• 2 Posts
  • 253 Comments
Joined 1 year ago
cake
Cake day: June 29th, 2023

help-circle




  • I prefer to digest text too, but still would choose to taste a meal than read a typed up printout of the flavors it contains.

    If I showed up at a restaurant and was presented with a menu that didn’t describe anything about the dishes on offer, I’d be pretty disappointed.

    Point being that we have limited time and a nearly limitless amount of options for how to spend it. Text summaries are a tool we can use to decide whether something is worth our time (and money) investment if we’re on the fence about it.





  • Y’all? Excuse me sir/madam, but it’s y’all that needs to cut it out with the rhetoric.

    The level of effort to cast a vote, even in states with aggressive voter suppression, is still lower than the impact that the next 4-6 years of policy will have. Every state has options for mail voting or early voting.

    You’d have a hard time convincing me that someone who intends to vote would decide not to unless they’re simply too lazy to be bothered. If mild shaming encourages even a single person to exercise their right to vote, it’s worth doing.

    In fact, I’d even go so far as to say that it’s people like you coming out here and coddling people with your sYsTeMiC iSsUeS that is enabling people to consider voting and instead think, “hmm, do I want to deal with the systemic voter suppression issue or should I just skip voting this time? Yeah, I don’t want to wait in a line or cast my vote early, so best to just sit this one out and complain about the outcome.”

    It’s not victim blaming, it’s reminding people that they have a CIVIC DUTY to vote, just like registering for the draft or getting called for jury duty.


  • Agree about the stock markets being overvalued. However, I disagree about the impact of the rate cut on the market. I expect that many investors have been shoveling money into the s&p 500 because it has been the most reliable way to make a return that out paces inflation. As the rate comes down, I’d expect more investors to return to riskier markets and ventures because the opportunity cost is lower and the potential returns are worth it.

    Cutting the rate gives CFOs some breathing room, which could go a long way toward creating some new jobs.







  • Agree that passkeys are the direction we seem to be headed, much to my chagrin.

    I agree with the technical advantages. Where passkeys make me uneasy is when considering their disadvantages, which I see primarily as:

    • Lack of user support for disaster recovery - let’s say you have a single smartphone with your passkeys and it falls off a bridge. You’d like to replace it but you can’t access any of your accounts because your passkey is tied to your phone. Now you’re basically locked out of the internet until you’re able to set up a new phone and sufficiently validate your identity with your identity provider and get a new passkey.
    • Consolidating access to one’s digital life to a small subset of identity providers. Most users will probably allow Apple/Google/etc to become the single gatekeeper to their digital identity. I know this isn’t a requirement of the technology, but I’ve interacted with users for long enough to see where this is headed. What’s the recourse for when someone uses social engineering to reset your passkey and an attacker is then able to fully assume your identity across a wide array of sites?
    • What does liability look like if your identity provider is coerced into sharing your passkey? In the past this would only provide access to a single account, but with passkeys it could open the door to a collection of your personal info.

    There’s no silver bullet for the authentication problem, and I don’t think the passkey is an exception. What the passkey does provide is relief from credential stuffing, and I’m certain that consumer-facing websites see that as a massive advantage so I expect that eventually passwords will be relegated to the tomes of history, though it will likely be quite a slow process.




  • What an absolute failure of the legal system to understand the issue at hand and appropriately assign liability.

    Here’s an article with more context, but tl;dr the “hackers” used credential stuffing, meaning that they used username and password combos that were breached from other sites. The users were reusing weak password combinations and 23andme only had visibility into legitimate login attempts with accurate username and password combos.

    Arguably 23andme should not have built out their internal data sharing service quite so broadly, but presumably many users are looking to find long lost relatives, so I understand the rationale for it.

    Thus continues the long, sorrowful, swan song of the password.