As a follow up to yesterday: I do quite often laugh out loud at XKCD though. This one was was three layers of humirony.
My first instinct was to think: Actually, if we just built a lot more infrastructure to the left of those large supports on the left, we might be able to take a lot of the load off that little project… actually, the horizontal level seems to be lower on the right already, so left-loading might even lift the…
Second: omgbecky I swear I’m constantly ranting and raving about this sort of thing; how there are these terribly detailed and entangled things under the hood that only a handful of people understand and one good meteor could wipe out all our infrastructure…
Third: I was literally just installing ImageMagick a couple hours before I read this cartoon.
If anyone ever says to you, “your password must contain one capital, a digit,…”, you can be certain that they are an idiot, and that they do not understand security. If you encounter such requirements in software, then it was written by an idiot—or it was written to a standard which was written by an idiot.
I’m serious. This is not hyperbole. Anyone who says such things truly has not even the most basic understanding of computer security. You should immediately stop trusting them with anything related to computer security.
To begin to understand why this is true, please enjoy this wonderfully explanatory cartoon from XKCD: Password Strength.
The cartoon is fun, but its core point about the critical feature of your passwords being the amount of entropy they contain will make you smarter than the vast majority of people.
oh. my. god. https://github.com/joho/7XX-rfc
This is, hands down, the geekiest piece of humor I have ever seen. HT to @dmuth who now owes me a cup of coffee to replace the one I blew out my nose onto my keyboard.
If you, my dear reader, care to do the ‘what the hell?’ deep dive:
- What’s an HTTP header?
(it’s the glue that makes all the interwebs parts work together)
- What are the actual HTTP response codes?
(200 good, 404 bad, 759 – Unexpected T_PAAMAYIM_NEKUDOTAYIM !)
- What’s an RFC?
(request for comments, i.e. “hey, uh, fellows, maybe we should do it this way…”)
- The HyperText Coffee Pot Control Protocol (HTCPCP/1.0)
(ie, prior art in RFC humor. Please notice the honest-to-gawd IETF.org URL on that one kids. Yes, the IETF like kinda determines how the intertubes work, and they have absolutely THE ugliest website.)
- An obscure HTTP response code joke
(you do know to read the “alt-texts” on XKCD cartoons, right?)