• 17 Posts
  • 24 Comments
Joined 1 year ago
cake
Cake day: June 19th, 2023

help-circle
  • I understand what you’re saying, and that in the real world, bad security practices abound among average users who are likely to have passwords like “12345678” or “password”

    But in this fictional scenario, my advice is directed at someone who has something valuable enough to protect behind a 121 character passphrase against a very determined adversary who has a Planck Cruncher at their disposal and is willing to run it for 100 years to crack that someone’s data.

    A little extra security protocol might be worth the extra effort.

    I can see how that would be unclear, and I apologize for the misunderstanding.


  • You’re describing the best case scenario for the person wishing to protect their password, where the Planck Cruncher guesses the password on the very last possible combination, taking 100 years to get there.

    The Planck Cruncher might guess the password correctly on the first try, or it might guess correctly on the last possible combination in 100 years.

    What we really want to measure are the odds of a random guess being correct.

    The most “realistic” scenario is the Planck Cruncher guessing correctly somewhere between 0 and 100 years, but you want to adjust the length of the password to be secure against a powerful attack during the realistic life of whatever system you’re trying to protect.

    On average, assuming the rate of password testing is constant, it’ll take the Planck Cruncher 50 years to guess the 121 character password.

    And that assumes the password never changes.

    If the password is changed while the Planck Cruncher is doing its thing, and it changes to something that the PC has already guessed and tested negative, the PC is screwed.

    Hint: Change your password regularly. edit: The user should change their password regularly during the attack.

    Each password change reduces the risk of a lucky guess by that many years of PC attack.


  • The prisoner, Dotson, was “found dead” so who knows how many hours the body was lying there.

    That pretty much precludes any use of the heart for transplant.

    His relatives said they received the body in a decomposed state, but that could have been poor storage by the coroner before or after the autopsy, or the body might have been well hidden inside the prison so it was a long time before someone found it.

    The article isn’t very clear on the condition of the body at each stage of handling.

    What’s in the article is probably all the information that the reporter could get out of the prison authority, the state Department of Forensic Sciences, and the University.





  • zabadoh@lemmy.mltoLinux@lemmy.mlI had a journey
    link
    fedilink
    arrow-up
    4
    arrow-down
    1
    ·
    1 year ago

    I disagree somewhat.

    A lot of high tech development comes with a greed motive, e.g. IPO, or getting bought out by a large company seeking to enter the space, e.g. Google buying Android, or Facebook buying Instagram and Oculus.

    And conversely, a lot of open source software are copies of commercially successful products, albeit they only become widely adopted after the originals have entered the enshittified phase of their life.

    Is there a Lemmy without Reddit? Is there a Mastodon without Twitter? Is there LibreOffice without Microsoft Office and decades of commercial word processors and spreadsheets before that? Or OpenOffice becoming enshittified for that matter? Is there qBittorrent without uTorrent enshittified? Is there postgreSQL without IBM's DB2?

    The exception that I can see is social media and networked services that require active network and server resources, like Facebook YouTube, or even Dropbox and Evernote.

    Okay, The WELL is still around and is arguably the granddaddy of all online services, and has avoided enshittification, but it isn't really open source.












  • It’s true that crypto is commonly used in online drug transactions, but there are other justifiable uses, such as moving money out of countries with repressive regimes like China and Russia.

    Also paying for certain genres of porn that major credit card banks like Visa and MasterCard have somewhat arbitrarily designated as unacceptable, such as certain types of BDSM e.g. consensual nonconsensual, anything that shows blood, kinky hypnosis and mind control, vampires, etc.

    Of course obvious child porn and bestiality should be banned period, so some regulation is needed. But I’m not sure that the government delegating responsibility for regulation to the credit card banks is the best way to do it. The rules and enforcement are completely arbitrary and cannot be appealed.