With a quick google, what are the chances that erm71 is code for “Elon Reeve Musk 1971”.
There no way that a tech savvy individual would do something as simple as use his name and DOB for usernames and email addresses… Whats his password “teslarulez1971!”?
I’m sure that is exactly what it means. The point was to hide it a little bit, it’s not the standard first.last of everyone else but to make it still uniquely identifiable as musk. It’s not a completely unheard of practice to hide potential high spam targets. The goal isn’t to completely hide, just make it slightly harder to find
This is why scraping LinkedIn works so well. Using the consistent email format gets you to your target easily. I’ve used it to get the contact info of the CTO of American Airlines before (his auto-reply included his cell number.)
No it does not. Neither does having a password as they can be leaked or cracked or who knows what. Turning off tcmp echo on your router won’t stop all bad actors but it will stop some. All security practices are just small steps to make it slightly harder for bad actors.
There is no such thing as perfect security, but there’s a big difference between trying to obscure something confidential between two parties (a password) and trying to obscure information that by design must be shared with other parties (an email address).
Outside of diligently using disposable alias addresses, obscuring an email is an exercise in futility. The biggest point of failure in security is the human, and all it takes is a single person to leak it. With all the people that need to communicate with Musk over email, the opportunity for that to happen is far higher than the chance of something like someone successfully cracking a hash.
I 100% agree with you. But I’ll also admit that I email people ALL the time and I have no idea what their email alias is. I just hit reply.
I absolutely agree with you that even with a rotation musk’s email alias will get leaked. I’m just agreeing with you that it was security through obscurification and it would have worked if one of the emails got leaked. A thousand people would have tried variations of elon.musk@ i am willing to bet none of them would have tried erm71@
And let’s face it that man has an auto forward on his email lmao
And why not? You forget there is beauty in brevity.
A breach is a breach is a breach is a breach. You’d be criticizing his choice whether it was 5 simple characters or 500. When you K.I.S.S. it makes it easier to remember AND quicker to enter, access. I had to choose a password for work once, and I made it a little complex…work constantly logged me out 🙄🙄🙄🙄🙄…I had to enter that stupid fucking password so many fucking times, yes, it was secure. It was also DUMB and FRUSTRATING. Next 3 passwords were far simpler to repeatedly type in; I learned my lesson.
Same with Apple always auto-generating stupid passwords, I hope you never have to type them in! It’s just dumb, as illustrated by XKCD.
My rule: If I can’t easily write nor remember a daily password, it is crap. My strong passwords are kept in a offline password manager, which has a relatively weak master password in the vein of “R!seaboveit@ll”. Not ideal, but at least a human can type it.
The real danger is going to be websites leaking or sharing the individual password it is given. So long as no one knows your (offline) manager’s pass, the threat can be cordoned off. Unfortunately, we can expect the integration of AI into OS ecosystems to make that method vulnerable. Say, for example, Microsoft’s Copilot or Google’s Android.
Ha, son of a bitch. That is almost exactly what I do. 😆
There are always vulnerabilities; you can’t make things truly secure, you only make them less insecure.
All my passwords are longer & stronger, XKCD method, easy to read & type. Granted I don’t have Apple or my password manager generating gibberish passwords for me, takes 20 seconds each, I think them up. Maybe you should try it, too, idk. Leave the gibberish behind. I’m so glad I did.
Hmmm, erm71… Interesting attempt to hide
With a quick google, what are the chances that erm71 is code for “Elon Reeve Musk 1971”.
There no way that a tech savvy individual would do something as simple as use his name and DOB for usernames and email addresses… Whats his password “teslarulez1971!”?
I’m sure that is exactly what it means. The point was to hide it a little bit, it’s not the standard first.last of everyone else but to make it still uniquely identifiable as musk. It’s not a completely unheard of practice to hide potential high spam targets. The goal isn’t to completely hide, just make it slightly harder to find
This is why scraping LinkedIn works so well. Using the consistent email format gets you to your target easily. I’ve used it to get the contact info of the CTO of American Airlines before (his auto-reply included his cell number.)
That’s security through obscurity, and it doesn’t work in the long run.
No it does not. Neither does having a password as they can be leaked or cracked or who knows what. Turning off tcmp echo on your router won’t stop all bad actors but it will stop some. All security practices are just small steps to make it slightly harder for bad actors.
There is no such thing as perfect security, but there’s a big difference between trying to obscure something confidential between two parties (a password) and trying to obscure information that by design must be shared with other parties (an email address).
Outside of diligently using disposable alias addresses, obscuring an email is an exercise in futility. The biggest point of failure in security is the human, and all it takes is a single person to leak it. With all the people that need to communicate with Musk over email, the opportunity for that to happen is far higher than the chance of something like someone successfully cracking a hash.
I 100% agree with you. But I’ll also admit that I email people ALL the time and I have no idea what their email alias is. I just hit reply.
I absolutely agree with you that even with a rotation musk’s email alias will get leaked. I’m just agreeing with you that it was security through obscurification and it would have worked if one of the emails got leaked. A thousand people would have tried variations of elon.musk@ i am willing to bet none of them would have tried erm71@
And let’s face it that man has an auto forward on his email lmao
Obviously it’s teslarulez69420!!!
And why not? You forget there is beauty in brevity.
A breach is a breach is a breach is a breach. You’d be criticizing his choice whether it was 5 simple characters or 500. When you K.I.S.S. it makes it easier to remember AND quicker to enter, access. I had to choose a password for work once, and I made it a little complex…work constantly logged me out 🙄🙄🙄🙄🙄…I had to enter that stupid fucking password so many fucking times, yes, it was secure. It was also DUMB and FRUSTRATING. Next 3 passwords were far simpler to repeatedly type in; I learned my lesson.
Same with Apple always auto-generating stupid passwords, I hope you never have to type them in! It’s just dumb, as illustrated by XKCD.
XKCD also has a suggestion for strong, memorable, easy passwords.
Be smart. Make life simple. Don’t do stupid things. 🫡
My rule: If I can’t easily write nor remember a daily password, it is crap. My strong passwords are kept in a offline password manager, which has a relatively weak master password in the vein of “R!seaboveit@ll”. Not ideal, but at least a human can type it.
The real danger is going to be websites leaking or sharing the individual password it is given. So long as no one knows your (offline) manager’s pass, the threat can be cordoned off. Unfortunately, we can expect the integration of AI into OS ecosystems to make that method vulnerable. Say, for example, Microsoft’s Copilot or Google’s Android.
Ha, son of a bitch. That is almost exactly what I do. 😆
There are always vulnerabilities; you can’t make things truly secure, you only make them less insecure.
All my passwords are longer & stronger, XKCD method, easy to read & type. Granted I don’t have Apple or my password manager generating gibberish passwords for me, takes 20 seconds each, I think them up. Maybe you should try it, too, idk. Leave the gibberish behind. I’m so glad I did.
erm71@who.eop.gov
https://www.opmreply.com/
To save everyone time, here’s a draft set of productivity bullets for “turtle tester”:
It’s important Elon Musk knows these things.
Elon Musk strikes me as an individual who doesn’t like turtles at all. He is therefore cursed, and shall never see the light of Heaven.
Erm, what the sigma? ☝️🤓