.

    The one part I didn’t like was the climactic dagger fight. I would have liked to see the action better choreographed and coordinated with camera angles to make the sequence of thrusts and parries clearer. I also would have liked to see contrasting fighting styles between whatever Feyd does, and Paul’s classical Atreides training mixed with Fremen savagery. I’m still not sure how Paul’s knife wound up in Feyd at the end.

    I also noticed unlike other adaptations, they didn’t do the weirding modules, the Atreides-developed sonic weapons that give the Fremen some kind of combat advantage. But I didn’t miss them.

    Overall I was very happy with the movie.