[meme where the hero pulls the mask off the tied-up Firefox’s head, revealing Safari]

Buddy, in this economy, most people’s only feasible financial-emergency strategy is to jump off a bridge.

And that’s why the world is rapidly going to hell. Everyone is under attack and almost no one is willing to so much as lift a finger in resistance.

I’m talking about when the government wants an excuse for shutting down public discourse. Obviously it isn’t going to prosecute itself.

Fascist shutdown of public discourse, step by step:

1. Find out where public discourse is.
2. Post child porn on an obscure corner of it.
3. Take screenshots of the posted porn.
4. Send law enforcement to seize all the things.

So, basically, they plan to install a dictatorship in which separation of powers, states’ rights, and meaningful judicial review do not exist.

Sounds about right.

How will I notice when the spare fails, if it’s only a spare and I don’t regularly use it? Then I’m down to only one key, and as any grumpy backup admin will tell you, if you have only one copy of something, you have zero copies.

I would have a key plugged into the computer pretty much all the time when I’m working, so anyone who compromises the computer can impersonate me as long as I’m at work. This would be mildly inconvenient to the attacker, but wouldn’t actually stop the attacker. And if the computer isn’t compromised, how is anyone going to get into my GitHub account even without 2FA? They certainly aren’t going to do it by guessing my 16-character generated password or Ed25519 SSH key.

Something-I-know is worthless for authentication in the age of GPU password cracking. Most humans, including myself, do not have photographic memories with which to memorize cryptographically secure passwords. We’re all using password managers for a reason, and a password database is something you have, not something you know.

Allowing a smartphone access to anything sensitive is even worse advice. Smartphones are notoriously insecure.

Hardware tokens are specifically designed to resist copying. Any means of copying it would be considered a security vulnerability.

Bits rot. A hardware token kept in a bank vault may or may not still work when I need it 10 years later, and there is no reasonable process for regularly verifying the integrity of its contents. Backup drives’ checksums are verified with every backup cycle, and so are the checksums on the file system being backed up (I’m using btrfs for that reason).

Hardware tokens are expensive. Mechanical lock keys are not.

I personally am afraid of this. What if something gets botched? I’ll be permanently locked out of my account!

I dislike MFA because it creates a risk of losing access to my account. I can back up my passwords; I can’t back up a hardware device.

This right here is why electronic locks could be way more secure than mechanical ones, if only their manufacturers would hire well-trained programmers and not boot camp graduates to write the firmware.

That was pretty much IBM’s excuse, if I recall correctly. Then it turned out IBM execs were well aware of who was buying their equipment and for what purpose…

I’m reminded of IBM’s dealings with the Nazis.

Linux: “We’re dropping support for this device because we’re fairly sure we had the last one in existence and it just died.”

Environmentalists do not have a snowball’s chance in hell of outbreeding the “drill, baby, drill” crowd.

I agree, love the intervonnectivity with iOS, especially AirDrop.

To me, that sort of “feature” is nothing more than a security vulnerability waiting to be exploited.

Maybe I just think that because of past trauma from Microsoft products and IoT devices being blatantly insecure, but…

But I’d be lying if I said my initial impression was anything except “God, what a lazy, fat fuck.”

Sounds like envy. Working out is painful and exhausting, you aren’t allowed to eat tasty things except on extremely rare occasions, and that “lazy fat fuck” has neither of those problems.

And their response to LGBT+ issues, and their response to Trump’s crimes, and…

Yeah, no. Republicans have had more than enough opportunities to redeem themselves. There is no remaining doubt to give them the benefit of.

If I were to choose to have kids despite climate change, doesn’t that prove that I don’t care about climate change?