Skip Navigation
Feds Warn SMS Authentication Is Unsafe After ‘Worst Hack in Our Nation’s History’
  • Yes, you can have multiple devices with the same seed for the pseudorandom number generator. You can turn any computer into a hardware authenticator. In practice, it depends on the bank or your employer. Google reduced phishing success rate to zero after switching to ubikey.

    As for perception, you really nailed it. It's more important than actual difficulty of gaining access to your accounts. Remember that most articles are written by low skill blue teamers who manipulate your perception into thinking it's really easy while they don't possess the skills to do it. Always call them out in a manner like "you claim it's easy, have you done it?". They will always say no.

  • What jobs can you get if you dropped out of a PhD in math with an MS?
  • Start bulking up by eating well, solid exercise routine, a bit of help from anabolic steroids. Pose with a formula-filled blackboard background shirtless while flexing your biceps for Instagram and Twitter. Become the math bodybuilding icon. Make jokes like "my muscles are not differentially equal to yours". You should build an audience, and after that you'll be able to expand into sponsorships, and OnlyFans. You can also do IRL prostitution, and earn thousands of $ per night. The key is to target either old hags, or rich homosexuals.

    Good luck. Let your biceps look like the bell curve of a Gaussian distribution

  • Watching the Generative AI Hype Bubble Deflate
  • Large context window LLMs are able to do quite a bit more than filling the gaps and completion. They can edit multiple files.

    Yet, they're unreliable, as they hallucinate all the time. Debugging LLM-generated code is a new skill, and it's up to you to decide to learn it or not. I see quite an even split among devs. I think it's worth it, though once it took me two hours to find a very obscure bug in LLM-generated code.

  • Make illegally trained LLMs public domain as punishment
  • With current kWh/token it's 100x of a regular google search query. That's where the environmental meme came from. Also, Nvidia plans to manufacture enough chips to require global electricity production to increase by 20-30%.

  • Feds Warn SMS Authentication Is Unsafe After ‘Worst Hack in Our Nation’s History’
  • Pedantic types always mention that secure is only relevant in the context of a particular threat model. The elderly can use hardware authentication like those RSA devices or ubikey. Unfortunately, this is expensive, and banks don't believe there's demand for that. Would you switch banks for this feature?

  • Feds Warn SMS Authentication Is Unsafe After ‘Worst Hack in Our Nation’s History’
  • Simply paying is not sufficient. You need to be a telecom company, or a researcher afaik.

    In what world would the US gov care to get into your bank account? Or your Facebook account when it's already tightly controlled?

  • Feds Warn SMS Authentication Is Unsafe After ‘Worst Hack in Our Nation’s History’
  • Proton is already used for identity management: OTP via email. They'll implement OAuth if there's enough demand for it. A company's purpose is to be profitable, ethics side is largely irrelevant.

    Many countries already have digital government ID: Australia, Estonia, Russia.

  • InitialsDiceBearhttps://github.com/dicebear/dicebearhttps://creativecommons.org/publicdomain/zero/1.0/„Initials” (https://github.com/dicebear/dicebear) by „DiceBear”, licensed under „CC0 1.0” (https://creativecommons.org/publicdomain/zero/1.0/)BR
    brie @programming.dev
    Posts 0
    Comments 16