The Official Status Thread
-
@Tsaukpaetra said in The Official Status Thread:
homework
"who is the actor that plays Catniss?"
"in the Hunger Games why do they fire cannons when you die?"
The homework was... watching a movie?
-
@HardwareGeek said in The Official Status Thread:
They're encouraging people to switch from passwords to pass phrases
And no dictionary words.
What the fuck is wrong with these people? Fuck, I might hate security weenies (the ones who cargo-cult without applying thought) more than @Zenith.
-
@HardwareGeek said in The Official Status Thread:
Their recommendation is to do letter-digit swaps on words in your chosen phrase; thus defeating what XKCD will tell you is one of the big advantages over the traditional way of creating non-dictionary passwords.
I don't see how replacing odd characters in a good pass phrase is worse than just using the pass phrase without replacements.
-
@topspin said in The Official Status Thread:
@Tsaukpaetra said in The Official Status Thread:
@Gustav said in The Official Status Thread:
@DogsB said in The Official Status Thread:
@DogsB said in The Official Status Thread:
status I think Iâve hit peak autism for today. I just spotted a missing curly brace in just over 1kb of json on one line.
I can't get this query to return anything.
Let me hav... that uppercase I should be a lowercase l.I find it somewhat amusing that in this modern world, attention to detail is associated with mental illness.
Isn't the cure for that formerly-illegal-mostly drugs?
And in case you can't read the shirt:
A good candidate for the reminds you of thread.
-
@Gustav said in The Official Status Thread:
Status: I have a video interview in 5 minutes and I just realized I don't have pants.
You'll be OK.
-
@dcon said in The Official Status Thread:
@Gustav said in The Official Status Thread:
Status: I have a video interview in 5 minutes and I just realized I don't have pants.
Just don't stand up.
Then the camera will fall down...
-
@Zenith said in The Official Status Thread:
Status: Awesome, Comcast deleted all of my mail filtering rules sometime this month.
Hm. I prefer filtering on the client side. That is, I use Thunderbird on my machine, and hardly ever a web interface or app of one of my email providers. Also that is an idea: have more than one address. One which may get spammed, and others for more important purposes.
And also only one of my providers (the most spammed one) has server-side filtering. So about once per month I open their äpp and take a look into the spam folder (which I cannot access via Thunderbird), and then normally delete the whole folder contents.
-
@dkf Except I have sync disabled. I noticed Windows Firefox goes all stupid once it decides to reach beyond the 3GB barrier. Pages load the right number of screens but repeat the first one over all of them. Page elements don't load until I force a redraw by clicking another tab and back. Elements flicker if they're DIVs (but not tables). It's absolutely bizarre.
I think Android Firefox has memory problems past a certain number of tabs as well. Nothing visually severe but the read/write problem is worrying since this is supposed to be a rugged device. Guess I'd better get a new SD card and back up everything there just in case.
-
@Zecc said in The Official Status Thread:
@Tsaukpaetra said in The Official Status Thread:
homework
"who is the actor that plays Catniss?"
"in the Hunger Games why do they fire cannons when you die?"
The homework was... watching a movie?
Reading a book, more likely. But in today's world, it's anyone's guess.
-
@Tsaukpaetra said in The Official Status Thread:
Reading a book, more likely
A book mentioning who the actor was.
-
@Zecc said in The Official Status Thread:
@Tsaukpaetra said in The Official Status Thread:
Reading a book, more likely
A book mentioning who the actor was.
Movie adaptations are getting stupider.
-
@Zecc said in The Official Status Thread:
@HardwareGeek said in The Official Status Thread:
Their recommendation is to do letter-digit swaps on words in your chosen phrase; thus defeating what XKCD will tell you is one of the big advantages over the traditional way of creating non-dictionary passwords.
I don't see how replacing odd characters in a good pass phrase is worse than just using the pass phrase without replacements.
You have to remember not just the passphrase, but also which odd characters you replaced.
-
@HardwareGeek I was thinking in terms of security, but that's a good point.
-
@HardwareGeek said in The Official Status Thread:
@Zecc said in The Official Status Thread:
@HardwareGeek said in The Official Status Thread:
Their recommendation is to do letter-digit swaps on words in your chosen phrase; thus defeating what XKCD will tell you is one of the big advantages over the traditional way of creating non-dictionary passwords.
I don't see how replacing odd characters in a good pass phrase is worse than just using the pass phrase without replacements.
You have to remember not just the passphrase, but also which odd characters you replaced.
And of course you have to enter the whole thing sans tyops. With echo disabled.
-
@HardwareGeek said in The Official Status Thread:
@izzion said in The Official Status Thread:
@Zenith said in The Official Status Thread:
Status: more security theatre
God damn, even toy collecting forums are getting in on the password scam where every X days you have to scramble the hell out of your passwords because somebody might post as you...after they empty your bank, transfer your car titles, steal your house deed, take your 401K, rent a bunch of tapes from Blockbuster, order dozens of sardine pizzas, impersonate you at the local chapter of Oprah's book club, and...
And they wonder why people keep a passwords on a post-it note if not a notebook. Don't they realize everybody's pulling this scam? How many fucking combinations of app/site-username-password are we supposed to remember when they change as often as every 30 days?
Don't worry, I'm sure everyone will adopt NIST's recommendations for WIWTFA and super long passwords and all the other annoying restrictions without adopting the "and no longer make passwords expire on a schedule" part of it, any day now.
My work password will be expiring soon. I keep getting reminders â why not change it now, so you don't get locked out â so I looked up the new requirements. They're encouraging people to switch from passwords to pass phrases, so the minimum length is increasing, but spaces now count for the "special character" requirement. Yes, they still require mixed case, digits, and special characters. And no dictionary words. Their recommendation is to do letter-digit swaps on words in your chosen phrase; thus defeating what XKCD will tell you is one of the big advantages over the traditional way of creating non-dictionary passwords. These recommendations are Fub4r. And don't write them down, so you can forget which letters you changed to digits.
Polish words aren't in English dictionary, and come with special characters out of the box
-
Whoa. They're ASCII people ; when they say "special characters", they mean stuff like dashes and underscores. You can consider yourself lucky if pipes and backslashes are accepted. But something like "Ä " is absolutely unthinkable.
-
@PleegWat said in The Official Status Thread:
@HardwareGeek said in The Official Status Thread:
@Zecc said in The Official Status Thread:
@HardwareGeek said in The Official Status Thread:
Their recommendation is to do letter-digit swaps on words in your chosen phrase; thus defeating what XKCD will tell you is one of the big advantages over the traditional way of creating non-dictionary passwords.
I don't see how replacing odd characters in a good pass phrase is worse than just using the pass phrase without replacements.
You have to remember not just the passphrase, but also which odd characters you replaced.
And of course you have to enter the whole thing sans tyops. With echo disabled.
My master passphrase for keypass is a rather long sentence, complete with punctuation and capitalization. Typing it with echo disabled is fun. It's not terrible on a real keyboard; muscle memory is pretty good, but on my phone, not so much.
-
@Zerosquare said in The Official Status Thread:
But something like "Ä " is absolutely unthinkable.
Speak not of GaĚśÍÍÍÍÍÍĚĚÍĚÍĚŁĚ ÍĚĽĚšÍĚŽÍĚĚÍĚŽĚĚŁĚska.
-
@Gustav said in The Official Status Thread:
@HardwareGeek said in The Official Status Thread:
@izzion said in The Official Status Thread:
@Zenith said in The Official Status Thread:
Status: more security theatre
God damn, even toy collecting forums are getting in on the password scam where every X days you have to scramble the hell out of your passwords because somebody might post as you...after they empty your bank, transfer your car titles, steal your house deed, take your 401K, rent a bunch of tapes from Blockbuster, order dozens of sardine pizzas, impersonate you at the local chapter of Oprah's book club, and...
And they wonder why people keep a passwords on a post-it note if not a notebook. Don't they realize everybody's pulling this scam? How many fucking combinations of app/site-username-password are we supposed to remember when they change as often as every 30 days?
Don't worry, I'm sure everyone will adopt NIST's recommendations for WIWTFA and super long passwords and all the other annoying restrictions without adopting the "and no longer make passwords expire on a schedule" part of it, any day now.
My work password will be expiring soon. I keep getting reminders â why not change it now, so you don't get locked out â so I looked up the new requirements. They're encouraging people to switch from passwords to pass phrases, so the minimum length is increasing, but spaces now count for the "special character" requirement. Yes, they still require mixed case, digits, and special characters. And no dictionary words. Their recommendation is to do letter-digit swaps on words in your chosen phrase; thus defeating what XKCD will tell you is one of the big advantages over the traditional way of creating non-dictionary passwords. These recommendations are Fub4r. And don't write them down, so you can forget which letters you changed to digits.
Polish words aren't in English dictionary, and come with special characters out of the box
There are at least two problems with that for me, even if the password validation accepts non-ASCII characters.
- I only know one Polish word, and it doesn't have any special characters.
- Other than my phone, no device on which I might need to type a password has a convenient method of typing Polish characters.
If I was going to do something like that, I'd use a passphrase in ξΝΝΡνΚκΎ, which I have available on every device except my work computer (and I could probably install the Greek keyboard there, too, maybe; it would be work-related, sorta), but there might be an occasion when I'd need to use a device that doesn't have it available, and then I'd be screwed, and not in the fun way.
-
@HardwareGeek said in The Official Status Thread:
I only know one Polish word, and it doesn't have any special characters.
You know at least a second one, which does have a special character. (Hint: it's in the post before yours.)
-
@Zerosquare said in The Official Status Thread:
You know at least a second one
There is only one word in Polish, and it can express the entire gamut of Polish conversation.
(Not true. You also need the word WĂłdka.)
-
@Zenith said in The Official Status Thread:
Where are they finding their developers, the Home Depot parking lot?
They would probably be way more reliable.
-
@Tsaukpaetra said in The Official Status Thread:
status: Microsoft Money does not allow the main window to be resized. What a shame.
Quicken has one too - the dialog to enter your paycheck is maximized to the screen's height and can't be resized. That really sucks when your monitor is portrait. At least I can move it since the bottom 2/3 is just white space.
-
@Tsaukpaetra said in The Official Status Thread:
@Zecc said in The Official Status Thread:
@Tsaukpaetra said in The Official Status Thread:
Reading a book, more likely
A book mentioning who the actor was.
Movie adaptations are getting stupider.
Getting?
-
@PleegWat said in The Official Status Thread:
@HardwareGeek said in The Official Status Thread:
@Zecc said in The Official Status Thread:
@HardwareGeek said in The Official Status Thread:
Their recommendation is to do letter-digit swaps on words in your chosen phrase; thus defeating what XKCD will tell you is one of the big advantages over the traditional way of creating non-dictionary passwords.
I don't see how replacing odd characters in a good pass phrase is worse than just using the pass phrase without replacements.
You have to remember not just the passphrase, but also which odd characters you replaced.
And of course you have to enter the whole thing sans tyops. With echo disabled.
That's what copy/paste is for. Getting thru the initial login screen is the tricky one.
-
@dcon said in The Official Status Thread:
@Tsaukpaetra said in The Official Status Thread:
@Zecc said in The Official Status Thread:
@Tsaukpaetra said in The Official Status Thread:
Reading a book, more likely
A book mentioning who the actor was.
Movie adaptations are getting stupider.
Getting?
Becoming more of something doesn't preclude already being a measure of that thing.
-
Status: KSP2.
-
Status: My phone doesn't actually know what 0% is and just goes from 20% to 1% in ten minutes.
I thought we were past the whole "battery calibration" era?
Oh well.
At least it made it 7 hours (apparently) acting as an ebook reader!
-
@HardwareGeek said in The Official Status Thread:
Status: KSP2.
In 5.5 hours of playing (half of which was reading 140 pages of Terms & Conditions), I made more progress than I ever did in KSP1. In KSP1, I somehow got myself into a state where I had earned all the science points I could earn with the parts I'd unlocked, and I couldn't unlock any more parts to earn more science.
-
@Zerosquare said in The Official Status Thread:
Whoa. They're ASCII people ; when they say "special characters", they mean stuff like dashes and underscores. You can consider yourself lucky if pipes and backslashes are accepted. But something like "Ä " is absolutely unthinkable.
Itâs quite simple. You set it to
pÄ ssword
then can only unlock withpĂâŚssword
.
-
@Zerosquare said in The Official Status Thread:
Whoa. They're ASCII people ; when they say "special characters", they mean stuff like dashes and underscores. You can consider yourself lucky if pipes and backslashes are accepted. But something like "Ä " is absolutely unthinkable.
As god intended.
-
@HardwareGeek said in The Official Status Thread:
reading 140 pages of Terms & Conditions
Not kink-shaming, but man. Weird.
-
Status: Not allowed to be special.
-
@Tsaukpaetra said in The Official Status Thread:
Status: Not allowed to be special.
Iâll take âwhat is SQL injectionâ for $200.
-
@Arantor said in The Official Status Thread:
@Tsaukpaetra said in The Official Status Thread:
Status: Not allowed to be special.
Iâll take âwhat is SQL injectionâ for $200.
Someone should introduce them to the best way to make their computing system 100% secure.
-
@izzion said in The Official Status Thread:
@Arantor said in The Official Status Thread:
@Tsaukpaetra said in The Official Status Thread:
Status: Not allowed to be special.
Iâll take âwhat is SQL injectionâ for $200.
Someone should introduce them to the best way to make their computing system 100% secure.
Crush it to powder, put it in a lead-lined box, encase that in concrete, and sink it to the bottom of the Marianas Trench?
-
@Benjamin-Hall said in The Official Status Thread:
@izzion said in The Official Status Thread:
@Arantor said in The Official Status Thread:
@Tsaukpaetra said in The Official Status Thread:
Status: Not allowed to be special.
Iâll take âwhat is SQL injectionâ for $200.
Someone should introduce them to the best way to make their computing system 100% secure.
Crush it to powder, put it in a lead-lined box, encase that in concrete, and sink it to the bottom of the Marianas Trench?
I suppose that's a subset of "power down and unplug"
-
@izzion said in The Official Status Thread:
@Benjamin-Hall said in The Official Status Thread:
@izzion said in The Official Status Thread:
@Arantor said in The Official Status Thread:
@Tsaukpaetra said in The Official Status Thread:
Status: Not allowed to be special.
Iâll take âwhat is SQL injectionâ for $200.
Someone should introduce them to the best way to make their computing system 100% secure.
Crush it to powder, put it in a lead-lined box, encase that in concrete, and sink it to the bottom of the Marianas Trench?
I suppose that's a subset of "power down and unplug"
Slow poke.
"unplug"
-
Status: Internet became effing unreliable during the last 3 days. Currently, the connection crashes more often than once per hour on average.
"Nicht behebbare Fehler" = "non recoverable errors", i.e. a connection crash which requires a re-connect. And typically takes some 5 minutes.
-
-
Status: They have urgent need for me in Oregon, so much so that they're going to pay out the nose for a flight on Sunday.
Apparently they desperately need someone who can.... route ethernet cables.
-
@Tsaukpaetra said in The Official Status Thread:
@BernieTheBernie said in The Official Status Thread:
during the last 3 days.
Did it rain?
That blue color does not mean
precipitation
.
-
Status: Holy shit, USPS's shipping logon has a case-sensitive user name. What Home Depot parking lot in Hyderabad did they find those developers in?
-
Status: Buying The Complete Illustrated Encyclopedia of Dinosaurs & Prehistoric Creatures while wearing the shirt that says âTheropod fancierâ
-
@Zenith If the username is an email address, then the case sensitivity of the username part of the address is officially up to recipient's email server, though most are sensibly case insensitive.
That's my understanding anyway.
-
@Zecc said in The Official Status Thread:
@Zenith If the username is an email address, then the case sensitivity of the username part of the address is officially up to recipient's email server, though most are sensibly case insensitive.
That's my understanding anyway.
Sure, but that's almost certainly not the complaint here - the issue is that Arantor@example.com and arantor@example.com probably go to the same email box just fine, but that USPS's system doesn't treat them the same.
And if it has a username rather than email... doubly WTF.
-
Status: It's 05:10. I should probably go to bed.
-
-
@Zenith said in The Official Status Thread:
There's no excuse for doing it, it's the path of least resistance for someone building 'my first login system' but all the good frameworks have examples of doing this sanely out of the box...
-