Main Page

Explain xkcd: It's 'cause you're dumb.
(Difference between revisions)
Jump to: navigation, search
m (Waldir moved page Main Page to Explain xkcd: Move to more appropriate title)
(New here?)
(21 intermediate revisions by 5 users not shown)
Line 1: Line 1:
__NOTOC__
+
__NOTOC__{{DISPLAYTITLE:explain xkcd}}
{{DISPLAYTITLE:explain xkcd}}
+
 
+
 
<center>
 
<center>
<big>''Welcome to the '''explain xkcd''' wiki!''
+
<font size=5px>''Welcome to the '''explain [[xkcd]]''' wiki!''</font>
We already have [[:Category:Comics|'''{{#expr:{{PAGESINCAT:Comics}}-3}}''' comic explanations]]!</big>
+
  
(But there are still {{#expr:{{LATESTCOMIC}}-({{PAGESINCAT:Comics}}-3)}} to go. Come and [[List of all comics|add yours]]!)
+
We have collaboratively explained [[:Category:Comics|'''{{#expr:{{PAGESINCAT:Comics}}-9}}''' xkcd comics]],
 +
<!-- Note: the -9 in the calculation above is to discount subcategories (there are 8 of them as of 2013-02-27),
 +
    as well as [[List of all comics]], which is obviously not a comic page. -->
 +
and only {{#expr:{{LATESTCOMIC}}-({{PAGESINCAT:Comics}}-9)}}
 +
({{#expr: ({{LATESTCOMIC}}-({{PAGESINCAT:Comics}}-9)) / {{LATESTCOMIC}} * 100 round 0}}%)
 +
remain. '''[[Help:How to add a new comic explanation|Add yours]]''' while there's a chance!
 
</center>
 
</center>
 
 
== Latest comic ==
 
== Latest comic ==
 
 
<div style="border:1px solid grey; background:#eee; padding:1em;">
 
<div style="border:1px solid grey; background:#eee; padding:1em;">
<span style="float:right;">[[{{LATESTCOMIC}}|'''Go to this comic''']]</span>
+
<span style="float:right;">[[{{LATESTCOMIC}}|'''Go to this comic explanation''']]</span>
 
<br clear="right">
 
<br clear="right">
 
{{:{{LATESTCOMIC}}}}
 
{{:{{LATESTCOMIC}}}}
Line 18: Line 18:
 
{{Talk:{{LATESTCOMIC}}}}
 
{{Talk:{{LATESTCOMIC}}}}
 
}}</div>
 
}}</div>
 +
 +
<small>''Is this out of date? {{Purge|Clicking here will fix that}}.''</small>
  
 
== New here? ==
 
== New here? ==
Feel free to sign up for an account and contribute to the explain xkcd wiki!  We need explanations for comics, characters, themes, memes and everything in between.  If it is referenced in an [http://www.xkcd.com xkcd] web comic, it should be here.
+
<div style="float:right; margin: 0 0 1em 1em">{{Special:ContributionScores/10/7/nosort,notools}}<div style="font-size:0.85em; width:25em; font-style:italic">[[Special:ContributionScores|Lots of people]] contribute to make this wiki a success. Many of the recent contributors, listed above, have just joined. You can do it too! Create your account [[Special:UserLogin/signup|here]].</div></div>
 +
 
 +
You can read a brief introduction about this wiki at [[explain xkcd]]. Feel free to sign up for an account and contribute to the wiki!  We need explanations for comics, characters, themes, memes and everything in between.  If it is referenced in an [[xkcd]] web comic, it should be here.
  
 
* If you're new to wikis like this, take a look at these help pages describing [[mw:Help:Navigation|how to navigate]] the wiki, and [[mw:Help:Editing pages|how to edit]] pages.
 
* If you're new to wikis like this, take a look at these help pages describing [[mw:Help:Navigation|how to navigate]] the wiki, and [[mw:Help:Editing pages|how to edit]] pages.
  
* Discussion about various parts of the wiki is going on at [[Explain XKCD:Community portal]]. Share your 2¢!
+
* Discussion about various parts of the wiki is going on at [[Explain XKCD:Community portal]]. Share your 2¢!
  
* [[List of all comics]] contains a complete table of all xkcd comics so far and the corresponding explanations. The red links ([[like this]]) are missing explanations. Feel free to help out by creating them!
+
* [[List of all comics]] contains a complete table of all xkcd comics so far and the corresponding explanations. The red links ([[like this]]) are missing explanations. Feel free to help out by creating them! '''[[Help:How to add a new comic explanation|Here's how]]'''.
  
 
== Rules ==
 
== Rules ==
Don't be a jerk. There are a lot of comics that don't have set in stone explanations, feel free to put multiple interpretations in the wiki page for each comic.
+
Don't be a jerk. There are a lot of comics that don't have set in stone explanations; feel free to put multiple interpretations in the wiki page for each comic.
  
 
If you want to talk about a specific comic, use its discussion page.
 
If you want to talk about a specific comic, use its discussion page.
  
Please only submit material directly related to&mdash;and helping everyone better understand&mdash;xkcd... and of course ''only'' submit material that can legally be posted (and freely edited.)  Off-topic or other inappropriate content is subject to removal or modification at admin discretion, and users posting such are at risk of being blocked.
+
Please only submit material directly related to —and helping everyone better understand— xkcd... and of course ''only'' submit material that can legally be posted (and freely edited.)  Off-topic or other inappropriate content is subject to removal or modification at admin discretion, and users who repeatedly post such content will be blocked.
  
 
If you need assistance from an admin, feel free to leave a message on their personal discussion page. The list of admins is [[Special:ListUsers/sysop|here]].
 
If you need assistance from an admin, feel free to leave a message on their personal discussion page. The list of admins is [[Special:ListUsers/sysop|here]].
 
== Logo ==
 
 
Explain xkcd logo courtesy of [[User:Alek2407]].
 
  
 
[[Category:Root category]]
 
[[Category:Root category]]

Revision as of 21:16, 24 March 2013

Welcome to the explain xkcd wiki!

We have collaboratively explained 5 xkcd comics, and only 1695 (100%) remain. Add yours while there's a chance!

Latest comic

Go to this comic explanation

New Bug
There's also a unicode-handling bug in the URL request library, and we're storing the passwords unsalted ... so if we salt them with emoji, we can close three issues at once!
Title text: There's also a unicode-handling bug in the URL request library, and we're storing the passwords unsalted ... so if we salt them with emoji, we can close three issues at once!

Explanation

Ambox notice.png This explanation may be incomplete or incorrect: How does salting with emoji fix the unicode-handling bug in the URL request library? Does it really? Additionally, this explanation requires a thorough grammar and spelling fix from the fourth paragraph onward.

Cueball asks if an off-panel character can look at his bug report. The person asks if it's a "normal one" and not a "horrifying" one which "proves that the whole project is broken beyond repair and should be burnt to the ground". This implies that there have been reports of the "horrifying" variety in the past.

Cueball promises that it is a normal one but it turns out that the server crashes when a user's password is a resolvable URL, which implies that the server is in some way attempting to resolve passwords as if they were URLs. A resolvable URL is one that is syntactically correct and refers to a find-able and accessible resource on the internet (i.e. does not return a 404 error or equivalent when resolved). This can be because it contains a fully qualified domain name or a valid ip address, and optionally (in either case) a resource that exists on the destination server.

Also, Cueball specifically states that the server is crashing, rather than his application. While this could be an example of misused terminology on the part of Cueball or Randall, given Cueball's history his choice of terms is probably accurate. In the context of web services the server refers to either the computer itself or the program that responds to web requests and executes the user's (i.e. Cueball's) application. Cueball would be in charge of building the application. The importance of this distinction is that a typical system has safe guards in place at many levels to prevent a misbehaving application from crashing anything other than itself. So for his application to crash the server (either the computer itself or the server software hosting his application) would require his application to be operating in a way far outside of the norm. Alternatively, the project might include its own server software without the safeguards.

While there appears to be little reason for the code that processes passwords to attempt to resolve the input string as a URL, a common function in password programs is assessing the strength of a password using a combination of heuristics to test for uniqueness, length, good use of mixed characters and dictionary lookups for common words. This password function would appear to have extended the lookups to DNS names and URLs, so people choosing a password like "XKCD.com" would be given a low strength score, even though no part of it is a dictionary word and it contains both upper case, lower case and punctuation. However, accessing the internet in a function like password validation opens up not only the possibility of new bugs like the one mentioned, but also a completely new set of issues which are risky for a security function such as password checking. Realising the proliferation of new security issues, the off-panel person gives up and decides that burning the project to the ground is the only solution, telling Cueball I'll get the lighter fluid.

In the title text another two issues with Cueball's program are mentioned, together with a possible solution that would fix all three problems at once. The second problem is a unicode-handling bug in the URL request library, and the third is that the passwords are stored unsalted. Salting passwords increases security in the event that the database is compromised by ensuring that users with the same password will not have the same password hash. This makes some attacks that can be used to crack hash databases, such as rainbow tables, effectively impossible.

The proposed solution is to salt the passwords with emoji, which is claimed to solve all three issues at once. Emoji are unicode (multi-byte) characters, which would force the resolution of the unicode-handling bug. It's not clear how emoji in the salt would lead to a fix for the URL bug, because although emoji are not valid characters in URLs (and the server only crashes on resolvable URLs) they would only be present in the hash string, not in the cleartext password. But at least the passwords will now be salted.

Given that this comic comes only five comics after 1695: Code Quality 2 it seems likely that the off-panel person is Ponytail and as could be seen in the first of those two comics, 1513: Code Quality, the perpetrator is indeed Cueball. In the title text of the first, using emoji in variable names is mentioned.

In 1349: Shouldn't Be Hard Cueball is also programming and finding it very difficult, although he thinks it should be easy. An off-panel person suggests burning the computer down with a blowtorch, much like the off-panel person in this one suggests burning the whole project (including the computer) to the ground with lighter fluid. In the next comic, with multiple storylines 1350: Lorenz, one story line results in a computer being burned with a blow torch.

Transcript

[Cueball sits at his desk in front of his computer leaning back and turning away from it to speak to a person off-panel.]
Cueball: Can you take a look at the bug I just opened?
Off-panel voice: Uh oh.
[Zoom out and pan to show only Cueball sitting on his chair facing away from the computer, which is now off-panel. The person speaking to him is still of panel even though this panel is much broader.]
Off-panel voice: Is this a normal bug, or one of those horrifying ones that prove your whole project is broken beyond repair and should be burned to the ground?
[Zoom in on Cueballs head and upper torso.]
Cueball: It's a normal one this time, I promise.
Off-panel voice: OK, what's the bug?
[Back to a view similar to the first panel where Cueball has turned towards the computer and points at the screen with one hand.]
Cueball: The server crashes if a user's password is a resolvable URL.
Off-panel voice: I'll get the lighter fluid.


Is this out of date? Clicking here will fix that.

New here?

Last 7 days (Top 10)

Lots of people contribute to make this wiki a success. Many of the recent contributors, listed above, have just joined. You can do it too! Create your account here.

You can read a brief introduction about this wiki at explain xkcd. Feel free to sign up for an account and contribute to the wiki! We need explanations for comics, characters, themes, memes and everything in between. If it is referenced in an xkcd web comic, it should be here.

  • List of all comics contains a complete table of all xkcd comics so far and the corresponding explanations. The red links (like this) are missing explanations. Feel free to help out by creating them! Here's how.

Rules

Don't be a jerk. There are a lot of comics that don't have set in stone explanations; feel free to put multiple interpretations in the wiki page for each comic.

If you want to talk about a specific comic, use its discussion page.

Please only submit material directly related to —and helping everyone better understand— xkcd... and of course only submit material that can legally be posted (and freely edited.) Off-topic or other inappropriate content is subject to removal or modification at admin discretion, and users who repeatedly post such content will be blocked.

If you need assistance from an admin, feel free to leave a message on their personal discussion page. The list of admins is here.

Personal tools
Namespaces

Variants
Actions
Navigation
Tools

It seems you are using noscript, which is stopping our project wonderful ads from working. Explain xkcd uses ads to pay for bandwidth, and we manually approve all our advertisers, and our ads are restricted to unobtrusive images and slow animated GIFs. If you found this site helpful, please consider whitelisting us.

Want to advertise with us, or donate to us with Paypal?