What are the implications of this?
What are the implications of this?
For what it’s worth, English Wikipedia editors reached a consensus to deprecate (ban) it for unrealiability last year: https://en.wikipedia.org/wiki/Wikipedia:Reliable_sources/Noticeboard/Archive_424#RFC:_The_Cradle
The following notes are present:
The Cradle is an online magazine focusing on West Asia/Middle East-related topics. It was deprecated in the 2024 RfC due to a history of publishing conspiracy theories and wide referencing of other deprecated sources while doing so. Editors consider The Cradle to have a poor reputation for fact-checking.
Password is necessary for two-factor authentication. The factors of authentication are something you know (like a password), something you have (like a cell phone), and something you are (like a biometric).
An example of three-factor authentication would be this—imagine a spy going into a secret bunker. They need to scan their iris, insert a key card, and then enter a passcode before the door opens. This has all three factors of authentication; the passcode is something they know, the key card is something they have, the iris scan is something they are.
If it just sends a code to your phone, that’s one-factor authentication (something you have). Anyone with your phone can get into your account. Unless, of course, your phone hides its notifications and you have a screen lock. Then that’s actually two-factor authentication because you also need to know the phone PIN or have the biometric.
If it just asks for a password, that’s one-factor authentication (something you know).
If it asks for your password and then sends a code to your phone, which you need a fingerprint or face scan to unlock, you have achieved three-factor authentication.
Edit: Interesting tidbit—in the USA, you can rent a mailbox at the post office to receive mail when you don’t want to give out your real address. Useful for privacy reasons. I’m sure they have similar things in other countries. These mailboxes come with a key. This is actually two-factor authentication, because the keys usually don’t have the mailbox number written on them! So you have to have the key and also have to know which mailbox among the hundreds at the post office it opens.
TOTP is standardised by RFC 6238 so all TOTP clients must comply with the standard and therefore work equally well. Pick the one whose UI you like the most and is otherwise good enough for your use case and personal preferences. It’s similar to arguments over CPU thermal paste—its presence or absence makes a much larger difference than the method of application.
You do, however, want to pick something that is free and open-source and also popular. Google Authenticator (closed source) definitely is a functional TOTP client but you have to trust that the Google engineers have done a good job building a secure app. Since it’s Google, they probably have, but a principle in security is that you should not have to trust more people than absolutely necessary.
Yes, but this is like replacing the front door of your house with a bank vault door. Yes, it’s more secure, but there is a point of “reasonably secure enough” for most people and at some point, you are just inconveniencing yourself for no tangible gain.
It’s not a hard concept. In almost every well-designed security system, the weakest links are invariably the humans
The passwords are stored locally. You can test this yourself by turning off your WiFi or disconnecting your Ethernet cable and then going to about:logins. All the passwords will still be there.
No, it’s not science. It’s logic based on a few observations. If you don’t observe the same things as I do, you will not come to the same conclusions.
Oh, I understand they are usually human. I just don’t think their viewpoints are worthy of discussion. And you make this judgement every day as well, even if you refuse to admit it. And perhaps you make it on grounds that are less sound.
You can say that. It doesn’t matter though. I am right. You can keep saying “nuh uh” if you want.
No, of course, I cannot. I do not judge what category someone likely falls into based on whether what they say matches nearly word for word a “promoted” viewpoint. In some cases, I mostly agree with what they said but it’s painfully obvious that person didn’t come to that conclusion through their own thinking but is rather just parroting a screenshot of a post on the site formerly known as Twitter.
You have missed the entire point of my comment. If someone is likely to be in categories 2 or 3, I dismiss them if the viewpoint is otherwise not worthy of discussion, which it usually is not. I don’t care if this causes me to misjudge the intentions of some people, because that is inevitable in any probability-based judgement system. What matters is picking what is most likely correct.
I don’t feel that you have the ability to grasp this point and you’re just going to come up with another argument I didn’t make to attack.
No, I am not. I wouldn’t say it if it were made up. Who have I got to convince by making shit up? I am not pushing any viewpoint at all.
I base my assertion on interactions with people on this platform. Whenever someone parrots a point that is promoted this way, they’re almost universally just repeating what some wisecrack said on X that sounds correct enough to not investigate further or think critically about and is agreeable to their worldview.
I will not argue over this. You either accept what I am saying or you don’t, but I don’t give enough of a shit either way to get into an argument.
This is just simplistic and un-nuanced thinking.
The use of bots is not to generate new opinions, it is to make fringe opinions seem more popular than they are. Most (but not all) opinions propagated this way are already worthy of dismissal for other reasons, but when it’s clear that someone is repeating word-for-word a line of dismissable or unsound rhetoric which is also being propagated by those bots, it lends itself to three reasonable conclusions:
Only in case 1 is such an opinion worth discussing, but the vast majority of cases will be case 2 or case 3.
That is why it is reasonable to dismiss such opinions despite the possibility that they are genuine, in good faith, and not the product of propaganda. Because the odds that they’re not are vastly greater. Nobody can be certain of anyone’s intentions on the Internet, so rational actors can only play a game of “What is the most likely scenario?”.
Labelling people as bots is not wrong if those people are actually bots
Ubuntu Server, Debian, or Rocky Linux will save you a lot of headaches.
Most software is designed with these major distros in mind and using something more obscure will just cause problems later on when you realise that there are no guides written for it by the software vendor. Fixing broken software gets old really fast especially when it causes your stuff to break when you’re actually trying to use it.
I have a script running that uses the Namecheap API to automatically get wildcard certs from Let’s Encrypt. I didn’t pay a dime for this. Did something change?
Nothing wrong with Boost Mobile, or any other discount telecom provider either. It’s not like the phone signals taste different lmao
It’s just a hallmark of “I bought the cheapest domain name TLD available”.
That’s not necessarily bad if all you need is something to get the job done, but there is a stereotype associated with it.
The reason is because it supposedly creates a moral hazard. This is the logic behind pricing for all sorts of medical resources (such as co-pays and deductibles). If there is a nominal cost involved to obtain the resource, then you will be incentivised not to use more than you need. But if it is free or costs too little, then you (and others) may choose to use a lot of the resource, far more than you actually need.
For example, suppose there is a $50 co-pay (a co-pay is essentially a fee) to see the doctor, and you figure you should go once a year for a check-up. In this case, you will not schedule an excessive number of appointments because you know it is not necessary and it will cost you money each time you do. If scheduling doctor’s appointments were free or costs very little, like $1, you may instead choose to schedule two or three appointments per year, because why not? Or maybe you will go see the doctor for every minor cold or stuffy nose. It’s not like it will cost you a significant amount of money. Or so their thinking goes, anyway.
Remember, the $50 you pay isn’t all that it costs. For every $50 you pay, the insurance company is probably paying the doctor $150.
Similarly, suppose a drug costs $100, but the insurance company pays $90, and you have to pay a $10 co-pay. You buy one vial, which is good for one month. The fear is that if the insurance company pays for all $100, since the drug is now free for you, you might decide to get two vials instead, just in case. After all, they’re free for you, right? This means the insurance company has to pay $200 for two vials of the drug but the benefit to you is actually pretty small. Again, this is how insurance companies think.
Now, whether this logic is sound or not, I leave that part up to you.
I don’t have a problem with snaps as a technology. If you want to use them, then who am I to judge?
But what I do have a problem with is when I don’t have a choice and I am being forced to use what the distro maintainers think is good for me. That is what finally made me quit Ubuntu and switch to Fedora.