Perhaps the only way to get rid of them for sure is to require a CAPTCHA before all posts. That has its own issues though.
Perhaps the only way to get rid of them for sure is to require a CAPTCHA before all posts. That has its own issues though.
What are the implications of this?
Password is necessary for two-factor authentication. The factors of authentication are something you know (like a password), something you have (like a cell phone), and something you are (like a biometric).
An example of three-factor authentication would be this—imagine a spy going into a secret bunker. They need to scan their iris, insert a key card, and then enter a passcode before the door opens. This has all three factors of authentication; the passcode is something they know, the key card is something they have, the iris scan is something they are.
If it just sends a code to your phone, that’s one-factor authentication (something you have). Anyone with your phone can get into your account. Unless, of course, your phone hides its notifications and you have a screen lock. Then that’s actually two-factor authentication because you also need to know the phone PIN or have the biometric.
If it just asks for a password, that’s one-factor authentication (something you know).
If it asks for your password and then sends a code to your phone, which you need a fingerprint or face scan to unlock, you have achieved three-factor authentication.
Edit: Interesting tidbit—in the USA, you can rent a mailbox at the post office to receive mail when you don’t want to give out your real address. Useful for privacy reasons. I’m sure they have similar things in other countries. These mailboxes come with a key. This is actually two-factor authentication, because the keys usually don’t have the mailbox number written on them! So you have to have the key and also have to know which mailbox among the hundreds at the post office it opens.
TOTP is standardised by RFC 6238 so all TOTP clients must comply with the standard and therefore work equally well. Pick the one whose UI you like the most and is otherwise good enough for your use case and personal preferences. It’s similar to arguments over CPU thermal paste—its presence or absence makes a much larger difference than the method of application.
You do, however, want to pick something that is free and open-source and also popular. Google Authenticator (closed source) definitely is a functional TOTP client but you have to trust that the Google engineers have done a good job building a secure app. Since it’s Google, they probably have, but a principle in security is that you should not have to trust more people than absolutely necessary.
Yes, but this is like replacing the front door of your house with a bank vault door. Yes, it’s more secure, but there is a point of “reasonably secure enough” for most people and at some point, you are just inconveniencing yourself for no tangible gain.
It’s not a hard concept. In almost every well-designed security system, the weakest links are invariably the humans
The passwords are stored locally. You can test this yourself by turning off your WiFi or disconnecting your Ethernet cable and then going to about:logins. All the passwords will still be there.
Because I am a developer and I have also been a sysadmin, and I really do not care. Yes, the format is good but I’m not particularly excited for it.
And I suppose sysadmins and application developers are not people?
My argument is not “we have a current standard”, it’s “people don’t give enough of a shit to change”.
I think this might sound like a weird thing to say, but technical superiority isn’t enough to make a convincing argument for adoption. There are plenty of things that are undeniably superior but yet the case for adoption is weak, mostly because (but not solely because) it would be difficult to adopt.
As an example, the French Republican Calendar (and the reformed calendar with 13 months) are both evidently superior to the Gregorian Calendar in terms of regularity but there is no case to argue for their adoption when the Gregorian calendar works well enough.
Another example—metric time. Also proposed as part of the metric system around the same time as it was just gaining ground, 100 seconds in a minute and 100 minutes in an hour definitely makes more sense than 60, but it would be ridiculous to say that we should devote resources into switching to it.
Final example—arithmetic in a dozenal (base-twelve) system is undeniably better than in decimal, but it would definitely not be worth the hassle to switch.
For similar reasons, I don’t find the case for JPEG XL compelling. Yes, it’s better in every metric, but when the difference comes down to a measly one or two megabytes compared to PNG and WEBP, most people really just don’t care enough. That isn’t to say that I think it’s worthless, and I do think there are valid use cases, but I doubt it will unseat PNG on the Internet.
What’s wrong with PNG?
Give me a bunch of open AI models and a big GPU to play with and I’ll generate twenty gigabytes of weird anime fetish content.
This is the only true use of AI
Agreed. I managed to get my grandpa onto Linux using Mint on his old computer. He said the interface resembled classic Windows and was up and running in less than five minutes. I just had to show him how to use the software manager and that’s it.
No, it’s not science. It’s logic based on a few observations. If you don’t observe the same things as I do, you will not come to the same conclusions.
Oh, I understand they are usually human. I just don’t think their viewpoints are worthy of discussion. And you make this judgement every day as well, even if you refuse to admit it. And perhaps you make it on grounds that are less sound.
You can say that. It doesn’t matter though. I am right. You can keep saying “nuh uh” if you want.
No, of course, I cannot. I do not judge what category someone likely falls into based on whether what they say matches nearly word for word a “promoted” viewpoint. In some cases, I mostly agree with what they said but it’s painfully obvious that person didn’t come to that conclusion through their own thinking but is rather just parroting a screenshot of a post on the site formerly known as Twitter.
You have missed the entire point of my comment. If someone is likely to be in categories 2 or 3, I dismiss them if the viewpoint is otherwise not worthy of discussion, which it usually is not. I don’t care if this causes me to misjudge the intentions of some people, because that is inevitable in any probability-based judgement system. What matters is picking what is most likely correct.
I don’t feel that you have the ability to grasp this point and you’re just going to come up with another argument I didn’t make to attack.
No, I am not. I wouldn’t say it if it were made up. Who have I got to convince by making shit up? I am not pushing any viewpoint at all.
I base my assertion on interactions with people on this platform. Whenever someone parrots a point that is promoted this way, they’re almost universally just repeating what some wisecrack said on X that sounds correct enough to not investigate further or think critically about and is agreeable to their worldview.
I will not argue over this. You either accept what I am saying or you don’t, but I don’t give enough of a shit either way to get into an argument.
I love the Internet Archive but they are pretty clearly legally in the wrong here.
Not morally, mind. I support open access to knowledge. But they very clearly broke copyright law here.