this post was submitted on 25 Dec 2024
287 points (98.3% liked)

Ask Lemmy

27268 readers
2079 users here now

A Fediverse community for open-ended, thought provoking questions

Rules: (interactive)

1) Be nice and; have funDoxxing, trolling, sealioning, racism, and toxicity are not welcomed in AskLemmy. Remember what your mother said: if you can't say something nice, don't say anything at all. In addition, the site-wide Lemmy.world terms of service also apply here. Please familiarize yourself with them

2) All posts must end with a '?'This is sort of like Jeopardy. Please phrase all post titles in the form of a proper question ending with ?

3) No spamPlease do not flood the community with nonsense. Actual suspected spammers will be banned on site. No astroturfing.

4) NSFW is okay, within reasonJust remember to tag posts with either a content warning or a [NSFW] tag. Overtly sexual posts are not allowed, please direct them to either !asklemmyafterdark@lemmy.world or !asklemmynsfw@lemmynsfw.com. NSFW comments should be restricted to posts tagged [NSFW].

5) This is not a support community.
It is not a place for 'how do I?', type questions. If you have any questions regarding the site itself or would like to report a community, please direct them to Lemmy.world Support or email info@lemmy.world. For other questions check our partnered communities list, or use the search function.

6) No US Politics.
Please don't post about current US Politics. If you need to do this, try !politicaldiscussion@lemmy.world or !askusa@discuss.online

Reminder: The terms of service apply here too.

Partnered Communities:

Tech Support

No Stupid Questions

You Should Know

Reddit

Jokes

Ask Ouija

Logo design credit goes to: tubbadu

founded 2 years ago
MODERATORS
Bluetreefrog@lemmy.world
candyman337@lemmy.world
TheSaneWriter@lemm.ee
TheSaneWriter@lemmy.thesanewriter.com
candyman337@sh.itjust.works
Asudox@lemmy.world
can@lemmy.ca
lemmy_bot@lemmy.world
beefbaby182@lemmy.world
asudox@discuss.tchncs.de
ModeratorCan@lemmy.world
287
What are some (not illegal) ideas to make corporations feel the pain when they allow our data to be stolen? (lemmy.world)
submitted 1 day ago by Bluetreefrog@lemmy.world to c/asklemmy@lemmy.world
73 comments fedilink hide all child comments
 

I'm getting a bit sick of large corporations a) demanding excess data as a condition of doing business with me, b) allowing it to be stolen, and c) giving zero fucks about it.

What are some things that us netizens can do to make our displeasure known.

Extra points for funny ideas.

you are viewing a single comment's thread
view the rest of the comments
[–] slazer2au@lemmy.world 93 points 1 day ago (7 children)

Use EICAR test strings as your password.

If they store your password in plain text the AV will lock the user database.

If your password gets leaked and they are using bad password security, when your password is cracked the AV will isolate the file.

[–] QualifiedKitten@lemmy.world 2 points 8 hours ago (1 children)

ELI5 please? I've read the other replies, but would love to understand a bit more.

[–] PM_Your_Nudes_Please@lemmy.world 2 points 6 hours ago

EICAR test strings are strings of text that can be used to test an antivirus. Basically, you bury the file somewhere, and see if your AV picks it up. The joke being that if they’re storing your password in plaintext (a big no-no from a security standpoint) then their AV will clamp down on the database once you create your account and the test string is embedded.

It wouldn’t work in this instance, unfortunately; EICAR test strings are only meant to work when embedded in files that are shorter than 128 bytes. And every database is almost certainly larger than that.

[–] HootinNHollerin@slrpnk.net 9 points 12 hours ago* (last edited 12 hours ago)

Being a non-programmer I had to look up what that is

[–] shrodes@lemmy.world 72 points 1 day ago

Bold of you to assume a corporation storing passwords in plain text would be using AV

[–] Sir_Premiumhengst@lemmy.world 4 points 17 hours ago

Whoa, I wanna try this now! Thx!

[–] qaz@lemmy.world 41 points 1 day ago (2 children)

According to EICAR's specification the antivirus detects the test file only if it starts with the 68-byte test string and is not more than 128 bytes long. As a result, antiviruses are not expected to raise an alarm on some other document containing the test string.

This won't work, assuming the database file is more than 128 bytes long

[–] Talaraine@fedia.io 10 points 1 day ago

I think the important distinction would be 'file' or 'record'. Passwords aren't really a file in a database iirc and records in a database have a storage limit

[–] Krudler@lemmy.world 20 points 1 day ago

Ah... "advice" consisting of "I've heard of a thing"

[–] Talaraine@fedia.io 11 points 1 day ago

This is diabolical. I approve.