Asymmetric cryptographic signing keypairs. An ECDSA variant is used to create and validate signatures. Your device creates a unique keypair per domain you register on. It only sends signatures, which doesn't reveal what the secret key is, and each signature is based on a single use challenge value.
Natanael
joined 1 year ago
The spec behind it is solid, it creates per-domain cryptographic keyspairs which allows your device to prove you're you in a standardized and secure way while avoiding adding a new way to track you across sites, and by using the device's TPM chip to hold the key it's also resistant to most types of manipulation.
Throw a wrench at the wheel. I don't think my aim is good today though, but it got quite the speed
It's pretty much a program running in OS kernel space to handle specific function calls which need low level system access. Most hardware needs custom drivers to work because they need to interact with those low level OS components, so that's why they're mostly associated with hardware.
A lot of antiviruses use custom drivers to intercept and inspect program behavior to look for viruses, etc
Where they now have to click on the right combination of 8+ browser choice menus (and Microsoft keeps adding more by splitting out various custom protocol handlers) and select the correct browser in all of them.
And then they'll still wonder where their bookmarks and saved passwords and shit went and get mad that it "looks different" when Edge inevitably opens up again randomly when they click something else, and then they click that popup to make Edge the default to make that popup go away (because Edge is allowed to make itself default with one click, but nothing else is), and then they call support and yell
Source: I've taken those calls in support
Then just ask the user instead of assuming
Incomprehensibly stupid, because all they have to do is ask the user to confirm. Forcing through their own default instead of asking is malicious.
No they don't. At most they just have to detect automatic changes and ask the user to confirm. They have no reason for forcing the user to dig into menus and then also repeatedly override that same choice.
They are more useful for quick templates than problem solving
But it doesn't model the actual universe, it models rumor mills
Today's LLM is the versificator machine of 1984. It cares not for truth, it cares for distracting you
Statistical associations is not equivalent to a world model, especially because they're neither deterministic nor even tries to prevent giving up conflicting answers. It models only use of language
You only need one per website if you want it to autofill the username, because resident keys held on the security token can be recognized and suggested automatically but otherwise you must first enter your username on the website and let the website send its challenge value for the corresponding domain and account pair so that your security token can respond correctly.