the propensity to malfunction at the slightest disturbance

I’m reminded of “soft bits”. Remember those? Back when everything came on a floppy disk, one form of copy protection was to include sectors whose bits couldn’t quite decide if they were off or on. If the program read the relevant sector more than once, and got the identical content each time, that was a dead giveaway that it was dealing with an unauthorized copy.

Interesting but, IMO, the problem has never been hackers directly accessing a signal. It's been weaknesses in access points, implementation and interfaces that allow hackers in.

Interesting but, IMO, the problem has never been hackers directly accessing a signal. It's been weaknesses in access points, implementation and interfaces that allow hackers in.

You forgot to add human error allowing hackers in, and that's probably the weakest link.

I’m reminded of “soft bits”. Remember those? Back when everything came on a floppy disk, one form of copy protection was to include sectors whose bits couldn’t quite decide if they were off or on.

I'm intrigued by this as a form of copy-protection.

I'm wondering if it might be possible to simulate soft bits in JavaScript...

... perhaps using a combination of (Math.random() - 0.5), Math.abs() and Math.sign().

Hmmm... okay, here's a rough take.

1) Let's say a 64 numeric character sequence were derived from the copy-protected file in question:

7421229177312974883586245299316558694427355555559623417566444289

2) And further, let's say that a binary distribution were then iteratively derived from and then applied to that sequence, such that if the sequence above were broken up into an array of single-digit integers, some were turned into negative and others into positive integers.

let mySoftBitsSector = [-7, -4, 2, -1, 2, 2, -9, -1, -7, -7, -3, -1, -2, -9, -7, -4, -8, -8, -3, 5, -8, 6, -2, -4, 5, -2, -9, -9, -3, -1, -6, -5, -5, -8, -6, 9, 4, 4, 2, 7, -3, -5, -5, -5, -5, -5, -5, 5, -9, -6, -2, -3, -4, -1, -7, -5, -6, -6, -4, -4, -4, 2, -8, -9]

Then we could run the following function three times:

 
const readSector = (sector) => {
 sector = (sector.map((myValue) => (Math.random() < 0.5) ? Math.abs(myValue) : myValue));
 sector = (sector.map((myValue) => (myValue = (Math.sign(myValue) === -1) ? 0 : 1))).join('');
 return sector;
}

readSector(mySoftBitsSector);
readSector(mySoftBitsSector);
readSector(mySoftBitsSector);

and each time the sector were read, it would return a slightly different result, due to the soft bits:

1) 1111111101010001100111001011110101011111010110011010010100001110
2) 0110111110000010111111111001101001011111001010110111110101101111
3) 0011110111001100010101101001001110011111000001111101000101110101

However... if the function above were a single character different:

 
const readSector = (sector) => {
 sector = (sector.map((myValue) => (Math.random() < 0.0) ? Math.abs(myValue) : myValue));
 sector = (sector.map((myValue) => (myValue = (Math.sign(myValue) === -1) ? 0 : 1))).join('');
 return sector;
}

Then each time the sector were read, it would return exactly the same result (identical to the binary distribution in Step 2):

1) 0010110000000000000101001000000000011111000000010000000000000100
2) 0010110000000000000101001000000000011111000000010000000000000100
3) 0010110000000000000101001000000000011111000000010000000000000100

No soft bits. Unauthorised copy.

N.B. Obviously everything above is plainscript - in production, the JS could be a lot more obfuscated.

"Hey, the internet is unsafe and full of cyber attacks but lets all bank online only anyway!"

I'd rather not but the soft bits can add a zero or two to my bank balance if they want.

cyber attacks

I wonder how many might be prevented via the simple expedient of disabling links by default in emails, instant messaging and SMS messages?

Heh... "unhackable" is kind of an oxymoron. Hacks make it happen, those who are hacks will "un" it on the other side. Nothing changes.

How about this? New domain and it only has a "Hello World! message on home page to verify DNS has kicked in.

The next day I see stats reporting 186 pages not found by someone probing for WordPress scripts.

How do they even know about the new domain?

Is it a dot com or a dot au? Dunno about APNIC, but ARIN--unlike RIPE--isn’t especially hush-hush about new registrations.

.group

Oh. Identity Digital, formerly Donuts (really). I hadn't realized that, to go with the blizzard of new TLDs, there was a corresponding blizzard of new registries (not registrars, which multiply regardless).

After some trial and error I found a site that claims to update ".group" lists daily, which implies that the registry does put out the information regularly. And then a botrunner gets hold of the list and plugs in the names of all the most common CMS files. (Really, though, wouldn't it make more sense to hold off for a week or so? Nobody has the full site up & running the very day the domain name becomes active.)

Digression: And then, following up a relate line of inquiry, I confirmed that the renewal rates I'm currently paying are perfectly in line with other registrars. It's gone up a lot over the past decade--but so has everyone else, it turns out.

Most interesting, thanks.

I have been with the same registrar for more than 20 years as a reseller and went with .group because it suited the site...a forum for a sports group. I wanted the name to be unique and searched more than 100 domain types from within the reseller realm. Almost fell off my chair a few times seeing names that will cost $3-43,000 to register.