𝓹𝓻𝓲𝓷𝓬𝓮𝓼𝓼

only 10 bits of entropy? 👌🤣

You’re not the only person, but it’s definitely not the way to keep your shit safe online.

Best practice is to use a different sufficiently strong (e.g. long and random) password for every account. That way, when an account’s password is leaked, it doesn’t immediately compromise every other account for which you’ve reused that password.

I generally advise people to use a password manager (I like Bitwarden) to store their myriad passwords, so they only have to remember a single master password.

ofc these bots aren’t necessarily sneaking into their operators’ password managers and stealing their passwords; the operators willingly and knowingly given the bots access to these things, so they can offload the drudgery of e.g. looking at a calendar to them

we could be using this technology to solve real world business problems

doesn’t even have to be the site owner poisoning the tool instructions (though that’s a fun-in-a-terrifying-way thought)

any money says they’re vulnerable to prompt injection in the comments and posts of the site

the bots behind subreddit simulator weren’t semi-autonomous agents with access to their operators’ private lives, auth tokens, passwords, emails (and gods only know what else), and the authority to act in the world on their behalf

genuinely terrifying

quantum services

take your source code and put each character in its own docker container

this gives you the absolute peak of scalability and agility as every quantum of your application is decoupled from the others and can be deployed or scaled independently

implementing, operating and debugging this architecture is left as an exercise for the reader

that will be $250,000 kthx