Editing 1808: Hacking
Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.
The edit can be undone.
Please check the comparison below to verify that this is what you want to do, and then save the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 8: | Line 8: | ||
==Explanation== | ==Explanation== | ||
+ | {{incomplete|The main joke from the caption, that this is not dramatic revelation, like Cueball seems to think (sarcasm?) is not mentioned yet.}} | ||
+ | While publishing email addresses on websites, people often add space between parts of the email. For example, [email protected] may be written as john dot doe at example dot org. This is to prevent the page scraping bots from harvesting email addresses, which may in turn be sold as address lists for email marketers. | ||
− | + | In this comic, [[Ponytail]] tells [[Cueball]] that there is a tool which can delete such spaces. Such a tool can fix the space and most likely convert the words "dot" and "at" into their respective symbols. This will overcome the problems faced by such harvesting tools, and make these email addresses more prone to receive spam. Cueball appears shocked to hear this news, but given the caption below this may be sarcasm. A program written to remove a space is of course not very complicated, and believing you e-mail to be safe from harvesting by writing a space in to the address is very naive. | |
− | + | This comic is referencing a leak by {{w|WikiLeaks}} that compromises thousands of hacking exploits (thus the title) and programs from the CIA on the day before this comic was released, March 7 2017. (See for instance this article: [https://www.wired.com/2017/03/wikileaks-cia-hacks-dump/ WikiLeaks Just Dumped a Mega-Trove of CIA Hacking Secrets]). Many of the tools that were in the leak were similar to publicly available tools, or not entirely unexpected, with several coming from sites such as StackOverflow and reddit. | |
− | + | The title text references more interesting-sounding, but useless, parts of the dump: | |
− | + | * Millions of prime factors: {{w|Prime factorization}} can be used to break a {{w|RSA (cryptosystem)|RSA cipher}} by turning a large number into prime factors: this is a very hard problem, which is what makes the cipher secure. A list with many prime factors, however, is easy to generate, however, the chance of one of the numbers on the list being a prime factor for the number used in the RSA cipher is very slim. That said, some key generation systems have been shown to re-use prime factors with catastrophic impacts [https://eprint.iacr.org/2012/064.pdf 1] [https://eprint.iacr.org/2016/961.pdf 2] so this could be a reference to a list of known shared primes. | |
− | + | * A 0-day exploit for {{w|Tamagotchi}}: a 0-day exploit is an exploit of which the manufacturer is not (yet) aware. While modern Tamagotchi do have some network functionality, this is likely useless because Tamagotchi are very low-end devices that do not contain microphones or cameras. (There is some truly excellent work on this at [http://natashenka.ca/ Natalie's page] which is a must-read, and as this comic was published on International Women's day, today is a fine day to start if you have not already). | |
− | + | * A way to get {{w|GNU_Compiler_Collection|gcc}} and {{w|Bash_(Unix_shell)|bash}} to execute arbitrary code: gcc is a {{w|compiler}}, so preparing arbitrary code is its main purpose, and bash is a Unix shell, so executing {{w|Shell script|arbitrary code}} is one of its functions. Then again, this could be a reference to {{w|Shellshock_(software_bug)|ShellShock}}, a major vulnerability which allowed the unintentional execution of arbitrary attacker code. Likewise, it could be referring to a [http://wiki.c2.com/?TheKenThompsonHack compiler injection attack] which allows a compiler to inject backdoors via the binary executables in a toolchain and without leaving a trace in the source code being compiled or the compiler itself. | |
− | The title text | ||
− | |||
− | |||
− | |||
==Transcript== | ==Transcript== | ||
Line 33: | Line 31: | ||
==Trivia== | ==Trivia== | ||
− | *This is the second comic in a row | + | *This is the second comic in a row about how computers can be misused and also the second in a row where Cueball is with Ponytail rather than [[Megan]]. |
+ | **This setup with Ponytail at the computer and Cueball behind has been used several times for instance in [[1513: Code Quality]], part of the [[:Category:Code Quality|Code Quality]] series. | ||
{{comic discussion}} | {{comic discussion}} |