1121: "Identity"

This forum is for the individual discussion thread that goes with each new comic.

Moderators: Moderators General, Prelates, Magistrates

kikoskia
Posts: 4
Joined: Mon Mar 28, 2011 4:11 am UTC

1121: "Identity"

Postby kikoskia » Mon Oct 15, 2012 4:04 am UTC

Image
Title Text: Not sure why I just taught everyone to flawlessly impersonate me to pretty much anyone I know. Just remember to constantly bring up how cool it is that birds are dinosaurs and you'll be set.

Is that public key cryptography he's talking about?

User avatar
rhomboidal
Posts: 801
Joined: Wed Jun 15, 2011 5:25 pm UTC
Contact:

Re: 1121: "Identity"

Postby rhomboidal » Mon Oct 15, 2012 4:06 am UTC

Whatever it is, it'd still be WAY more efficient than my bank's insufferable four-step login process.

ijuin
Posts: 1148
Joined: Fri Jan 09, 2009 6:02 pm UTC

Re: 1121: "Identity"

Postby ijuin » Mon Oct 15, 2012 4:23 am UTC

The problem with this approach is that it requires that the person vetting the client to know more about the client than traditional verification methods. You don't merely have to have a table linking clients with a set of answers to questions--you have to be personally familiar with the client in question. This does not readily scale to networks larger than a few hundred users at most.

User avatar
cjmcjmcjmcjm
Posts: 1158
Joined: Tue Jan 05, 2010 5:15 am UTC
Location: Anywhere the internet is strong

Re: 1121: "Identity"

Postby cjmcjmcjmcjm » Mon Oct 15, 2012 4:23 am UTC

rhomboidal wrote:Whatever it is, it'd still be WAY more efficient than my bank's insufferable four-step login process.

At least there are good reasons to use 2-step authentication. Why you need to remember where your mum graduated from just to enter your password is beyond me.
frezik wrote:Anti-photons move at the speed of dark

DemonDeluxe wrote:Paying to have laws written that allow you to do what you want, is a lot cheaper than paying off the judge every time you want to get away with something shady.

User avatar
Djehutynakht
Posts: 1546
Joined: Thu Feb 10, 2011 1:37 am UTC

Re: 1121: "Identity"

Postby Djehutynakht » Mon Oct 15, 2012 4:23 am UTC

We can all pretty much assume that Randall's bank passwords have something to do with "Velociraptors", don't they?

User avatar
Quicksilver
Posts: 437
Joined: Wed Apr 29, 2009 6:21 am UTC

Re: 1121: "Identity"

Postby Quicksilver » Mon Oct 15, 2012 4:32 am UTC

That's why you have a custom question, based around obscure movie references. Most of my friends don't know half the films I've seen, and I don't know many movie buffs who want my information.

User avatar
da Doctah
Posts: 995
Joined: Fri Feb 03, 2012 6:27 am UTC

Re: 1121: "Identity"

Postby da Doctah » Mon Oct 15, 2012 4:40 am UTC

Quicksilver wrote:That's why you have a custom question, based around obscure movie references. Most of my friends don't know half the films I've seen, and I don't know many movie buffs who want my information.

Obscure television reference for me. I use gags from things like "The Monkees" and "He & She", which pretty much shuts out any social-engineering types under the age of forty.

Security question: What's my favorite dessert?
Answer: Apple crumbcake, Sergeant. (If the response doesn't include "Sergeant" you know it's not me.)
Anyone care to take a stab at the origin of this one?

ike
Posts: 20
Joined: Mon Sep 17, 2012 3:12 pm UTC

Re: 1121: "Identity"

Postby ike » Mon Oct 15, 2012 4:47 am UTC

da Doctah wrote:
Quicksilver wrote:That's why you have a custom question, based around obscure movie references. Most of my friends don't know half the films I've seen, and I don't know many movie buffs who want my information.

Obscure television reference for me. I use gags from things like "The Monkees" and "He & She", which pretty much shuts out any social-engineering types under the age of forty.

Security question: What's my favorite dessert?
Answer: Apple crumbcake, Sergeant. (If the response doesn't include "Sergeant" you know it's not me.)
Anyone care to take a stab at the origin of this one?


I use a cryptographically random number generator for filling out "security" questions.

Security question: What town did you grow up in?
Answer: 833421840

though in this case I used random.org, rather than anything I'd actually trust to generate the answer.....

Eutychus
Posts: 448
Joined: Mon Jan 25, 2010 6:01 am UTC
Location: France

Re: 1121: "Identity"

Postby Eutychus » Mon Oct 15, 2012 4:56 am UTC

da Doctah wrote:
Quicksilver wrote:That's why you have a custom question, based around obscure movie references. Most of my friends don't know half the films I've seen, and I don't know many movie buffs who want my information.

Obscure television reference for me. I use gags from things like "The Monkees" and "He & She", which pretty much shuts out any social-engineering types under the age of forty.

Security question: What's my favorite dessert?
Answer: Apple crumbcake, Sergeant. (If the response doesn't include "Sergeant" you know it's not me.)
Anyone care to take a stab at the origin of this one?


McMillan and Wife

Worried now?

[edited: second time lucky]
Be very careful about rectilinear assumptions. Raptors could be hiding there - ucim

User avatar
Arancaytar
Posts: 1642
Joined: Thu Mar 15, 2007 12:54 am UTC
Location: 52.44°N, 13.55°E
Contact:

Re: 1121: "Identity"

Postby Arancaytar » Mon Oct 15, 2012 5:09 am UTC

kikoskia wrote:Title Text: Not sure why I just taught everyone to flawlessly impersonate me to pretty much anyone I know. Just remember to constantly bring up how cool it is that birds are dinosaurs and you'll be set.


Don't forget to bring up how terrified you are of raptors.
"You cannot dual-wield the sharks. One is enough." -Our DM.
Image

User avatar
glasnt
Posts: 539
Joined: Fri Jan 25, 2008 5:18 am UTC
Location: SQUEE!

Re: 1121: "Identity"

Postby glasnt » Mon Oct 15, 2012 5:12 am UTC

Raptors, Kites, Getting kicked out of conventions, flying sharks using balloons, Cory in a balloon..


If you pretty much bring a raptor shaped balloon into a conference and start making bad rap jokes, then you're him!

firinne
Posts: 86
Joined: Fri Jul 18, 2008 6:40 pm UTC

Re: 1121: "Identity"

Postby firinne » Mon Oct 15, 2012 5:15 am UTC

Ugh I hate "security question" requirements that don't allow custom questions. Custom questions means I can quiz myself on the conlang poetry I used to write when I was a kid.

Maybe I should start filling them out in-character with one of my teen-years OCs that never saw the light of day. Gods know I've got plenty of those.

niky
Posts: 92
Joined: Fri Jul 09, 2010 6:34 am UTC

Re: 1121: "Identity"

Postby niky » Mon Oct 15, 2012 5:20 am UTC

Gave me a chuckle. I could see this happening in real life.

User avatar
willpellmn
Posts: 93
Joined: Wed Apr 21, 2010 11:05 am UTC

Re: 1121: "Identity"

Postby willpellmn » Mon Oct 15, 2012 5:42 am UTC

ijuin wrote:The problem with this approach is that it requires that the person vetting the client to know more about the client than traditional verification methods. You don't merely have to have a table linking clients with a set of answers to questions--you have to be personally familiar with the client in question. This does not readily scale to networks larger than a few hundred users at most.


True, but it is exactly the best possible method for networks that small - and, IMO, makes for a very good argument in favor of the idea that no networks should exist which are larger than that. The entire problem with the corporate world is depersonalization; you can mistreat someone a lot more easily if you don't have to look them in the eye.

OP Tipping
Posts: 262
Joined: Thu Dec 13, 2007 6:23 am UTC

Re: 1121: "Identity"

Postby OP Tipping » Mon Oct 15, 2012 6:01 am UTC

So is

NO!

the password?
a) Please explain the specific MEDICAL reason for ordering this MEDICATION !
b) Please state the nature of your ailment or injury.
c) One a scale of one to ten, how would you rate your pain?
d) Please state the nature of the medical emergency.

User avatar
Red Hal
Magically Delicious
Posts: 1445
Joined: Wed Nov 28, 2007 2:42 pm UTC

Re: 1121: "Identity"

Postby Red Hal » Mon Oct 15, 2012 6:31 am UTC

willpellmn wrote:
ijuin wrote:The problem with this approach is that it requires that the person vetting the client to know more about the client than traditional verification methods. You don't merely have to have a table linking clients with a set of answers to questions--you have to be personally familiar with the client in question. This does not readily scale to networks larger than a few hundred users at most.


True, but it is exactly the best possible method for networks that small - and, IMO, makes for a very good argument in favor of the idea that no networks should exist which are larger than that. The entire problem with the corporate world is depersonalization; you can mistreat someone a lot more easily if you don't have to look them in the eye.

Actually I'd challenge that. I believe the problem with the corporate world is its addiction to profit. Having said that, depersonalisation, othering is certainly something they do, but is much more widespread than merely corporations. In any case the server password is obviously correcthorsebatterystaple.
Lost Greatest Silent Baby X Y Z. "There is no one who loves pain itself, who seeks after it and wants to have it, simply because it is pain..."

User avatar
flicky1991
Like in Cinderella?
Posts: 779
Joined: Fri Feb 11, 2011 3:36 pm UTC
Location: London

Re: 1121: "Identity"

Postby flicky1991 » Mon Oct 15, 2012 6:32 am UTC

I have a simple substitution cipher (i.e. one where each letter becomes a specific other letter) that I happen to know by heart. These codes are very easy to break if you're given a sample of text in it. But, if you're not, it makes my passwords damn impossible to guess.
any pronouns
----
avatar from chridd
----
Forum Games Discord
(tell me if link doesn't work)

User avatar
Steve the Pocket
Posts: 707
Joined: Mon Apr 23, 2007 4:02 am UTC
Location: Going downtuuu in a Luleelurah!

Re: 1121: "Identity"

Postby Steve the Pocket » Mon Oct 15, 2012 6:38 am UTC

I got hung up on the wording of the Easter egg text. "...taught everyone to flawlessly impersonate me to pretty much anyone I know." It looked like a proofreading mistake at first, but then I realized "to pretty much anyone" meant impersonating him around other people.

Quicksilver wrote:That's why you have a custom question, based around obscure movie references. Most of my friends don't know half the films I've seen, and I don't know many movie buffs who want my information.

I can do you one better. One of my security question answers (I don't even remember what site it's on, but I'll know it if I ever run into it again because it's a custom question) is a completely random quote from something I'm almost positive no one in here has ever heard of, let alone seen. And even if you did, you'd never guess it would be the answer to a question that has nothing to do with it.
cephalopod9 wrote:Only on Xkcd can you start a topic involving Hitler and people spend the better part of half a dozen pages arguing about the quality of Operating Systems.

Baige.

User avatar
SEE
Posts: 73
Joined: Mon Jun 30, 2008 1:58 pm UTC

Re: 1121: "Identity"

Postby SEE » Mon Oct 15, 2012 7:56 am UTC

Quicksilver wrote:That's why you have a custom question,


Assuming your bank is sensible enough to allow a custom question—mine isn't. (Worse, they used to be, but they brought in a new system . . .)

User avatar
da Doctah
Posts: 995
Joined: Fri Feb 03, 2012 6:27 am UTC

Re: 1121: "Identity"

Postby da Doctah » Mon Oct 15, 2012 9:18 am UTC

Eutychus wrote:
da Doctah wrote:Security question: What's my favorite dessert?
Answer: Apple crumbcake, Sergeant. (If the response doesn't include "Sergeant" you know it's not me.)
Anyone care to take a stab at the origin of this one?


McMillan and Wife

Worried now?

Not really, since it was just an illustration of the way my mind works. But I need to know how impressed I should be. Did you remember the episode, or Google to discover the Usenet post where I used the phrase in February of 2004?

AtG
Posts: 51
Joined: Wed Mar 12, 2008 6:27 am UTC

Re: 1121: "Identity"

Postby AtG » Mon Oct 15, 2012 9:19 am UTC

Reminds me very much of last week's Southpark episode. Does Randall consume such lowbrow entertainment? :)

User avatar
Angelastic
Posts: 700
Joined: Thu Nov 03, 2011 8:36 am UTC
Location: .at (let's see what's through here!)
Contact:

Re: 1121: "Identity"

Postby Angelastic » Mon Oct 15, 2012 9:39 am UTC

da Doctah wrote:Did you remember the episode, or Google to discover the Usenet post where I used the phrase in February of 2004?

Off-topic, but this prompted me to Google for said post, and saw which Usenet group it was on, and now I want to be your friend. :)
Knight Temporal, and Archdeacon of buttermongery and ham and cheese sandwiches. Nobody sells butter except through me.
Image Smiley by yappobiscuits. Avatar by GLR, buffygirl, BlitzGirl & mscha, with cari.j.elliot's idea.
Haiku Detector
starts a trend to make way for
my robot army.

User avatar
Red Hal
Magically Delicious
Posts: 1445
Joined: Wed Nov 28, 2007 2:42 pm UTC

Re: 1121: "Identity"

Postby Red Hal » Mon Oct 15, 2012 9:42 am UTC

Custom security questions are great, until you have to use them on the phone. What seems like a good question at the time, (Would you like me to give you a back rub?) is embarassing when you have to give the answer to another human being (Yes, you naughty computer and byte me as well.)
Lost Greatest Silent Baby X Y Z. "There is no one who loves pain itself, who seeks after it and wants to have it, simply because it is pain..."

User avatar
peewee_RotA
Posts: 504
Joined: Mon Dec 12, 2011 1:19 pm UTC

Re: 1121: "Identity"

Postby peewee_RotA » Mon Oct 15, 2012 10:29 am UTC

"Hey, I lost the server password. What is it, again?"
"It's-....wait. How do I know it's really you?"
"Ooh, good question!..."

(Oh the hard times and bad puns I'd give that person)

"...Hau. It's really me."
"...What would it matter if I'm a sheep or not."
"...Really, my password is not 'you'. Stop guessing that."
"...You know that I'm not really you. You're there and I'm here. And if I were you I wouldn't need to ask."
"...Well the EU has been real for quite some time. Since 1993 I think."
"...Well it's definitely me and I'm definitely operating an old film projector. You could say I'm reely working."
"Vowels have trouble getting married in Canada. They can’t pronounce their O’s."

http://timelesstherpg.wordpress.com/about/

dju_da_da
Posts: 1
Joined: Mon Oct 15, 2012 10:28 am UTC

Re: 1121: "Identity"

Postby dju_da_da » Mon Oct 15, 2012 10:37 am UTC

Sorry to intrude with a completely different subject - I wanted to share a scene I recently witnessed in a park, featuring a young dad and a 5-yr old daughter looking at birds: "so, you remember that birds came from dinosaurs?", to which the daughter responds with a sigh accompanied by a brief tired look in my direction (communicating, probably, sorry, my dad is crazy this way) and then comfortingly repeating to him, as you would to someone who has proven to be beyond reasoning: "sure dad. all birds come from dinosaurs."

Eutychus
Posts: 448
Joined: Mon Jan 25, 2010 6:01 am UTC
Location: France

Re: 1121: "Identity"

Postby Eutychus » Mon Oct 15, 2012 10:59 am UTC

Angelastic wrote:
da Doctah wrote:Did you remember the episode, or Google to discover the Usenet post where I used the phrase in February of 2004?

Off-topic, but this prompted me to Google for said post, and saw which Usenet group it was on, and now I want to be your friend. :)


I confess I did too.

I spend a lot of time Googling to make a living as a translator, and quite a lot more time using the skills acquired to research other topics. It never ceases to amaze me how much you can find out with the right combination of skill and intuition.
Be very careful about rectilinear assumptions. Raptors could be hiding there - ucim

User avatar
M.qrius
Rainbow Brite
Posts: 519
Joined: Sat Nov 10, 2007 12:54 am UTC
Location: Rainbow's end
Contact:

Re: 1121: "Identity"

Postby M.qrius » Mon Oct 15, 2012 11:37 am UTC

Actually, if both of you have google authenticator on your phone, you can just share a secret when you meet, and then you have a lifetime supply of 30-second shared "something you have"s.


Oh and to the people complaining about their banks?
My bank has case insensitive passwords. I found that out after 5 years of using them.

User avatar
javahead
Posts: 57
Joined: Fri Aug 21, 2009 1:29 pm UTC

Re: 1121: "Identity"

Postby javahead » Mon Oct 15, 2012 12:02 pm UTC

Djehutynakht wrote:We can all pretty much assume that Randall's bank passwords have something to do with "Velociraptors", don't they?

Hmmm, "that birds are dinosaurs"

4539 ?

User avatar
Carlington
Posts: 1588
Joined: Sun Mar 22, 2009 8:46 am UTC
Location: Sydney, Australia.

Re: 1121: "Identity"

Postby Carlington » Mon Oct 15, 2012 12:59 pm UTC

While I like this comic, I was really hoping for a SPACEJUMP! comic.
Kewangji: Posdy zwei tosdy osdy oady. Bork bork bork, hoppity syphilis bork.

Eebster the Great: What specifically is moving faster than light in these examples?
doogly: Hands waving furiously.

Please use he/him/his pronouns when referring to me.

User avatar
unus vox
Posts: 135
Joined: Sat Jan 30, 2010 7:01 pm UTC

Re: 1121: "Identity"

Postby unus vox » Mon Oct 15, 2012 2:42 pm UTC

How is she cutting him off via text messaging?
Spoiler:
Image

rmsgrey
Posts: 3652
Joined: Wed Nov 16, 2011 6:35 pm UTC

Re: 1121: "Identity"

Postby rmsgrey » Mon Oct 15, 2012 2:43 pm UTC

unus vox wrote:How is she cutting him off via text messaging?


Character buffer limit

User avatar
cellocgw
Posts: 2067
Joined: Sat Jun 21, 2008 7:40 pm UTC

Re: 1121: "Identity"

Postby cellocgw » Mon Oct 15, 2012 3:38 pm UTC

flicky1991 wrote:I have a simple substitution cipher (i.e. one where each letter becomes a specific other letter) that I happen to know by heart. These codes are very easy to break if you're given a sample of text in it. But, if you're not, it makes my passwords damn impossible to guess.


Oh me yarm -- he just invented ROT_n !

(Yes, I know the Caesar cipher allows other permutations. I'm just having fun. Sort of. Since it's easy to tell if his passwords have repeated letters, for example.)
resume
Former OTTer
Vote cellocgw for President 2020. #ScienceintheWhiteHouse http://cellocgw.wordpress.com
"The Planck length is 3.81779e-33 picas." -- keithl
" Earth weighs almost exactly π milliJupiters" -- what-if #146, note 7

User avatar
Locoluis
Posts: 102
Joined: Mon Dec 11, 2006 7:30 pm UTC
Location: Santiago, Chile
Contact:

Re: 1121: "Identity"

Postby Locoluis » Mon Oct 15, 2012 4:04 pm UTC

ijuin wrote:The problem with this approach is that it requires that the person vetting the client to know more about the client than traditional verification methods. You don't merely have to have a table linking clients with a set of answers to questions--you have to be personally familiar with the client in question. This does not readily scale to networks larger than a few hundred users at most.


Indeed. That's Dunbar's number, past which the social network starts breaking down.
Sueños del Sur - A webcomic about four siblings, their family, friends, adventures and dreams.
http://sds.lgm.cl/

User avatar
Kaden
Posts: 32
Joined: Tue Sep 04, 2012 4:57 pm UTC
Location: USA

Re: 1121: "Identity"

Postby Kaden » Mon Oct 15, 2012 4:26 pm UTC

dju_da_da wrote:Sorry to intrude with a completely different subject - I wanted to share a scene I recently witnessed in a park, featuring a young dad and a 5-yr old daughter looking at birds: "so, you remember that birds came from dinosaurs?", to which the daughter responds with a sigh accompanied by a brief tired look in my direction (communicating, probably, sorry, my dad is crazy this way) and then comfortingly repeating to him, as you would to someone who has proven to be beyond reasoning: "sure dad. all birds come from dinosaurs."


That's kind of awesome. :D
Image

User avatar
EpicanicusStrikes
Random Boners = True Attraction
Posts: 130
Joined: Wed Nov 16, 2011 11:36 am UTC

Re: 1121: "Identity"

Postby EpicanicusStrikes » Mon Oct 15, 2012 6:07 pm UTC

Djehutynakht wrote:We can all pretty much assume that Randall's bank passwords have something to do with "Velociraptors", don't they?

Correct Horse Battery Staple.

User avatar
Someguy945
Posts: 190
Joined: Fri Jul 22, 2011 5:09 am UTC

Re: 1121: "Identity"

Postby Someguy945 » Mon Oct 15, 2012 7:25 pm UTC

SEE wrote:
Quicksilver wrote:That's why you have a custom question,


Assuming your bank is sensible enough to allow a custom question—mine isn't. (Worse, they used to be, but they brought in a new system . . .)


Custom questions are great for anyone who knows how to use them properly, but potentially very dangerous in the hands of someone who doesn't. They are not idiot-proof, so I think it's best for websites to either avoid them, or perhaps make you pass a short quiz to "unlock" the ability to use them :)

Here is an example of of an idiot poorly using a custom security question:
"Herp de derp! I know, I'll take a quote from a really obscure source! I'll use the first half as my question and the second half as my answer! My question will be 'but now that i am again and again dead' and no one will ever get the reference needed to finish the sentence!"

Crown of Fire
Posts: 7
Joined: Mon Oct 01, 2012 3:50 am UTC

Re: 1121: "Identity"

Postby Crown of Fire » Mon Oct 15, 2012 7:30 pm UTC

I find the other problem with most of these security questions (at least the typical ones I've seen), is anyone close to you (family friend, malevolent uncle etc.) knows the answers to these questions, or have to do very little to find it. I mean you'd hope the people with this kind of information wouldn't ever use it... but you never know.

User avatar
mikrit
Posts: 402
Joined: Sat Apr 14, 2012 8:13 pm UTC
Location: Sweden

Re: 1121: "Identity"

Postby mikrit » Mon Oct 15, 2012 7:31 pm UTC

Kaden wrote:
dju_da_da wrote: ... "sure dad. all birds come from dinosaurs."

That's kind of awesome. :D

Agreed. This story made my day.
Hatted and wimpled by ergman.
Dubbed "First and Eldest of Ottificators" by svenman.
Febrion wrote: "etc" is latin for "this would look better with more examples, but I can't think of any".

User avatar
mathmannix
Posts: 1451
Joined: Fri Jul 06, 2012 2:12 pm UTC
Location: Washington, DC

Re: 1121: "Identity"

Postby mathmannix » Mon Oct 15, 2012 7:36 pm UTC

EpicanicusStrikes wrote:
Djehutynakht wrote:We can all pretty much assume that Randall's bank passwords have something to do with "Velociraptors", don't they?

Correct Horse Battery Staple.


My password is COMPLETELY different--- "Wrong Bronco Accumulator Pin".
I hear velociraptor tastes like chicken.

User avatar
da Doctah
Posts: 995
Joined: Fri Feb 03, 2012 6:27 am UTC

Re: 1121: "Identity"

Postby da Doctah » Mon Oct 15, 2012 7:42 pm UTC

peewee_RotA wrote:"Hey, I lost the server password. What is it, again?"
"It's-....wait. How do I know it's really you?"
"Ooh, good question!..."

(Oh the hard times and bad puns I'd give that person)

"...Hau. It's really me."
"...What would it matter if I'm a sheep or not."
"...Really, my password is not 'you'. Stop guessing that."
"...You know that I'm not really you. You're there and I'm here. And if I were you I wouldn't need to ask."
"...Well the EU has been real for quite some time. Since 1993 I think."
"...Well it's definitely me and I'm definitely operating an old film projector. You could say I'm reely working."


If only I used my middle name as my preferred name:

Person A: "I just got a text from Hugh."
Person B: "I didn't send you a text."
Person A: "I know. But Hugh did."
Person B: "Look, I swear I didn't send any text."
Person A: "Nobody's saying you did. But look at what Hugh sent."

My whole life could be one big Abbott and Costello bit.


Return to “Individual XKCD Comic Threads”

Who is online

Users browsing this forum: acunning40 and 54 guests