my favorite answer so far. it is exactly what i meant but i did not realize that it being the same secret (which is technically just half implied by the grammar i think) is what breaks the dynamics.
if it’s 1000 different secrets, then it kind of works but only if the guesser knows/assumes the distribution is uniform. (if it’s the same secret then the guesser knows it’s the same secret then that’s the extreme, maybe a “degenerate” case, like having 1000 doors to one bank.)
oh i got it now.
if it’s 1000 people protecting 1000 different secrets (each their own) then it does cancel out.
note that it does get worse if the secret-guesser knows something about the statistical distribution of those secrets, and the value of each secret is kind of interchangeable to them. then things like rainbow tables exist.
this way of phrasing is reasonable but it feels like those should cancel out. i mean why taking a situation of 1 person protecting a secret and multiplying it by N changes it.
keeping all these containers up to date
Updates are a good way to get the security holes fixed, but unfortunately it’s also often how the holes get in in the first place.
I mean, for most projects it’s kind of sensible to assume that over long time, the code will become rather more secure and less buggy, so eventually the pros/cons might come out in favor of a strategy of updating every time. But it’s good to know that every update is inherently a double edged sword.
That’s why I like the model that distros like Debian do: they keep the code stable for long time, and only send updates for which a typically independent party (package maintainer) has already decided that a given update indeed is a necessary bugfix, or even specifically a security fix. Similar policy of course could be applied to a Docker container as well, but I don’t know how many projects do this, and it would be a per-project policy, most probably not quite independent.
Does your shower happen to be built on Indian burial ground?
people are still allowed to voice opinions
…
now fix the shitty client on appletv
is not an opinion, it’s just being a jerk
What’s Germany? You mean Německo?
The building, used by several hundred employees, had a security systems with 4-digit codes. I’ve been part of group of people who liked to work late times, and the building would lock at midnight – the box by the door would start beeping and you would need to unlock it within a minute or so, or “proper alarm” would ensue.
However, to unlock the alarm you did not need your card – all you needed to do was to enter any valid code. Guess what was the chance that, say, 1234 was someone’s valid code? Yes.
We’ve been all using some poor guy’s code 1234, and after several years, when he left the company we just guessed some other obvious code (4321) and kept using that.
By the way, after entering the code to the box by the door, it would shortly display name of the person whom the code “belonged” to. One of our colleagues took it as a personal secret project to slowly go through all 10000 possible codes and collect the names of the people, just for the kick of it.
(By the way, I don’t work for that company anymore, and more importantly, the company does not use that building anymore, so don’t get any ideas! 🙃 )
and they don’t know the secret
and they don’t know the secret is there
and they have many a gun each
-> perfect secret security