if you can’t connect to a vpn using only open source software, that’s a crappy vpn

importantly it’s (hopefully) an ISP that operates from a less copyright-happy country and isn’t tied down to tons of expensive infrastructure and long-term contracts

but sometimes “👍🏽”.reverse() == “🏽👍”

the thing where it actually helps is if you’re “one word speed reading” (eg. http://onewordreader.com/). Then it’s easier to rapidly focus your eyes on each word, without having to follow a rigid timer. But if you’re reading normally it probably doesn’t help

A key part of visual design is knowing that the users don’t know what’s best for themselves. They usually stop complaining after 3 months which is proof that you are correct and they are wrong!

(sarcasm rate: 1 - ε)

many words should run into the same issue, since LLMs generally use less tokens per word than there are letters in the word. So they don’t have direct access to the letters composing the word, and have to go off indirect associations between “strawberry” and the letter “R”

duckassist seems to get most right but it claimed “ouroboros” contains 3 o’s and “phrasebook” contains one c.

are you sure there isn’t small print somewhere saying you forfeit your eternal soul to larry ellison?

Rules of thumb can be very useful for a relatively inexperienced programmer, and once you understand why they exist you can choose to ignore them when they would get in the way. Clean Code is totally unhinged though

is-number is a one-line function. (though it’s debatable if a function that complex should be compressed to one line)

You may have heard of a similar if more extreme “microdependency” called is-even. When you use an NPM package, you also need all the dependencies of that package, and the dependencies of those dependencies recursively. Each package has some overhead, eventually leading to this moment in time.

I tried to edit the ‘highlights’ into a single image, the top is the description of the PR, the middle is a comment replying to another comment

https://github.com/micromatch/to-regex-range/pull/17

the direct chain I can see is

“can you string words to form a valid RSA key”

“I would hope so, [xkcd about password strength]”

“words are the least secure way to generate random bytes”

“Good luck remembering random bytes. That infographic is about memorable passwords.”

“You memorize your RSA keys?”

so between comments 2 and 3 and 4 I’d say it soundly went past the handcrafted RSA key stuff.

I think this specific chain of replies is talking about that actually… though it is a pretty big tangent from the original post

if you know there are exactly two additional characters

this is pretty much irrelevant, as the amount of passwords with n+1 random characters is going to be exponentially higher than ones with n random characters. Any decent password cracker is going to try the 30x smaller set before doing the bigger set

and you know they are at the end of the string

that knowledge is worth like 2 bits at most, unless the characters are in the middle of a word which is probably even harder to remember

if you know there are exactly two additional characters and you know they are at the end of the string, the first number is really slightly bigger (like 11 times)

even if you assume the random characters are chosen from a large set, say 256 characters, you’d still get the 4-word one as over 50 times more. Far more likely is that it’s a regular human following one of those “you must have x numbers and y special characters” rules which would reduce it to something like 1234567890!?<^>@$%&±() which is going to be less than 30 characters

and even if they end up roughly equal in quessing difficulty, it is still far easier to remember the 4 random words

you memorize the password required to decrypt whatever container your RSA key is in. Hopefully.

and some people will try to just hold a key down until it reaches the length limit… which is an even worse way to generate a password of that length

this assumes a dictionary is used. Otherwise the entropy would be 117 bits or more. The only problem is some people may fail to use actually uniformly random words drawn from a large enough set of words (okay, and you should also use a password manager for the most part)

more accurately, average person has a higher tolerance for bullshit than for spending many hours learning something new or spending potentially years applying for citizenship in another country

because the goal of tamper resistance is to make it harder to unscrew without apple’s approval

♫ monopoly duopoly oligopoly cartel ♫

♪ anti-trust, pork barrel, propaganda lobbying ♪

♫ economies of scale, information asymmetry, regulatory capture and personal responsibility ♫

♪ unions, pinkertons, labor theory of value and the CIA ♪

♫ rent seeking, georgism, tax incentive, scarcity ♫

♪ free trade, minimum wage, petrodollar and the MIC ♪

♫ we didn’t start the fire, it was always burning since the world’s been turning ♫

_{provided as is, no warranty in regard to serving any particular rhyme or meter, express or implied, consult a licensed physician before attempting to sing along}

other techbros have praised him, citing the exact list of symptoms google gives for “high-functioning psychopath”

(disclaimer: google may give bad medical advice)