I Think I Found a Privacy Exploit in #ChatGPT

https://tane.dev/2023/04/i-think-i-found-a-privacy-exploit-in-chatgpt/

#ChatGPT4 #LLM #agi #openai #privacy

White people when Tesla is an extremely racist work environment: 😴

White people when Tesla owner ruins their favorite website: 😡

“DIGITAL GARLIC” SCARES AWAY HACKERS

Time Management for Hackers

Attackers don’t bother brute-forcing passwords that are long or passwords that contain special characters.

Every one of us — hackers included — only have 24 hours in every day. So how do criminal hackers make the best use of their time when brute-forcing passwords?

Microsoft researcher Ross Bevington analyzed the usernames and passwords hackers entered from over 25 million brute-force attacks.

Here's the breakdown of 30 days' worth of attacks against passwords:

➡️​ 6% attacked passwords over 10 characters in length.
➡️​ 7% attacked passwords which included special characters.
➡️​ 39% attacked passwords with numbers in them.
➡️​ 0% attacked passwords with spaces.

Hackers definitely *stayed away* from passwords which were longer (94% of the time), and they *didn't bother* spending much time cracking passwords which contained special characters (only 7% of the time).

Probably because of the common use of numbers at the end of passwords, hackers definitely honed in on digits.

But hackers *didn't even attempt* brute-forcing passwords with spaces, most likely because including spaces in passwords is still fairly uncommon.

From the article written by Catalin Cimpanu:

"The researchers' findings suggest that longer passwords that include special characters are most likely safe from the vast majority of brute-force attacks, as long as they haven't been leaked online and are part of attackers' brute-forcing dictionaries."

Should we include special characters (including spaces) in our passwords?

Here we have high-quality evidence collected by Microsoft at scale. It shows decisively that password length and the inclusion of special characters act like digital garlic, keeping the vampires and werewolves at bay — keeping the bad guys away from our online accounts.

How do ordinary consumers get this “digital garlic” in an easy way? They use a Password Manager.

https://therecord.media/attackers-dont-bother-brute-forcing-long-passwords-microsoft-engineer-says/

#Passwords
#PasswordManagers
#ComplexPasswords
#SpecialCharactersInPasswords
#TimeManagementForHackers
#DigitalGarlic
#Microsoft

https://www.nytimes.com/2023/04/02/us/politics/nso-contract-us-spy.html?smid=nytcore-ios-share&referringSource=articleShare

Following the recently announced high profile restrictions on spyware, the New York Times reports that the US government has purchased NSO Group phone tracking software. When contacted by the Times, the Biden Admin seemed surprised by this fact.

I heard there might be a batch of Mastodon newcomers this week. So first of all:

WELCOME TO MASTODON!  ​ ​ ​

1. If you need some guidance from an external website, for you or to share with people that aren’t here yet, I wrote this little guide that might help: https://controlaltdelete.technology/articles/the-mastodons-guide-to-the-fediverse.html

2. If you want shorter mini-guides in a Mastodon post format, I have compiled a list here: https://infosec.exchange/@Em0nM4stodon/109323504324459171

3. For more of my tips on Mastodon, you can click on this hashtag: #TinyMastodonTip

4. For excellent Mastodon advice, guidance, and news, you should follow this account: @mastodonmigration

5. For great Mastodon tips all year long, follow this one: @FediTips

6. And this hashtag: #FediTips

7. To never forget to add captions to your posted media, follow this one: @PleaseCaption

8. And don't forget to HAVE FUN!  ​ ✨