• 0 Posts
  • 27 Comments
Joined 1 year ago
Cake day: July 1st, 2023
  • sudoshakes@reddthat.comto196@lemmy.blahaj.zonePasswor(ule)d.
    1·
    6 months ago

    Notice how I didn’t just use the service name?

    <Disco>

    <Netfucks>

    <MailGoog>

    Whatever nickname you use for your services. There is no requirement you also use the service name in the tagging template.

    The idea that a breach of a service would have someone looking at your individual password is also pretty silly. There would be variations and pattern matching Lagos run against lists of hundreds of thousands to millions of passwords… but the decryption of a complete password to plain text is so reductions at this point, we are talking about the 0.01% case of a then even more silly “let’s look at this guys password in particular” 0.0001% case on top of it…

    It’s not a real problem because if your service is at the point it is leaking not just salted and hashed passwords, but plain text passwords: you are in a big problem up no matter what for most users. Almost everyone reuses passwords. The real risk is the simple reuse. Get just a slightly different variation and you are miles more secure in the case of a breach that results in full decryption.

    The majority still reuse Password1234! Everywhere. This gives you a easier way to be miles better.

    Better still of course is some sort of managed password vault, assuming you trust their implementation. However, this costs zero in the training, or tech literacy upskilling that even the moderate change to a password vault requires. It’s simply an extension of what people already intuitively know. Thus, barrier to entry is easier while giving you several orders more protection.

  • sudoshakes@reddthat.comto196@lemmy.blahaj.zonePasswor(ule)d.
    11·
    6 months ago

    You can take this a step further to segregate passwords as well.

    Reusing passwords across devices is bad. If one gets compromised you don’t want a password being out into a brute force table to be used with all your other accounts elsewhere.

    This method of tagging using HTML markup styles in your passwords lets you keep the same core passphrase but alter the tagging, specific to the service.

    You can do this easily while also giving you artificial password complexity.

    Example:

    Core passpgrase is “yogurt”

    Password for gmail becomes markup with a <mailPassGoog>yogurt</mailPassGoog>

    I only need to remember yogurt.

    Every device just gets a truncated service tag appended to the beginning and end using HTML style tags.

    Suddenly you have a 26+ character password that you don’t forget and doesn’t compromise you across other services because each is different.

  • sudoshakes@reddthat.comtoTechnology@lemmy.worldThe French government doesn't consider WhatsApp, Signal or Telegram secure enough, replaced by Olvid (Google translate link in post text)English
    34·
    7 months ago

    Sure it does, but that doesn’t make it bad.

    Open source code is not the only solution to secure communication.

    You can be extremely secure on closed source tools as well.

    If they found specific issues with Signal aside from not being allowed to freely inspect their code base, I suspect we would be hearing about it. Instead I don’t see specific security failings just hat it didn’t make the measure for their security software audit.

    As an example of something that is closed source and trusted:

    The software used to load data and debug the F-35 fighter jet.

    Pretty big problem for 16 countries if that isn’t secure… closed source. So much s you can’t even run tests against the device for loading data to the jet live. It’s a problem to sort out, but it’s an example of where highly important communication protocols are not open source and trusted by the governments of many countries.

    If their particular standard here was open source, ok, but they didn’t do anything to assure the version they inspected would be the only version used. In fact every release from that basement pair of programmers could inadvertently have a flaw in it, which this committee would not be reviewing in the code base for its members of parliament.

  • sudoshakes@reddthat.comtoMemes@lemmy.mlCope harder pasta eaters/s
    7·
    7 months ago

    Yes.

    Just this month I was there and the pizza is a different concept there to be sure.

    Street pizzas of thinly sliced zucchini or potato covering bread rounds with olive oil. That’s pizza in Rome.

    Focaccia bread like crust with some anchovies and potatoe? Pizza.

    Neapolitan style is just a different style again, but the theme is dough is not the delivery agent, it is the primary purpose. The dough is the important bit, with toppings being intended to enhance subtle flavors for it.

    Italian pizza is most similar in American expectations of food typically found there, to flatbread dishes. It’s flatbread with some stuff on top to accent it. There is no cheese on most of the pizza I had in the various parts of Italy I was in. Cheese was not an expected component. Healthy or at least flavorful variations on additions to the dough are the goal.

    Whether you are in Sardinia, Calabria, or Rome; pizza is pizza dough with local additives.

    I have seen French fries on top of pizza in Sardinia, and this was called there “American pizza” :)

  • sudoshakes@reddthat.comtoAsklemmy@lemmy.mlwhat are some of the best purchases you've made ?
    7·
    8 months ago

    Two questions for you!

    1.) What is the most useful thing we in the Lemmy community can do to help you get that Oscar?

    2.) I have a secret Santa this year coming up in a month that I am a part of with some friends. Would you be interested in leaving a comment for a friend of mine in response to this that I can show them a month from now for the secret santa?

    “Hey Rome, this is Margot Robbie wishing you a merry Christmas and happy new year?”, or something like that?

    Thanks for being cool either way and good luck getting nominated this year!