https://xkcd.com/2869

Alt text:

Why couldn’t the amulet have been hidden by Aunt Alice, who understands modern key exchange algorithms?

  • Kage520@lemmy.world
    link
    fedilink
    English
    arrow-up
    76
    ·
    11 months ago

    Batman forever: Something like “It was left by a Mr E… Mystery! And another word for mystery? Enigma!.. Mr E. Nigma…Edward Nigma!”

    • Captain Aggravated@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      21
      ·
      11 months ago

      The clues were a series of riddles that had 13, 1, 8, and 5 somewhere in their text. Try letters of the alphabet, you wind up with MAHE. What if 1 and 8 was 18? 13, 18, 5 is MRE. “Mister E.” “Mystery!” “And what’s another word for mystery?” “Enigma!” Mister E. Nygma. Edward Nygma."

      Which manages to be extremely basic yet such a stretch at the same time.

    • GraniteM@lemmy.world
      link
      fedilink
      English
      arrow-up
      12
      ·
      edit-2
      11 months ago

      It helped me understand what the hell was going on with Batman Forever when I realized that the whole thing was riddled with tributes to the Adam West Batman.

      Once Jim Carrey gets up a head of steam, he is doing a full on impersonation of Frank Gorshin as the Riddler. Look at Gorshin in this scene. Carrey is doing an incredible Gorshin act.

      Now I don’t want that and I don’t appreciate it, but once I understood where all of the camp in Forever came from it didn’t make me quite so angry.

      • Corhen@lemmy.world
        link
        fedilink
        English
        arrow-up
        9
        ·
        11 months ago

        “It was left by a Mr E… Mystery!

        Yea, but im pretty sure this is intentionally bad, instead of bad writing

        • Thteven@lemmy.world
          link
          fedilink
          English
          arrow-up
          16
          ·
          11 months ago

          It was a callback to Batman from 1966, that’s how they solved all the crimes lmao. The Schumacher Batman movies were supposed to be “90s camp”, which I can totally see now through my nostalgia goggles.

    • Matt/D@programming.dev
      link
      fedilink
      English
      arrow-up
      62
      ·
      11 months ago

      Animatronio mentioned a fountain. That’s a statue of Neptune, god of water. The number of points on him trident is three, or trey. The “u” in his name is written like “v”. Trey, “v”. Trevi! It’s the Trevi Fountain. There can be no question!

      • Buddahriffic@lemmy.world
        link
        fedilink
        English
        arrow-up
        6
        ·
        11 months ago

        This except instead of going directly through that thought process, one character will say, “I’ve got it! Follow me!” And the chapter ends, followed by a chapter from the pov of every other character who isn’t involved in that discovery.

    • emax_gomax@lemmy.world
      link
      fedilink
      English
      arrow-up
      11
      ·
      11 months ago

      This reminds me of national treasure so much. Literally just random jumps until you fall into the obvious answer.

  • roadrunner_ex@lemmy.ca
    link
    fedilink
    English
    arrow-up
    57
    ·
    11 months ago

    I remember a book I read in elementary school (in the Cam Jansen series, IIRC) where the main conflict was a mean older brother put a password on the new family computer (a huge deal in the early 90s), and the younger hires the kid detective to find the password. The password is “hot dog”, ultimately determined because the desktop BG was a picture of ketchup and mustard.

    I recall being not super satisfied with that ending.

    • KISSmyOS@lemmy.world
      link
      fedilink
      English
      arrow-up
      51
      ·
      11 months ago

      I can imagine you going *"Why didn’t they just hit [Esc] to bypass the password prompt, open a DOS prompt and delete the password files in C:\Windows.pwl?"

      (Yes, that was actually a thing you could do on early 90’s Windows 3.0)

      • tiramichu@lemm.ee
        link
        fedilink
        English
        arrow-up
        25
        ·
        edit-2
        11 months ago

        Same with Windows 95 and Windows 98. Those operating systems were not really designed with a proper concept of ‘user accounts’

        The password box wasn’t supposed to prevent system access, it was to capture user credentials for networking, like remote fileshare access.

        Pressing escape is just choosing to continue anonymously.

        • yuriy@lemmy.world
          link
          fedilink
          English
          arrow-up
          9
          arrow-down
          1
          ·
          11 months ago

          I believe even as far as XP and maybe 7 you could just make a new user account with admin privileges by creating it through command prompt and changing a single flag. I used this to get unfettered access to the remote hard drive server in high school and stole other people’s homework.

          It’s no wonder I ended up going the GED route lmao

          • MonkderZweite@feddit.ch
            link
            fedilink
            English
            arrow-up
            2
            ·
            11 months ago

            Yes, but getting to the cmd, you have to replace C:/windows/system32/utilman.exe with cmd.exe on 7+.

            • yuriy@lemmy.world
              link
              fedilink
              English
              arrow-up
              2
              ·
              11 months ago

              I believe I wrote all the commands sequentially in a batch file because some well intentioned IT person blocked access to cmd, but had no restrictions for creating/executing .bat

      • Tippon@lemmy.world
        link
        fedilink
        English
        arrow-up
        15
        ·
        11 months ago

        You didn’t even need to do that. You could hold down the shift key to bypass some passwords, and just click cancel on others.

        Early Windows had awful security.

      • Maggoty@lemmy.world
        link
        fedilink
        English
        arrow-up
        5
        ·
        11 months ago

        Even now if someone has physical access to your Windows computer and it has a USB port, they will get through.

        • KISSmyOS@lemmy.world
          link
          fedilink
          English
          arrow-up
          5
          ·
          11 months ago

          Not if you activated a BIOS password which blocks booting from USB (and can’t be reset by jumpers or removing the CMOS battery on modern motherboards), or Bitlocker which blocks copying cmd.exe over the accessibility options.

    • Evotech@lemmy.world
      link
      fedilink
      English
      arrow-up
      35
      ·
      11 months ago

      Password guessing is always like that in popular media too. Oh he loved houses so his pw is obviously “Stallion”

      Uhm no, it was probably zkl+7+:$(89?

      • Maggoty@lemmy.world
        link
        fedilink
        English
        arrow-up
        12
        ·
        edit-2
        11 months ago

        Well. Cyber security professionals wish it were that way. Instead it’s usually 1234 or their kid’s birthday or some shit. Having a connection in your mind between houses and horses and then using that to remember something like Green4Stallion8 would actually be more secure than most people’s passwords. It’s even more better if you can remember a nonsense word that phonetically matches and change up the capital like, kreeN4stauLion8.

        Of course most people don’t need to worry about social hacking. Black hats aren’t going through random social media profiles when they have millions of password and email combinations they ripped from a few websites. So unless you’re the CEO of LifeLock or dealing with abusive family the above password would totally work even if everyone around you knew you loved Horse Cottages.

        Just don’t forget to change it in 30 days…

        • greenskye@lemm.ee
          link
          fedilink
          English
          arrow-up
          5
          ·
          11 months ago

          Ironically only the passwords I’m forced to change frequently (i.e. my work password) are something simple and easy to type. All of my personal passwords are like 40 characters of gibberish my password manager invented and the password to that is similar to the xkcd batteryhorsestaple and is changed from time to time as well.

          But my work doesn’t allow password managers, so I just have a rolling window of like 12 passwords since that’s their history limit.

          • LwL@lemmy.world
            link
            fedilink
            English
            arrow-up
            3
            ·
            edit-2
            11 months ago

            Yes, password expiry is generally considered bad practice and should only be triggered on demand if there’s suspicion of a security breach, precisely because it’s much more likely to lead to simple, less secure passwords. And when users change it, they will probably just add a number or something anyway, so it’s not going to stop a determined attacker from finding the new pw regardless.

            Which doesn’t stop a ton of organizations from requiring it anyway.

          • Poik@pawb.social
            link
            fedilink
            English
            arrow-up
            11
            arrow-down
            1
            ·
            11 months ago

            No. Make sure your password is memorable to you, and long without being easily guessed. The more secure the initial password, the longer you can go without switching. The more memorable the initial password, the longer you can go without using password recovery.

            If your passwords are safety critical, they should not be written anywhere, making remembering them key.

            This assumes you’re not using two factor authentication of course. With 2FA, your password security (not strength, that’s different but very related) is less important. Security requires the vector of attack to be small, so having a bunch of accounts with the same password decreases the security (but not strength) of your password.

            Requiring frequent changes to passwords on average causes less secure and less strong passwords to be used, and causes the lost password recovery to be more frequently used, which is, in and of itself, a vector of vulnerability.

            • Maggoty@lemmy.world
              link
              fedilink
              English
              arrow-up
              5
              arrow-down
              2
              ·
              11 months ago

              Except nobody is out there guessing passwords. That’s a flawed basis and advice that was outdated a decade ago. They’re pulling them from site breaches and brute forcing dictionary attacks with bot nets. The best thing the average person can do now is a locked file to store their passwords. The password on that is a unique easily memorable thing and everything else can be gobbledygook because you have a reference. And yes unencrypted but locked files aren’t a big block to a hacker in your computer. But the average person isn’t facing that problem.

              And if you’re not an average person then you should be using a physical 2fa device on the principle that even if it’s stolen, they would still need to gain physical access to the computer.

              The one thing you shouldn’t do is use a 24 character hash on every site and leave it for a year because it’s “hard to guess”. It will get breached and decrypted well before then.

          • Maggoty@lemmy.world
            link
            fedilink
            English
            arrow-up
            5
            ·
            11 months ago

            The recommendation is every six months. But that’s based on companies faithfully reporting breaches to everyone right away. Which they haven’t been. You could probably leave sites that aren’t hooked to a payment for every six months, but email, bank, and anything that has payment details should be changed more often.

          • Maggoty@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            edit-2
            11 months ago

            Since websites decided it was okay to delay reporting breaches as long as possible it’s the new prudent time frame for updating critical passwords. (Things linked to payments methods or sensitive information)

      • SuperDuper@lemmy.world
        link
        fedilink
        English
        arrow-up
        10
        ·
        11 months ago

        Even if the password was “stallion” they probably would have made it Stallion1, Stallion!, $tallion, etc. The password always ends up being a single word, all lowercase, no numbers, no special characters.

  • 🇰 🌀 🇱 🇦 🇳 🇦 🇰 ℹ️@yiffit.net
    link
    fedilink
    English
    arrow-up
    45
    arrow-down
    1
    ·
    11 months ago

    This is what it’s like to watch Detective Conan in America. They will even have commercial segways where they say “hey, remember this important clue!” And then not even use that clue in the English dub’s edit. They still present it as a mystery the viewer can solve, but then the solution is always some convoluted BS using clues the audience was never shown lol

  • uis@lemmy.world
    link
    fedilink
    English
    arrow-up
    26
    ·
    11 months ago

    Why couldn’t the amulet have been hidden by Aunt Alice, who understands modern key exchange algorithms?

    Did she want for only to Biker Bob to find it, but Cop Charlie found it first?

  • Socsa@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    19
    arrow-down
    1
    ·
    11 months ago

    I had one friend who was obsessed with these idiotic “lateral thinking” puzzle books, because she’d read them to us and then pretend like she had figured out the completely ridiculous scenarios from the start.

    • hydrospanner@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      ·
      11 months ago

      I had an elementary school teacher who would do these puzzles with our small class.

      It was much better than your situation though: he would already know the solution and basically we took turns asking him yes or no questions until we figured it out.

  • lightnsfw@reddthat.com
    link
    fedilink
    English
    arrow-up
    5
    arrow-down
    1
    ·
    edit-2
    11 months ago

    Read the Redwall books if that’s what you’re looking for. Or even if it’s not.

  • deweydecibel@lemmy.world
    link
    fedilink
    English
    arrow-up
    7
    arrow-down
    3
    ·
    edit-2
    11 months ago

    The next clue is in the White House!

    (This was a reference for, like, maybe 10 people. 10 awesome people.)

  • kbal@fedia.io
    link
    fedilink
    arrow-up
    3
    ·
    edit-2
    11 months ago

    Firefox when I click on the address bar and start by typing ‘m’: Oh, I know! You probably want xkcd.com/2869 — that’s got an ‘m’ in it!