The reason why bcrypt is still around is because key stretching does not really solve any fundamental core problem. It was only ever a band aid and never a solution.

For websites and other remote servers, passwords are just inappropriate. Users should always authenticate with public key tech, such as webAuthn for websites or ssh key auth for console. Passwords should not be used for remote services in any circumstance.

The only place passwords should ever be used is for access to to local device, and for local passwords to be secure, it needs to have entropy, and nothing can really change that.

Key stretching is at best a speed bump, while actually adding entropy does effectively make a password resistant to brute force guessing. And the only effective way to get entropy into a password is to have them be machine chosen and not human chosen, and organized mnemonically, not littered with special characters.

We should hope bcrypt is still around, or even weaker solutions like pbkdf2. Because that would mean people are finally starting to understand how passwords work, and their role in security.

> Coinbase is trying to put the SEC into an unwinnable situation.

I think you have the picture backwards. the SEC cant "lose", coinbase cant fine or imprison the SEC. OTOH, ehe SEC sure can, and is swinging around their regulatory sword threatening action, typically multi-tens of millions of dollar fines

And it is no idle threat. Bitfinex has eating 40+ million dollar fines, Bittrex got hit with a 30 million dollar fine that contributed to them going out of business, Binance paid untold millions in a sealed settlement, etc. Its all pretty funny considering there really arent any rules to follow, and regulators seem to be making it up as they go.

Coinbase, having received a direct threat from the SEC "follow the rules or else we will levy a big big fine", is asking "please tell me the rules, so I can follow them".

Its a very reasonable request. How would you feel driving if the speeding fine was more than the price of your car, but the speed limit was a secret ? What if jaywalking in NYC was a life in prison penalty, but all the crosswalks were unpainted and there were no traffic lights?

Asking the SEC to make the rules clear is not too much to ask, especially not if they are going to start retroactively enforcing them.

> Bureaucracy protects liberty, while autocracy gets things done. That's always been the dichotomy, and in a case like this the advantage goes to autocracy.

Whoa cowboy, we must have wildly different definitions of liberty if you think "Bureaucracy", its mortal enemy, is what "protects" it.

The dichotomy is that bureaucracy "protects" us from all this scary freedom to do things we want to do, by making all kinds of rules and red tape to stop people from doing stuff.

The trade off is sacrificing liberty.

The climate scammers are pretty desperate for an el nino to form

3 years of la nina in a row was declared impossible in a warming earth scenario, and it also makes fake climatologists look ridiculous because of the obvious cooling trend. And yet thats what happened.

The cattle still on the global warming hype train might start to get a little bit uneasy if we have another record cold year. They desperately need an el nino to keep this narrative going.

more

> No we don't need extra load for no reason. Wtf.

Then you can choose to not use electricity to mine bitcoin and you have done your part. Thats the beginning and end of what you have the right to do about it. Nothing gives you the right to control how other people use electricity, and even if you somehow had such a power it would be foolish to use it.

Think: If I didnt think people should use electricity for lighting or heating at night, would that give me the right to decarbonize your house and make you live in the dark ?

If not, then realize what other people choose to use electricity on is *none of your business*. Maybe, just maybe, other people's POV is just as valid as your own, and you should make your own choices and not other people's.

Maybe, just maybe, you are wildly underestimating how insanely inefficient legacy cobol based financial systems are, and wildly underestimating how incredibly efficient a bitcoin economy would be.

Maybe, just maybe, capitalism has a natural way to sort problems like this out, solving for the solution which costs the least and delivers the most.

Some of these anti-bitcoin dinosaurs on slashdot really get their knickers twisted about bitcoin to the point where they are raging with senseless self destructive vitriol. I wonder how they feel if someone decided the electricity needed for them to post their nonsense on the internet was a unnecessary and should be de-carbonized.

Its honestly only one step removed from some eco-nazi deciding that the CO2 in their respiration is harming their misguided vision of the ecosystem, and coming up with a "solution" for that problem too: "face the decarbonization wall, breath polluter".

> It doesnt take the annual consumption of Switzerland per day to print money

No, it takes a lot more. The current finacial system is a massive overhead on the economy, and replacing it all with bitcoin would massively reduce power consumption.

> Could you create a repeating pattern with this shape if you wanted to?

I cant imagine that would be useful, because a basic proportional rectangle already has that property.

You can make an infinitely random rectangular pattern, just like shuffling a pile of dominoes. but you can also make it regular too, but choice.

For this shape to be mathematically interesting, it would have to be impossible to intentionally tile it regularly.

> Well, at least when it comes to password security, complexity requirements are a distraction.

Thank you for saying it. People have no idea how hard that simple truth is to explain to executives and even security teams.

I'd go one step further and say that passwords really have little to no role in security. They really aren't a very good model, and asymmetric-public-key physical security token with an attempt-limited local pin is far better (especially native entered high entropy phrase driven kinds).

95% of users are just not qualified to handle passwords so they just should not have them. and 2FA/MFA is mostly pointless; its not a good substitute for using dedicated ECC hardware for authentication.

I can only really see one good use of chat GPT and similar markov-chain-generators: undoing their own work.

When I see a pile of word salads and I dont want to bother reading it, if an un-chat-gpt bot could tell me "what inputs to you would result in this output" it would save me a lot of time.

"Create a legal boilerplate for XYZcorp"

"Make an argument in favor of idea ABC."

"What are the best criticisms of EFG?"

etc, will tell me what im looking at without having to waste time eyeballing all the nonsense.

Even better: detect anything written by a spamgenerator bot and just hide it by default.

If anyone thinks these things can do work on their own they still dont get AI/ML. Pretty pattern-spitters really have captured people's imaginations though, so they better get their IPO done before people realize just how useless they are.

If these bots seem amazing at doing something... then that something is probably already useless.

> So, all we need to do is hire some semi-competent CIO who knows how to speak Requirement in an IT-centric way, in order to "fix" that?

Its funny how you think that exists.

It often the upper management types who think that they are magically gifted in understanding the problem space and best approach to solving it that are precisely the people who grasp the least about what the users actually need and are really just a huge additional burden to any project they get involved with.

Im sure they; get along swimmingly with codeGpt.

A lot of people here seem to fundamentally misunderstand what chatgpt really does. Its spitting out regurgitated babble, and if it looks good, that just means the work you gave it was trivial boilerplate.

> Generalized AI is still 100+ years out.

Hard disagree. We have no definition of intelligence yet, or even a basis from which to describe it. We can measure it, but the only true measure seems to come in high stakes games for which humans are the only viable participants. the AI developed so far is little more than a tool for a human to use, and not a competitor to a human.

The best we can do right not is measure intelligence with super primitive means such as turing tests. There has been zero, ZERO progress on AI since the idea was conceptualized. If there was an honest speedometer on AI progress, it would be reading a flat 0mph since 1940s, never even blipping up a micron.

ML is interesting and useful, but has nothing to do with AI. In fact, one key sign that ML is not AI is that it is only useful in collaborative problem spaces and utterly fails in contentious ones. Its a fancy pattern recognizer, no more intelligent than a coin sorter in a vending machine.

Until we at least have some kind of theoretical or logical way to analyze what intelligence or sentience is, we cant make any extrapolation of when it can be created by us. 100 years is an arbitrary and short timeline for something which might not be possible in 1 million years.

It may simply not be possible for a given intelligence to purposefully create another intelligence even half as smart as it is, much less smarter.

> Of course nothing besides a slow decline will happen. Of course, similar to somebody dying from cancer, there will be a few good days where it seems viable. But the end is clear and inevitable.

People have been saying this forever. Remember, the whole bitcoin thing started out worth nothing at all.

Someone accepted like 10,000 units of them in exchange for a pizza, and thought they were doing someone a favor by taking them. It ended up being the most expensive pizza of all time.

It's pretty hard to call it a slow decline when the units are still worth more than a dollar. Heck, they are still worth more than 10,000 dollars last time i checked.

If we think bitcoin is going to go down to nothing, perhaps we should wait till it comes back down to something macroscopic first before making that prediction, like say $100 or heck, even $500 if we are generous. When you see its actually in a decline like that, then make a post crowing about it and predicting it will never bubble up again.

Until then, we should realize that people are still paying huge amounts for the things and stop being the fox griping about the grapes.

> Theyâ(TM)re digital credentials that are stored on your devices, and you access them using biometrics.

Biometrics are alike a really weak, really shitty password that you can never change. Not a great start there

> 1Password will help you create passkeys and keep them safe alongside all your private data. It will also sync them securely to all your devices, even across platforms.

If it can do that, then it also means it can and will leak all your secrets too.

going to have to take a hard pass on this concept.

There are good ideas moving around, such as using webauthn as an alternative to passwords and not just as a 2fa method.

But 1password seems to be insecure on a fundamental level.

> But that's like having a parasitic infection and pretending it's not there. You can only do that for so long before you die.

So your solution to a parasitic infection... is another parasitic infection ?

> If politicians are such great economists, why did every single government fail where the government started to take over the means of production and decided what to produce, when and how fail?

The standard in most places is for the government to float a fiat currency it controls with monetary and fiscal policy. That means the government must be good at economics or it wont last long.

Isn't choosing bitcoin getting the government out of economics? Its sort of like going back to a specie system, since neither fiscal nor monetary policy can apply to it, it just moves on its own up or down regardless of their wishes.