herid @herid@qoto.org

3. Your passwords are now almost certainly crackable, particularly if you've had an account for a long time. It looks like LastPass has never upgraded the difficulty factor on their KDF, which is very bad. But "crackable" is not the same as "cracked". It is eminently possible to crack a password in a couple of days, but *each* password is going to take at least a few hours on some very high-end hardware; attackers will need to be motivated.

2. You are still in a way better position, having used a password manager, then you would have been if you just reused passwords or used some predictable scheme for them. This is NOT some kind of proof that password managers (even cloud password managers) are inherently a bad idea. The alternatives are worse.

While you should stop using LastPass in favor of better password manager soon, I think it's important to keep a few things in perspective:

1. This isn't your fault. LastPass fucked up. It was reasonable to trust them, and they betrayed your trust. (Infosec folks: Do not shame people for not knowing this. If we knew and they didn't, that's on us. We should have communicated this better.)

The writers are overdoing it again.
https://www.theguardian.com/technology/2022/dec/23/elon-musk-orders-twitter-to-remove-suicide-prevention-feature

Florence + the Machine - Jenny of Oldstones

This song is the best thing about the final season of the Game of Thrones.

https://youtu.be/eTa1jHk1Lxc

#SongOfTheDay
#FavoriteMusic 39/

Wow controversial Elon Musk reporter @rmac18 has finally come crawling on to Mastodon. Would be a shame if he got more followers than Elon!! 1 RT = 1 support of Ryan Mac

This is total #bullshit 😡

A #reviewPanel is upholding a #fine against the #TransMountain #pipeline for #violations that resulted in disturbing #bird nests.
But the #CanadaEnergy #Regulator is dramatically #slashing the amount of the #penalty from $88,000 in the original ruling to $4,000.

https://www.vicnews.com/news/trans-mountain-pipeline-fine-for-bird-disturbances-upheld-while-penalty-slashed/

#GovernmentCorruption #GreedKills #BritishColumbia #Canada #Canada #CorporateGreed #Ecocide #PNW #DefundTMX #StopTMX #StopTMX #Environment #ClimateChange #KillTheDrill #BCOilAndGas

If you haven't yet, please check out my list of people to follow on Mathstodon. Some are famous, but most are just people who consistently say interesting stuff. For example:

In the early days of the internet we communicated on "usenet newsgroups". I met Matt McIrvin (@mattmcirvin) on the newsgroup sci.physics. We've been communicating on and off ever since!

Check out his post on zeros of the Riemann zeta function:

https://mathstodon.xyz/@mattmcirvin/109560276225118739

It feels so good to gamble on Tesla losing

"A 47-degree drop in Denver in 2 hours."

Roland Emmerich's THE DAY AFTER TOMORROW doesn't seem as silly anymore, does it? I mean, yes, it still is. But it's not as batshit crazy as it seemed at the time of its release. What have we done to our planet?

#climatechange #extremeweather #TheDayAfterTomorrow #RolandEmmerich

https://edition.cnn.com/2022/12/22/weather/winter-storm-temperature-drops/index.html#:~:text=The%20largest%20plunge%20came%20when,degree%20at%205%3A58%20p.m.