mic_check_one_two

@mic_check_one_two@lemmy.dbzer0.com

This is a remote user, information on this page may be incomplete. View at Source ↗

⁨Comment⁩ on ⁨tall tails⁩ ⁨⁨14⁩ ⁨hours⁩ ago⁩:
Soft tissues can also become fossils under the right conditions. For an example, here is the fossil used for the B. markmitchelli holotype:

Image
⁨Comment⁩ on ⁨He died doing what he loved.⁩ ⁨⁨1⁩ ⁨day⁩ ago⁩:
In times like this, fascists will work to weaponize empathy. They’ll say you’re an awful person if you don’t feel bad about it. They’ll say you’re awful for shit-talking, because you lack empathy. In reality, demanding empathy from the victims of fascism is another violence against the victims that those fascists actively work to oppress.

Fascists have mastered the act of shooting and crying, then using empathy (or more specifically, the lack thereof) to demonize the same people they have been shooting at. They begin by oppressing people. When those oppressed people eventually refuse to show empathy for the fascists, the fascists claim that the people they have been shooting at are monsters. And that is used to further justify the fascists’ actions.

Don’t fucking fall for it. This is the same idea behind “the tolerant left” being coined by conservatives. It’s used as a cudgel whenever intolerance is refused, like some sort of gotcha.
⁨Comment⁩ on ⁨Plex got hacked.⁩ ⁨⁨4⁩ ⁨days⁩ ago⁩:
Yes, the salt is stored right alongside the username and hashed password. The point of the salt isn’t to be unknown; It’s to make every single password unique before it gets hashed, which invalidates the hackers’ pre-generated rainbow tables. It forces them to re-generate their table for each user. Even identical passwords will create different hashes, because the salt is different for each user. Essentially requiring the hacker to brute force every single password, even after they have the database downloaded.

Basically, the hash algorithms are known. There are a few common ones, but they’re all reliable. A rainbow table is generated by running potential passwords through each hash, and saving the results. For a simplified example: maybe for a certain hashing algorithm, “password” generates the hash “12345”. I have a pre-generated table with millions of potential passwords that tells me as much. And I have repeated this for all of the most popular hashes. This gigantic database (literally hundreds of GB in size) of millions of potential passwords and resulting hashes for the most popular algorithms is my rainbow table. This took hours of cooking my CPU to generate.

So I hack an unsalted password database, and find a bunch of hashes that are listed as “12345”. I can now guess that they’re probably using that specific hash algorithm, and can immediately crack a bunch of passwords purely because I have already brute-forced them before I hacked anything.

But now let’s say it’s a salted hash instead. When I hack the database, my pre-generated rainbow tables are useless. Because now “password” is not being hashed as “12345”. It’s being hashed as something entirely different, because the salt is added before it gets hashed. Even if multiple users use “password”, it still doesn’t help me because each of their salts is unique. So even if two different users use “password”, they’ll each return different hashes. So I need to recreate my rainbow table for every single user. Even if two users both used “password” I’ll still need to check each one individually, with their unique salts.

This doesn’t completely invalidate the breach, but it drastically slows down my ability to access individual accounts. The goal is simply to slow me down long enough for the company to be able to send out “hey, change your password” notifications, and for the users to do so. Without a salt, once I have the database, I instantly know which hash the company is using. And I can immediately access a bunch of accounts using my pre-generated rainbow table. But with the salt, I’m still forced to crack each user individually.

To be clear, weak passwords will still crack faster. A good password guessing attack doesn’t just brute force. It starts with known lists of common/popular/weak passwords, because that known list of weak passwords will often get you into an account extremely quickly.
⁨Comment⁩ on ⁨Plex got hacked.⁩ ⁨⁨4⁩ ⁨days⁩ ago⁩:

You can’t reverse the hash, but you can generate hashes until you find a match.

That’s called a rainbow table attack, and that’s why you should salt your hash. This salt basically appends a unique string of characters to every password before it goes into the hash. Let’s say your users are dumb and use “password” for their password. If a hacker has pre-generated a rainbow table, (which is extremely time and resource intensive), then they’ll instantly crack that as soon as they get a match on those common passwords. Even if they haven’t generated a rainbow table, they can just look for identical hashes and guess that those users are using common passwords.

But if you salt it, it’ll slow the hackers down drastically by invalidating their pre-generated table. Each user has their own salt stored alongside the username and hash, so User 1’s hash actually saw “password19,jJ03pa5/-@“ while user 2’s hash saw “passwords)205JrGp02?@-“. Because each of their salts are unique, their resulting hashes are unique too. Even though they used the same password. Now the hackers need to crack the hash for each user, by incorporating the existing salts for each user. They’ll start with the weak and common passwords first, which is why it’s still best practice to use strong passwords. But they can’t actually start the rainbow table process until after they have hacked the info, and they’ll need to create fresh tables for every single user.
⁨Comment⁩ on ⁨Hollow Knight: Silksong Sparks Debate About Difficulty and Boss Runbacks⁩ ⁨⁨5⁩ ⁨days⁩ ago⁩:

I’m guessing it’s something like when you lose to a boss you have to travel a senselessly difficult and long way back to the boss to try again?

Exactly. Lots of bosses don’t have convenient save points nearby, so you’re forced to walk back from the save point every time. And many of the treks are either long or just outright annoying (cheesy enemies, obstacle courses, etc.)
⁨Comment⁩ on ⁨My reaction to learning that KingCobraJFS died a few days ago.⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
KingCobraJFS was one of the early internet troll targets. Sometimes called a lolcow, in the “you can use this person to farm lols” way. 4chan saw his early YouTube uploads, and quickly realized they could troll the hell out of him. He was mentally unstable, and always took the bait that trolls laid out for him.

Chris chan was basically the OG lolcow. She was an early YouTube uploader who obviously had mental issues, and 4chan bullied the hell out of her. And she always responded, which only fed the trolls even more. IIRC, she’s where a lot of the old shittily-drawn Sonic the Hedgehog memes came from, because she was trying to make a comic featuring Sonichu:
Image
⁨Comment⁩ on ⁨[deleted]⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Huh, somehow I had entirely missed the “Macron is married to his high school teacher, who he started… Uhh… “Dating” when he was 15 and she was 40” scandal.
⁨Comment⁩ on ⁨How to selfhost with a VPN⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
I think it’s technically possible, but your IP likely isn’t static, especially if you’re using a VPN. You’d need a new cert every time your IP changed.
⁨Comment⁩ on ⁨How OnlyFans Piracy Is Ruining the Internet for Everyone | Innocent sites are being delisted from Google because of copyright takedown requests against rampant OnlyFans piracy.⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Yup. People talking about DMCA reform, or adding penalties for false takedown requests… In reality, this is the DMCA working exactly as intended. It’s like discussing police reform, but the police are functioning exactly how the ruling class want them to.
⁨Comment⁩ on ⁨How OnlyFans Piracy Is Ruining the Internet for Everyone | Innocent sites are being delisted from Google because of copyright takedown requests against rampant OnlyFans piracy.⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:

I mean like 89% of the shit on Reddit is some OF model advertising.

fr

This
⁨Comment⁩ on ⁨That's an impressive drop. Any ideas why?⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Younger generations seem to treat basic conversation as cringeworthy. Like the fact that you’re even talking to them is seen as appalling, regardless of the context.

I’ve seen kids walk up to a register at a fast food joint, then act surprised and put off when the cashier asked for their order. Like the cashier was in the wrong for initiating a conversation. Oftentimes, the kid won’t even respond until the cashier is like “ooookay, uhh… If you’re not ready to order, can you step out of line?”

The best description I’ve seen for it is “they’re waiting for the dialog options to load.” Because it 100% looks like they’re just waiting for some external force to move the conversation along. It reminds me of when boomers get the lead paint stare while waiting for the card reader to finish reading their chip. The machine will just be dinging at them to remove their card, the cashier will be like “Uhh sir? Please take your card” and the boomer will act surprised. Like they were just stuck in a loading screen while the rest of the party was already pulling mobs.
⁨Comment⁩ on ⁨We are stopping shipments to the US - Kiwix⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:

The last I read, de minimis still applied. I didn’t know until now that was done with.

You can blame companies like wish.com for that one. Their entire business model was built around exploiting de minimis to never pay any taxes. Rather than importing a single shipping container valued above the de minimis amount, they list it as like 10000 individual items, each under the de minimis limit. It was overwhelming port authorities who didn’t have the manpower to handle that much paperwork for what should have been listed as a single shipment.
⁨Comment⁩ on ⁨LandChad, a site dedicated to turning internet peasants into Internet Landlords⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
You can also just run something like Cloudflare-DDNS to automatically update your IP directly with cloudflare. If a domain registrar already manages your domain, there’s little reason to rely on a third-party service for DDNS.
⁨Comment⁩ on ⁨how to start with self-hosting?⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Yeah, my only note is that Docker on Windows is… Kinda fucky? It uses WSL to run Linux in the background, which means that the volumes it creates aren’t easily accessible by Windows. If your container requires editing a config.json, for instance, that can be daunting for a newbie on Windows, because they won’t even know how to find the file.

You can work around this by mounting your volumes directly to a C:\ folder instead, but that’s something that many tutorials just completely skip past because they assume you already know that.
⁨Comment⁩ on ⁨Mastodon says it doesn't 'have the means' to comply with age verification laws⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
Ideally, it would be handled directly on the hardware. Allow people to verify their age once, using a government-run site. Then that user is now verified. Any time an age gate needs to happen, the site initiates a secure handshake with the device, and asks the device if the current user is old enough. The device responds with a simple yes/no using that secure protocol. Parents can verify their accounts/devices, while child accounts/devices are left unverified.

Government doesn’t know what you’re watching, people don’t need to spam an underfunded government site with requests every day, and age gates are able to happen entirely in the background without any additional effort on the user’s side. Adults get to watch porn without needing to verify every time, while kids automatically get a “you’re not age-verified” wall. And kids can’t MITM the age check, due to the secure handshake.
⁨Comment⁩ on ⁨Vivaldi takes a stand: keep browsing human⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
IIRC it’s used by a few devices that aren’t really built for web browsing. I think the PlayStation browser, some smart TV browsers, and the Kindle browser all use WebKit? But none of those devices are really intended for browsing, they just sort of have the browser available as an “I guess if you REALLY need to use a browser and have no other alternatives” option.
⁨Comment⁩ on ⁨Out of 10. Be specific!⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
Joke’s on you, the scale is from 3 to 17.
⁨Comment⁩ on ⁨The entire Social Security database was uploaded on a random cloud server, Whistle-Blower Says⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
I’ve said for a while that the SSA should do basically this exact thing. In a more controlled manner, but still the same result. Announce something like “in two years, we’ll make our database public. Every single name, DOB, and SSN will be publicly searchable.

It sounds radical, but SSNs were never meant to be a secure form of ID. Old cards even said something like “do not use this as ID” on them. But organizations quickly latched onto it because they wanted to have a way to identify individuals with the same name and DOB. And SSNs were convenient because people already had them.

It would force organizations to develop their own way to ID people. It would be a huge step towards making an actual secure form of ID. And the warning time would give people enough time to design the new system and roll it out, while still giving a hard deadline for when it needs to be done.
⁨Comment⁩ on ⁨Stop children using VPNs to watch porn, ministers told⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:

So you need age verification for any Internet access? For any computer or phone that could connect to the Internet?

I mean, experts have said for a while that if you’re going to require age verification, doing it directly on the device would be the most secure way. Allow parents to verify their phones, while creating child accounts for their kids.

When the site needs to verify their age, it simply asks the device directly if the user account is age-verified. It all happens in the background, so the adults never even need to bother with it once it’s set up.
⁨Comment⁩ on ⁨The average age of Disney princesses is 505y.⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
I guess Maleficent didn’t want to fill one of the princess of heart containers with saltwater.
⁨Comment⁩ on ⁨The average age of Disney princesses is 505y.⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
Her actual age is unknown, due to nobody knowing what year she was born. But estimates put her at around 17 when she was taken hostage and forcibly married to a tobacco farmer.
⁨Comment⁩ on ⁨The average age of Disney princesses is 505y.⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
Pocahontas is also younger than labeled. IIRC she was like 17 when she was forced into marrying a tobacco farmer. She died only a few years later.
⁨Comment⁩ on ⁨Trump mobilizing up to 1,700 National Guards troops in 19 states in crime crackdown⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
They were absolutely punished by the people giving the orders. They weren’t tried for refusing during the Nuremberg trials, but the ones who blatantly refused during the war didn’t survive that long; They were quickly forced out of service, labeled deserters, or just outright killed for being Jew sympathizers.
⁨Comment⁩ on ⁨Mmm...⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
Yeah, CO2 suffocation is a legitimately awful way to go out, because it feels like you’re suffocating the entire time. Basically, there isn’t an easy way for your body to detect how much oxygen you have. From a biological standpoint, there aren’t many good (or accurate) ways to measure oxygen saturation.

But CO2 is a different story. When CO2 is dissolved in water, it forms carbonic acid. This is the same acid that gives carbonated drinks their characteristic bitter bite; flat sodas taste overly sweet because there isn’t any acid balancing out the sugar. On a biological level, carbonic acid is really easy to detect.

So that’s what your body does. It detects carbonic acid in your blood. And when those levels rise, you feel like you’re suffocating. If you hold your breath, that urge to breathe isn’t caused by a lack of oxygen; It’s caused by a buildup of CO2. So if you gas someone with CO2, it instantly sends them into “I’m suffocating” mode. And they’ll stay there until they pass out from the lack of oxygen. But that entire time, they’ll feel like they’re suffocating, because their CO2 levels are continuing to rise.

A more humane method would be something like nitrogen. It still allows the CO2 to be expelled, so the feeling of suffocation never starts.
⁨Comment⁩ on ⁨UK Official Calls for Age Verification on VPNs to Prevent Porn Loophole⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
Real talk though, Tor for porn would be an awful experience and would slow down the entire Tor network. Tor is slow to begin with, and downloading large files (like videos) only slows things down even more for everyone. It should be a last resort, not the first thing people flock to.
⁨Comment⁩ on ⁨I love bpd girls⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
The mania also helps. Bipolar isn’t just a happy-sad thing. The manic phase is categorized in the same group as schizoaffective disorders. Some of the most common symptoms of mania are hyper sexuality and feeling invincible. Imagine being absolutely insatiable even while doing it. So you keep going harder and harder, trying to find something to sate the urge. And the entire time, you’re delusional to the point of thinking nothing will hurt you. If you’re a manic girl who just brought home a random hookup, he’s about to get sex so hard his entire genetic line will be impressed.
⁨Comment⁩ on ⁨Codeberg: army of AI crawlers are extremely slowing us; AI crawlers learned how to solve the Anubis challenges.⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
Exactly. Imagine needing to pay a penny for every request. Not a huge deal for someone who only makes one or two requests per year. But if you’re running a bot farm and making tens of millions of requests per day, you’ll quickly find that your operating costs have skyrocketed. That’s basically the idea behind Anubis; Make someone pay in CPU time, so the legit users don’t really notice but bots quickly eat up all of their servers’ CPU.
⁨Comment⁩ on ⁨Anyone remember this famous press conference and how it ended?⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
Yeah, plenty of folks encountered terrorist beheading videos when they were like 10. In the grand scheme of things, this video isn’t even that gory.
⁨Comment⁩ on ⁨Caption this.⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
For real though, the left one is 100% how Trump stands at a lectern. I’m not even kidding. The dude has his aides set a little wedge behind the lectern, to lift his toes and make him look like he’s standing upright.
Image
⁨Comment⁩ on ⁨Byeeeeeee⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:
Yeah, taxonomic classification always falls short of the natural world. It may be the same taxonomy, but that doesn’t mean they’re exactly the same.

Hell, if we only had dog fossils to work with, different breeds would almost certainly be considered entirely different species. But as it currently stands, they’re all the same species, (canis lupus familiaris), because we know the different breeds can mate with each other and produce viable offspring.