Redjard
@Redjard@lemmy.dbzer0.com
- Comment on My password is not accepted because it is too long 1 week ago:
It isn’t usually. If it was, the server-side function wouldn’t need a constant runtime at different-length inputs since the inputs would not have differing lengths.
The problem with client-side hashing is that it is very slow (client-side code is javascript (for the forseeable future unless compatibility is sacrificed)), unpredictable (many different browsers with differing feature-sets and bugs), and timing-based attacks could also be performed in the client by say a compromised browser-addon.
For transit a lot of packaging steps will round off transfer-sizes anyhow, you typically generate constant physical activity up to around 1kB. Ethernet MTU sits at ~1500 bytes for example, so a packet of 200 bytes with a 64 char password or a packet of 1400 bytes with a 1024 char password containing some emoji will time exactly identically in your local network.
- Comment on My password is not accepted because it is too long 1 week ago:
You can easily get the hash of whole files, there is no input size constraint with most hashing functions.
Special password hashing implementations do have a limit to guarantee constant runtime, as there the algorithm always takes as long as the worst-case longest input. The standard modern password hashing function (bcrypt) only considers the first 72 characters for that reason, though that cutoff is arbitrary and could easily be increased, and in some implementations is. Having differences past the 72nd character makes passwords receive the same hash there, so you could arbitrarily change the password on eveey login until the page updates their hashes to a longer password hashing function, at which point the password used at next login after the change will be locked in. - Comment on My password is not accepted because it is too long 1 week ago:
Cryptographic hash functions actually have fixed runtime too, to avoid timing-based attacks.
So correct password implementations use the same storage and cpu-time regardless of the password. - Comment on My password is not accepted because it is too long 1 week ago:
That is a huge red flag if ever given as a reason, you never store the password.
You store a hash which is the same length regardless of the password. - Comment on Einstein-Landauer culinary units 1 week ago:
it wouldn’t though, it would be like 7.5 parts milk to 3 parts flour to almost a part oil to half a part sugar.
And that still being quite imprecise, using 22g or 26g sugar makes a change in taste I wouldn’t want to happen uncontrolled at random. I’m also closer to 41g oil these days, wouldn’t want to use 50 to make it fit some very coarse division.
Scoops of stuff also seems very imprecise. Are they at least levelled?I also use “a pinch of salt”, which doesn’t have to be very precise, but if someone were to ask I could tell them “roughly 0.2g”, from having just measured it. I still remembr how much I hated descriptions like “a pinch” as a cooking novice, and now I can simply measure my pinch on a scale and others can confirm their pinch on their scale until it about matches 0.2g too. How would that work in imperial?
- Comment on Einstein-Landauer culinary units 1 week ago:
l is lowercase, an kl is not used. A kl is a m³, which water utilities charge by, and pools and interior volume are measured in.
- Comment on Einstein-Landauer culinary units 1 week ago:
I have 1l milk and 1kg flour. My recipe wants ⅜ liter milk and 150g flour. 375ml is a bit odd but trivial ultimately, and very easy to measure when I just pour 375g into my blender on a scale.
Now how would imperial cups deal with 150g from 1kg?
I also have 45g oil, what odd measurements would that give when you try to divide out up without a single decimal number?
24g suggar.I’d love to see all that converted to imperial.
- Comment on Einstein-Landauer culinary units 1 week ago:
This is a great second argument for using weight not volume for measurements.
Measuring mass is of course not viable, but measuring weight in a consistent location means all the ratios end up correct. While ratios between volume and weight measured substances change (and flour probably compacts differently).
That is why one should always use a scale to measure their fluids, and why metric is superior where 375ml of water or milk are 375g (convert the recipe ahead of time at a reference location), making this trivially easy.If you wish to then correct the total mass of your dish, you can simply compare the weight and volume of water to work out the mass to weight ratio and correct accordingly.
- Comment on Einstein-Landauer culinary units 2 weeks ago:
*500 000 quettabytes
*Sextillion = 10²¹ ( = Zetta)I’d recommend wikipedia here, your source seems to have taken 3 years to update their table and their image is still outdated.
They likely didn’t use quetta because it was only added 3 years ago, and is still not widely known. Or maybe it sounded better.
- Comment on Einstein-Landauer culinary units 2 weeks ago:
I figured it out. Typed the ln2 into my text and then forgot it in the calculator.
Great, I’ma redo alll my numbers then rq - Comment on Einstein-Landauer culinary units 2 weeks ago:
I fear their apartment is at -50°C and this is a cry for help.
At least I am relieved to know that even acclaimed authors native to the cup-measurement system don’t know what “a cup of flour is”.
I’ll be off baking my pannenkoek with 150g of flour then.
- Comment on Einstein-Landauer culinary units 2 weeks ago:
Wouldn’t this make the units temperature-dependent?
Landauer limit is one kTln2 per bit of information, so at 300K about 4 zeptojoule per bit.
dividing by c² we get 46 micro-quectogram per bit, so 46 yoctogram per terabit. 369 yoctogram per terabyte.
the Author wants half a septillion terabytes, 0.5•10²⁴ terabytes, half a yotta-terabyte.
That makes 184 grams.Since I don’t know what on earth “a cup of flour” is, I can’t judge if the comic character proposes a reasonable conversion, but 0.2kg seems like a reasonable amount to use in cooking.
For baking I would rather have my units temperature dependent than density dependent (I can compact my flour or work with water or nuts, all having different densities, but my room temperature will always be roughly 300).
I condone einstein-landauer units. - Comment on Apex Legends writer gets laid off 24 hours after the character she wrote is revealed, because that's what the games industry in 2025 looks like 3 weeks ago:
Ah your next novel is done? Make sure noone reads it, it would diminish the value of the tax-writeoff when we delete it.
- Comment on Crop tops 5 weeks ago:
Looks good, I wood wear that.
- Comment on Purple Petunias 1 month ago:
rna is a completely different molecule, with different properties and used differently by the cell.
For one, rna is less stable than dna, it will fall appart quickly while for dna that process takes millennia.
But more importantly various cell machinery will only accept dna or rna for their respective functions. The cell can put dna into a nucleus and still let rna move outwards to ribosomes for example.
Ribosomes are built from rna and incompatible with dna, so there is an isolation ensuring dna can’t get “executed” unintentionally. There are also a large range of gene regulation mechanisms along this extended chain.
Since evolution kinda codes randomly with whatever it has, this duplicated mechanism of storage will be used all over the place. For example here you can give short double stranded rna a suppression effect while keeping short double stranded dna free for a different purpose (like maybe crispr). - Comment on Purple Petunias 1 month ago:
I don’t think so.
To my knowledge that vaccine injects regular rna into cells to have them produce a protein of the virus, so the immune system starts to build antibodies that target the covid virus.Since it relies on protein building it uses the regular well-known mechanism where mRNA (messenger RNA) is copied from DNA (then complex shit happens which we will ignore) then it reaches the ribosomes that build proteins from the encoded sequence.
The discussed application for this rna silencing is more active, it directly suppresses some genes of the virus to stop it from infecting cells.
- Comment on Purple Petunias 1 month ago:
It started with the flowers of a purple petunia plant turning white, and ended with a human cell becoming resistant to the deadly embrace of the Aids virus. The intervening decade took in experiments with yeasts, microscopic worms, mice and flies. And they all pointed to one thing: a potential revolution in medical science.
- Comment on 90s band alignment chart 1 month ago:
Only ones I’ve ever heard are Radiohead and Rage against the Machine, sincerely, genZ.
Anyway are yall telling me there are no bands that are both horny and angry? - Comment on Physicists vs Normal People 2 months ago:
was stoo lazy
- Comment on Always applies 75% of the time 2 months ago:
Seems centered on books not papers
- Comment on sterile rot 3 months ago:
glass half full half empty has no good answer. This one does.
Heaters are 100% inefficient machines (tho 100% efficient at their job) and pure virus is 100% unsanitary (tho 100% pure) - Comment on sterile rot 3 months ago:
Is a space heater 100% efficient or 100% inefficient?
- Comment on CAPTCHAs are 'a tracking cookie farm for profit that made us spend 819 billion hours clicking to generate nearly $1 trillion for Google 3 months ago:
Probably only sucessful ones.
Google captchas have had multiple rounds (with it faking you out claiming you failed) for probably a decade. Every round of the game updates some confidence score which if you get it high enough lets you pass.
This conversely means there is no way to fail, you just get stuck in an infinite loop of challenges if your score doesn’t get high enough.The only other alternative means of pricing it would see even valid users consume way more than one “verification” per actual completed captcha, since so many users have low enough scores to need multiple rounds of captcha even when completing them with perfect accuracy.
I doubt they do this, but if they do it’s a scandal waiting to happen, besides also being very weird for any kind of statistic google certainly offers for their captcha. - Comment on Easy 4 months ago:
- Comment on Apple opts everyone into having their Photos analyzed by AI 4 months ago:
They did this exact thing for csam detection a while back, and were made to stop due to public outcry.
It might have been analyzed locally and before encryption then though, still however without consent of the user and sending problematic results to apple.It is very realistic that here they would make the device decrypt and check the description against a database and make it send the file and description off for reporting when a match is found.
- Comment on New social experiment 4 months ago:
utilman.exe -> cmd.exe
- Comment on New social experiment 4 months ago:
stage3-amd64-systemd-20220904T170535Z.tar.xz
- Comment on 1/2 my thesis 5 months ago:
Kill your darlings
- Comment on I predict that this post will get approximately 01000011100101100000000000000000 5 months ago:
π = 10
in base 10, 10 = 10.
- Comment on Election Analyst 6 months ago:
They mean posting the link instead of uploading a copy of the image.
It’s not about the comment.