explain xkcd - User contributions [en]

Talk:2923: Scary Triangles

2024-04-23T15:25:30Z

162.158.111.211: /* BLÅHAJ */ new section

Sharks are but two-dimensional icebergs. [ What is Titanic in this metaphor? ] [[User:JohnHawkinson|JohnHawkinson]] ([[User talk:JohnHawkinson|talk]]) 00:17, 23 April 2024 (UTC)
:The Orca. [[User:Barmar|Barmar]] ([[User talk:Barmar|talk]]) 00:33, 23 April 2024 (UTC)

This feels like a riff on cosmology, not sure if it's meant to be it specifically, just sounds a lot like "recent research has discovered 90% of the mass in the universe is dark matter" kind of thing. [[Special:Contributions/172.69.22.56|172.69.22.56]] 03:57, 23 April 2024 (UTC)
:No for sure it is a riff on icebergs. It is also not very recent that we found out that most mass in galaxies seems to be invisible (dark matter) --[[User:Kynde|Kynde]] ([[User talk:Kynde|talk]]) 11:41, 23 April 2024 (UTC)

Just like 20,000 Leagues Under The Sea predicted the modern submarine, so too did Jaws predict the modern shark. --[[User:NeatNit|NeatNit]] ([[User talk:NeatNit|talk]]) 04:43, 23 April 2024 (UTC)

No, the joke is, in my opinion, NOT that Cueball didn't understand that sharks don't always show this behaviour and that 90% of it are below the surface is no "conclusion" but the "recent discovery" he (and his team, most likely) just made. The joke is the analogy to icebergs and that only "recent research" has shown that sharks are much more than the "scary triangles of the sea". Pretty much like the discovery that icebergs are much more than what can be seen from the surface was a "huge" surprise in the 18th century. Unfortunately I currently don't have the time to rewrite the explanation in that regards. [[User:Elektrizikekswerk|Elektrizikekswerk]] ([[User talk:Elektrizikekswerk|talk]]) 06:52, 23 April 2024 (UTC)
:I think I, and others, did rewrite it, hope it is an improvement? --[[User:Kynde|Kynde]] ([[User talk:Kynde|talk]]) 11:41, 23 April 2024 (UTC)
:: Yes, thanks :) [[User:Elektrizikekswerk|Elektrizikekswerk]] ([[User talk:Elektrizikekswerk|talk]]) 13:21, 23 April 2024 (UTC)

== BLÅHAJ ==

Yes!
If you learn enough about the culture of Blåhaj, you will recognize that 90% of it is hidden below the visual appearance.
(Okay, I got the iceberg attribution a few seconds before I got the link to Blåhaj, but now I am convinced. :D )
--[[Special:Contributions/162.158.111.211|162.158.111.211]] 15:25, 23 April 2024 (UTC)

Talk:1882: Color Models

2017-08-30T06:13:33Z

162.158.111.211:

For those who want to know a bit more about color, [https://www.handprint.com/LS/CVS/color.html this site] is a good start. [[User:Zmatt|Zmatt]] ([[User talk:Zmatt|talk]]) 15:08, 28 August 2017 (UTC)

This comic shows the trend of having a simple and satisfactory explanation for something, and the exasperation with repeatedly realizing the inadequacy of the explanation, making revisions, and having a more complex yet still inadequate model.

As Randall began his schooling, he learned that mixing the primary colours of pigment (red, blue, and yellow) together he could create almost any colour, so colour must be a combination of those 3 colours.

He also learned about rainbows, and that the colours in the rainbow were just different wavelengths of light. Somehow these different wavelengths created unique colours.

As Randall got older, philosophy and a discussion on perception came into play, and Randall came to the realization that his experiences are analogous to but not necessarily the same as his peers.

As he got older, Randall learned about colour spaces as used in pigments, light, and printing, possibly from computer science (Red, Green, Blue; Red, Yellow, Blue; Cyan, Magenta, Yellow, Key) as well as the physics of electromagnetic rays and the biology of vision, understanding that visible light is a small portion of the electromagnetic spectrum - one crudely interpreted by the 3 types of cones in our eyeballs.

Randall then learned about the opponent process model, wherein the signal from cones are not interpreted individually, but in difference to one another. "Responses to one color of an opponent channel are antagonistic to those to the other color. That is, opposite opponent colors are never perceived together – there is no "greenish red" or "yellowish blue"." (from wikipedia)

After that, Randall comes to understand the modeling of colour spaces and the design and limits of human visual perception - despite only having three cones, color space cannot be made into a triangle and still cover the gamut of human colour experience.

Klein manifolds are beyond me, you'll have to fill in something about that.

Eventually, the modeling becomes so complex (and yet still unsatisfactory) that Randall hopes it becomes someone else's problem. [[Special:Contributions/108.162.238.5|108.162.238.5]] 15:50, 28 August 2017 (UTC)MagnusVortex

I'm familiar with klein manifolds, they're peculiar 4D dimensional topological objects related to mobius strips. I have no Idea how they might relate to color, and doing a search for "a hyperdimensional four-sided quantum Klein manifold" returned pictures of bicycles...

It might be good to point out in the explaination that he progresses from a dual nature of color (light, and paint) at the beginning and then trends to a unified explaination of color. [[Special:Contributions/172.68.142.179|172.68.142.179]] 18:27, 28 August 2017 (UTC) Sam

: Yes those are great looking bikes and are called Klein Quantum racing bikes... so Google did its job of keyword matching. [[User:Rtanenbaum|Rtanenbaum]] ([[User talk:Rtanenbaum|talk]]) 20:40, 28 August 2017 (UTC)

;The beauty of explainxkcd
The explanation of this comment is a great example of why this site is delightful — and nigh-invaluable! Thanks, regulars, for doing the work to help us understand all this.{{unsigned ip|108.162.246.101}}

----

Text explanation

I think the explanation of the text is missing an important point. It starts like it's about the philosophal question of "the same color for everybody", but ends with a very mundane explanation, which I think quite funny.

[[Special:Contributions/141.101.69.9|141.101.69.9]] 21:18, 28 August 2017 (UTC) Loïc

Yes, the description needs to include the fact that the top reference to color being unknowable is a reference to [https://en.wikipedia.org/wiki/Qualia qualia]. The brain of one individual may interpret colors differently than the brain of another individual, but since we would all use the same words for our interpretations of the same wavelengths, we can't really know if how I see blue is the same as how you see blue, hence that reference. But then in the tag, he has swapped out the reason for our different interpretations for the same color, blaming our browsers instead of our brains.

[[User:DarkJMKnight|DarkJMKnight]] ([[User talk:DarkJMKnight|talk]]) 11:14, 29 August 2017 (UTC)

Exactly this. Although really that only relates to our experience of colour, so I'm not sure how much relevance it has to the colour mixing track, despite the arrow. [[Special:Contributions/141.101.98.106|141.101.98.106]] 13:11, 29 August 2017 (UTC)

----

"As the 4th dimension is time, the color space would probably change all the time."

...no. No. I'm removing that. Just... no.

[[User:Hakr14|Hakr14]] ([[User talk:Hakr14|talk]]) 23:03, 28 August 2017 (UTC)

Isn't the title text a reference to [https://bugs.chromium.org/p/chromium/issues/detail?id=44872 that pretty old Chromium bug]? [[Special:Contributions/162.158.22.4|162.158.22.4]] 13:53, 29 August 2017 (UTC)

I don't think Randall even scratched the surface. Ask "What is Yellow?"...it's the almost pure frequency of light given off by a sodium lamp at 589nm wavelength. Then, take a digital photo of a sodium lamp and look at the picture on an LED monitor. The color looks the same...but now you're looking at a mixture of red and green LED's - so you're seeing two frequencies at 660nm and 530nm...there is no yellow light. So, you ask yourself - is it the case that mixing two frequencies that the eye can see creates the illusion of a colour between the two?

Well, what color do you see when you mix red and blue? Magenta...right? But what color is midway between red and blue? That's Green. So the difference between Magenta and Green *should* be about the same as the difference between "Sodium lamp yellow" and "Picture of sodium lamp yellow".

The Mantis Shrimp can see 12 'primary colors' and is sensitive to the plane of polarization of the light. We see 3 primaries and have no clue about polarization.

Humans are all essentially color blind.
[[User:SteveBaker|SteveBaker]] ([[User talk:SteveBaker|talk]]) 16:55, 29 August 2017 (UTC)

----

There is no mention of the RGB/RYB/CYMK issue in the explenation [[Special:Contributions/162.158.111.211|162.158.111.211]] 06:13, 30 August 2017 (UTC)

Talk:1820: Security Advice

2017-04-07T00:27:54Z

162.158.111.211: factor one: username/password. OK. factor two: you also need a crowbar: nope

Secret questions are not 2-factor authentication (2FA). They are just a really shitty password, something that you know. --[[User:JakubNarebski|JakubNarebski]] ([[User talk:JakubNarebski|talk]]) 14:33, 5 April 2017 (UTC)

Secret questions are more like 0-factor authentication, since they typically ask for public data. Shirluban [[Special:Contributions/141.101.88.106|141.101.88.106]] 14:39, 5 April 2017 (UTC)

Even when it isn't public it is often very unsecure - like: "your password has to have upper and lower case letters, numbers" and other requirements - if you forget it just enter the brand of your first car, there are about 20 likely answers (make it 40 if you need to additionally see wether or not it has been capitalized) [[Special:Contributions/162.158.92.46|162.158.92.46]] 15:18, 5 April 2017 (UTC)

Use prime numbers in your password: this would only limit the number of possible passwords for a hacker to check.

Use special characters like & and % : this advice is thoroughly handled in https://xkcd.com/936/ Changing characters into a special one does adds just very little to the search space.
However, a video from Computerphile suggests ''inserting'' a random character somewhere in the password which might actually be rather helpful

[[Special:Contributions/162.158.111.211|162.158.111.211]] 14:53, 5 April 2017 (UTC)

Maybe you really should use a secure font [https://technet.microsoft.com/library/security/MS15-078 Font related bug] [[Special:Contributions/162.158.79.161|162.158.79.161]] 15:13, 5 April 2017 (UTC)

Should the blue check mark tip be noted as only being useful on Twitter? Usually, the advice doesn't apply to emails, which are significantly more likely to ask for your less-secret account details, but also significantly less likely to have a blue check mark. [[Special:Contributions/162.158.2.10|162.158.2.10]] 15:15, 5 April 2017 (UTC)

"If a border guard asks to examine your laptop, you have a legal right to challenge them to a chess game for your soul.", do any of you know exactly what is the original advice here? This is probably different in different countries, but if I recall correctly you can't prevent them from seizing your device, but you are not required to provide them your passwords (but they may give you a hard time or deny your entry if you are not a citizen). Anyone can confirm this? [[Special:Contributions/108.162.216.22|108.162.216.22]] 15:16, 5 April 2017 (UTC)

The rice trick doesn't even work for wet phones. http://www.gazelle.com/thehorn/wp-content/uploads/2014/05/Water-Damage-Prevention-and-Recovery.pdf [[Special:Contributions/162.158.111.211|162.158.111.211]] 15:33, 5 April 2017 (UTC)

:Yeah - beat me to it! The rice trick doesn't work...not for phones or anything else for that matter. So this is double bad advice. [[Special:Contributions/162.158.69.39|162.158.69.39]] 16:06, 5 April 2017 (UTC)

Border guard - I'd like to see a bit more explanation, please, on how Ingmar Berman's film shows a man playing chess with Death, and possibly the infamous subversion of this trope in Bill And Ted's Bogus Journey. As it is, the explanation is only the ''bare bones''. --[[Special:Contributions/172.68.34.52|172.68.34.52]] 17:35, 5 April 2017 (UTC)

Checking the padlock icon in your browser is not enough to make sure you're really connected to the site you think. You have to check the domain too, to make sure you're not on a typosquatter domain (e.g. explianxkcd.com instead of explainxkcd.com). For really important thing like banking, you should check for an Extended Validation Certificate (Firefox shows the name of the organization running the website beside the padlock to indicate an EV-Certificate). This means, that the CA checked if the website operator really is who he pretends to be (and take a hefty sum of money for the process). Yeah, i know, security isn't easy. Using the brain still can't be replaced. --[[Special:Contributions/162.158.202.160|162.158.202.160]] 20:14, 5 April 2017 (UTC)

''These two characters are often disallowed in passwords because of their relevance to SQL (a common database query language). A badly written security system using SQL could have severe bugs (and vulnerabilities) if these characters were used in a password.'' So instead of fixing the bugs, users are kindly requested/forbidden to use & and % because that would break the system? Relying on empathy instead of fixing the problem, similar to "please don't break in, we're too poor to afford a decent lock". Sounds like Black Hat in a role as security advisor could come up with. [[Special:Contributions/162.158.111.211|162.158.111.211]] 21:01, 5 April 2017 (UTC)
:: I once saw a funny notification at a login screen. It read: "Only log on if you are an authorized user". Hilarious... [[User:Elektrizikekswerk|Elektrizikekswerk]] ([[User talk:Elektrizikekswerk|talk]]) 13:03, 6 April 2017 (UTC)
::: In reverse, for work I'm supposed to come up with a 2-factor authorization method. A simple password is one factor. I thought the second factor was easy: you also need physical access to a computer in the network. Apparently that's not "technical" enough or something, external advisors tell us that the fact that a hacker needs to physically break in to hack the system doesn't count as a second factor. (if anyone can point to an authority saying that it does I'd be very happy!) [[Special:Contributions/162.158.111.211|162.158.111.211]] 00:27, 7 April 2017 (UTC)

"Turing-complete kerning specification language in OpenType fonts" needs a citation. Is this just referring to the TeX language in general?

"the US banking system, where there is very little security for direct account drafts, and because of that it is advised there to keep the account number as secret as possible. In contrast, in Europe..." also needs citation. Why is giving out your bank account number more secure in Europe? I googled around a bit but couldn't find any verification of this (aside from discussions on chips vs. magnetic strips, which is a different issue).
--[[User:Tractarian|Tractarian]] ([[User talk:Tractarian|talk]]) 17:29, 6 April 2017 (UTC)

From experience, here in the UK, if I wanted someone to transfer money to me online, I just give them my account number and routing (or "sort") code. People even publish this information on websites.

Specifically, a lot of the rules here place liability on the banks for fraudulent and unauthorised transactions as long as the consumer wasn't careless or breached the rules of their account.

See https://www.directdebit.co.uk/DirectDebitExplained/pages/directdebitguarantee.aspx
https://www.chequeandcredit.co.uk/information-hub/faqs/cheque-fraud

But I can't imagine how anyone could initiate a transaction from my account without forging a document or hacking my online banking details (for electronic transfers).--[[Special:Contributions/162.158.111.37|162.158.111.37]] 19:33, 6 April 2017 (UTC)

:Yeah from my, Dutch, view that part also seems strange. Like "I'm not telling you my e-mail address so you can't read my e-mail". Also, anyone you ever sent money to gets to know your account number don't they? After that, can they just walk into a bank saying "Hi I'm John, account number 12345, give me $5000 please"? I'd like a comic showing my accountnumber to test how I'd be hurt by telling the whole world :) It gets stranger, in order to get a refund to my credit card I not only had to give my credit card number but the expiry date as well. I always considered the expiry date as a very simple password to prove you have the card itself. This felt more like "You wouldn't want total strangers to put money on your account, would you?" (thinking about it, maybe it's used as a "checksum"). [[Special:Contributions/162.158.111.211|162.158.111.211]] 22:35, 6 April 2017 (UTC)

Talk:1820: Security Advice

2017-04-06T22:46:51Z

162.158.111.211:

Secret questions are not 2-factor authentication (2FA). They are just a really shitty password, something that you know. --[[User:JakubNarebski|JakubNarebski]] ([[User talk:JakubNarebski|talk]]) 14:33, 5 April 2017 (UTC)

Secret questions are more like 0-factor authentication, since they typically ask for public data. Shirluban [[Special:Contributions/141.101.88.106|141.101.88.106]] 14:39, 5 April 2017 (UTC)

Even when it isn't public it is often very unsecure - like: "your password has to have upper and lower case letters, numbers" and other requirements - if you forget it just enter the brand of your first car, there are about 20 likely answers (make it 40 if you need to additionally see wether or not it has been capitalized) [[Special:Contributions/162.158.92.46|162.158.92.46]] 15:18, 5 April 2017 (UTC)

Use prime numbers in your password: this would only limit the number of possible passwords for a hacker to check.

Use special characters like & and % : this advice is thoroughly handled in https://xkcd.com/936/ Changing characters into a special one does adds just very little to the search space.
However, a video from Computerphile suggests ''inserting'' a random character somewhere in the password which might actually be rather helpful

[[Special:Contributions/162.158.111.211|162.158.111.211]] 14:53, 5 April 2017 (UTC)

Maybe you really should use a secure font [https://technet.microsoft.com/library/security/MS15-078 Font related bug] [[Special:Contributions/162.158.79.161|162.158.79.161]] 15:13, 5 April 2017 (UTC)

Should the blue check mark tip be noted as only being useful on Twitter? Usually, the advice doesn't apply to emails, which are significantly more likely to ask for your less-secret account details, but also significantly less likely to have a blue check mark. [[Special:Contributions/162.158.2.10|162.158.2.10]] 15:15, 5 April 2017 (UTC)

"If a border guard asks to examine your laptop, you have a legal right to challenge them to a chess game for your soul.", do any of you know exactly what is the original advice here? This is probably different in different countries, but if I recall correctly you can't prevent them from seizing your device, but you are not required to provide them your passwords (but they may give you a hard time or deny your entry if you are not a citizen). Anyone can confirm this? [[Special:Contributions/108.162.216.22|108.162.216.22]] 15:16, 5 April 2017 (UTC)

The rice trick doesn't even work for wet phones. http://www.gazelle.com/thehorn/wp-content/uploads/2014/05/Water-Damage-Prevention-and-Recovery.pdf [[Special:Contributions/162.158.111.211|162.158.111.211]] 15:33, 5 April 2017 (UTC)

:Yeah - beat me to it! The rice trick doesn't work...not for phones or anything else for that matter. So this is double bad advice. [[Special:Contributions/162.158.69.39|162.158.69.39]] 16:06, 5 April 2017 (UTC)

Border guard - I'd like to see a bit more explanation, please, on how Ingmar Berman's film shows a man playing chess with Death, and possibly the infamous subversion of this trope in Bill And Ted's Bogus Journey. As it is, the explanation is only the ''bare bones''. --[[Special:Contributions/172.68.34.52|172.68.34.52]] 17:35, 5 April 2017 (UTC)

Checking the padlock icon in your browser is not enough to make sure you're really connected to the site you think. You have to check the domain too, to make sure you're not on a typosquatter domain (e.g. explianxkcd.com instead of explainxkcd.com). For really important thing like banking, you should check for an Extended Validation Certificate (Firefox shows the name of the organization running the website beside the padlock to indicate an EV-Certificate). This means, that the CA checked if the website operator really is who he pretends to be (and take a hefty sum of money for the process). Yeah, i know, security isn't easy. Using the brain still can't be replaced. --[[Special:Contributions/162.158.202.160|162.158.202.160]] 20:14, 5 April 2017 (UTC)

''These two characters are often disallowed in passwords because of their relevance to SQL (a common database query language). A badly written security system using SQL could have severe bugs (and vulnerabilities) if these characters were used in a password.'' So instead of fixing the bugs, users are kindly requested/forbidden to use & and % because that would break the system? Relying on empathy instead of fixing the problem, similar to "please don't break in, we're too poor to afford a decent lock". Sounds like Black Hat in a role as security advisor could come up with. [[Special:Contributions/162.158.111.211|162.158.111.211]] 21:01, 5 April 2017 (UTC)
:: I once saw a funny notification at a login screen. It read: "Only log on if you are an authorized user". Hilarious... [[User:Elektrizikekswerk|Elektrizikekswerk]] ([[User talk:Elektrizikekswerk|talk]]) 13:03, 6 April 2017 (UTC)

"Turing-complete kerning specification language in OpenType fonts" needs a citation. Is this just referring to the TeX language in general?

"the US banking system, where there is very little security for direct account drafts, and because of that it is advised there to keep the account number as secret as possible. In contrast, in Europe..." also needs citation. Why is giving out your bank account number more secure in Europe? I googled around a bit but couldn't find any verification of this (aside from discussions on chips vs. magnetic strips, which is a different issue).
--[[User:Tractarian|Tractarian]] ([[User talk:Tractarian|talk]]) 17:29, 6 April 2017 (UTC)

From experience, here in the UK, if I wanted someone to transfer money to me online, I just give them my account number and routing (or "sort") code. People even publish this information on websites.

Specifically, a lot of the rules here place liability on the banks for fraudulent and unauthorised transactions as long as the consumer wasn't careless or breached the rules of their account.

See https://www.directdebit.co.uk/DirectDebitExplained/pages/directdebitguarantee.aspx
https://www.chequeandcredit.co.uk/information-hub/faqs/cheque-fraud

But I can't imagine how anyone could initiate a transaction from my account without forging a document or hacking my online banking details (for electronic transfers).--[[Special:Contributions/162.158.111.37|162.158.111.37]] 19:33, 6 April 2017 (UTC)

:Yeah from my, Dutch, view that part also seems strange. Like "I'm not telling you my e-mail address so you can't read my e-mail". Also, anyone you ever sent money to gets to know your account number don't they? After that, can they just walk into a bank saying "Hi I'm John, account number 12345, give me $5000 please"? I'd like a comic showing my accountnumber to test how I'd be hurt by telling the whole world :) It gets stranger, in order to get a refund to my credit card I not only had to give my credit card number but the expiry date as well. I always considered the expiry date as a very simple password to prove you have the card itself. This felt more like "You wouldn't want total strangers to put money on your account, would you?" (thinking about it, maybe it's used as a "checksum"). [[Special:Contributions/162.158.111.211|162.158.111.211]] 22:35, 6 April 2017 (UTC)

Talk:1820: Security Advice

2017-04-06T22:35:57Z

162.158.111.211: Getting a refund to your credit card is strange as well

Secret questions are not 2-factor authentication (2FA). They are just a really shitty password, something that you know. --[[User:JakubNarebski|JakubNarebski]] ([[User talk:JakubNarebski|talk]]) 14:33, 5 April 2017 (UTC)

Secret questions are more like 0-factor authentication, since they typically ask for public data. Shirluban [[Special:Contributions/141.101.88.106|141.101.88.106]] 14:39, 5 April 2017 (UTC)

Even when it isn't public it is often very unsecure - like: "your password has to have upper and lower case letters, numbers" and other requirements - if you forget it just enter the brand of your first car, there are about 20 likely answers (make it 40 if you need to additionally see wether or not it has been capitalized) [[Special:Contributions/162.158.92.46|162.158.92.46]] 15:18, 5 April 2017 (UTC)

Use prime numbers in your password: this would only limit the number of possible passwords for a hacker to check.

Use special characters like & and % : this advice is thoroughly handled in https://xkcd.com/936/ Changing characters into a special one does adds just very little to the search space.
However, a video from Computerphile suggests ''inserting'' a random character somewhere in the password which might actually be rather helpful

[[Special:Contributions/162.158.111.211|162.158.111.211]] 14:53, 5 April 2017 (UTC)

Maybe you really should use a secure font [https://technet.microsoft.com/library/security/MS15-078 Font related bug] [[Special:Contributions/162.158.79.161|162.158.79.161]] 15:13, 5 April 2017 (UTC)

Should the blue check mark tip be noted as only being useful on Twitter? Usually, the advice doesn't apply to emails, which are significantly more likely to ask for your less-secret account details, but also significantly less likely to have a blue check mark. [[Special:Contributions/162.158.2.10|162.158.2.10]] 15:15, 5 April 2017 (UTC)

"If a border guard asks to examine your laptop, you have a legal right to challenge them to a chess game for your soul.", do any of you know exactly what is the original advice here? This is probably different in different countries, but if I recall correctly you can't prevent them from seizing your device, but you are not required to provide them your passwords (but they may give you a hard time or deny your entry if you are not a citizen). Anyone can confirm this? [[Special:Contributions/108.162.216.22|108.162.216.22]] 15:16, 5 April 2017 (UTC)

The rice trick doesn't even work for wet phones. http://www.gazelle.com/thehorn/wp-content/uploads/2014/05/Water-Damage-Prevention-and-Recovery.pdf [[Special:Contributions/162.158.111.211|162.158.111.211]] 15:33, 5 April 2017 (UTC)

:Yeah - beat me to it! The rice trick doesn't work...not for phones or anything else for that matter. So this is double bad advice. [[Special:Contributions/162.158.69.39|162.158.69.39]] 16:06, 5 April 2017 (UTC)

Border guard - I'd like to see a bit more explanation, please, on how Ingmar Berman's film shows a man playing chess with Death, and possibly the infamous subversion of this trope in Bill And Ted's Bogus Journey. As it is, the explanation is only the ''bare bones''. --[[Special:Contributions/172.68.34.52|172.68.34.52]] 17:35, 5 April 2017 (UTC)

Checking the padlock icon in your browser is not enough to make sure you're really connected to the site you think. You have to check the domain too, to make sure you're not on a typosquatter domain (e.g. explianxkcd.com instead of explainxkcd.com). For really important thing like banking, you should check for an Extended Validation Certificate (Firefox shows the name of the organization running the website beside the padlock to indicate an EV-Certificate). This means, that the CA checked if the website operator really is who he pretends to be (and take a hefty sum of money for the process). Yeah, i know, security isn't easy. Using the brain still can't be replaced. --[[Special:Contributions/162.158.202.160|162.158.202.160]] 20:14, 5 April 2017 (UTC)

''These two characters are often disallowed in passwords because of their relevance to SQL (a common database query language). A badly written security system using SQL could have severe bugs (and vulnerabilities) if these characters were used in a password.'' So instead of fixing the bugs, users are kindly requested/forbidden to use & and % because that would break the system? Relying on empathy instead of fixing the problem, similar to "please don't break in, we're too poor to afford a decent lock". Sounds like Black Hat in a role as security advisor could come up with. [[Special:Contributions/162.158.111.211|162.158.111.211]] 21:01, 5 April 2017 (UTC)
:: I once saw a funny notification at a login screen. It read: "Only log on if you are an authorized user". Hilarious... [[User:Elektrizikekswerk|Elektrizikekswerk]] ([[User talk:Elektrizikekswerk|talk]]) 13:03, 6 April 2017 (UTC)

"Turing-complete kerning specification language in OpenType fonts" needs a citation. Is this just referring to the TeX language in general?

"the US banking system, where there is very little security for direct account drafts, and because of that it is advised there to keep the account number as secret as possible. In contrast, in Europe..." also needs citation. Why is giving out your bank account number more secure in Europe? I googled around a bit but couldn't find any verification of this (aside from discussions on chips vs. magnetic strips, which is a different issue).
--[[User:Tractarian|Tractarian]] ([[User talk:Tractarian|talk]]) 17:29, 6 April 2017 (UTC)

From experience, here in the UK, if I wanted someone to transfer money to me online, I just give them my account number and routing (or "sort") code. People even publish this information on websites.

Specifically, a lot of the rules here place liability on the banks for fraudulent and unauthorised transactions as long as the consumer wasn't careless or breached the rules of their account.

See https://www.directdebit.co.uk/DirectDebitExplained/pages/directdebitguarantee.aspx
https://www.chequeandcredit.co.uk/information-hub/faqs/cheque-fraud

But I can't imagine how anyone could initiate a transaction from my account without forging a document or hacking my online banking details (for electronic transfers).--[[Special:Contributions/162.158.111.37|162.158.111.37]] 19:33, 6 April 2017 (UTC)

:Yeah from my, Dutch, view that part also seems strange. Like "I'm not telling you my e-mail address so you can't read my e-mail". Also, anyone you ever sent money to gets to know your account number don't they? After that, can they just walk into a bank saying "Hi I'm John, account number 12345, give me $5000 please"? I'd like a comic showing my accountnumber to test how I'd be hurt by telling the whole world :) It gets stranger, in order to get a refund to my credit card I not only had to give my credit card number but the expiry date as well. I always considered the expiry date as a very simple password to prove you have the card itself. This felt more like "You wouldn't want total strangers to put money on your account, would you?" [[Special:Contributions/162.158.111.211|162.158.111.211]] 22:35, 6 April 2017 (UTC)

Talk:1820: Security Advice

2017-04-05T21:03:25Z

162.158.111.211: sp

Talk:1820: Security Advice

2017-04-05T21:01:49Z

162.158.111.211: Blackhat is that you?

Talk:1820: Security Advice

2017-04-05T15:33:03Z

162.158.111.211:

Talk:1820: Security Advice

2017-04-05T14:53:37Z

162.158.111.211: