Zoe @ekg@librem.one

@dlakelan what you are describing is called rule of law.

It's a slow deliberate process that is constantly undermine by people that either don't understand it, or is exploited by those that would benefit from its failure.

@dlakelan no, it's not fair to the person sleeping under a bridge.

With every law a constitutional test should be applied to see if it is in agreement with the constitution, where basic rights to dignity is established.

Many of our rights tie back to the Magna Carta, many others come from common law.

@dlakelan you can call anything a law, it doesn't make it so.

I don't know the background of the quote, but I suspect they criticised a specific application of law as unfair. Which would make it a bad law.

@dlakelan no, it's not.

For it to be law it has to be evenly applied to all.

Their exist a lot of fundamentals of law that a lot of people get wrong.

Their is no law if it doesn't apply fairly to all people, regardless of their identity, or background.

Anything else is just thinly wield justifications for evil.

@dlakelan rights, privileges, and infrastructure always begin with the elite, that is what make them the elite.

In a sense being anti-elite is being against extending certain privileges to a consistent small group of people over time.

@dlakelan most ideas, including good ones come from terrible places.

I have advocated for some kind of random draw for representatives for as long as I can remember.

We don't want legislators that ate good at wining elections, we want a fair representation of the populous.

@dlakelan this video made me think of you. LegalEagle has been right on this issue for as long as I have followed them.

https://youtu.be/1leFwYSUHQ4?si=R9klbiH4R9VXJcei

@1000millimeter

I assume you don't work in the rocket industry.

Rapid unscheduled disassembly, Engine rich exhaust, are just some of the more stand out exempl.

@ttmevans @bsdphk @jonathan @cstross long term storage doesn't necessarily imply read and write cycles, quiet the opposite.

@larsbrinkhoff @bsdphk @jonathan @cstross care to elaborate? All I heard is that it is the "best" option.

@bsdphk @jonathan @cstross what about tape?

@jasmine birds do do that. Different populations of the same spices also have different songs, individuals will adopt the local song when moved.

I wish I could remember my source.

@yourwaitress What a beautiful cat!

*yes, I did say it out loud.

@jasmine Performative hatred is the worst. You mean that you make my life hell because you're afraid to stick out? Thanks for telling me where we stand, I guess.

@tychotithonus @Epic_Null

I should probably write what I think is the "real" solution.

The way I would like to solve this problem, that users might use compromised passwords, is a "red team" bot. That would try naive dictionary attacks against high risk accounts, when it break the passphrases the user would be informed that their passphrases is naively crackable.

This would of course require the accusation of passphrases dictionaries.

@tychotithonus @Epic_Null

I begin with the assumption that we can't force users to change passwords. That means we inherently have to accept that risk.

The only real solution to the problem of the passphrases itself being knowable is information.

Giving that we can't control where a user might have used their passphrases, forcing an actual passphrases change is at best an bandaid. That is likely to induce users to once again write down their passwords.

@Epic_Null @tychotithonus the "correct" solution to password rotation is to rotate the salt not the passphrases. By for example using the last login id as the salt you can generate a new hash every login, while not forcing your users to memorise a new password.

@tychotithonus

On a related topic.

I tell people to use long passwords they can remember, to make sure they don't write them down.

The response is sad, and predictable...

Don't put arbitrary constraints on passwords that make them harder to remember, or easier to guess by an computer.