Editing 2176: How Hacking Works
Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.
The edit can be undone.
Please check the comparison below to verify that this is what you want to do, and then save the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 8: | Line 8: | ||
==Explanation== | ==Explanation== | ||
− | + | {{incomplete|Created by SMASH MOUTH. Please mention here why this explanation isn't complete. Do NOT delete this tag too soon.}} | |
− | + | In similar spirit to [[538: Security]] this comic deals with how many people perceive hacking and security best practices. Specifically, the comic points out the flaw in the argument of some security minded people that writing passwords down on a sheet of paper is a massive {{w|OPSEC|operational security}} vulnerability, not accounting for the {{w|threat model}} of the general public: reused passwords being leaked from seemingly benign places. | |
− | + | While it is true that storing passwords on paper is generally a bad idea, one has to keep in mind the alternatives—password reuse or unencrypted password documents on a computer—that non-technical people might otherwise engage in. These are far easier to exploit for a casual attacker that goes for quantity over quality. The trade-off of course being that targeted attacks (for example by a family member or close friend) are more easily possible. | |
− | + | The second panel goes into detail how such an attack is usually executed: First, a database containing usernames/emails and associated passwords/password hashes is stolen from an improperly secured website. Randall's example uses a fictional breach of a small forum dedicated to the band Smash Mouth, but even large companies are {{w|not immune}} to leaks. Assuming the passwords were not hashed, the crooks then go on and automatically try to log in to a popular payment service, Venmo, with the harvested credentials. Even though the success rate might be just fractions of a percent, due to the scale and cheapness of the attack it is likely still profitable. Such an attack has previously been discussed in [[792: Password Reuse]]. | |
− | + | The title text is referring to Smash Mouth's song, {{w|All Star (song)|All Star}}, where the first line of the lyrics is "Somebody once told me the world is gonna roll me". | |
− | |||
− | The title text is referring to Smash Mouth's song | ||
==Transcript== | ==Transcript== | ||
+ | {{incomplete transcript|Do NOT delete this tag too soon.}} | ||
:[Two panels with a caption below each panel:] | :[Two panels with a caption below each panel:] | ||
− | :[Three masked characters standing near a desk with a computer inside a home | + | :[Panel 1] |
+ | :[Three masked characters standing near a desk with a computer inside a home] | ||
:Masked Character 1 [holding a walkie-talkie]: Control, we have flown to the USA and breached the target's house. | :Masked Character 1 [holding a walkie-talkie]: Control, we have flown to the USA and breached the target's house. | ||
:Masked Character 2: They wrote all their passwords in a book labeled "Passwords"! | :Masked Character 2: They wrote all their passwords in a book labeled "Passwords"! | ||
:Masked Character 3: The fool! | :Masked Character 3: The fool! | ||
+ | :Caption: How people think hacking works | ||
− | + | :[Two characters, each sitting on opposite sides of a desk with computers in front of them] | |
− | + | :Character 1: Hey look, someone leaked the emails and passwords from the Smash Mouth message boards. | |
− | + | :Character 2: Cool, let's try them all on Venmo. | |
− | :[Two | + | :Caption: How it actually works |
− | : | ||
− | : | ||
− | |||
− | : | ||
− | : How it actually works | ||
{{comic discussion}} | {{comic discussion}} | ||
− | |||
− | |||
− | |||
− |