zabadoh @ zabadoh @lemmy.ml

Posts

33

Comments

141

Joined

2 yr. ago

Except Mozilla has declining revenues.

Possibly even less money in the future if the Google antitrust suit bars them from paying Mozilla to place their search engine first.

I understand what you're saying, and that in the real world, bad security practices abound among average users who are likely to have passwords like "12345678" or "password"

But in this fictional scenario, my advice is directed at someone who has something valuable enough to protect behind a 121 character passphrase against a very determined adversary who has a Planck Cruncher at their disposal and is willing to run it for 100 years to crack that someone's data.

A little extra security protocol might be worth the extra effort.

I can see how that would be unclear, and I apologize for the misunderstanding.

You're describing the best case scenario for the person wishing to protect their password, where the Planck Cruncher guesses the password on the very last possible combination, taking 100 years to get there.

The Planck Cruncher might guess the password correctly on the first try, or it might guess correctly on the last possible combination in 100 years.

What we really want to measure are the odds of a random guess being correct.

The most "realistic" scenario is the Planck Cruncher guessing correctly somewhere between 0 and 100 years, but you want to adjust the length of the password to be secure against a powerful attack during the realistic life of whatever system you're trying to protect.

On average, assuming the rate of password testing is constant, it'll take the Planck Cruncher 50 years to guess the 121 character password.

And that assumes the password never changes.

If the password is changed while the Planck Cruncher is doing its thing, and it changes to something that the PC has already guessed and tested negative, the PC is screwed.

Hint: Change your password regularly. edit: The user should change their password regularly during the attack.

Each password change reduces the risk of a lucky guess by that many years of PC attack.

You'd be surprised.

I have a RL friend who's on Reddit all the time, and he didn't even hear about the shutdown, much less /r/place, or anything like lemmy. I've been trying to sell it to him...

Re: The "We're elite" becomes "We're bored talking among the same old people" or "We're burned out", leading to users leaving and formerly thriving communities dying.

I've been around long enough to see this happen on multiple forums.

Or anything the devs can do to make it not look goofy.

It's part of the ol' Big Tech playbook:

If a promising emerging competitor emerges:

1. Acquire the emerging competitor for cheap when it's still small
2. Copy the competitor's best features to make them irrelevant
3. Co-opt them with integration so the competitor's users won't see any advantage to staying with them
4. Pollute the competitor's content to make your own offering look better
5. Steal the competitor's best talent

Image rendering attacks and download tracking are well known, so it's not paranoid at all.

I'm not sure how extensive the spam wave was, nor how quickly the user was able to create an account, make the comments.

I doubt that the quantity in that I came across would be enough to take down a server, but that may be the point: To test lemmy's collective defenses and response without drawing too much attention.

A common IP address or address range ban file that's frequently updated and downloaded by each instance might be another way to boost security.

If this is actually an org attack, I'm guessing that we'll see botnet DDOS comment and post attacks next.

It looks like some kind of fix was implemented after my post, so I can't replicate the problem for you.

Whenever I edit one of my cross-instance posts, the language defaults to English, and I can save my edits with no issues.

Now whether the fix was on an instance basis, i.e. config changes, or in some Lemmy-system update, I can't tell you.

edit: Maybe my issue was solved along with the fix for the default languages: https://lemmy.ml/post/13410320

I disagree that people suck.

I think that enshittification on any SM platform, whether free and open, or built for commerce, happens when companies try to exploit it for commercial gain.

Take Usenet for example: At the beginning it was great, then spammers found they could post unlimited spam across the newsgroups for free, and it became shit, barring a few groups where mods had to work very hard to weed out the spam to keep them readable, but eventually collapsed, and people moved on to the new platforms.

Reddit, was built for ads and tracking its users to start with, so the gradual creep of enshittification was no surprise there.

And now we have nation-state backed disinformation campaigns to deal with in addition to commercial spam.

I could see Lemmy and the Fediverse in general taking a similar path to Usenet, if the devs, admins, and mods aren't vigilant about keeping bad actors out.

I like the Fediverse's guarantor feature for adding new instances, but we'll have to see how well it holds up under assault from spammers.

Someone just gave me a workaround for this:

Before saving the edits, select a language, other than "Undetermined".

After doing that, my edits to the posts saved normally

Hero Has Returned, ch 115

It's like a giant robot trying to stamp out cockroaches for the last 5 or 6 chapters: Wrong tool for the job...

Bad bot

I'm trying to say report a bug and the steps to re-create the bug.

It's weird that this /c !anime@lemmy.ml doesn't show up on neither Feddit's Community Browser https://browse.feddit.de/ or Lemmy Explorer https://lemmyverse.net/communities when searching for "anime"

Instead anime@(the-instance-that-shall-not-be-named).social shows up first on Community Browser, and

I'm not sure what to make of that.

Is someone trying to shadow deprecate this /c/ ?

I'd forgotten all about C/FO because it had been such a long time since I'd heard of them.

It was really local groups who organized anime showings on college campuses who kindled me to take a more serious interest in anime.

Tape trading is where those groups from the 70s and 80s got their imported show from, but tape trading happened in all kinds of media, e.g. rock concerts.

Often we'd wind up watching 3rd or 4th gen VHS copies, i.e. grainy, washed out with bad sound, because we were so far down the chain.

...Aaaand the entries from the modlog concerning deleting my thread and post have been deleted.

Wonderful transparency there....

Fortunately, the bookwormstory.social entries are still there, so I could recover my scribblings.

Hahaha, the writer's joke was on us the viewers!

It starts out as a boring isekai "quiet life" scenario, then things get complicated...

The amount of twists that were thrown in to ratchet up the tension...

This is the best first episode I've watched in the new season so far.

Actually according to the modlog, some "mod" removed for "Mahou Shoujo ni Akogarete • Gushing over Magical Girls - Episode 1 discussion" citing Rule 3 "No Porn"

I mean the show is risque, but we're starting to see nipples on Hollywood red carpets these days...

"mod" being in quotes because of the uncertainty elsewhere in this post...