-
16 votes
-
Seven ways music exposes our feelings about technology
3 votes -
How to grant your child an inner life
8 votes -
Multiple whistleblowers raise grave concerns with White House efforts to transfer sensitive US nuclear technology to Saudi Arabia
20 votes -
Passwords
This will probably be controversial, but I disagree with the current password policy. Checking against a list of known broken passwords sounds like a good idea, but that list is only ever going to...
This will probably be controversial, but I disagree with the current password policy. Checking against a list of known broken passwords sounds like a good idea, but that list is only ever going to get bigger. The human factor has to be taken into account. People are going to reuse passwords. So whenever their reused password gets hacked from a less secure site, it's going to add to that list.
Ideally, a password would be unique. Ideally, users should maybe ever use a password manager that generates garbage as a password that no one could hack. An ideal world is different from reality. Specific requirements are going to lead to people needing to write things down. In the past, that was on paper, like Wargames. Now, it's going to lead to people pasting their username and login into text documents for easy reference. That's probably what i'm going to have to do. Was my previous method of reusing passwords safe? No. Will my new method of remembering passwords be safe? Probably not either.
I'm not entirely sure what all the account security is about, either. For my bank, sure, a complex password. I have a lot to lose there. For an account on a glorified message board? There's better ways to establish legitimacy. 4chan, of all places, dealt with this (nod to 2chan), by having users enter a password after their username that got encoded and displayed as part of their username to verify that they were, in fact, the same user.
So the topic for discussion would be, what's the endgame here? Where is the line drawn between usability and security? I may well be on the wrong side of this, but I think it's worth discussing.
Edit: I think there may be some good reasons, evidenced in this reply. I think it was a good discussion none the less, since it wasn't obvious to me and perhaps not to other people.
Edit 2: I'm going to hop off, but I think there's been some good discussion about the matter. As I said in the original post "I may well be on the wrong side of this". I may well be, but I hope I have addressed people well in the comments. Some of my comments may be "worst case" or "devil's advocate" though. I understand the reason for security, as evidenced above, but i'm unsure about the means.
17 votes -
Data privacy bill unites Charles Koch and Big Tech
6 votes -
Where will the materials for our clean energy future come from?
7 votes -
Chicken and egg problems: Successful product placement in highly competitive markets
5 votes -
2019 Annual Letter from Bill & Melinda Gates: "We didn’t see this coming"
16 votes -
Older video game animation may have been limited by technology, but does that make it worse?
5 votes -
Spotify has bought two podcast startups and it wants to buy more
17 votes -
A look at the revival of the reel to reel tape format
4 votes -
Can we ditch intensive farming - and still feed the world?
11 votes -
The Age of Surveillance Capitalism by Shoshana Zuboff review – we are the pawns
7 votes -
The patents behind pasta shapes
5 votes -
Demand for cassettes surges as music fans hit rewind
10 votes -
Waste crisis looms as thousands of solar panels reach end of life
8 votes -
The 'future book' is here, but it's not what we expected
9 votes -
Ten personal finance lessons for technology professionals
8 votes -
Machine learning can offer new tools, fresh insights for the humanities
10 votes -
A short history of computers in the movies: Panel lights, spinning tapes, and lab coats
4 votes -
Have you quit any social media?
Have you quit social media? Why? Why not? I have been thinking about it (specifically Facebook). I have not done so, because I fear that I'll lose contact with friends from my past (even though I...
Have you quit social media? Why? Why not?
I have been thinking about it (specifically Facebook). I have not done so, because I fear that I'll lose contact with friends from my past (even though I have not messaged any of them, or seen their profile, in years).25 votes -
These portraits were made by AI: None of these people exist
16 votes -
Dead musicians are touring again, as holograms. It's tricky — technologically and legally
5 votes -
Formula E starts season five in Saudi Arabia with a faster electric race car
7 votes -
How we lost our ambitions for the tech-enabled home
16 votes -
More than porn: Tumblr affirmed trans youths' identities
12 votes -
Kelly Slater’s Shock Wave
5 votes -
Apple Watch's ECG feature is already proving its worth
6 votes -
Chinese scientist who used CRISPR on human babies gone missing
15 votes -
Macedonia's former ruling party organized a trolling apparatus for spreading hate speech, threats
8 votes -
First gene-edited babies claimed in China
12 votes -
The 100 greatest innovations of 2018
6 votes -
'Sci-fi' plane with no moving parts flies successfully
12 votes -
A program to reduce Earth's heat capture by injecting aerosols into the atmosphere from high-altitude aircraft is possible, but unreasonably costly with current technology.
9 votes -
Healing the body electric: In the next five to ten years, a new generation of small networked sensors will provide doctors with up-to-the-moment insight into patients’ health
5 votes -
The future of aging just might be in Margaritaville
9 votes -
Cat tongue spines help smear saliva and inspire new 3D-printed brush
4 votes -
Period-tracking apps are not for women
28 votes -
Denuvo: Four years later
14 votes -
Near the end of the Middle Ages a device came into service that helped avid readers: the book carousel or book wheel
14 votes -
'There are no rules': The unforeseen consequences of sex robots
21 votes -
Waymo has been granted the first permit in California to begin driverless testing on public roads
7 votes -
What are some current examples of "the emperor's new clothes?"
For those unfamiliar with the story, "The Emperor's New Clothes" is about an emperor who parades around naked, but nobody will point out the obvious for fear of being seen as ignorant....
For those unfamiliar with the story, "The Emperor's New Clothes" is about an emperor who parades around naked, but nobody will point out the obvious for fear of being seen as ignorant. Idiomatically, it refers to something seen as true or widely praised, simply because nobody is willing to speak out against it.
I saw a rant about "blockchains" being the new overhyped hotness for tech companies, and it made me wonder what other "new clothes" are out there right now. What's something you have a strong takedown for that everybody else seems to love/support?
38 votes -
Meet the scientists bringing extinct species back from the dead
3 votes -
Why do you lock your smartphone?
I'm genuinely curious. I'm a late adopter FWIW and am still rocking an older iPhone that doesn't support any face recognition or finger prints. But I don't use a pass code either, and never have,...
I'm genuinely curious. I'm a late adopter FWIW and am still rocking an older iPhone that doesn't support any face recognition or finger prints. But I don't use a pass code either, and never have, and doubt I ever will. I just don't get it... what are folks afraid of happening if they don't lock their phone? I suppose the "nightmare" scenario would be someone steals your phone and then messages your contacts asking for $. Is that it?
I've always practiced greater digital security than physical security (counting the phone unlock as physical) as I think it much more likely that a ne'er-do-well would attack some large company than to single me out in person. I mean if the FBI or some hacker is going through my garbage then I probably have larger problems, right?
For me it's cost/benefit - swiping/fingerprinting/face IDing multiple times a day is not worth the slim chance that my phone is stolen by someone who going to use the info in it for something nefarious. I wouldn't lock my car if I was in/out of 20x a day, I just wouldn't leave anything terribly valuable in it.
Please let me know why locking your phone is/isn't important to you.
EDIT: To be clear, I have one banking app and it requires an additional password to get in. It's an app so there isn't a saved password for it anywhere.
EDIT2: Made this as a comment below, but thought I'd add it up here as well - "I find it strange that people in general seem to be OK with putting up with an inconvenience (even though minor to many) that affects them multiple times a day, but we hold large companies almost wholly unaccountable for major data breaches. "
EDIT3: This just occurred to me. We lock our phones, but not our wallets/purses. The argument that a pass-code is a protection against identity theft rings sort of hollow when we consider we have much of the same info on an ID card that we keep unprotected. Some states will even list the SSN on a driver's license.
EDIT4: I'm convinced everyone thinks their personal lives are terribly interesting to strangers and my suspicion is they're not. Only two real cases of bad things happening when a phone is unlocked that I've counted so far: 1) long distance calls 2) pokemon themed contacts.
EDIT5: That said, sounds like the fingerprint scanner is the way to go for convenient security. I'll be checking that out. Sincere thanks!
EDIT6: Some folks said that edit 4 came off as condescending. Not my intention. I was trying to tie in the idea of "everyone being the main character in their own story." I'm definitely not implying that people should leave their phones unlocked because others wouldn't find their lives uninteresting.
I think many have a personal connection to their devices that I do not feel. Intellectually I find that very interesting as this seems less a monetary issue and more a privacy issue. It'd be as if a stranger picked up a lost diary and started reading. I fear my diary would be more like a ship captain's logbook and wholly uninteresting. If I were to have my phone stolen I'd simply change a couple passwords and buy a new one.
32 votes -
The lie generator: Inside the black mirror world of polygraph job screenings
6 votes -
Worthwhile to post about a spammer targeting nonprofits?
I volunteer with several small nonprofits. A few weeks ago, one of them got a spam message from a "volunteer" offering to create a free website for the organization and disclosing a connection to...
I volunteer with several small nonprofits. A few weeks ago, one of them got a spam message from a "volunteer" offering to create a free website for the organization and disclosing a connection to DonorComplete. There was no unsubscribe link. I hit Google, which eventually led me to a thread on TechSoup where I commented with what I had found to that date under the same user name: http://forums.techsoup.org/cs/community/f/24/t/43439.aspx This & other results showed that the "free" website is linked to historically very expensive hosting (historically , ~ $20-$40/mo, now showing about $10/mo) for a static website with very limited support or options.
My research continued intermittently, but there appears to be a network of over 100 domains (active, expired, dormant and/or returning server errors) connected to spam efforts over roughly the last 6 years, questionable marketing tactics dating back to ~ 1998, 4 overlapping corporations with one man as a central figure, several throwaway email addresses and a couple that seem to be dedicated & longer running, a handful of apparently dedicated servers and several shared servers with many connected domains hosted. The messages target nonprofit organizations and churches, with 4 textual variations posted via email, mailing lists, and comments. The first archived comments I found targeted FOSS project mailing lists. Based on the Internet Archive's Wayback Machine, many small nonprofits used their service years ago, but it looks like the spammers' services have been largely abandoned over the last few years - probably why the new campaign started ~ June.
I've filed complaints with two of the registrars, and at least one of the recently active domains appears to be in non-hosted status. Would there be any interest in my posting a thread with the details of what I've found so far (spreadsheets and mind maps in progress)? Would anyone be interested in helping me present the data in a more easily digestible format a la r/dataisbeautiful? Or can anyone recommend an easier way to report the registrant tied to the spam? I'm not trying to start a witch hunt, but these people seem to have flown under the radar for a long time, and I know many small nonprofits aren't tech savvy enough to recognize the warning signs these folks present.
8 votes -
Justice Department sues to stop California net neutrality law
17 votes -
Yuval Harari: The most important investment is building a more flexible mind
7 votes