TehPers

Tangentially related, but I recently bought a Philips shaver and the thing wanted me to install an app on my phone and connect it to the shaver via bluetooth to send shaving data.

I mean, I guess there's theoretically value there for some people? I can't imagine what, but that app's staying well off my phone.

What the hell. I feel bad for reading that, holy crap. That's some nightmare fuel.

although it uses your biometric data, it's still a single factor of authentication

Speaking from my experience, I use my phone for biometric authentication. At least from my point of view, I see that as two factors (what I have and what I am) since the biometric authentication only works on my phone.

I am not sure I understood you here. What do you mean by "instead of having each service do their own thing"? Each website using their own method of delivering OTPs?

Basically having multiple places where codes may be generated. This way you can use one location to get OTPs instead of having them delivered via SMS or generated by a different app/service. It ends up being easier and more convenient for the end user (which of course increases adoption).

I guess this has more to do with services adopting OTP generators than sending them via SMS though.

From the perspective of OTPs it makes much more sense to use a separate application (Like Google Authenticator or Aegis Authenticator), preferably on a separate device, to generate the OTPs.

If logging into the password manager to get the password is sufficiently secure (locked behind MFA), then I don't see the benefit of using a separate OTP generator (aside from maybe if your password manager has a data breach or something, which should be a non-issue except it clearly isn't thanks to LastPass...)

I'm starting to wonder if phones (or other auth-specific devices) should just become dedicated authentication devices and passwords should just be phased out entirely tbh. Passwords have always had issues because their static nature means if someone learns your password without your knowledge, that method of authentication becomes worthless. The main concern would be what happens when you lose your phone I suppose.

Many password managers use a biometric factor to sign in (your fingerprint, for example, using some kind of auth app if needed). This basically moves the MFA aspect to one service (your password manager) instead of having each service do their own thing. It also comes with the benefits of password managers - each password can be unique, high entropy, and locked behind MFA.

There is no commandment "Thou shalt save children", duh.

There are a disproportionately large number of people who get one pretty demo and think LLMs are the solution to everything. Even for translations, I'd be interested to see how accurate the major models are in real world scenarios. We've been struggling hard to find any practical usage of LLMs that doesn't require the user to be able to verify the output themselves.

The whole green vs blue bubble thing has to be the most idiotic debate I've ever seen in my life. At least here people seem to be comparing real features, but still just buy whatever has what you want. Especially when iPhone 15 comes out with USB-C charging.

Government is bad and we should have less of it in our faces. To achieve this goal, let's make the consumption of certain popular drugs illegal, and while we're at it make laws restricting what women, trans, gay, etc people can do. This should reduce the government's involvement in our day-to-day lives.

I just don't understand it. Less government = good (according to practically every republican I've met), so lets vote for more laws which restrict people and give the government more power.

I don't think there's anything wrong with using HTML/XML-ish format for describing a UI (although having a standardized presentation format that all "viewers/browsers" follow exactly the same way would be nice), I'm just sad that websites have become described as UIs rather than as well-structured documents.

Tauri is also a more recent option, which uses the native webview. Not sure if it's suitable for production yet though.

It's a bit of a shame that HTML went from describing documents to describing UIs. I do miss the days of simple websites, although I'm not old enough to remember the old old internet.

"Today in class we will be finding out whether or not triangles will blend. Please put on these safety goggles before sitting at your desks."