MostlyHarmless

@MostlyHarmless@sh.itjust.works
0 Post – 40 Comments
Joined 1 years ago

From the article

"The lights, which were intended to give the illusion of a sunrise, were placed about 20 to 30 feet from the aircraft, shining on first the right, then the left side of the craft for over nine hours in total.

A foam liner had melted away from at least one of the windows and several window panes appeared to have been warped by the thermal heat. "

9 more...

There is a big fat warning at the top of the page saying that the data is out of date, or innacurate due to the api changes

Yeah, I don't believe that. Turning it into a fascist shit hole might have been a goal, but losing billions doing it isn't.

He's an arrogant fuck who wants everyone to believe he's a genius. Blowing that much money makes him look like a moron.

6 more...

Unless I meet you in person, I'm not going to get your biometrics. The point of these is to protect your accounts from the global Internet.

https://xkcd.com/538/

8 more...

Humans have asymmetric features. No one is symmetrical

1 more...

It's JSX. It's used to embed markup into javascript

Biometrics are two factor, because you need the fingerprint and the device they unlock.

You can't use the device without the fingerprint and you can't take someone's fingerprint then use them from a different device.

3 more...

No they didn't. They had their own moon program and announced their intentions to land in 1961 before the Americans announced in 1962

https://en.m.wikipedia.org/wiki/Soviet_crewed_lunar_programs

3 more...

I played it on Steam Deck. It was great. Act 3 was a bit slow, but I didn't mind.

I am thinking of getting it on console so I can experience it with better resolution

I don't understand what you are saying. They had a moon landing program.

Also, do you really think that if the Soviets had the opportunity to embarrass the Americans by proving the landing was fake, they wouldn't take it? Of course they would. Instead they were able to track the Apollo mission all the way and knew it was real.

1 more...

It's chrome without Google's ad "privacy" bullshit.

9 more...

But it doesn't keep him away. Defederation means they consume all of the data from ActivityPub, you consume none of theirs. You are creating a walled garden for them that makes it harder for Threads users to leave.

Everyone is searched going through customs. There are also dogs trained to sniff out everything.

Are you saying hydrogen doesn't burn because it doesn't produce carbon?

Even if the Soviets had given up on the space race, they still had a vested interest in embarrassing America. They had every motivation to prove that America faked it, but they didn't do it, because they had all the evidence that it was real. They could track the space craft and listen in on the same signals everyone else did.

All documentation against the moon landing has been thoroughly debunked many times. But you don't care about that.

You don't have to trust the Americans, there is plenty of independent third party evidence from multiple sources

https://en.m.wikipedia.org/wiki/Third-party_evidence_for_Apollo_Moon_landings

This article is so misleading. XMPP died for the same reason all technology dies. No one used it. Even if Google hadn't ever used it, it would still be dead. I know this because Google Talk and ALL Google chat apps are dead. WhatsApp killed them all.

1 more...

They can already harvest the data. Nothing on the ActivityPub is private

3 more...

The heat released into the atmosphere has to go somewhere. The only place it can go is to be radiated into space

It is different. Chrome automatically opted US users into their new "topics" advertising feature which allows Google to use your browser history to assign topics of interest to you and use it to deliver targeted adverts at you.

https://www.forbes.com/sites/kateoflahertyuk/2023/09/07/new-google-chrome-targeted-ad-tracking-heres-how-to-stop-it/

7 more...

I'm not saying it's different. I'm saying that the current plan in no achieves the goal of keeping the fediverse open and out of the control of large corporations.

If you want to know how to prevent them from taking control, you better start working out the specifics of how they will do that. Otherwise your actions may end up helping them.

No one seems to have considered the possibility that Facebook are well aware of what people think of them. That they looked at the technology and thought "we don't have to do anything, those idiots hate us so much they will do the job for us and give us the private marketplace we desire"

Yeah, yeah, parrot the line and then please explain how?

Extending means making extra functionality that others haven't implemented, so that your offering is more attractive. You use it to build a walled garden. Defederation just skips that step and does it for them. They don't even have to extend.

3 more...

I would like to point out that xmpp still exists. Google Talk does not. WhatsApp killed xmpp, not Google

3 more...

If someone has physical access to you and your device, they are getting in

https://xkcd.com/538/

Using biometrics to protect your online accounts is far more secure than a password

How? Everyone says some form of this, but never gives any details of how they will do that. Or how defederation will prevent that.

You are afraid that they will control the marketplace, and then turn around telling everyone to defederate, which just gives them a walled garden marketplace on a silver platter.

No, wrong. Still two factor because your fingerprint plus your device.

These authentication methods aren't as simple as the two factor Google Authenticator 6 digit number. They are cryptographically secure keys. Even if someone finds out what the token is, they still cannot send a valid request because they cannot generate a digitally signed request using the private key locked in your device's hardware, unlocked by your biometrics.

Passwords are inherently insecure and relatively easy to break. Digital signatures and secure tokens are almost unbreakable

Are suggesting that nobody should use any web browsers because they are all web browsers?

5 more...

No, Chrome is based on Safari.

Apple took khtml, which was developed by the KDE project, and created Webkit. Google then forked Webkit and created Chrome with it.

https://en.m.wikipedia.org/wiki/WebKit

1 more...

What point was that? If you don't join Threads, they don't have your data. They do have everything you publish to the Fediverse though, no matter what you do.

1 more...

And still useless unless they also steal your phone. You are still safe from the hackers on the other side of the planet

How is Threads going to breach your privacy by federating with your instance? How is de federating from Threads going to protect your privacy?

19 more...

I don't disagree about Firefox, but if someone has to use a chromium based browser, Edge is far better than Google Chrome

3 more...

My point is that I'm not worried about the relatively few people who could steal my fingerprint. I'm worried about the millions of people around the world who will try to steal my passwords and access my online accounts.

If everyone secured their accounts with a biometrically secured security key, they would be far more secure than if they continue to just use a password.

Tgose who go around spreading misinformed FUD over biometrics ensure people who don't know better continue to use weak passwords.

Even if someone gets your fingerprints from the OPM breach still can't use them because they also need your phone. You are still protected from all of the hackers around the world.

4 more...

This still makes him look like a moron and his image is really important to him.

Brave? The browser embedding crypto wallets and redirecting urls through affiliate links?

It's also besides the point. The point is Chrome is one of the worst and using Edge to download Chrome is like trading tobacco for meth and saying "at least I'm not smoking"

Because every time this argument starts, someone mentions how they don't want the fediverse to go down the xmpp path, and the argument has its origin in this article

https://ploum.net/2023-06-23-how-to-kill-decentralised-networks.html

Which just had some leaks about how insecure it is.

Windows Hello didn't. The hardware wasn't implemented correctly allowing the authentication to be bypassed. You misunderstood the issue here

They sync shit using iCloud...

They sync the public key with iCloud, not the private key. You misunderstood how it works.

It doesn't matter how many keys deep you have to go.

There is no "keys deep" there is a public/private key pair that authenticates a single device with a single account. You have misunderstood how a local key store works.

The compromised item is already obtained when you obtained the device.

Which means someone trying to access my account requires physical access to my device. Passwords, no matter how strong leave you open to remote attack.

Can you tell me the process to revoke the private key from your fingerprint reader on your phone?

Open the authencator app and remove the account. Or uninstall the authenticator app. Or delete your local phone account. Or factory reset if you want to go nuclear.

Alternatively if you lost your phone, go to the account online. Browse to the security section and delete the device from the list. Most services have the ability to sign out remotely. All that's doing is revoking the key. The phone doesn't have to do anything. The fact you think something needs change in the "blob" shows you do not understand how encryption works.

If I were to bump into you, and lift your phone.

Again physical access, not remote access. Much smaller attack vector than a password.

It puts all the power into another companies hands... and takes ALL of it out of yours.

You think passwords take power from the company that stores your passwords remotely? You have no idea how they are storing that password. You don't have to trust the company, you just have to trust the open standard these companies are implementing and that public/private key encryption is the standard used to secure the entire Internet.

Also, whats more likely... that you break a device or that a user CANNOT learn how to use a password manager?

Virtually no one uses a password manager. It's too much hassle.

There is no service on the face of the planet that strictly accepts tokens from Bio tools. Simply using Bio doesn't stop those online from bruteforcing the underlying password.

https://support.microsoft.com/en-us/account-billing/how-to-go-passwordless-with-your-microsoft-account-674ce301-3574-4387-a93d-916751764c43

https://blog.google/technology/safety-security/the-beginning-of-the-end-of-the-password/

https://techcrunch.com/2022/09/12/apple-passkey/

No. I "Spread FUD" because I understand that a good password MUST be revocable. Which Bio CANNOT be. Bio is a username.

Incorrect because your bio is not the password, the private key is. The private key is revocable. Your bio just unlocks your hardware key store and makes the private key accessible to the software.

This is what I mean when I say people do not understand biometric authentication.

2 more...

Biometrics are perfectly fine! We probably don't even live in the same country, I'm not going to get a hold of your fingerprints.

There seems to be a fundamental misunderstanding of what the biometrics actually do. The biometrics only unlock the device and give access to the security key. Once unlocked it's exactly the same as using a yubikey, and far better than an authenticator app, as they use a crypto key, not a 6 digit number.

1 more...

I like to wear a smart watch that looks like a regular watch. I have a Withings. It does basic notifications, has the usual health functionality such as heart rate, workouts etc. But the battery lasts a few weeks between charges.

Ah, so just fear mongering and hoping that the fear based knee-jerk reaction isn't actually playing directly into their hands.

1 more...