Does that voucher include transport to and from a school that's an hour away because there are no "good" schools around the areas where some families can actually afford to live? Who's going to organize that transport and who pays for it?
Single hashing bears a problem. If done on the server side, the clear password has to travel to the server. In an encrypted tunnel, all right, but you have to trust that tunnel and you have to trust the process between tunnel and hashing, which as we can see here has been compromised.
Hashing on the client side reduces the problem to one akin to storing a plain-text password where you compare what is sent by the client with the database, leaving the data vulnerable in case of a database hack because knowing the hash allows you to log in.
The main reason for double hashing is that people are lazy fucks who not only choose weak passwords but also use them everywhere. Creating a hash on the client side already mostly takes care of this problem because not only can you no longer determine whether the password is actually sensible, if salted properly even reusing it isn't that big a problem anymore.
By sending them a hash of the password I enter, which is then stored as a hash of that hash in their database. The idea is that even if I am the average dumb user that reuses the same password over and over, the salted hash ensures that this password is not published even if the first hash gets published (or logged, as in this case), while the second hashing ensures that knowing that first hash does not immediately compromise the authentication process.
Unlikely. Why should they give their users (i.e. their product) the ability to circumvent and weed out the spam their actual customers want to push onto them?
What exactly is it that should make me enjoy having 300,000 spambots in a messaging system? Or why should I use that messaging system when the owner itself not only admits but actually brags that they exist?
It kinda tells me that they think spamming users with corporate junk is a good idea, and that they aren't even clever enough to hide that.
Yeah, because parents have a lot of choice in that matter. That's like saying Comcast must be a great ISP, considering how many people want to subscribe with them.
What should happen is that a hash gets calculated on client AND server side, you don't want to store the client's hash directly in the database... for obvious reasons.
The point is that when nobody knows what or who you are, how can you claim discrimination? If people don't know you're (insert minority group here), how can you claim some kind of discrimination against you because you belong to that group?
In other words, it has nothing to do with skin color or gender but just with seniority? Welcome to the average place on the internet... You'll get exactly the same from pretty much any other old place where a bunch of regulars run the show, you have an "in-circle" of people who... I don't want to say know each other because they more often than not don't even know each other's name, but they can associate a certain expectation with a certain handle. People have distinguished themselves and gained something akin to respect from their peers by displaying knowledge.
Breaking into this is hard. For anyone. Independent of skin color, gender, sexual orientation or anything else nobody at the site gives a shit about.
How do you plan to gauge "performance" in teachers? Please don't say that you want to use the test scores of their pupils, else you're opening a completely different can of worms that you won't ever close, as the funding of schools based on test scores should have taught by now.
But that's pretty much what people do. Nobody is looking for what really is anymore. Everyone just waits 'til someone spews something that fits their own world view and that becomes the truth because someone else said it.
You can say the worst bullshit, as long as it fits someone's narrative it becomes their reality.
I'm done teaching. It doesn't work. My current approach is fencing them in 'til they show that they know enough to break out of the fence, that's usually when they're smart enough to not need it anymore.
And to think that this would probably make the bots ten times more interesting and useful...
English is not my first language, is that the polite way of saying that AI is used to take the piss out of us?
No, they don't even claim it's good for the users. I think they accepted that we see them more like a nuisance than a service by now.
Does that voucher include transport to and from a school that's an hour away because there are no "good" schools around the areas where some families can actually afford to live? Who's going to organize that transport and who pays for it?
You could simply allow people not wanting to run Javascript to transmit their plaintext passwords.
Though that also eliminates any and all grounds for complaining if their true and tried and often reused "password1234!" appears in a log...
Without bots, Twitter wouldn't exist
No need to convince me, I already think bots are evil.
Don't tempt me, wicked daemon.
Single hashing bears a problem. If done on the server side, the clear password has to travel to the server. In an encrypted tunnel, all right, but you have to trust that tunnel and you have to trust the process between tunnel and hashing, which as we can see here has been compromised.
Hashing on the client side reduces the problem to one akin to storing a plain-text password where you compare what is sent by the client with the database, leaving the data vulnerable in case of a database hack because knowing the hash allows you to log in.
The main reason for double hashing is that people are lazy fucks who not only choose weak passwords but also use them everywhere. Creating a hash on the client side already mostly takes care of this problem because not only can you no longer determine whether the password is actually sensible, if salted properly even reusing it isn't that big a problem anymore.
By sending them a hash of the password I enter, which is then stored as a hash of that hash in their database. The idea is that even if I am the average dumb user that reuses the same password over and over, the salted hash ensures that this password is not published even if the first hash gets published (or logged, as in this case), while the second hashing ensures that knowing that first hash does not immediately compromise the authentication process.
Unlikely. Why should they give their users (i.e. their product) the ability to circumvent and weed out the spam their actual customers want to push onto them?
What exactly is it that should make me enjoy having 300,000 spambots in a messaging system? Or why should I use that messaging system when the owner itself not only admits but actually brags that they exist?
It kinda tells me that they think spamming users with corporate junk is a good idea, and that they aren't even clever enough to hide that.
Yeah, because parents have a lot of choice in that matter. That's like saying Comcast must be a great ISP, considering how many people want to subscribe with them.
Well, it would give you a distinguishing feature for your browser.
What should happen is that a hash gets calculated on client AND server side, you don't want to store the client's hash directly in the database... for obvious reasons.
How can a clear text password be available to them at all to record it in a log?
Then I guess your search algo sucks.
I'm fairly sure they expect results from the current research in that field within the next decade. If that long.
Way to twist the problem around, congratulations!
The point is that when nobody knows what or who you are, how can you claim discrimination? If people don't know you're (insert minority group here), how can you claim some kind of discrimination against you because you belong to that group?
In other words, it has nothing to do with skin color or gender but just with seniority? Welcome to the average place on the internet... You'll get exactly the same from pretty much any other old place where a bunch of regulars run the show, you have an "in-circle" of people who ... I don't want to say know each other because they more often than not don't even know each other's name, but they can associate a certain expectation with a certain handle. People have distinguished themselves and gained something akin to respect from their peers by displaying knowledge.
Breaking into this is hard. For anyone. Independent of skin color, gender, sexual orientation or anything else nobody at the site gives a shit about.
Then I guess it's time to find out why someone would rather work as a waiter, of all the jobs, than at an "unattractive" school.
How do you plan to gauge "performance" in teachers? Please don't say that you want to use the test scores of their pupils, else you're opening a completely different can of worms that you won't ever close, as the funding of schools based on test scores should have taught by now.
Because we let it.
But that's pretty much what people do. Nobody is looking for what really is anymore. Everyone just waits 'til someone spews something that fits their own world view and that becomes the truth because someone else said it.
You can say the worst bullshit, as long as it fits someone's narrative it becomes their reality.
I'm done teaching. It doesn't work. My current approach is fencing them in 'til they show that they know enough to break out of the fence, that's usually when they're smart enough to not need it anymore.
I fail to see the problem. If anything, in this time and age I'd see it as a feature to raise awareness for this problem.