# Return some error
    ...
```

But by using the `secrets.compare_digest()` it will be secure against a type of attacks called "timing attacks".

### Timing Attacks { #timing-attacks }

But what's a "timing attack"?

Let's imagine some attackers are trying to guess the username and password.

And they send a request with a username `johndoe` and a password `love123`.

    # Return some error
    ...
```

Porém, ao utilizar o `secrets.compare_digest()`, isso estará seguro contra um tipo de ataque chamado "timing attacks" (ataques de temporização).

### Ataques de Temporização { #timing-attacks }

Mas o que é um "timing attack" (ataque de temporização)?

Vamos imaginar que alguns invasores estão tentando adivinhar o usuário e a senha.

        .Builder()
        .serialNumber(1L)
        .certificateAuthority(4)
        .commonName("attacker ca")
        .build()
    val attackerIntermediate =
      HeldCertificate
        .Builder()
        .serialNumber(2L)
        .certificateAuthority(3)
        .commonName("attacker")
        .signedBy(attackerCa)
        .build()
    val pinnedRoot =
      HeldCertificate
        .Builder()

import java.util.concurrent.TimeUnit;

import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;

/**
 * Security-focused test cases for NtlmPasswordAuthenticator to verify timing attack resistance.
 */
public class NtlmPasswordAuthenticatorTimingAttackTest {

    private static final int TIMING_ITERATIONS = 1000;

    # Devuelve algún error
    ...
```

Pero al usar `secrets.compare_digest()` será seguro contra un tipo de ataques llamados "timing attacks".

### Timing attacks { #timing-attacks }

¿Pero qué es un "timing attack"?

Imaginemos que algunos atacantes están tratando de adivinar el nombre de usuario y la contraseña.

Y envían un request con un nombre de usuario `johndoe` y una contraseña `love123`.

mitigate the risk in this scenario is to sandbox the model execution.

### Hardware attacks

Physical GPUs or TPUs can also be the target of attacks. [Published
research](https://scholar.google.com/scholar?q=gpu+side+channel) shows that it
might be possible to use side channel attacks on the GPU to leak data from other
running models or processes in the same system. GPUs can also have

* plug-in: plug-in (do not translate to "complemento" or "extensión")
* plug-ins: plug-ins (do not translate to "complementos" or "extensiones")
* full stack: full stack (do not translate to "pila completa")
* full-stack: full-stack (do not translate to "de pila completa")
* stack: stack (do not translate to "pila")
* loop (as in async loop): loop (do not translate to "bucle" or "ciclo")

* mount (verb): монтировать
* mount (noun): точка монтирования / mount (keep in English if it's a FastAPI keyword)
* plugin: плагин
* plug-in: плагин
* full stack: full stack (do not translate)
* full-stack: full-stack (do not translate)
* loop (as in async loop): цикл событий
* Machine Learning: Машинное обучение
* Deep Learning: Глубокое обучение
* callback hell: callback hell (clarify as `ад обратных вызовов`)

By default, OkHttp trusts the certificate authorities of the host platform. This strategy maximizes connectivity, but it is subject to certificate authority attacks such as the [2011 DigiNotar attack](https://www.computerworld.com/article/2510951/cybercrime-hacking/hackers-spied-on-300-000-iranians-using-fake-google-certificate.html). It also assumes your HTTPS servers’ certificates are signed by a certificate authority.

 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 */
package jcifs.smb;

import jcifs.CIFSException;

/**
 * Exception thrown when an SMB protocol downgrade attack is detected.
 * Indicates that the negotiated protocol version is lower than expected or required.
 *
 * @author mbechler
 *
 */
public class SMBProtocolDowngradeException extends CIFSException {

    /**