|
What's wrong with kids these days? I was finding ways to get my own internet access despite my parent's wishes when I was half his age back when getting online meant knowing about AT commands.
|
|
|
|
How do you make a brain?
Don't most people cook them the same way as scrambled eggs? |
|
|
|
Let's examine free market dynamics as related to Sumatran rhino horn. Sumatran rhino horn is currently priced at approximately $50,000 per kilo (maybe more as the news report was a year old).
$50,000 per kilo?!? Just for the horn? Holy shit, We should go over there, buy some land, and start farming rhinos. At that price they would be insanely profitable than cattle (which are in no danger at all of going extinct). Let's get some investors together and get to work in this right now. Since you said this is a free market there aren't going to be any arbitrary restrictions that would prevent entrepreneurs from increasing the supply of rhinos to meet the demand, are there? |
|
|
|
But, in 10 years? Imagine that in 10 years a single RigBox is 100x as powerful as today's, and that I can rent 100 of them. That much compute power still isn't enough to get a private key in, say, a few weeks? If every atom in the solar system were a computer capable of performing calculations at 10 GHz (assuming all calculations could be done in a single cycle) it would take 300,000 years to count to 2^256 |
|
|
|
Yes. It should bother you.  Without salt it is easy to precompute and store passwords years in advance. When you get a hacked password database you simply "look them up". They password will never change so the hash of "34IDdka]o43';s/A was "7c6fbf7e2bfceb28c7be5e5e669864a8f0fb079b in 1992, it is still the same today and it will still be the same in 2099. Now with salt they can't do that but as I pointed out people way way way way (20 magnitudes of way) understimate how easy it is to brute force passwords if the hashing algorithm is fast. A rig box = 50 billion hashes per second. To put that into perspective EVEN WITH SALT: To brute force a database of 20 million (know, leaked, common, and dictionary based) passwords would take: <1 second To brute force all 6 digit or smaller passwords would take ~ 14 seconds. To brute force all 7 digit passwords would take ~ 23 minutes. To brute force all 8 digit passwords would take ~ 1.5 days. A strong password is not enough. Three elements are requried (and sadly even some in the Bitcoin community treat it as optional): 1) A strong password (which means website checking new password against lists of know and compromised passwords) 2) A slow hashing function (bcrypt, scrypt, pbkdf2, etc) 3) A large random per record (64 bit) salt Anything less is insecure. How insecure varies but it can and will be broken given enough time and resources. I wonder what it's going to take for authentication systems like gpgAuth to see adoption. |
|
|
|
Why do I need to be suspicious? I have a balance sheet with hard numbers on it. Are you going to argue with math and hard numbers?
As for the opportunity cost, well there is no cost if it isn't any worse than the other options, in terms of features and rates.
And I really don't know how the heck you got to the conclusion that anything was "perpetual". Just because one service pays out doesn't mean that there isn't another that sucks it right back in again. I just don't happen to use the credit services that charge 25% APR just because they can. So sue me for not using credit in the way that a bank would like me to, and leaching off of the non-credit, paying services.
The original question was whether or not the fraud protection provided by banks was free or not. It is not free because the resources the bank uses to refund your money in the event of a stolen card, for example, are resources they aren't using to pay you a higher interest rate on your deposits or provide other services. Likewise, deposit insurance is not free. People who think the resources which are used to provide certain services in the traditional banking system magically appear out of thin air are going to be confused about why it doesn't work the same way in a Bitcoin economy. |
|
|
|
Because there is no bill.
Because the service is free.
Of course it is. Quit being such a condescending dick. Of course it can be free. My checking account actually pays me interest, and the interest is actually greater than that of my savings account. Additionally there are other perks, such as refunds of ATM fees, and more. If you are using a shitty bank that charges you money to use a checking account, don't assume that all other banks suck that hard. Also, switch banks. Nothing is free. I'm not going to try to force you to understand the mechanisms by which you pay for the services you receive from your bank; but if you're old enough to to be posting on an online forum you really should have figured out by now that perpetual motion doesn't exist anywhere in the universe and so should already be suspicious about any claim of "free". |
|
|
|
Will you put your ass on the line to defend that statement as an absolute truth? I'm confident enough in the company's incentive not to deliberately screw over their users to use the service. I need to trust them not to steal my passphrase, but I don't think that adds very much risk because I also need to trust all the websites I have accounts on to not do nefarious things with my data. The government could force LastPass to install a backdoor in their plugin that recovers my passphrase (like Hushmail) but so what? They could just as easily force Google to turn over my Gmail account or my bank to give them all my money and they don't need my passwords to do it. |
|
|
|
is there only one unique string (password) that corresponds to a given hash? Theoretically there are are infinite number of inputs that will result in the same hash because the hash function outputs a fixed-length value but the input can be any length. |
|
|
|
Because there is no bill.
Because the service is free.
Of course it is. |
|
|
|
My checking account is free, I'm not paying for any insurance on it. Of course you are. You just don't notice it because it's never itemized anywhere on a bill. |
|
|
|
And the bank would generally refund the money, same with fraud on a credit card. I'm wondering if there is a process setup here for a refund in case I am robbed of my bitcoins. What you are describing is insurance. I'm sure that if enough people want this kind of service somebody will be willing to start a business that provides it. Don't expect that service to be free, however. |
|
|
|
It was hard enough to take this thread seriously before the name change... |
|
|
|
So far 3,427,202 passwords have cracked from LinkedIn List Almost 50%Its been about 24 hours - The longest? a 29 letter sentence from Bible - https://twitter.com/CrackMeIfYouCan/status/210474428407103490So, the "username" (LinkedIn doesn't use usernames, so that's e-mail address) hasn't been leaked. So 3.4 million email passwords, maybe a quarter (more, I'ld bet) used the same password as their email, and PayPal. So presuming a party with malicious intent has control of close to a million valid email accounts and passwords . So from there, I'm guessing access to the email accounts gives "forgot password" capability to bank accounts. Most of those will be slowed by a "mother's maiden name" mulltifactor security question, ... but there's probably thousands (or tens of thousands) of bank accounts that will get compromised as a result of this. PayPal, without having a security question hurdle even more. Dwolla uses a PIN #, ... hopefully not a whole lot of people used 4321 or 9999 PIN codes for that. Aye ,... this could be painful. I'm disappointed. According to LeakedIn my password is not part of the leak. It would have been interesting to see if anyone managed to crack my old password: h0NOl&tHgNr7ePTiayf7 |
|
|
|
|
As soon as someone starts using this feature to buy and sell Magic cards the circle will be complete.
|
|
|
|
You enter a master password and other details (like the domain name and user id) then it uses a hash function to generate a password that doesn't need to be stored anywhere. It does all of that on the client, in the browser and you can access it from any computer with an internet connection and a browser (only on a computer you trust of course). I used a tool like that before but found it more convenient to use a tool that came with plugins for every browser I use including Android. I want my password manager to Just Work no matter which browser I am using so I've found it to be easier to disable the built-in managers and just use the LastPass plugin for everything. |
|
|
|
The safest thing you can do as a consumer is user a random password at each site.
Doing that is much easier with a dedicated password manager, like LastPass. |
|
|
|
|
Where is the best place to report compile errors?
|
|
|
|
Now that they are getting rid of unions, I expect that pensions and social security will be eliminated.
It doesn't matter what anyone wants or doesn't want. There just isn't any possible way to out all the benefits that people were promised. |
|
|
|
|
This is just my purely subjective personal opinion but if I had a wallet with $100,000+ in it I would store it on a computer that had complete air gap security - not even an RS-232 link to an Internet-connected computer. I would want the ability to create offline transactions by hand-keying in the source and destination addresses and would broadcast the transaction by having the offline computer print a hard copy that another computer could scan in and upload to the network.
|
|
|
|
|
Show Posts
