Author Topic: Things That Annoy You  (Read 1111092 times)

0 Members and 7 Guests are viewing this topic.

Offline RavynousHunter

  • Master Thief
  • The Beast
  • *****
  • Posts: 7634
  • Gender: Male
  • The Mad Dog of Shimano
    • My Twitter
Re: Things That Annoy You
« Reply #10560 on: August 23, 2017, 06:35:38 pm »
I've been close to that...the wonderful pleasures of not having central heat, lol.
Quote from: Bra'tac
Life for the sake of life means nothing.

Offline RavynousHunter

  • Master Thief
  • The Beast
  • *****
  • Posts: 7634
  • Gender: Male
  • The Mad Dog of Shimano
    • My Twitter
Re: Things That Annoy You
« Reply #10561 on: August 25, 2017, 10:06:04 pm »
Meh, whatever, its a different thing, so fuck it.

(click to show/hide)

Saw this on my FB feed.  Despite this being proven bullshit, somebody posted it claiming it was legit.  Now, I don't know this person, myself (friend of a friend of my brother), but this bullshit just...it just annoys the fuck out of me.

1. The machine has no way of knowing what your PIN number happens to be; if the security is anything in the neighbourhood of your average online retailer, then it works like a password in which an encoded (hashed) version of the PIN is sent and compared to a hash stored on the bank's servers.

2. Going off this, two hashes are never supposed to be identical unless the strings are identical; a good hashing algorithm will work to ensure that even similar plaintext strings are encoded to be vastly different from one another.

3. Just because two sets of plaintext are the reverse of one another does not mean that the hashed values will also be reverses of one another.

4. Even if the bank does the stupidest possible thing and authenticates via plaintext on both ends, how's it supposed to know you're under duress and not simply an idiot, or someone with a stolen card, or even just dicking around?  If the bank sends for police every time this happens, the false positives will eventually cost someone (likely the bank, as the originator of the call) a lot of money for wasting their time because, get this, if you send a tonne of false calls to the police, they will fine you.  Banks are ruthlessly profit-focused, do you really expect them to care if you're under duress if it could end up costing them money?  If you believe that, then you are likely in need of people in nice, white coats to come and clean the drool off your chin.
Quote from: Bra'tac
Life for the sake of life means nothing.

Offline The_Queen

  • Royalty & Royalty-free
  • The Beast
  • *****
  • Posts: 1720
  • Gender: Female
  • And here we go...
Re: Things That Annoy You
« Reply #10562 on: August 26, 2017, 03:10:22 am »
I want to meet the dickhead who thought up that elaborate piece of bullshit. Like, "hey, some people get robbed at the ATM. I'm going to tell them a simple, plausible, and convincing lie that may get them killed."
Does anyone take Donald Trump seriously, anymore?

Offline RavynousHunter

  • Master Thief
  • The Beast
  • *****
  • Posts: 7634
  • Gender: Male
  • The Mad Dog of Shimano
    • My Twitter
Re: Things That Annoy You
« Reply #10563 on: August 26, 2017, 08:18:50 am »
Exactly my thoughts.  Like, some people would no doubt question my anger towards this particular lie when I honestly laugh at birther bullshit and nonsense chain email garbage.  The difference is that the latter, while irritating, is mostly harmless.  This, however, could get someone robbed, hurt, or killed; this variety of bullshit is actually fucking dangerous.
Quote from: Bra'tac
Life for the sake of life means nothing.

pyro

  • Guest
Re: Things That Annoy You
« Reply #10564 on: August 26, 2017, 03:59:11 pm »
[a bunch of stuff about hashes]

You hash the PIN. If it matches the stored hash, great. If it fails, hash the reverse of the PIN. If it matches, then enter the emergency mode. If the reverse also fails, then the PIN is just wrong. Throw an error.

I mean, please don't call something impossible unless you've at least thought about what it would take to implement it. Sure, the scheme I described is vulnerable to timing attacks, but you'd need millisecond timing to detect it.

Offline dpareja

  • The Beast
  • *****
  • Posts: 4197
Re: Things That Annoy You
« Reply #10565 on: August 26, 2017, 04:03:59 pm »
Hi, I'm a palindrome!
Quote from: Jordan Duram
It doesn't concern you, Sister, that kind of absolutist view of the universe? Right and wrong determined solely by a single all-knowing, all powerful being whose judgment cannot be questioned and in whose name the most horrendous acts can be sanctioned without appeal?

Quote from: Supreme Court of Canada
Being required by someone else’s religious beliefs to behave contrary to one’s sexual identity is degrading and disrespectful.

Offline RavynousHunter

  • Master Thief
  • The Beast
  • *****
  • Posts: 7634
  • Gender: Male
  • The Mad Dog of Shimano
    • My Twitter
Re: Things That Annoy You
« Reply #10566 on: August 27, 2017, 12:17:50 am »
[a bunch of stuff about hashes]

You hash the PIN. If it matches the stored hash, great. If it fails, hash the reverse of the PIN. If it matches, then enter the emergency mode. If the reverse also fails, then the PIN is just wrong. Throw an error.

I mean, please don't call something impossible unless you've at least thought about what it would take to implement it. Sure, the scheme I described is vulnerable to timing attacks, but you'd need millisecond timing to detect it.

Doesn't work unless you already know the plaintext.  Ideally, NOBODY knows the plaintext; either way is too insecure for modern use.  Again, just because two strings are the opposite of one another doesn't mean their hashes will be opposites.

Proof:

md5 of 'asdf:' 912ec803b2ce49e4a541068d495ab570
md5 of 'fdsa:' fc2baa1a20b4d5190b122b383d7449fd
« Last Edit: August 27, 2017, 12:55:36 am by RavynousHunter »
Quote from: Bra'tac
Life for the sake of life means nothing.

Offline Askold

  • Definitely not hiding a dark secret.
  • Global Moderator
  • The Beast
  • *****
  • Posts: 7741
  • Gender: Male
Re: Things That Annoy You
« Reply #10567 on: August 27, 2017, 08:09:47 am »
This headline is a lie and propaganda: http://observer.com/2017/08/court-admits-dnc-and-debbie-wasserman-schulz-rigged-primaries-against-sanders/

The point is that EVEN IF all the claims were true, DNC would not have done anything illegal BUT the court does not comment on whether any of the claims are true.
No matter what happens, no matter what my last words may end up being, I want everyone to claim that they were:
"If you strike me down, I shall become more powerful than you could possibly imagine."
Aww, you guys rock. :)  I feel the love... and the pitchforks and torches.  Tingly!

pyro

  • Guest
Re: Things That Annoy You
« Reply #10568 on: August 27, 2017, 01:10:37 pm »
[a bunch of stuff about hashes]

You hash the PIN. If it matches the stored hash, great. If it fails, hash the reverse of the PIN. If it matches, then enter the emergency mode. If the reverse also fails, then the PIN is just wrong. Throw an error.

I mean, please don't call something impossible unless you've at least thought about what it would take to implement it. Sure, the scheme I described is vulnerable to timing attacks, but you'd need millisecond timing to detect it.

Doesn't work unless you already know the plaintext.  Ideally, NOBODY knows the plaintext; either way is too insecure for modern use.  Again, just because two strings are the opposite of one another doesn't mean their hashes will be opposites.

Proof:

md5 of 'asdf:' 912ec803b2ce49e4a541068d495ab570
md5 of 'fdsa:' fc2baa1a20b4d5190b122b383d7449fd

I'm not sure where the misunderstanding is, so let's go through it again...

The database server, somewhere far away from the ATM, has '912ec803b2ce49e4a541068d495ab570' stored in it, connected to your debit card number. It does not know the plaintext PIN, just this hash.

You typed in 'fdsa' into the ATM. The ATM hashes it to 'fc2baa1a20b4d5190b122b383d7449fd' and sends that hash to the server. The server, of course, responds that it is not a match.

So the ATM hashes it again, but in reverse ('asdf'), producing the hash '912ec803b2ce49e4a541068d495ab570' which it sends to the server. The server responds that it is a match. The ATM sends another command to the server saying that the cops should be called.

The server never knows the plaintext PIN. The ATM does, temporarily, but even in normal authentication it needs to know the PIN to hash it.

Offline RavynousHunter

  • Master Thief
  • The Beast
  • *****
  • Posts: 7634
  • Gender: Male
  • The Mad Dog of Shimano
    • My Twitter
Re: Things That Annoy You
« Reply #10569 on: August 27, 2017, 02:31:08 pm »
That is possible, I suppose.  However, it doesn't account for the possibility that the person's either just screwing around (like, let's say they let their kid enter the PIN because parents are like that) or got it mixed up in their head (for example, if its a new PIN).  Eventually, the police are going to start charging the bank for all these false alarms because you can, and will, be fined for wasting their time.
Quote from: Bra'tac
Life for the sake of life means nothing.

Offline Svata

  • Doesn't even fucking know anymore
  • The Beast
  • *****
  • Posts: 1489
  • Gender: Male
  • No, seriously, fuck astrology.
Re: Things That Annoy You
« Reply #10570 on: August 27, 2017, 02:55:35 pm »
Also, palindromes.
"Politician" is the occupational equivalent of "Florida".

Offline dpareja

  • The Beast
  • *****
  • Posts: 4197
Re: Things That Annoy You
« Reply #10571 on: August 27, 2017, 03:08:46 pm »
Also, palindromes.

Hi!

Also, if you have 4-digit PINs, barring palindromes would just cut the number of allowable PINs from 10,000 to 9,900. So it's not that big a restriction, I think. If you have 5-digit PINs, that restriction cuts it from 100,000 to 99,000.

Quote from: Jordan Duram
It doesn't concern you, Sister, that kind of absolutist view of the universe? Right and wrong determined solely by a single all-knowing, all powerful being whose judgment cannot be questioned and in whose name the most horrendous acts can be sanctioned without appeal?

Quote from: Supreme Court of Canada
Being required by someone else’s religious beliefs to behave contrary to one’s sexual identity is degrading and disrespectful.

pyro

  • Guest
Re: Things That Annoy You
« Reply #10572 on: August 27, 2017, 08:27:43 pm »
That is possible, I suppose.  However, it doesn't account for the possibility that the person's either just screwing around (like, let's say they let their kid enter the PIN because parents are like that) or got it mixed up in their head (for example, if its a new PIN).  Eventually, the police are going to start charging the bank for all these false alarms because you can, and will, be fined for wasting their time.

I never said it was a good idea.

Offline ironbite

  • Overlord of all that is good in Iacon City
  • Kakarot
  • ******
  • Posts: 10006
  • Gender: Male
Re: Things That Annoy You
« Reply #10573 on: August 31, 2017, 09:20:03 am »
Got suspended by Twitter today.  I bet it's because I was annoying a Nazi.

Ironbite-dicks.

Offline Askold

  • Definitely not hiding a dark secret.
  • Global Moderator
  • The Beast
  • *****
  • Posts: 7741
  • Gender: Male
Re: Things That Annoy You
« Reply #10574 on: September 01, 2017, 12:23:07 am »
...I remember reading a rant from an incel how "having daughters is the ultimate cuckoldry." It ws bad and creepy.

...But just today I saw the rant being used as an erp prompt and I'm afraid to find out if it's the same guy fetishizing his hypothetical daughter or just someone making fun of the original rant...
No matter what happens, no matter what my last words may end up being, I want everyone to claim that they were:
"If you strike me down, I shall become more powerful than you could possibly imagine."
Aww, you guys rock. :)  I feel the love... and the pitchforks and torches.  Tingly!