When you call "times 2" with an "argument", let us say 3. You have: 3 times 2. Equals 6, of course.
You also have something called the "inverse function". In this case "divided by 2". Again if we call this function with the argument "6" we have: 6 divided by 2. Equals 3.
Not a coincidence that we end up with 3, the value we started. Every time you chain a function and its inverse you end up with the "argument" you started.
Now imagine that the original 3, the first argument, is a password. 6, the result of calling the first function with your argument is the "hashed password", or your tripcode.
What every hack wants to do is try to find the "3" given that he saw your hashed password is "6".
If you use a function as trivial as "times 2". It will be very easy to guess the password from the hash. Because the inverse function is very easy.
So to avoid this people use completely crazy function, that when you call with the argument 3, the result can be 9182838176251928761528232. A pretty big number with no obvious connection between the argument and the end result.
This function will probably have a very complex inverse function.
So complex , that in some cases the inverse function is unknown.
The only way to get the original argument from the end result is trying every single possibility. You create a computer program that tries every single number and see if the end result matches.
Now jump to passwords again. Nobody is going to use a number. You use a complex text. Any decent password has around a dozen letters, numbers and symbols. This gives around 40 symbols. So you have: 40 to power 12 possibilities
The problem is: if it takes 1 microsecond to test each possibility this still means:
194200000 days to test them all.
So you need millions of computers to test them in a reasonable amount of time.
To makes things even more difficult to hackers, people normally use salt. Salt here means that a "prefix" to all passwords.
So you type "batman123" (super secure password!). But the application has actually calculated "some_salt_batman123".
This means that your everyday password with 10 letters, become a super huge 20-30 letter password with more symbols, more letters.
Even more difficult.
A second layer of security is that nobody outside the application knows the salt. That is the whole purpose. Salt rotation means that this "secret prefix" change from time to time, to make things even more difficult.
I got 1 thing to say about all of these gorrillions of possible combinations of codes that are supposed to require umpteen million computers working in tandem for a zillion years to be able to crack through brute force: .
Chaos Theory. The shit can still crack on the very first attempt.
I do appreciate your excellent explanation of the numbers, and I am not trying to discredit what you have posted. But I believe it is necessary to remind people of the real possibility of the impossible.
It basically means that the random number that gets changed periodically to keep people from hacking in (like a password scrambler) keeps changing but Q’s tripcode is not using it. Seems a bit shady, any admin of the website can pretend to post as anyone, my skepticism is high (I do question everything) but I’m still fascinated with this whole thing, and we are some of the best researchers I know, so I will continue to follow what’s going on. Honestly I’m addicted to this site and how everything is playing out, it’s definitely entertaining.
Seeing that it was 17 months from the last post at an exact time of a previous RvW post, in the same manner that Q writes, and connects many posts together, I am definitely leaning to it being the real Q
I don't know, such a basic level of reading Q drops as timing to events and the number "17" are too widely known and applied to dismiss as being outside black hat fakery.
Have NO idea what any t that means.
Ty
Link is dead?
The inner working is quite simple actually.
Imagine a simple mathematical function: times 2.
When you call "times 2" with an "argument", let us say 3. You have: 3 times 2. Equals 6, of course.
You also have something called the "inverse function". In this case "divided by 2". Again if we call this function with the argument "6" we have: 6 divided by 2. Equals 3.
Not a coincidence that we end up with 3, the value we started. Every time you chain a function and its inverse you end up with the "argument" you started.
Now imagine that the original 3, the first argument, is a password. 6, the result of calling the first function with your argument is the "hashed password", or your tripcode.
What every hack wants to do is try to find the "3" given that he saw your hashed password is "6".
If you use a function as trivial as "times 2". It will be very easy to guess the password from the hash. Because the inverse function is very easy.
So to avoid this people use completely crazy function, that when you call with the argument 3, the result can be 9182838176251928761528232. A pretty big number with no obvious connection between the argument and the end result.
This function will probably have a very complex inverse function. So complex , that in some cases the inverse function is unknown.
The only way to get the original argument from the end result is trying every single possibility. You create a computer program that tries every single number and see if the end result matches.
Now jump to passwords again. Nobody is going to use a number. You use a complex text. Any decent password has around a dozen letters, numbers and symbols. This gives around 40 symbols. So you have: 40 to power 12 possibilities
16777216000000000000 https://www.wolframalpha.com/input?i=40%5E12
The problem is: if it takes 1 microsecond to test each possibility this still means:
194200000 days to test them all.
So you need millions of computers to test them in a reasonable amount of time.
To makes things even more difficult to hackers, people normally use salt. Salt here means that a "prefix" to all passwords.
So you type "batman123" (super secure password!). But the application has actually calculated "some_salt_batman123".
This means that your everyday password with 10 letters, become a super huge 20-30 letter password with more symbols, more letters.
Even more difficult.
A second layer of security is that nobody outside the application knows the salt. That is the whole purpose. Salt rotation means that this "secret prefix" change from time to time, to make things even more difficult.
More: https://web.archive.org/web/20200826143711/https://twitter.com/CodeMonkeyZ/status/1298630319759712256
I appreciate your explanation, the clarity of it. And above all, your patience to draw up such an extensive post. Thank you!
I actually understood that after I read it a couple of times thank you.
I got 1 thing to say about all of these gorrillions of possible combinations of codes that are supposed to require umpteen million computers working in tandem for a zillion years to be able to crack through brute force: .
Chaos Theory. The shit can still crack on the very first attempt.
I do appreciate your excellent explanation of the numbers, and I am not trying to discredit what you have posted. But I believe it is necessary to remind people of the real possibility of the impossible.
It basically means that the random number that gets changed periodically to keep people from hacking in (like a password scrambler) keeps changing but Q’s tripcode is not using it. Seems a bit shady, any admin of the website can pretend to post as anyone, my skepticism is high (I do question everything) but I’m still fascinated with this whole thing, and we are some of the best researchers I know, so I will continue to follow what’s going on. Honestly I’m addicted to this site and how everything is playing out, it’s definitely entertaining.
It means the likelihood that this is the real Q is high.
Unless of course Jim is full of shit cuz he's in on it.
🤷♂️
If he was going to fake it, he could have done that long ago.
If he is "in on it" then it would still be Q since Q could be a group and if he is "in on it" he would be part of Q.
"In on" faking posts is what I mean, there's no way to know.
Let's see if Q posts again.
Seeing that it was 17 months from the last post at an exact time of a previous RvW post, in the same manner that Q writes, and connects many posts together, I am definitely leaning to it being the real Q
I don't know, such a basic level of reading Q drops as timing to events and the number "17" are too widely known and applied to dismiss as being outside black hat fakery.
How did we confirm that this is something that Jim actually said?
He put out a video.
Ok, good. Thanks.