explain xkcd - User contributions [en]

Talk:936: Password Strength

2016-01-08T08:09:31Z

162.158.91.190: added link to recent comment about the password strength in discussions

''Fix the software first.'' If you double the time it takes to enter each repeated password attempt you make brute force attacks pointless. Imagine you allowed a hurried user who screws up their own password entry w/ frozen fingers. If their system starts out with a 1 second delay, then doubles to two, then to four, etc. the time it takes to wait is 2^n. Six screw ups cost you a minute, twenty errors and you are waiting 291 hours before your next log-in attempt.... kmc 2015-05-10 {{unsigned ip|108.162.229.124}}

You still have to vary the words with a bit of capitalization, punctuation and numbers a bit, or hackers can just run a dictionary attack against your string of four words. '''[[User:Davidy22|{{Color|purple|David}}y²²]]'''[[User talk:Davidy22|<tt>[talk]</tt>]] 09:12, 9 March 2013 (UTC)

No you don't. Hackers cannot run a dictionary attack against a string of four randomly picked words.
Look at the number of bits displayed in the image: 11 bits for each word.
That means he's assuming a dictionary of 2048 words, from which each word is picked randomly.
The assumption is that the cracker knows your password scheme.
[[Special:Contributions/86.81.151.19|86.81.151.19]] 20:17, 28 April 2013 (UTC)
Willem

:I just wrote a program to bruteforce this password creation method. https://github.com/KrasnayaSecurity/xkcd936/blob/master/listGen936.py Once I get it I'll try coming up with more bruteforcing algorithms such as substituting symbols, numbers, camel case, and the like. Point is, don't rely on this or any one method. I wouldn't be surprised if the crackers are already working on something like this. [[User:Lieutenant S.|Lieutenant S.]] ([[User talk:Lieutenant S.|talk]]) 07:03, 8 September 2014 (UTC)
:It took 1.25 hours to bruteforce "correcthorsebatterystaple" using the 2,000 most common words with one CPU. [[User:Lieutenant S.|Lieutenant S.]] ([[User talk:Lieutenant S.|talk]]) 07:09, 9 September 2014 (UTC)
:: 1) ... as compared to 69 milliseconds for the other method. 2) Since you are able to test 3,9 billion passwords as second (very impressive!) I am guessing that your setup is not performing its attack over a ”weak remote service”, which is breaking the rules of the #936 game. 3) five words and a 20k-wordlist would get you 9400 years (still breaking the weak remote service rule).--[[User:Gnirre|Gnirre]] ([[User talk:Gnirre|talk]]) 09:13, 14 October 2014 (UTC)
:: 2) Two thoughts: You use itertools.permutations, which only covers non-repeating words, but mainly you don't actually hash the password. If you have a plain-text password, there no need to crack the password because you could just look at it. Example of an actual crack for this type of password: https://github.com/koshippy/xkcd_password/blob/master/password_crack.py My computer gets 10,000,000 guesses in ~16 seconds (non-hashed takes ~2 seconds), meaning it would take almost a year to try every combination. (2048^4 total password space). Even optimizing by using c++/java or JtR, you wouldn't see huge improvement since most of the time is from the SHA hashing. Point being: a typical user can't crack this type of password in a short amount of time, even if they know your wordlist. [[Special:Contributions/199.27.128.212|199.27.128.212]] 12:05, 17 February 2015 (UTC) Koshippy

Sometimes this is not possible. (I'm looking at you, local banks with 8-12 character passwords and PayPal) If I can, I use a full sentence. A compound sentence for the important stuff. This adds the capitalization, punctuation and possibly the use of numbers while it's even easier to remember then Randall's scheme. I think it might help against the keyloggers too, if your browser/application autofills the username filed, because you password doesn't stand out from the feed with being gibberish. [[Special:Contributions/195.56.58.169|195.56.58.169]] 09:01, 30 August 2013 (UTC)

The basic concept can be adapted to limited-length passwords easily enough: memorize a phrase and use the first letter of each word. It'll require about a dozen words (you're only getting 4.7 bits per letter at best, actually less because first letters of words are not truly random, though they are weakly if at all correlated with their neighbors -- based on the frequencies of first letters of words in English, and assuming no correlation between each first letter and the next, I calculate about 4 bits per character of Shannon entropy). SteveMB 18:35, 30 August 2013 (UTC)

Followup: The results of extracting the first letters of words in sample texts (the {{w|Project_Gutenberg|Project Gutenberg}} texts of ''The Adventures of Huckleberry Finn'', ''The War of the Worlds'', and ''Little Fuzzy'') and applying a {{w|Entropy_(information_theory)|Shannon entropy calculation}} were 4.07 bits per letter (i.e. first letter in word) and 8.08 bits per digraph (i.e. first letters in two consecutive words). These results suggest that first-letter-of-phrase passwords have approximately 4 bits per letter of entropy. --[[User:SteveMB|SteveMB]] ([[User talk:SteveMB|talk]]) 14:21, 4 September 2013 (UTC)

Addendum: The above test was case-insensitive (all letters converted to lowercase before feeding them to the [[http://millikeys.sourceforge.net/freqanalysis.html frequency counter]]). Thus, true-random use of uppercase and lowercase would have 5 bits per letter of entropy, and any variation in case (e.g. preserving the case of the original first letter) would fall between 4 and 5 bits per letter. --[[User:SteveMB|SteveMB]] ([[User talk:SteveMB|talk]]) 14:28, 4 September 2013 (UTC)

I just have RANDOM.ORG print me ten pages of 8-character passwords and tape it to the wall, then highlight some of them and use others (say two down and to the right or similar) for my passwords, maybe a given line a line a little jumbled for more security. [[Special:Contributions/70.24.167.3|70.24.167.3]] 13:27, 30 September 2013 (UTC)
:Remind me to visit your office and secretly replace your wall-lists by a list of very similar looking strings ;) --[[User:Chtz|Chtz]] ([[User talk:Chtz|talk]]) 13:53, 30 September 2013 (UTC)

Simple.com (online banking site) had the following on it’s registration page:

“Passphrase? Yes. Passphrases are easier to remember and more secure than traditional passwords. For example, try a group of words with spaces in between, or a sentence you know you'll remember. "correct horse battery staple" is a better passphrase than r0b0tz26.”

Online security for a banking site has been informed by an online comic. Astounding.
[[Special:Contributions/173.245.54.78|173.245.54.78]] 21:22, 11 November 2013 (UTC)

The Web service Dropbox has an Easter egg related to this comic on their sign-up page. That page has a password strength indicator (powered by JavaScript) which changes as you type your password. This indicator also shows hints when hovering the mouse cursor over it. Entering "Tr0ub4dor&3" or "Tr0ub4dour&3" as the password causes the password strength indicator to fall to zero, with the hint saying, "Guess again." Entering "correcthorsebatterystaple" as the password also causes the strength indicator to fall to zero, but the hint says, "Whoa there, don't take advice from a webcomic too literally ;)." [[Special:Contributions/108.162.218.95|108.162.218.95]] 15:17, 11 February 2014 (UTC)

The explanation said that the comic uses a dictionary[http://www.explainxkcd.com/wiki/index.php?title=936:_Password_Strength&oldid=59309]. In fact it's a word list, which seems similar but it's not. All the words in the word list must be easy to memorize. This means it's better not to have words such as ''than'' or ''if''. Also, it's better not to have homophones (''wood'' and ''would'', for example). The sentence ''dictionary attack'' doesn't apply here. A dictionary attack requires the attacker to use all the words in the dictionary (e.g. 100,000 words). Here we must generate the 17,592,186,044,416 combinations of 4 common words. Those combinations can't be found in any dictionary. At 25 bytes per "word" that dictionary would need 400 {{w|tebi|binary terabytes}} to be stored. [[User:Xhfz|Xhfz]] ([[User talk:Xhfz|talk]]) 21:37, 11 March 2014 (UTC)

This comic was mentioned in a TED talk by Lorrie Faith Cranor on in March 2014. After performing a lot of studies and analysis, she concludes that "pass phrase" passwords are no easier to remember than complex passwords and that the increased length of the password increases the number of errors when typing it. There is a lot of other useful information from her studies that can be gleaned from the talk. [http://www.ted.com/talks/lorrie_faith_cranor_what_s_wrong_with_your_pa_w0rd Link]. What she doesn't mention is the frequency of changing passwords - in most organizations it's ~90 days. I don't know where that standard originated, but (as a sys admin) I suspect it's about as ineffective as most of our other password trickery - that is that it does nothing. Today's password thieves don't bash stolen password hash tables, they bundle keyloggers with game trainers and browser plugins.--[[Special:Contributions/173.245.50.75|173.245.50.75]] 18:14, 2 July 2014 (UTC)
:: Lorrie Faith Cranor gets the random part of #936 word generation correct, which is great. Regarding memorizability, this study (https://cups.cs.cmu.edu/soups/2012/proceedings/a7_Shay.pdf) does not address #936. The study uses no generator for gibberish of length 11. Most comparable are perhaps two classes of five or six randomly assigned characters. None of the study's generators has 44 bits of entropy – its dictionary for the method closest to #936 – noun-instr – contains only 181 nouns. The article contains no discussion of the significance of these differences to #936. In her TED Lorrie Faith Cranor says ”sorry all you xkcd fans” which could be interpreted as judgement of #936, but there is no basis in the above article for that. It does however seem plausible that the report could be reworked to address #936. --[[User:Gnirre|Gnirre]] ([[User talk:Gnirre|talk]]) 10:42, 14 October 2014 (UTC)

:Password-changing frequency isn't about making passwords more ''secure'', but instead it's about ''mitigating the damage'' of a successfully cracked password. If a hacker gets your password (through any means) and your password changes every 90 days, the password the hacker has obtained is only useful for a few months at most. That might be enough, but it might not. If the hacker is brute forcing the passwords to get them, that cuts into the time the password is useful. --[[Special:Contributions/173.245.54.168|173.245.54.168]] 22:22, 13 October 2014 (UTC)
::However, brute-forcing gets much ''easier'' that way.
::Say the average employee is around for 10 years, which is reasonable for some companies , absurdly high for others, and a bit low for a family business. That's 40 password changes.
::Now if you have to remember another password every now and then, you sacrifice complexity, lest you forget it. A factor of 40 is like one character less. But how much shorter will the password be? It's more likely that it's gonna be 3 or 4 characters less. Congrats, you just a factor of 1000's for a perceived "mitigation", which doesn't even work. Pro attackers can vacuum your server in a DAY once they have the PW. [[Special:Contributions/141.101.104.53|141.101.104.53]] 13:03, 4 December 2014 (UTC)

Just because you are required to have a password that has letters and numbers in it doesn't mean you can't make it memorable. When caps are required, use CamelCase. When punctuation is required, make it an ampersand (&) or include a contraction. When numbers are required, pick something that has significance to you (your birthday, the resolution of your television, ect.). Keep in mind that, if your phrase is an actual sentence, the password entropy is 1.1 bits per character (http://what-if.xkcd.com/34), so length is key if you want your password to be secure. (Though no known algorithm can actually exploit the 1.1 bits of entropy to gain time, so it might be more like 11 bits of entropy per word. Even then, my passwords have nonexistent and uncommon words in them, (like doge or trope), which also adds some entropy.) [[Special:Contributions/108.162.246.213|108.162.246.213]] 22:18, 1 September 2014 (UTC)
:Flip side of the story, the "capital plus small plus other char" policy doesn't make your password any safer.
:The German company T-online had an experimental gateway with the password, "internet". Now that sucked. No problem, tho, because that gateway wasn't accessible from outside. When they went live, they "improved" the password to "Internet1". There are still lots of these passwords around: first letter is a Cap, and the only non-alphabetic char is a 1 at the end. This doesn't add any entropy. [[Special:Contributions/141.101.104.53|141.101.104.53]] 13:03, 4 December 2014 (UTC)
::[http://ask.metafilter.com/193052/Oh-Randall-you-do-confound-me-so#2779020 This] shows that about one third of all digits in a sample of passwords was "1" . [[Special:Contributions/141.101.104.53|141.101.104.53]] 13:14, 4 December 2014 (UTC)
You can also troll the brute-force engine by using words from other languages, fictional books and video games.--[[User:Horsebattery|Horsebattery]] ([[User talk:Horsebattery|talk]]) 03:04, 3 November 2014 (UTC)
:That's a good idea; it adds to the entropy bits per word. If you really want to throw them off, mix different languages. Just don't use very well-known words; I'm sure the hackers have ''cojones'' and ''Blitzkrieg'' in their dictionaries. [[Special:Contributions/141.101.104.53|141.101.104.53]] 13:03, 4 December 2014 (UTC)

Also, passwords that are 'hard to remember' are themselves a security vulnerability. A password reset scheme (or even a lockout scheme) is a vulnerability. The more it needs to be used, the harder it becomes to police that vulnerability. Relatedly, hard-to-remember passwords leave users uncertain whether their password has been changed by someone else or they've just forgotten it. [[User:Ijkcomputer|Ijkcomputer]] ([[User talk:Ijkcomputer|talk]]) 15:32, 18 December 2014 (UTC)

Hi there, this comic gave me the idea for a password generator that can (optionally) use dictionary words. Have a look if you're interested: https://wordypasswords.com Use your common sense though about what is and isn't secure! Hope someone finds it useful. [[User:Mackatronic|Mackatronic]] ([[User talk:Mackatronic|talk]]) 08:23, 9 January 2015 (UTC)

I have not read all of the replies and in truth most of the detail is boring to me but it has occurred to me that with this sort of problem and since the Snowden affair, serious security devices will have to make the keyboard redundant.

At the moment all I can imagine is a series of pictures like hieroglyphs but even using a rolling code of ever changing font glyphs would do. When the security required by money minders reaches the stage of development possible with keyboards that can supply that sort of security, we will have some idea which banks have some idea about security.

Tip:
Not Barings. They have an history of intransigence and stupidity. (Still revered in banks though as able to cure colon cancer with poor investment strategies.)

[[User:Weatherlawyer| I used Google News BEFORE it was clickbait]] ([[User talk:Weatherlawyer|talk]]) 13:46, 23 January 2015 (UTC)

The D0g..................... (24 characters long) is NOT stronger than PrXyc.N(n4k77#L!eVdAfp9 (23 characters long). The reason why, is that the later password is random. There is no pattern. The former, "padding" technique can be very easily cracked. You just need to assume that each character be repeated 1~30 times. Then the first password would become : 1(D)1(0)1(g)21(.), which, is then of complexity 30^4 + 96^4, versus 96^23 for the random password. And that is assuming that any character can be repeated 1~30 times, so DDDDDDDDD0000000ggggggg...... also would be cracked extremely quickly. If you limit yourself to only last character padding, your password now becomes 30*96^4 possibilities. {{unsigned ip|108.162.222.235}}

And that's why it is stupid to explain this kind of joke : it depends on many (MANY) parameters such as brute-force method and encryption/hash algorithm. Giving this kind of (wrong) explanations about "pass cracking" (as if it was always the same way to process ...) is ridiculous. And they talk about entropy .......... Holy shit, go back to school and stop screwing cryptography up. zM_

I just use a password with a ␡ character or two, and ␇ for banks. [[Special:Contributions/108.162.242.21|108.162.242.21]] 08:33, 18 August 2015 (UTC)

I'am astonished that even someone like Schneier don't get 936 right immediately after reading it. So, I think I know what was going on in Munroes mind conceptually. Maybe there are some grans of salt, but I don't have a problem with these. But I do have one (or two) quantitative problem(s) with 936:
* I was not able to find out, how Munroe get the value of about 16 bits of entropy for the "uncommon" nine letter lower case "non-gibberish base word". This would mean: On average, a letter of such a word will have about 1.8 bits of entropy. May be, but how do we know? "Citation needed!" ;-)
* (Secondly: The "punctuation" should have 5, not 4 bits of entropy. There are 32 (2^5) ASCII punctuation characters (POSIX class [:punct:]). But I assume this is a lapse.)
Can someone enlighten me? --[[Special:Contributions/162.158.91.236|162.158.91.236]] 17:31, 19 September 2015 (UTC)
:I have missed the sentence "Randall assumes only the 16 most common characters are used in practice (4 bits)". Hm. There is a huge list with real world passwords out there, leaking from RockYou in 2009. After some processing to remove passwords containing characters that are not printable ASCII characters (ñ, £, ๅ, NBSP, EOT, ...), the list contains about 14329849 unique passwords from about 32585010 accounts (there are some garbage "passwords" like HTML code fragments). The following are the number of accounts using a password containing a particular printable character (one or more tokens of a particular type):
<nowiki>
226673 .
186883 _
179264 !
125846 -
104224 @
95237 *
92802 (space)
60002 #
36522 /
31172 $
28550 &
27686 ,
23905 +
18704 =
18268 )
17927 ?
16401 (
16074 '
14407 ;
11819 <
11118 %
10723 ]
8975 \
7718 [
7209 :
5815 ~
5673 ^
4995 `
2847 "
2741 >
1050 {
939 }
502 |

(NB: 1222815 accounts were using a password containing at least one of these.)
</nowiki>
:Sorry, I have no "citation". But you can play with the leaked RockYou password list yourself. Here is a way to reach that playground:
<nowiki>
$ # Download the compressed list (57 MiB; I have no idea what "skullsecurity"
$ # is, it was simply the first find and I assume it's the said list):
$ wget http://downloads.skullsecurity.org/passwords/rockyou-withcount.txt.bz2

$ # Decompress the list (243 MiB), or, to speak more exact, it's a table:
$ bzip2 -dk rockyou-withcount.txt.bz2

$ # The content of the table is: "How many accounts (first row) were using that
$ # password (second row)?" Let's take a peek:
$ head -n5 rockyou-withcount.txt
290729 123456
79076 12345
76789 123456789
59462 password
49952 iloveyou

$ # The following command processes the table to remove lines with passwords
$ # containing characters that are not printable ASCII characters (14541
$ # lines/passwords, 18038 accounts), and lines insisting that there were some
$ # accounts with no password (1 line, 340 accounts). Moreover, the command
$ # removes every space character not belonging to a password, makes the rows
$ # tab-delimited and writes the result in a file called "ry" (161 MiB; many
$ # bloating spaces removed).
$ LC_ALL=C sed -n 's/^ *$[1-9][0-9]*$ $[[:print:]]\{1,\}$$/\1\t\2/p' rockyou-withcount.txt >ry

$ # The following are shell functions to build commands. They will be explained
$ # below using examples (I can not express myself well in this language).
$ counta() { LC_ALL=C awk 'BEGIN { FS = "\t"; p = 0; a = 0 } { if ($2 ~ /'"$(printf %s "$1" | sed 'sI/I\\/Ig')"'/) { p++; a += $1 } } END { print a " (" p ")" }' "$2" ;}
$ countap() { LC_ALL=C awk 'BEGIN { FS = "\t"; p = 0; a = 0 } { if ($2 ~ /'"$(printf %s "$1" | sed 'sI/I\\/Ig')"'/) { p++; a += $1; print $0 } } END { print a " (" p ")" }' "$2" ;}

$ # We have reached the playground. Here are some examples for how to use the
$ # toys:

$ # Count how many accounts were using a password containing the string love:
$ counta 'love' ry
671599 (188855)

$ # The first operand of the above command is a extended regular expression
$ # (ERE). The second operand is a file, namely the previously generated file
$ # called "ry", that is the (processed) table. The first number of the output
$ # means: "That many accounts were using a password matching the ERE." The
$ # second number inside parentheses means: "That many unique passwords matching
$ # the ERE." If the first number is greater than the second number, some
$ # accounts sharing the same password (we will see this clearly in one of the
$ # examples below).

$ # Count how many accounts were using a password containing at least one
$ # character:
$ counta '.' ry
32585010 (14329849)

$ # Count how many accounts were using a password containing exactly one
$ # character:
$ counta '^.$' ry
144 (45)

$ # Count how many accounts were using a password containing exactly one numeric
$ # character:
$ counta '^[0-9]$' ry
55 (10)

$ # Let's have a look at the distribution:
$ countap '^[0-9]$' ry
29 1
6 7
6 3
3 9
3 2
2 6
2 5
2 0
1 8
1 4
55 (10)

$ # Obove we see the second command at work. You see what it does and what it
$ # does different. And here we see clearly the meaning of the first number and
$ # the second number inside parentheses.

$ # Count how many accounts were using a password containing at least one
$ # numeric character:
$ counta '[0-9]' ry
17609065 (9761364)

$ # Count how many accounts were using a password ending with a numeric
$ # character:
$ counta '[0-9]$' ry
15728238 (8313698)

$ # Count how many accounts were using a password beginning with a numeric
$ # character:
$ counta '^[0-9]' ry
6409397 (3283946)

$ # Count how many accounts were using a password containing only numeric
$ # characters:
$ counta '^[0-9]+$' ry
5192990 (2346744)

$ # And, last but not least, count how many accounts were using a password
$ # containing that "uncommon non-gibberish base word" in 936, with an upper
$ # or an lower case first letter, with or without some of the "common
$ # substitutions":
$ counta '[tT]r[o0]ub[a4]d[o0]r' ry
3 (3)

$ # Yes, there are some. 14 million unique passwords are a lot. Let's see what
$ # exactly was used:
$ countap '[tT]r[o0]ub[a4]d[o0]r' ry
1 troubador1
1 troubador
1 darktroubador
3 (3)
</nowiki>
:[[Special:Contributions/162.158.91.236|162.158.91.236]] 06:23, 21 September 2015 (UTC)

Interesting read about the generated password streangth: https://www.schneier.com/blog/archives/2016/01/friday_squid_bl_508.html#c6714590 [[Special:Contributions/162.158.91.190|162.158.91.190]] 08:09, 8 January 2016 (UTC)

Talk:1601: Isolation

2015-11-10T18:42:49Z

162.158.91.190:

[https://www.youtube.com/watch?v=LD0x7ho_IYc Relevant Vsauce]. [[Special:Contributions/141.101.84.117|141.101.84.117]] 06:45, 10 November 2015 (UTC)

The title text is referring to Yudkowsky's [http://www.yudkowsky.net/singularity/aibox/ AI-Box Experiment], which was already mentioned in [http://www.xkcd.com/1450/ xkcd.com/1450] and explained [http://www.explainxkcd.com/wiki/index.php/1450:_AI-Box_Experiment here]. --[[Special:Contributions/162.158.153.11|162.158.153.11]] 09:03, 9 November 2015 (UTC)

If I remember correctly, there's a letter by an Ancient Roman writer complaining that people always write stories down now instead of just telling them to each other. So this mindset has existed for much longer than two centuries. --[[Special:Contributions/141.101.106.191|141.101.106.191]] 09:08, 9 November 2015 (UTC)
:But there had been little update in the technology behind books/writing since then and the news paper! --[[User:Kynde|Kynde]] ([[User talk:Kynde|talk]]) 09:51, 9 November 2015 (UTC)

There is someone (not logged in) that believes that the last panel indicates that it is the same Cueball through 175 years that are ignored by his friends, instead of just a jab at generic people who complains about technology. Cueball being this generic person. I highly disagree with this, but the second I changed it to something else the same IP address changed it right back. I have now made two versions of this explanation. And made it clear that it would mean Cueball and his friends were about 200 years old. Then I will leave it to someone else to choose if both of these explanations should be left in, or maybe even a third be added...? --[[User:Kynde|Kynde]] ([[User talk:Kynde|talk]]) 10:42, 9 November 2015 (UTC)
:I'm the one who initially made that edit. I only made the edit once, I didn't revert any edits you or anyone else made. I still think my explanation is the correct one, too. The "Take a hint" comment makes a lot more sense if Cueball has a long history of blaming others not socializing with him on technology. The "It's been two centuries" comment only makes sense in the context of it being the same Cueball in all six panels, because people have been making that comment for a lot more than two centuries, and even if they hadn't, any random person is unlikely to know when people first started making that sort of observation. This explanation also fits in more with xkcd's style. [[Special:Contributions/108.162.218.17|108.162.218.17]] 22:33, 9 November 2015 (UTC)
:Your explanation is correct and [[Special:Contributions/108.162.218.17|108.162.218.17]] is behaving like a child. [[Special:Contributions/108.162.221.17|108.162.221.17]] 13:41, 9 November 2015 (UTC)
::It's neither! Part of the humor is the bizarre reframing that occurs in the last few panels as you suddenly begin to consider that instead of just being a representative sampling of generic people's complaints throughout the years, you suddenly consider that maybe this IS just one guy, riding his hobby-horse relentlessly throughout the decades without letup -- Dude! Take a hint! For me, especially the way he is hanging on a strap in the penultimate panel suddenly makes him seem like he's been stalking these people, following them with his opinions... {{unsigned ip|108.162.218.142}}
:::We will have to wait until the official transcript appears. That might settle the question. [[Special:Contributions/108.162.221.17|108.162.221.17]] 15:03, 9 November 2015 (UTC)

it says "sims" not "The Sims". "sim" is just short for "simulator". there are other things that simulate things beyond "The Sims". --[[Special:Contributions/141.101.106.233|141.101.106.233]] 12:16, 9 November 2015 (UTC)

I would rather say that the main explaination of the joke is a third way:
-Cueball represent the kind of person that complains about people ignoring each other. The contemporaries of such kind of person are clearly annoyed by his behavior and ignore him willingly. The complainer should understand the hint that people prefer isolation much better than having to interact with him. --[[Special:Contributions/162.158.135.57|162.158.135.57]] 12:27, 9 November 2015 (UTC)
:I'm pretty sure that this is the joke. It's not that society is becoming more isolated, it's that everybody is intentionally trying to ignore Cueball, ''and he's not taking the hint'' [[Special:Contributions/162.158.60.11|162.158.60.11]] 14:54, 9 November 2015 (UTC)
::Agreed --[[Special:Contributions/173.245.54.66|173.245.54.66]] 15:04, 9 November 2015 (UTC)

I think that "dude, it's been 2 centuries" refers to the actual notion of people complaining about social isolation due to the current relavant "media" at the time rather than cueball himself- this might be other people, but these guys are all stick figures... It's also very unlikely that someone would live this long. {{Citation needed}} --[[Special:Contributions/108.162.216.5|108.162.216.5]] 12:57, 9 November 2015 (UTC)

I don't think those people are supposed to be Cueballs friends. They may be strangers, and the idea is that people don't WANT to be social with strangers. Using technology to isolate may be reaction to fact that cities force us into bigger groups that we are comfortable socializing with. -- [[User:Hkmaly|Hkmaly]] ([[User talk:Hkmaly|talk]]) 13:40, 9 November 2015 (UTC)

I thought that Cueball being centuries old WAS the joke - it looks like this is just a montage along the lines of [[1227]], but it was actually Cueball saying the same thing for two solid centuries.
:I am inclined to agree that it's one of the jokes. I have never heard "take a hint" used to refer to things someone hadn't personally experienced. While people don't really live 2 centuries, it is a comic, not reality, and the implication he is the same Cueball makes a fun twist at the end of an obvious joke. He's poked at the history of this before, and the joke "maybe it's not technology, maybe it's your personality" has been done at least as far back as the Walkman example, probably much further. [[User:GonzoI|GonzoI]] ([[User talk:GonzoI|talk]]) 15:44, 9 November 2015 (UTC)

Also, this is clearly a lowercase-s-sim, not The Sims. Possibly inspired by the Infinite Fun Space of Ian M Banks' Culture novels, but that's not definite enough to put it.--[[Special:Contributions/162.158.38.207|162.158.38.207]] 14:16, 9 November 2015 (UTC)
:Yeah, that struck me as odd too. Anyone care to reformat? [[Special:Contributions/173.245.56.60|173.245.56.60]] 17:06, 9 November 2015 (UTC)

Anyone else think these might be actual quotes from the relevant times? Quick Google search doesn't support that (but then Google seems to skew its results towards recent more "relevant" responses, to the detriment of historical references -- give me what some random blogger has to say over the historical context! (Google obviously hasn't incorporated this strip yet, because then this strip will be the top result for all searches, and pages like this one will be the rest...)), but maybe Randall deliberately choose obscure references. Against this idea is that when he's done this in the past [citation needed], he's put in the references. But then, maybe he's mixing it up a little.... Thoughts? {{unsigned ip|108.162.218.142}}
:I could find nothing to support it either. I doubt it is specific quotes because some are very generic, and because the cartoonist uses the same internet as the audience. If we can't find it, I doubt that would be the joke. [[User:GonzoI|GonzoI]] ([[User talk:GonzoI|talk]]) 15:44, 9 November 2015 (UTC)
::Whether or not these are real quotes or not was never an issue with regard to the joke -- it makes no real difference, it's just an interesting aside. And it depresses me that the Internet -- let alone Google's subset index thereof -- is quietly assumed to be the sum of all knowledge. The author *might* use the same internet as the rest of us (or maybe none of us use the exact same internet, each having access to parts inaccessible to other users), but even if the statement is taken as given, the internet is not the sum total of all knowledge. Go to the stacks of any well stocked university library, for example, to see a whole wealth of information largely not on the the internet. I know Google is trying to address the issue, but really, if you want any information from before roughly 1995, the internet is not the place to find it. What library stacks does Randall have access to? What recent cache of old Collier's magazines did he acquire at a yard sale? Do we all have access to those?
:The style and pace and lexicon of the comments seems classically consistent with the ages being depicted. Mind you, that's what a clever person like Randall would ''try'' to do, with his dialogue. I was a little unsure about the age of "Bookworm", for the first panel, but {{w|The Bookworm|a painting by that name}} was painted circa 1850, so if that was its original title then it might well be an era-accurate term for bibliophiles. [[Special:Contributions/162.158.152.125|162.158.152.125]] 16:47, 9 November 2015 (UTC)
:I feel like I have actually seen at least a few of these quotes before but like you guys I don't have a source. Yet. [[Special:Contributions/108.162.221.22|108.162.221.22]] 17:19, 9 November 2015 (UTC)
::Additionally, the results of [https://www.google.co.uk/search?hl=en&q=%22we+even+read+as+we+walk%22&meta=&gws_rd=ssl a Google search for "we even read as we walk"], which I thought might be the easiest thing worth trying to track down, ''currently'' displays just two results. And those are [http://www.explainxkcd.com/wiki/index.php?title=Main_Page this site's explicit Main Page] and [http://www.explainxkcd.com/ this site's ''implicit'' main page] - technically something very close to a self-referential Googlewack! (This will doubtless change, if this page's transcript is also indexed, plus the XKCD original's transcript, plus other places chatting about this even including the XKCD Sucks blog, I'm sure. If it isn't already different for other, non-UK, Google front-ends...) [[Special:Contributions/162.158.152.125|162.158.152.125]] 20:54, 9 November 2015 (UTC)

This is quite a hobby horse for Randall. [[Special:Contributions/198.41.238.33|198.41.238.33]] 22:03, 9 November 2015 (UTC)

I am totally in camp "It's the same people in all panels". That's what I thought it was after reading the comments, and I'm sticking with it because it's funnier to me. -Pennpenn [[Special:Contributions/108.162.250.162|108.162.250.162]] 03:40, 10 November 2015 (UTC)
:Well the other characters are not the same from panel to panel... And there is even an extra Cueball in the last panel. But if the version with one Cueball should make any sense, will the title then reefer to the people isolating them selves, or is it actually Cueball who is put in isolation by all other people...? I still think he just (as always) represents a generic person, thus not the same from panel to panel. (And if you think he is always the same is Cueball then twice in the last panel!) --[[User:Kynde|Kynde]] ([[User talk:Kynde|talk]]) 12:42, 10 November 2015 (UTC)

I thought the joke was, that people who complain about other people isolating themselves with technology are actually just annoying people, that nobody likes to talk to. So it is not the same person in all the panels, but always the same ''type'' of person that other people do not wish to engage in conversation with. They think the people being distant is due to new technology and behave like that towards everybody, when in fact only the ones complaining are shunned. --[[Special:Contributions/162.158.91.190|162.158.91.190]] 18:42, 10 November 2015 (UTC)

Talk:910: Permanence

2015-10-23T23:06:02Z

162.158.91.190:

I would marry a girl called epidural. '''[[User:Davidy22|{{Color|#707|David}}y²²]]'''[[User talk:Davidy22|<tt>[talk]</tt>]] 01:40, 17 April 2013 (UTC)

Server or not, I know myself the feeling of wanting a super-duper high-school-level name. At least I have a system of naming my computers, gaming devices, and (future?) servers.[[User:Greyson|Greyson]] ([[User talk:Greyson|talk]]) 17:49, 13 February 2014 (UTC)

I usually use some kind of encoded date (related to when the computer was acquired or setup) in the name, probably prefixed by something signify the model or vendor of the computer. Permanency of relevance is guaranteed and it is easier than try to think what the name will means years from now. [[User:Arifsaha|Arifsaha]] ([[User talk:Arifsaha|talk]]) 20:13, 30 October 2014 (UTC)

This appears to be the Debian installer. It's also missing the "<Continue>" button.[[Special:Contributions/108.162.216.119|108.162.216.119]] 02:38, 1 March 2015 (UTC)

Use a name that reminds you which computer it is. In a network this can be very important. It should be descriptive but not silly or generic. Trust me on this. [[User:Jakee308|Jakee308]] ([[User talk:Jakee308|talk]]) 03:21, 15 June 2015 (UTC)

I've still called my servers planet names. Even 'Pluto', my build server, works just fine without Pluto being a real planet. -[[Special:Contributions/162.158.91.190|162.158.91.190]] 23:06, 23 October 2015 (UTC)