Based if true
PlexSheep
joined 1 year ago
We're you the guy that remained steady? Or why did he tell you that?
We are the next generations of generations.
I confirm this, also Z person.
Could work, but it doesn't stop actual people from creating spam Accounts.
If one wants to put real effort into it, the camera/gyro sensors could be malicious or a robotic arm could be built. Maybe it would work with some fake background.
I'm using all of these, but with my hardware keys. Didn't know you could do it without. I knew that it was part of the webauthn concept but no idea how it works.
The infrastructure for none of these exist (in my country at least). Phone numbers suck, but as signal is a application mostly used on phones, I think it is the most common denominator for the user base.
That would do nothing to validate that the user is real, they can just insert any hash and claim it's their face's hash. At that point we can just use regular passwords, but as I said that won't solve the spam Accounts issue.
Honestly, I'm not sure what you are talking about. Could you elaborate more?
Are you implying that sending some hash is better than sending the secret and let the server deal with it?
There was no need to generalize Linux people. This discussion has nothing to do with Linux.
It's a bad problem no? Combatting "spam" Accounts while balancing privacy.
Personally, I don't want to give them any more information than is really necessary.
The sheer volume of cves is not necessarily an indicator for insecurity. The CVE system is pretty bad and rulings are mostly arbitrary. For example, there was a recent curl "CVE", where an overflow happened in some part of the app which was not relevant to security. I don't remember the details, but the only solution to this apperent mess was that the main contributor of curl is becoming one of the guys that evaluate CVEs.
CVE is a measure for the US government, and always assumes the worst in any case.
That being said, I agree with you.