this post was submitted on 03 Nov 2025
1187 points (98.3% liked)

memes

18078 readers
1121 users here now

Community rules

1. Be civilNo trolling, bigotry or other insulting / annoying behaviour

2. No politicsThis is non-politics community. For political memes please go to !politicalmemes@lemmy.world

3. No recent repostsCheck for reposts when posting a meme, you can only repost after 1 month

4. No botsNo bots without the express approval of the mods or the admins

5. No Spam/Ads/AI SlopNo advertisements or spam. This is an instance rule and the only way to live. We also consider AI slop to be spam in this community and is subject to removal.

A collection of some classic Lemmy memes for your enjoyment

Sister communities

founded 2 years ago
MODERATORS
Tenthrow@lemmy.world
The_Picard_Maneuver@lemmy.world
The_Picard_Maneuver@startrek.website
1187
Skeletor is here to help (lemmy.world)
submitted 2 weeks ago* (last edited 2 weeks ago) by TehBamski@lemmy.world to c/memes@lemmy.world
171 comments fedilink hide all child comments
 
top 50 comments
sorted by: hot top controversial new old
[–] slazer2au@lemmy.world 247 points 2 weeks ago (7 children)

Use EICAR test strings as passwords so when the password is stored as plain text the antivirus software will delete the file.

[–] Valmond@lemmy.world 132 points 2 weeks ago (2 children)

Dude makes a whole binary of a virus his password.

[–] slazer2au@lemmy.world 63 points 2 weeks ago (1 children)

Doesn't have to be a binary file, toss the string in a txt file and the AV still throws a fit.

load more comments (1 replies)
load more comments (1 replies)
[–] Ekybio@lemmy.world 51 points 2 weeks ago (3 children)

What is an EICAR test string?

[–] Strider@lemmy.world 66 points 2 weeks ago (1 children)
[–] CaptainBlagbird@lemmy.world 72 points 2 weeks ago (2 children)

a computer file that was developed by the European Institute for Computer Antivirus Research (EICAR) and Computer Antivirus Research Organization to test the response of computer antivirus programs. Instead of using real malware, which could cause real damage, this test file allows people to test anti-virus software without having to use real malware.

load more comments (2 replies)
[–] Sabata11792@ani.social 37 points 2 weeks ago

X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

[–] slazer2au@lemmy.world 23 points 2 weeks ago

A specific string of text that you can use to test your AV without actually grabbing a virus.

[–] henfredemars@infosec.pub 25 points 2 weeks ago (1 children)

Unfortunately there is significant overlap between plain-text-password-servers and servers that can't be bothered to use antivirus. Also, the string may not work if it's not at the start of the file. AV often doesn't process the whole file for efficiency purposes.

[–] b_tr3e@feddit.org 48 points 2 weeks ago

It's not about the password on the server where you want to log in, it's about CSV files stored on the machine of the cybercrook who wants to use the passwords to steal people's identities.

[–] Orygin@sh.itjust.works 22 points 2 weeks ago (1 children)

Sadly it wouldn't work if found in a CSV file with other records:

According to EICAR's specification the antivirus detects the test file only if it starts with the 68-byte test string and is not more than 128 bytes long. As a result, antiviruses are not expected to raise an alarm on some other document containing the test string

load more comments (1 replies)
load more comments (3 replies)
[–] brownsugga@lemmy.world 165 points 2 weeks ago (4 children)

fun fact, "commas" does not require an apostrophe

[–] a14o@feddit.org 70 points 2 weeks ago

Single quotes are another great way to mess with unsanitized data input though

[–] stinky@redlemmy.com 16 points 2 weeks ago (1 children)

I'm watching the collective knowledge of my civilization crumble and I'm powerless to stop it

[–] ameancow@lemmy.world 11 points 2 weeks ago (1 children)

Grok, is this true?

load more comments (1 replies)
[–] Wilco@lemmy.zip 13 points 2 weeks ago (1 children)

Commas might be the comma's property. Step off.

load more comments (1 replies)
load more comments (1 replies)
[–] Delusions@lemmy.dbzer0.com 102 points 2 weeks ago (9 children)

Add comma's

Add commas what?

Adding an apostrophe makes the s possessive

[–] snooggums@piefed.world 38 points 2 weeks ago (5 children)

The apostrophe is to announce that the next letter will be an 'S'!

[–] gramie@lemmy.ca 20 points 2 weeks ago

As observed by that legendary grammarian Dave Barry.

load more comments (4 replies)
load more comments (8 replies)
[–] grimpy@lemmy.myserv.one 84 points 2 weeks ago (1 children)

add apostrophes to your meme to reduce clarity

load more comments (1 replies)
[–] JeeBaiChow@lemmy.world 79 points 2 weeks ago (9 children)

Interesting... I wrote a gag comment about using an SQL injection as my password and crashed the Lemmy API. Using connect if that makes any difference.

[–] tetris11@feddit.uk 52 points 2 weeks ago (1 children)

noice! Did the '; DROP TABLE USERS;' respond?

[–] JeeBaiChow@lemmy.world 34 points 2 weeks ago (2 children)

Almost line for line. A wall of XML popped up when I hit submit. Looks like yours went through.

load more comments (2 replies)
[–] sem@lemmy.blahaj.zone 36 points 2 weeks ago

Like the Bobby tables? Can u put it in a coffee?

[–] CaptainBlagbird@lemmy.world 15 points 2 weeks ago* (last edited 2 weeks ago)

Bobby', --

load more comments (6 replies)
[–] Fridgeratr@lemmy.dbzer0.com 56 points 2 weeks ago* (last edited 2 weeks ago) (7 children)

Don't add apostrophes to make words plural, that's not how it works.

Until next time

[–] RememberTheApollo_@lemmy.world 16 points 2 weeks ago* (last edited 2 weeks ago) (1 children)

They had to put a comma in there somewhere. Even of it was in the wrong place and upside down.

load more comments (1 replies)
[–] blockheadjt@sh.itjust.works 11 points 2 weeks ago (2 children)

How* it works

Until next time

load more comments (2 replies)
load more comments (5 replies)
[–] EndOfLine@lemmy.world 54 points 2 weeks ago (2 children)

load more comments (2 replies)
[–] sylver_dragon@lemmy.world 51 points 2 weeks ago (4 children)

Sadly, no. CSV files can deal with embedded commas via quoting or escaping. Given that most of the dumps are going to be put together and consumed via common libraries (e.g.python's csv module), that's all going to happen automagically.

[–] nymnympseudonym@piefed.social 23 points 2 weeks ago

Can be != will be

You're looping over 50M records, extracting into your csv. Did you bother using the appropriate library, or did your little perl script just do split(/,/,$line)

[–] bassomitron@lemmy.world 12 points 2 weeks ago (1 children)

What about quotes (single/double) and \s mixed with commas?

[–] ilinamorato@lemmy.world 14 points 2 weeks ago (1 children)

Everything you can use for a password can be escaped out of a csv. Partially because csvs have to be interoperable with databases for a bunch of different reasons, and databases are where your passwords are stored (though ideally not in plaintext). There's no way that I can think of to poison your password for a data breach that wouldn't also poison the password database for the service you're trying to log into.

load more comments (1 replies)
load more comments (2 replies)
[–] Quexotic@infosec.pub 38 points 2 weeks ago* (last edited 2 weeks ago) (8 children)

Pass","words","Are","fun","\n

Fuck that csv All the way up.

load more comments (8 replies)
[–] douglasg14b@lemmy.world 31 points 2 weeks ago (8 children)

CSV has standard escape sequences. This is pointless

See RFC-4180:

https://datatracker.ietf.org/doc/html/rfc4180

[–] BodilessGaze@sh.itjust.works 22 points 2 weeks ago (2 children)

CSV existed for over 30 years before RFC 4180. Excel, and countless other tools, have their own incompatible variants. Excel in particular is infamous for mangling separators when exporting to CSV.

[–] ChaoticNeutralCzech@feddit.org 22 points 2 weeks ago (1 children)

Fuck Excel's CSV handing. It differs by locale, silently. Imagine the thousands of people every year who patiently wait to import a multi-megabyte CSV from some instrument only to see garbage because their language uses the decimal comma and semicolon separator.

load more comments (1 replies)
load more comments (1 replies)
[–] FooBarrington@lemmy.world 18 points 2 weeks ago* (last edited 2 weeks ago)

That standard won't stop me because I can't read!

load more comments (6 replies)
[–] lmmarsano@lemmynsfw.com 26 points 2 weeks ago* (last edited 2 weeks ago) (8 children)

OP thinks security researchers don't understand how to properly serialize data for correct deserialization. OP also thinks they largely use CSV.

[–] TehBamski@lemmy.world 39 points 2 weeks ago

OP is uninformed and just found it funny and worth sharing. Good day

load more comments (7 replies)
[–] SlurpingPus@lemmy.world 23 points 2 weeks ago (6 children)

Thanks to my password manager, commas are among the more tame characters that occur in my passwords.

load more comments (6 replies)
[–] joan@lemmy.world 22 points 2 weeks ago (1 children)

Add apostrophes to "commas" to mess with me

load more comments (1 replies)
[–] Valmond@lemmy.world 20 points 2 weeks ago

Mine are typical error messages.

See you next time!

[–] Saganaki@lemmy.zip 15 points 2 weeks ago

Comma, single quote, double quote, escape last \ and all your cases are covered.

[–] tomiant@piefed.social 12 points 2 weeks ago* (last edited 2 weeks ago)

ngl this got a good fucking chuckle out of me

load more comments
view more: next ›