| --- Log opened Fri Sep 18 00:00:32 2020 |
| 00:02 | | McMartin [mcmartin@Nightstar-c25omi.ca.comcast.net] has joined #code |
| 00:02 | | mode/#code [+ao McMartin McMartin] by ChanServ |
| 02:32 | | Kindamoody is now known as Kindamoody[zZz] |
| 02:53 | | Vornicus [Vorn@ServerAdministrator.Nightstar.Net] has quit [Connection closed] |
| 03:01 | | Reiv [NSkiwiirc@Nightstar-ih0uis.global-gateway.net.nz] has joined #code |
| 03:01 | | mode/#code [+o Reiv] by ChanServ |
| 03:01 | | Reiv [NSkiwiirc@Nightstar-ih0uis.global-gateway.net.nz] has quit [Connection closed] |
| 03:03 | | Reiv [NSkiwiirc@Nightstar-ih0uis.global-gateway.net.nz] has joined #code |
| 03:03 | | mode/#code [+o Reiv] by ChanServ |
| 03:06 | | Reiv [NSkiwiirc@Nightstar-ih0uis.global-gateway.net.nz] has quit [[NS] Quit: http://www.kiwiirc.com/ - A hand crafted IRC client] |
| 03:17 | | Reiv [NSkiwiirc@Nightstar-ih0uis.global-gateway.net.nz] has joined #code |
| 03:17 | | mode/#code [+o Reiv] by ChanServ |
| 04:09 | | Degi [Degi@Nightstar-0uoidv.dyn.telefonica.de] has quit [Ping timeout: 121 seconds] |
| 04:13 | | Degi [Degi@Nightstar-54h1qd.pool.telefonica.de] has joined #code |
| 05:14 | | VirusJTG [VirusJTG@Nightstar-42s.jso.104.208.IP] has quit [Connection closed] |
| 05:14 | | VirusJTG [VirusJTG@Nightstar-42s.jso.104.208.IP] has joined #code |
| 05:14 | | mode/#code [+ao VirusJTG VirusJTG] by ChanServ |
| 05:45 | | VirusJTG [VirusJTG@Nightstar-42s.jso.104.208.IP] has quit [Connection closed] |
| 06:18 | | celticminstrel [celticminst@Nightstar-8kptuo.dsl.bell.ca] has quit [[NS] Quit: And lo! The computer falls into a deep sleep, to awake again some other day!] |
| 06:35 | | Vorntastic [uid293981@Nightstar-ks9.9ff.184.192.IP] has joined #code |
| 06:36 | | mode/#code [+qo Vorntastic Vorntastic] by ChanServ |
| 07:58 | | pinkmobile [uid208117@Nightstar-h2b233.irccloud.com] has quit [[NS] Quit: Connection closed for inactivity] |
| 08:53 | | Kindamoody[zZz] is now known as Kindamoody |
| 11:45 | | VirusJTG [VirusJTG@Nightstar-42s.jso.104.208.IP] has joined #code |
| 11:45 | | mode/#code [+ao VirusJTG VirusJTG] by ChanServ |
| 11:46 | | catalyst [catalyst@Nightstar-v6lb30.cable.virginm.net] has quit [Ping timeout: 121 seconds] |
| 11:49 | | catalyst [catalyst@Nightstar-vfrq2q.dab.02.net] has joined #code |
| 11:57 | | catalyst_ [catalyst@Nightstar-v6lb30.cable.virginm.net] has joined #code |
| 12:00 | | catalyst [catalyst@Nightstar-vfrq2q.dab.02.net] has quit [Ping timeout: 121 seconds] |
| 13:07 | | celticminstrel [celticminst@Nightstar-8kptuo.dsl.bell.ca] has joined #code |
| 13:07 | | mode/#code [+o celticminstrel] by ChanServ |
| 14:03 | | Reiv [NSkiwiirc@Nightstar-ih0uis.global-gateway.net.nz] has quit [[NS] Quit: http://www.kiwiirc.com/ - A hand crafted IRC client] |
| 14:07 | | Reiv [NSkiwiirc@Nightstar-ih0uis.global-gateway.net.nz] has joined #code |
| 14:07 | | mode/#code [+o Reiv] by ChanServ |
| 14:10 | | catalyst_ is now known as catalyst |
| 14:19 | | Reiv [NSkiwiirc@Nightstar-ih0uis.global-gateway.net.nz] has quit [[NS] Quit: http://www.kiwiirc.com/ - A hand crafted IRC client] |
| 15:06 | | Vornicus [Vorn@ServerAdministrator.Nightstar.Net] has joined #code |
| 15:06 | | mode/#code [+qo Vornicus Vornicus] by ChanServ |
| 15:16 | | pinkmobile [uid208117@Nightstar-h2b233.irccloud.com] has joined #code |
| 16:22 | | Kindamoody is now known as Kindamoody|afk |
| 16:41 | < Yossarian> | Is the topic still correct? I realized now that I'm about ready to share some of my scripts and code that particularly, scripts, are not POSIX compliant. They tend to use bash-isms. |
| 16:58 | < Yossarian> | Guess I have to work on those. |
| 17:05 | | Vorntastic [uid293981@Nightstar-ks9.9ff.184.192.IP] has quit [[NS] Quit: Connection closed for inactivity] |
| 17:06 | <@TheWatcher> | Yes. Vorn still grapples with the infinite. To an extent, maybe we all do... |
| 17:17 | <&ToxicFrog> | Broke: writing code |
| 17:17 | <&ToxicFrog> | Woke: writing code to write code for me |
| 17:18 | <&ToxicFrog> | Bespoke: writing more code to parse build errors and fix the output of the code I wrote to write the code for me |
| 17:26 | | pinkmobile [uid208117@Nightstar-h2b233.irccloud.com] has quit [[NS] Quit: Connection closed for inactivity] |
| 18:02 | | Emmy [Emmy@Nightstar-l49opt.fixed.kpn.net] has joined #code |
| 18:16 | <@celticminstrel> | Apparently Microsoft accounts don't let you reuse old passwords. That can't be secure, right? |
| 18:18 | | pinkmobile [uid208117@Nightstar-h2b233.irccloud.com] has joined #code |
| 18:23 | <@ErikMesoy> | Optimistically, they might not be letting you use passwords with the same hash. |
| 19:29 | <@celticminstrel> | But how would they do that if the hash is properly salted? |
| 19:29 | <@celticminstrel> | Unless I'm missing something, disallowing password reuse means one of 3 things. |
| 19:30 | <@celticminstrel> | 1. The password is stored in plaintext and it keeps track of recent passwords in the same way (highly unlikely from MS). |
| 19:30 | <@celticminstrel> | 2. The password is hashed but not salted, and it stores the hashes of recent passwords. |
| 19:30 | <@celticminstrel> | 3. It stores the hashes and salts of recent passwords. I have no idea what the implications of this on security would be. |
| 19:32 | <@ErikMesoy> | 3b. A weak salt is derived from your account features? (ID, date of registration, length of nick...) |
| 19:32 | < pinkmobile> | But I'm sure it feels safer to someone who tells them what to do. |
| 19:32 | <&McMartin> | Password history restrictions are much more common than Microsoft. |
| 19:33 | <&McMartin> | Also you may be confusing salt with pepper? |
| 19:34 | <&McMartin> | Salts *are* stored in plaintext, because otherwise you could not do hash verification of the password at the point you type them in. |
| 19:34 | <@celticminstrel> | Salt is the one that's unique for each password; pepper is specific to a platform. |
| 19:34 | <@celticminstrel> | So no, I meant salt. |
| 19:35 | <@celticminstrel> | I didn't say anything about how the salts were stored, only that in case 2 the salts for old passwords would need to be stored in order to verify the hashes. |
| 19:35 | <&McMartin> | I don't think 3 causes any particular problems, because salt is there to defeat rainbow tables |
| 19:35 | <@celticminstrel> | Right. |
| 19:36 | <@celticminstrel> | I think with 3 it would need to hash your password with all past salts to check if it's an old one, right? |
| 19:36 | <&McMartin> | Yeah. Now, if it keeps the *same* salt for multiple passwords, that's a problem, but there's nothing about this solution that says you need to do this. |
| 19:57 | <&ToxicFrog> | Storing the salt alongside the password is the norm, so. |
| 20:20 | | Kindamoody|afk is now known as Kindamoody |
| 20:27 | <&McMartin> | I have now reached that point of cynical middle age where I recognize that standard accepted industry practices become reckless stupidity as soon as it turns out that Microsoft does it~ |
| 23:21 | <@ErikMesoy> | McMartin: I'm left wondering how to read that statement. |
| 23:23 | <@ErikMesoy> | My possible interpretations include 1) Humorously verbose way of saying "standard accepted industry practices are often reckless stupidity", 2) Honest reading of Microsoft as heavyweight fuckup company that propagates bad standards, 3) Sarcastic reading of Microsoft as easy blame target that causes people to disown otherwise innocuous things. |
| 23:30 | <~Vornicus> | suspect he means 3 |
| 23:30 | <~Vornicus> | 'cause I've seen quite a lot of that |
| 23:36 | < Emmy> | same here for 3, though it should be mentioned that i might not be entirely unbiased |
| 23:37 | < Emmy> | (apart from a bit of android development, ALL my work is in a MS ecosystem) |
| 23:37 | < Emmy> | well, all my strictly IT work. |
| 23:37 | < Emmy> | human management doesn't count |
| 23:45 | | Kindamoody is now known as Kindamoody[zZz] |
| 23:50 | | Emmy [Emmy@Nightstar-l49opt.fixed.kpn.net] has quit [Ping timeout: 121 seconds] |
| --- Log closed Sat Sep 19 00:00:33 2020 |