ericjmorey @ ericjmorey @discuss.online

Posts

13

Comments

195

Joined

2 yr. ago

For $24 a month I can keep you safe from the worst ones.

For those that are questioning what the point of the lengthy article is because the title doesn't help much, here's the explanation:

Imagine it this way: let’s say every time you stepped outside your front door, you decided you want to be safe, so you dressed head-to-toe in full combat gear, complete with bulky full-body kevlar, a helmet, safety glasses, steel-toed boots, and gloves. I can stop the scenario here: even for those of us living in the roughest places, that’s a silly visual because it’s overkill. To be a little detailed, it also goes back to that word I used: “you want to be safe.” Safe from what? The sun? Then just put on some sunscreen and a hat. The cold? Put on a jacket. Danger? Keep your eyes up, headphones out (or low), and be aware of your surroundings.

Yet, many of us do the equivalent of overdressing in our digital lives because, as I said, we don’t always see it right away. Most people can instantly tell when they might be putting on too many items of clothing. Even something as simple as a jacket – when you feel the weight and restriction of movement – makes you pause enough to go “how cold is it really outside?” With the digital world, it can be much harder to notice the added weight, at least for a while. This makes it easier to overdress and not notice for a long time – or to dress up in full armor except for going barefoot (like I said, inconsistent action). In the past, I’ve compared some of the easier cybersecurity strategies with locking your front door: it’s technically inconvenient but we accept that inconvenience because the dramatic increase in security and safety outweighs it. This is comparable to things like using a password manager and 2FA or making the upfront switching cost to another service.

...

Once [people] understand the concept, they quickly start to realize where they can safely dial back to something less stressful without risking themselves and where they should instead focus more attention to improve. You don’t need the entire suit of body armor, you just need to put on a jacket.

With BlueSky, it pretends to be similar, but the reality is that everything needs to go through their central server in order to be displayed on a timeline.

They have been saying that this is an implementation detail that will change when they open up that part of their implementation. Which is nice, but until that happens I'm only lukewarm in my optimism for Bluesky and the AT protocol.

On the other hand, every federated network has converged on a central host for the vast majority of accounts and data. That host has outsized influence over the standard used on the network and unencrypted acess to the majority of data. So I'm not sure what really matters to what extent.

Isn't that the same issue with ActivityPub and the instances that host accounts and messages?

Mastodon's moderation model is very different than BlueSky. BlueSky's seems to be much better for targeted individuals and groups. But things aren't entirely hashed out on either protocol or their implementations. We'll see how it goes.

My first exposure to that interchangable use in the Lemmy lexicon. Now I Know!

I had a phone die in me

The phone being inside you is probably why it died 😂

But on a serious note, I haven't switched to passkeys because I don't have a clear mental model of how to recover from losing both my phone and computer at the same time.

Are you in my head? Is this an alternate account that my subconscious self uses? What is real?

That was exactly my thought when asking. But it seems it's the former.

Thanks for clearing that up!

What's a Lemmy group?

Couldn't a malicious ActivityPub server do similar things now?

What is the threat model here?

This looks like ChatGPT time taveled back to 1966.

Since storage costs money, does it allow the admin to offer tiered access to higher quality storage?

Wouldn’t it be better (if doable) to take some cues on how actually email (and XMPP for that matter) works, and ask the user for the username and the password instead in one go?

I have to give my email app a lot more information than a username and password. So I'm not sure what you're envisioning.

The bill in question is H.R. 7888: Reforming Intelligence and Securing America Act: To reform the Foreign Intelligence Surveillance Act of 1978.

The concerning section of the text of the bill in question.

Elizabeth Goitein's claims are not correct as the amendment is more narrowly defined than she has claimed. But the amendment is still overly broad and an inappropriate overreach of government surveillance.

Elizabeth Goitein is Co-director of the Liberty and National Security Program at the Brennan Center for Justice.

FYI, the article got the date of the House vote incorrect (it was Friday April 12, not Saturday April 13).

This seems like a reasonable thing to require of services that aren't dependent on each other for basic functionality.

Instance hosters are currently relying on fair use since there's been no agreements when I've signed up.

This is an independent research project of yours in which you can write a summary of your findings with citations using a standardized formatting. Make sure you relate your findings to business administration in some way. If you do a good job with it you might stand out as exceptional.