Good morning to everyone except Anthropic, who have decided to hijack the ubiquitous Control-Shift-I (which opens Developer Tools in some browsers), to instead open a new Claude private chat session.
Royce Williams
Royce Williams
npub1l4uw...te68
Just doing my undue diligence.
ISP vet, password cracker (Team Hashcat), security demi-boffin, YubiKey stan, public-interest technologist, AK license plate geek. Husband to a philosopher, father to a llama fanatic. Views his.
Day job: Enterprise Security Architect for an Alaskan ISP.
Obsessed with security keys:
techsolvency.com/mfa/security-keys
My 2017 #BSidesLV talk "Password Cracking 201: Beyond the Basics":
youtube.com/watch?v=-uiMQGICeQY&t=20260s
Followed you out of the blue = stole you from someone I respect.
Blocked inadvertently? Ask!
Am I following a dirtbag? Tell me!
Photo: White 50-ish man w/big forehead, short beard, & glasses, grinning in front of a display of Alaskan license plates.
Boosts not about security ... usually are.
Banner: 5 rows of security keys in a wall case.
#NonAIContent
#hashcat #Alaska #YubiKeys #LicensePlates
P.S. I hate advance-fee scammers with the heat of 400B suns
β€οΈ:βπ¨βπ©βπ§π‘ππ»π½π»βπ₯π¦πΆπ«!
I sure hope the US stays on Montenegro's good side /s
I'm having a Mandela Effect / Berenstain Bears moment where I swear people say "pled" as the past tense of "plead" ... but half of the spellcheckers don't like it?
This is a metaphor about cybersecurity products.
View quoted note β
So if you initiate the phone-to-phone Signal account transfer process, and it almost completes, such that the account is transferred, but the data isn't, and then errors out ... and if you didn't have backups enabled ... then your entire chat history just vanishes into thin air with zero recourse. In other words, Signal nukes your history from orbit on the old phone before validating that it actually successfully transferred to the new phone.
I am indescribably angry right now.
I swear, they studied how people accidentally touch their Android phones ... and put all of the Gemini buttons there.
"Let us be the repository of your passkeys" and "We may terminate your account at any time and permanently refuse to communicate with you" ... seems like a bad combination?
I thought one of the core remaining value propositions of a brick and mortar store was that you could and see and feel and play with things before you buy them.
Actually, you just significantly reduced my security, Gandi. You should have let the users manage this transition, or at least warn them ahead of time what was going to happen if they didn't.
Replacing unphishable auth (old school U2F is still quite functional!) with phishable auth (email) without user consent is not acceptable.
#Gandi #SecurityKeys #U2F
