Pass","words","Are","fun","\n
Fuck that csv All the way up.
I think Python csv would save that as "Pass\",\"words\",\"Are\",\"fun\",\"\\n" and then it would be read by Excel / LibreOffice / Python csv as expected.
A perspective from someone who red teams for a living:
If I encounter a password like that, I'm probably going to pay special attention to your account among the millions. Commas dont stop most people from being weak to password permutations either.
If you're manually checking the 12 million username password pairs in the leaked database you aren't really going to breach many accounts before people update their passwords, are you?
What if it's exported as a tsv?
Then I'm f'd because it's really hard to enter tabs in most password text fields.
Use EICAR test strings as passwords so when the password is stored as plain text the antivirus software will delete the file.
Dude makes a whole binary of a virus his password.
Doesn't have to be a binary file, toss the string in a txt file and the AV still throws a fit.
According to wikipedia it has to be at the beginning of the test file or it won't work.
What is an EICAR test string?
a computer file that was developed by the European Institute for Computer Antivirus Research (EICAR) and Computer Antivirus Research Organization to test the response of computer antivirus programs. Instead of using real malware, which could cause real damage, this test file allows people to test anti-virus software without having to use real malware.
This sounds like a step towards computer vaccines, and I'm not about to let my computer get autism, thank you.
Joke's on you, all computers are autistic.
This is cs101 smh
OP thinks security researchers don't understand how to properly serialize data for correct deserialization. OP also thinks they largely use CSV.
OP is uninformed and just found it funny and worth sharing. Good day
Security researchers are releasing password dumps? 🤔
Cybercrime isn't "research"?
It'll just get escaped by quotes.
EDIT: it might be a better idea to use non-ascii characters.
Add apostrophes to "commas" to mess with me
Correct me if I'm wrong, but doesn't text with commas in it get put in double quotes in acsv file to avoid this exact thing?
Like if I had cells (1A: this contains no comma), (2B: this, contains a comma), and (3C: end of line), the csv file would store (this contains no comma,"this, contains a comma",end of line)
Yes and no. Like yes, that can be true. But a lot of tools don’t handle commas correctly no matter how you escape them.
I don't think they actually store any passwords, usually hashes are stored for better security. Of course not everyone does this so yeah thanks to Skeleton.
fun fact, "commas" does not require an apostrophe
Yeah, but look at how many extra comments that generates. I'm starting to think that intentionally bad grammar is sometimes a good social media tactic to create engagement on top of what you're already doing, but I'm not excluding people being just plain illiterate.
Guys calm the fuck down. The point of this joke is not that you’ll be bulletproof a few in sort of a few commas and passwords every now and then. The point is that a lot of these guys use terrible scripts that do not parse data correctly and they dump all of this shit into large CSV files. One or two people put an errand, in there that it doesn’t expect and it fucks the whole thing sideways for the entire set everything after the asshole with the comma password gets fucked. People that know what they’re doing will be just fine with it, but scammers generally don’t know what the fuck they’re doing and they pass this data along over and over and over again it change his hands frequently. So there’s more chances for it to get fucked along the way.
Don't add apostrophes to make words plural, that's not how it works.
Until next time
How* it works
Until next time
SHIT
CSV has standard escape sequences. This is pointless
See RFC-4180:
That standard won't stop me because I can't read!
1. Be civil
No trolling, bigotry or other insulting / annoying behaviour
2. No politics
This is non-politics community. For political memes please go to !politicalmemes@lemmy.world
3. No recent reposts
Check for reposts when posting a meme, you can only repost after 1 month
4. No bots
No bots without the express approval of the mods or the admins
5. No Spam/Ads/AI Slop
No advertisements or spam. This is an instance rule and the only way to live. We also consider AI slop to be spam in this community and is subject to removal.
A collection of some classic Lemmy memes for your enjoyment
