Seriously, it feels like 1999 internet. And I’m loving it!

56K modem handshake sound intensifies

While on the topic, this isn’t how passwords work in systems.

Passwords are stored as one way hashes. So it’s cryptoed only in one direction, it’s lossy, and can’t be recovered back to the original password.

When you log on, your cleartext PW is hashed in ephemeral memory/storage and then the cleartext password is thrown away.

That hash is compared to the hash in the DB. If the hash matches, then you have access. If it doesn’t, then your PW is incorrect.

Oh my sweet Summer Child. This is definitely how it’s supposed to work, but there are plenty of services that just don’t know what the fuck they’re doing.

Have you ever been on a site that has a stupid-low character limit for a password? There’s literally no reason to do that, all the hashes are going to end up the same size in the DB anyway regardless of the original string length. Even bcrypt’s max secret character limit is 70-something characters.

Ever change a password and have it not work on the next login because they’re silently truncating it after a certain character limit? Ever get an email with an actual password in it?

The only reason you would do things like this is if you’re storing/processing passwords in plaintext and not hashing it client-side first.

I can think of 3 offenders of this off the top of my head. It’s a lot more common than you’d think.

hunter2

Wow, what a coincidence, my password is ******* too!

Were told our assignments in high school would get an automatic zero if we didn’t turn them in in cursive, even…

I’m considering switching everything to Debian eventually, but there’s a couple dedicated repos that make using Fedora on my laptop much easier for now.

I’d recommend against that. Debian is fantastic for a server, but I think it leaves a lot to be desired as a workstation OS as compared to Fedora.

You can get it there/make it that way, but Fedora is just better from a user experience/convenience perspective out of the box.

BTW, any authenticator app works when it tells you to use one. They all use a standard, so it doesn’t matter which one you use.

Eh, it’s a little more nuanced than that, there’re more standards for MFA code generation than just TOTP.

And even within the TOTP standard, there are options to adjust the code generation (timing, hash algorithm, # of characters in the generated code, etc.) that not all clients are going to support or will be user-configureable. Blizzard’s Battle.net MFA is a good example of that.

If the code is just your basic 6-digit HMAC/SHA1 30-second code, yeah, odds are almost 100% that your client of choice will support it, but anything other than that I wouldn’t automatically assume that it’s going to work.

really wish Linux would could up something similar.

I mean, it kinda already exists. Just run it in a Docker container and remap the users in the container to non-existent uids/gids on the host.

If Linux was dominant it wouldn’t be Linux. There would be more pressure to monetize and there would always be someone willing to sell out for that money. You can see this even in the Linux community today. I’m sorry I had to be so negative about it though, it sounds nice.

This is a very Desktop/workstation-centric view of the situation and you’re completely neglecting 3/4ths of the story. Linux is already hilariously dominant on the on-prem server and Cloud side of things. Like, it’s not even close. Pretty much any website you visit, the odds are overwhelming that it’s running Linux. Even Microsoft runs most of the underlying infrastructure for Azure and Github on Linux. Android is the #1 mobile phone platform in the world, which runs on, you guessed it, Linux.

And it’s already monetized to the gills. Red Hat has multi-billion earnings per quarter, every quarter, and Canonical is almost certainly going to IPO this year.

It’s already dominant in pretty much every space it touches and it has been for a very long time. Desktop/workstation is pretty much the singular exception to that.

If you feel this way, you should definitely look in to getting into D&D. This game is the closest you’re going to get to playing a D&D campaign in a video game as far as translation to the medium goes.

If you like this game, you will absolutely love D&D.

I was on reddit before the digg exodus

Man, I remember when that shitshow happened. It was like reddit’s version of Eternal September.

Or just cleared the SAM password altogether. Windows is trivially easy to break into if you have physical access and the volume isn’t encrypted.

Hockey is definitely the sport helped the most by HD video.

Only a few?

Lucky guy.