792: Password Reuse

Explain xkcd: It's 'cause you're dumb.
Jump to: navigation, search
Password Reuse
It'll be hilarious the first few times this happens.
Title text: It'll be hilarious the first few times this happens.

Explanation[edit]

This comic has three layers: hacking, philosophy, and Google satire.

It starts off on a practical level, with Black Hat describing to Cueball a devious social engineering scheme. It relies on the fact that people commonly reuse the same password on multiple websites, and tend to create accounts on new websites somewhat indiscriminately. Thus, one could create a simple Web service to collect users' usernames, email addresses, and passwords. Since many users will reuse this combination on other websites as well, the website owner can try to hack their accounts on other common sites, such as Amazon, PayPal or even people's banks, using the same login information.

In panel 7, the comic suddenly develops a philosophical and ethical bent. Black Hat reveals that he has already carried out step 1, through his numerous unprofitable Web services which he had been running for this very purpose. However, after successfully executing the hack, he realizes that he does not know what to do with all this power.

He reveals that he is already financially self-sufficient, and makes a point that money can't buy happiness once past that point, stating that research has proven this. He could use his power to realize his sadistic pleasures of messing with people, but he's already a serial classhole and does not need this information to continue that trend.

If he had any beliefs or ideology, he could use this power to try to spread them. However, he reveals that "since March of 1997" he doesn't really believe in anything. While he doesn't reveal specifically what in March of 1997 caused this, it could possibly refer to the March 26, 1997 incident in San Diego, California, where 39 Heaven's Gate cultists committed mass suicide at their compound. One of the cultists was the brother of Nichelle Nichols (a Star Trek actress), so the event got a big resonance in nerd circles (and Randall often references Star Trek in xkcd). However, given Black Hat's strange behavior, it could be anything, from Bill Clinton banning federal funding for human cloning research on the fourth, to the launch of Teletubbies on the thirty first. Later, in 1717: Pyramid Honey, Black Hat seems to finally find something to believe in.

The dilemma: Black Hat has cleverly executed a hack that has given him a lot of power, but he doesn't know what to do with it.

The last part of the comic now transitions to a satire on how Google has already gone through both the stages described above. It describes how all of Google's free services are simply a ploy to collect and control all the world's information, similar in concept but grander than the hack described in part 1. It satirizes the notion that behind Google's "Don't be evil" motto is actually an end-goal of using their powers eventually for evil. (Google has since removed the motto from their code of conduct, so maybe Randall's on to something...)

However, just like Black Hat, once Google reaches the stage where they are able to capitalize on their powers, the Cueball-like head-executive finds that there is nothing evil left for them to desire, except (as Hairbun states) make even more money. As they already make a lot of money this ploy is moot, and anything remaining that they wish to do, such as hosting Call of Duty (CoD) tournaments, isn't evil at all.

In the end, the secretary calls dibs on the TV in the lobby in order to play CoD4 on what (one can assume) is a large screen. The Cueball-like executive who wished to implement the evil plan in the first place facepalms when he realizes that Google just sucks at being evil.

In the title text, “The first few times this happens” may refer to the weekly CoD4 “tournament.” Alternatively, it could also mean the “first few times” a company decides to turn evil (but then has no idea how). It could also refer to the first couple of times an individual follows through on this plan but fails after the first part due to a lack of planning for the second part.

This comic was directly referenced in the title text of 1286: Encryptic.

Transcript[edit]

[Black Hat is standing to the left behind Cueball, who is sitting in an office chair at his desk working on his computer. A message from the computer is indicated with a zigzag line from the screen.]
Black Hat: Password entropy is rarely relevant. The real modern danger is password reuse.
Cueball: How so?
Computer: Password too weak
[Zoom in on Black Hat's upper part as he holds a hand up with the palm up.]
Black Hat: Set up a Web service to do something simple, like image hosting or tweet syndication, so a few million people set up free accounts.
[Zoom out to Black Hat standing in front of Cueball who has turned in the chair facing Black Hat, the desk is not shown in the panel.]
Black Hat: Bam, you've got a few million emails, default usernames, and passwords.
[Only Black Hat is shown as he holds out his arms.]
Black Hat: Tons of people use one password, strong or not, for most accounts.
[The next panel is only half the height of the other panels. Above the panel is the text that Black Hat narrates. In the left part of the panel, there is a piece of paper that seems to have been torn off at the bottom resulting in a jagged edge, which could also indicate that it continues further down than shown. On the paper, there are three labeled columns, and below each of them about 18 lines of unreadable sentences (mostly just one word). The @ in the e-mail addresses may be indicated with a larger unreadable sign. To the right a broad line goes right from the paper and splits up in five lines that go up or down ending in five arrows to the right, pointing at five labels.]
Black Hat (narrating): Use the list and some proxies to try automated logins to the 20 or 30 most popular sites, plus banks and PayPal and such.
Labels on paper: Email User Pass
Labels at arrows:
Banks
Facebook
Gmail
PayPal
Twitter
[Same setting as panel 3 but Cueball has taken a hand to his chin.]
Black Hat: You've now got a few hundred thousand real identities on a few dozen services, and nobody suspects a thing.
Cueball: And then what?
[Same setting in a larger panel with more white space to the left, Cueball has his hand down again.]
Black Hat: Well, that's where I got stuck.
Cueball: You did this?
Black Hat: Why do you think I hosted so many unprofitable web services?
[Zoom in on Black Hat's head now turned towards left.]
Black Hat: I could probably net in a lot of money, one way or another, if I did things carefully. But research shows more money doesn't make people happier, once they make enough to avoid day-to-day financial stress.
[Zooming a bit out, but still only showing Black Hat's head in the bottom right corner, again facing right.]
Black Hat: I could mess with people endlessly, but I do that already. I could get a political or religious idea out to most of the world, but since March of 1997 I don't really believe in anything.
[This panel is the last in this row, but it does not reach the end of the row above, an indication that this does not directly belong to the panels below. The same setting as panel 3 but Black Hat has his arms out.]
Black Hat: So, here I sit, a puppetmaster who wants nothing from his puppets.
Black Hat: It's the same problem Google has.
Cueball: Oh?
[This panel is the first in the last row. It does not begin to the left, but has been shifted a bit to the right, just as the last panel above to the right, ended before reaching the right edge of the row above (and this one below). This is to indicate that this is row has a different story. A Cueball-like executive at Google is standing up leaning his arms on a table with Google's logo on the side. His office chair has been pushed to the left behind him and it is partly off-panel. He addresses the other executives at the table, two of which are shown. The first is Hairbun with glasses holding her head with both hands, elbows resting on the table. The other executive is also a Cueball-like guy, his head is partly outside the right edge of the panel. At the top of the panel to the left, there is a small frame breaking the panel's frame, inside which is a caption:]
Google...
Cueball executive: Okay, everyone, we control the world's information. Now it's time to turn evil. What's the plan?
Hairbun: Make boatloads of money?
Table: Google
[Only the Cueball-like executive standing at the end of the table is shown, the table is left out. He is face-palming. One of the executives at the table is speaking off-panel. Could be either of the two above or someone not shown before]
Cueball executive: We already do!
Executive (off-panel): Set up a companywide CoD4: Modern Warfare tournament each week?
Cueball executive: That's not evil!
Executive (off-panel): Ooh, Dibs on the lobby TV!
Cueball executive: Okay, we suck at this.


comment.png add a comment! ⋅ comment.png add a topic (use sparingly)! ⋅ Icons-mini-action refresh blue.gif refresh comments!

Discussion

And now it turns out that Google gives our data to NSA....sigh. 24.7.241.154 07:58, 11 June 2013 (UTC)Monica

What happened in March of 1997? MR (talk) 18:23, 4 April 2013 (UTC)MR

Hi! After consulting Wikipedia's article about March 1997 (http://en.wikipedia.org/wiki/1997), I think there are two main incidents Black Hat could refer to:

  • The Phoenix Lights, a group of supposed UFOs, turned out to be probably military aircrafts.
  • The mass suicide committed by 39 Heaven's Gate cultists.

Since we know little about Black Hat's life in 1997, we could argue that he was expecting an extra-terrestrial contact or that he was attracted by the ideas of that creed - and that the disillusion brought him his present disbelief in things. Of course those are just hypotheses, and don't seem to fit the character as we know him...Inverno1407 (talk) 11:30, 15 April 2013 (UTC)

I honestly believe that he created the Heaven's Gate cult and he views their mass suicide as his crowning achievement in getting people to believe things, it just isn't getting any better than that, so he doesn't believe in anything anymore. 173.245.54.32 13:03, 30 October 2015 (UTC)


Nah, i think he was a cultist who hesitated in commiting suicide, and upon seeing his fellow brethren die and NOT be trasported to a ship in the tail of the comet, his beliefs shattered... he ran. And now he's a sadistic classhole.



"In the conclusion, Black Hat reveals that the only thing he's doing with all his hacked user accounts is to post slightly inaccurate content on Wiki sites."

This paragraph has been present since this explanation was added. I can't see how it is arrived at from the comic. (So I wonder who User:148.87.67.212 might have been...) Mark Hurd (talk) 14:10, 15 April 2013 (UTC)

I removed some slightly inaccurate content from this wiki. It was the bit about Black Hat posting slightly inaccurate content on wiki sites.86.40.93.217 00:33, 15 May 2013 (UTC)

Does anyone know if he had anything to do with the article on "taking the piss"?

I used Google News BEFORE it was clickbait (talk) 16:10, 26 January 2015 (UTC)


How does this compare in light of 792:Password Reuse? Saibot84 (talk) 05:06, 6 June 2013 (UTC)

The "March 1997" issue is still a mystery to me. May be a global computer virus attack? I will go through all days on wikipedia. The month summery presents not the solution.--Dgbrt (talk) 17:27, 6 June 2013 (UTC)

Conisdering how blackhat loves messing with people, I seriously doubt anything at all hapened in March 1997. He's just messing with us! 189.5.106.228 02:43, 7 July 2013 (UTC)

Oooo, I dunno. Given Black Hat's odd tastes, *anything* from March 1997 could have caused him to lose his faith: Paul McCartney being knighted, Tom Cruise winning an Oscar, the U.S. Supreme Court hearing arguments on Internet Indecency, India's Ministry of Charity choosing a successor to Mother Theresa, Gene Roddenberry's ashes going into orbit, the Brazil Senate finally allowing women members to wear slacks... Anything!! [[1]]

Wow, look at this historical CNN page: http://edition.cnn.com/ALLPOLITICS/1997/03/19/scotus.cda/. The Communications Decency Act is the most likely item from your list.--Dgbrt (talk) 08:21, 2 August 2013 (UTC)
39 Heaven's Gate cultists committed mass suicide
If he was upset at causing their deaths or having accomplished their deaths, has little to prove now nor reason to repeat the act, he is on pause; we wait.
I used Google News BEFORE it was clickbait (talk) 16:10, 26 January 2015 (UTC)
I would say that he lostall belief in his sadistic powers when tthese cultists killed themselves: People kill themselves without any need of his evil scheming, and he obviously expect himself to be the pinnacle of that. That event is pretty much showing him that he is simply not needed. 172.70.250.189 08:21, 23 July 2023 (UTC)

My opinion is that Black Hat referred to Bill Clinton banning federal funding for research on human cloning in March 1997. 108.162.242.5 (talk) (please sign your comments with ~~~~)

How would that create an hiatus in Back Hat's career?

I used Google News BEFORE it was clickbait (talk) 16:10, 26 January 2015 (UTC)


Hey! I though I'd throw in the opinion that perhaps March 1997 was a month of personal importance to Black Hat rather than anything societal. If the 1997 coincides with any of those standard "loss of idealism and innocence years" for Black Hat, then I'd say that's pretty likely what Randall was going for. 108.162.216.209 (talk) (please sign your comments with ~~~~)

Hi - the last line about the TV show DIBS is wrong. DIBS came out in 2014 - the comic in 2010. What the last panel is referring to is calling dibs on the TV to play CoD4. 108.162.218.53 (talk) (please sign your comments with ~~~~)

Google's "don't be evil" is no more[edit]

Google removed that "don't be evil" thing from their motto...

  • password change intensifies*

172.68.10.172 06:35, 5 July 2019 (UTC)

TV Tropes links to this comic as an example of one of the strips that have aged the worst. LendriMujina (talk) 19:16, 28 January 2022 (UTC)

As of 2022 as I write, Google has now set itself up to be the password manager for random non-Google web sites, so they have many peoples' credentials. Of course, Microsoft followed their usual practice and did the same thing, but not quite as seamlessly. Nitpicking (talk) 11:55, 8 May 2022 (UTC)


As for human cloning, if we are really gonna do this, we should start with cloning one of the former premiers, such as Abe (today is his birthday). 172.71.155.20 06:11, 21 September 2023 (UTC)