Pika

I assume that it isn’t much technical knowhow to take a pair of wire snips and snip the power or antenna to the OnStar services. Least I assume that is what would be done

There’s an easy solution for that.

F em.

I did that back in 2015 when I moved to discord for my primary social platform. “I am am leaving Skype and Facebook, anyone who wants to reach me can do so at discordname”

Did all my friends move? No, did I lose anything of value doing so anyway? Also no. The people who still wanted to message me either reached out to my family or myself for a phone number, or added me on discord.

You don’t need all your friends to follow, what you need is enough people to leave the platform anyway that more people use that than other platforms in your friend group. That’s why Skype died as fast as it did, a combination of instability and enough people deciding they didn’t care who they left behind and just went to discord anyway.

I hate that I noticed the syntax error on line 263 before I realized what the joke was. (at least I assume that 260 contains a function with a callback meaning it is missing the closing parenthesis)

This will not happen, due to the end goal of what they want being directly against the constitution. And even if it did we would see a full reversal of power in the other direction. There is no way that they would be able to accomplish something like that without a full Civil War again, but this time I’d be even worse because instead of just fighting the South in the North you’d be fighting your neighbors cuz it’d be red versus blue.

I’ve always been curious if it would be worth someone setting up a movement of people that set up meta or Instagram account and then just go through in Mass report. Obviously they don’t pay for moderators so like eventually the system will autoflack the post and take it down.

Basically do the same thing that Facebook is doing to suppressors but to the opposing side.

I don’t use Facebook myself so I would never be able to do something like that but like surprised someone else hasn’t

If I understand secondary function correctly, that’s essentially what the FN key does on keyboards it switches it from F1 through 12 to 13 through 23, but they generally use the buttons to control system settings such as your brightness or audio. The FN lock just switched the polarity so it defaults to 13 through 23 instead of 1 through 12

Honestly, I’m down for this. We can also have a market for replacement key caps of the button and then be able to bind the co-pilot key to whatever you want. I’m thinking of the amazingness of that being able to set it up so Sublime automatically opened something to keep pressing or have it as a secondary modifier key so you can have co-pilot shift for your shortcuts which means that you don’t have to do the awkward L

yea then trump said his requirement was selling it still. If they didn’t care about selling they would have sold months ago. They are just doing what’s done to milk a few more months of profit imo

All of this falls in dead waters as soon as people realize, Bytedance has already let tiktok die in the states once due to it’s refusal to sell under the ruling. I don’t see how them learning that the US government and a third party /also/ want to buy it will change anything. I think the outcome will be the same.

Bytedance has made it clear, they would rather have the app offline in the states and leave it online for the rest of the world, then to lose their product, and even if they wanted to sell, which they have currently stated they don’t, that type of deal would need to be OK’d by the Chinese government first, and there’s no way that would happen with a third party, let alone if it means the US government would get half the company.

I respect Trumps hustle for wanting to give one of the worlds largest social media platforms onto American Soil(more explicitly/likely one of his advisors/business partners), but I really don’t think it’s going to work.

You are correct with this comment yea, the biggest drawback (which as acknowledged we have seen on lemmy) is the anonymous of the account. It’s easy to spin up spam instances, and due to how federation works its hard to combat against it. I remember LW had an issue regarding that a bit ago with someone threatening to just keep changing domains to avoid blocking, which is indeed a problem for any of these style services. I agree at large scale, most sites are not going to want to have to put up with losing that level of control moderation side. It creates a lot of headaches and for most sites it’s just easier to enforce a policy that forces disclosing PII.

tox did something similar with this outcome, but it never took off. Basically with tox each account is actually stored locally, much like how Skype did when it was p2p, but the difference is your account is actually on your device, as in if you lost your “key” you lost your account, when you connected with others, you gave your friends your TOXID which was essentially your public key signature with some added information regarding what you wanted for privacy added to it, and then your messages were relayed through a p2p DHS network. Every communication was encrypted e2e. With tox anyone could create an account with any information, but only people you added were able to message you, and visa versa. The only time you were ever publicly disclosed was during adding contacts to people you didn’t already have, which helped minimize botting on it as bots wouldn’t be able to message you without your ID. The issue with that method was, both parties had to be online to message each other, there was no central server to manage identity and handle users, so every connection was considered trusted since you had to manually add the person via their tox ID.

I expect this solution /could/ be moved into a centralized system for all user accounts, since the only way to add people was manually adding their private key, but I would expect that on large scale, the lack of ability to actually stop problematic users might dissuade platforms from wanting to implement it, since account creation was as easy as just clicking “create account” and no accounts were ever verified server side, which in order to do, brings back to the issue topic: Privacy vs Security

This problem isn’t addressing password authentication, its the website knowing who you are and that you are legitimate. Websites that collect things such as phone numbers during account creation don’t collect your PII as part of your password procedure. They collect it as a verification that you are an actual being and not a fake account/bot. The ease of being able to go through a forgot password thing is just a positive side effect.

This solution would work amazingly for logging in, there’s no argument for that, but it doesn’t address the elephant in the room: That the website wants to make sure you are a person/legitimate account and not a fake alias or a bot to scrape info, and when you are the only one providing that information that claim can’t be verified.

This would deem troublesome yea, being said I firmly believe in separating work and home. I wouldn’t be willing to use a personal number for work related activities, at least not public related activities. Being said, I have no good solution for that, at least you are being paid for the scam call I guess.

I want to preface this response saying I full agree with this, I want something like this to happen, I am responding because of some concerns I have. The real major one: How do you verify the authentication part of the data security chain?

A PGP key alone does not authentically validate that you are who you say you are. When the source is the untrusted party, it doesn’t accomplish the site’s goal. It’s the equivalent to me handing you a piece of paper saying “I’m John Smith and this is what I use to say I’m this” which works amazing for trusted exchanges, but when the source is “just trust me bro” it doesn’t solve anything for the website owner.

Websites get around this by having trust certificates/root servers that are co-signed with the PGP key. However, we lack any system like that for personal identities. Arguably, setting up such a system would isolate most of the known internet, as it is a significant roadblock, much like how SSL certificate usage was a huge roadblock for sites before Let’s Encrypt became a thing.

This setup would be amazing for logging into sites. However, it fails to accomplish what the websites that are asking for PII are looking for, which is verification that their user is who they say they are, and not a random third party.

To reliably use this setup, we would need something similar to Let’s Encrypt, but for user identification. The issue with that is it would become the de-facto attack vector (for both law enforcement and criminal parties), and that site would need to require PII to address the biggest concern on these sites, which is that you are who you say you are, and not Jo Smo or a bot looking to harvest data. Additionally, as mentioned earlier, a massive retraining of the internet would need to be done, which would mostly affect non-tech folk.

I am hopeful that an easy function that won’t violate users privacy comes out, but I don’t think the two topics are compatible sadly

Are internet security and internet privacy incompatible goals?

Yes. They are completely incompatible goals when anything relating to identity/being is linked to it. Examples of this could be anything from your name, to your behavioral patterns, to your phone number

Disregarding the entire possibility that ANY site is hack-able/breach-able, the issue stands that the reasons that most sites request PII is valid, for security reasons. There does not exist any valid method of ensuring users identity that does not violate users privacy. CAPTCHAS are proven inefficient, email domains are easy as a 1-2 click. Once the setup is done server side changing to a new address is as easy as changing your server settings and registering a new domain, then just pointing your MX records there. Heck depending on your postfix setup you might not even have to change server settings, if your account lookup is setup to ignore the domain and it all uses the same database. Even phone numbers have proven troublesome but its the least troublesome method available

The entire reason PII style setups are used, is because its an easy verification site side, but a hard to spoof verification customer side. Like the article says, phone numbers are hard to change for verification, many only let you change so many times in X period, and usually require some form of physical identity to register, and the ones who don’t are forced such as VOIP style numbers get blocked.

We lack currently a good system aside from that, because at the end of the day, how do you prove you are who you say you are, without disclosing your identity. I personally think it should be fine to give up some PII for security purposes, but this NEEDS to be restricted only to security and should never be shared with any entity, and this includes government overreach. Alas this will never happen.

this right here. I stopped getting scam calls years ago, I stopped answering and they just eventually stopped calling. If you don’t interact with the call (interact being ignore it or mute it NOT reject it) and it just goes to voicemail, they seem to eventually stop

I’m confused of how this keeps happening to people.

Like I use my phone on most sites that allow it and I’ve never had spam/scam calls really, but I’ve also explicitly unchecked the marketing boxes that appear on the signup so maybe that it.

The last instance that actually happened to me was with entering my university a few years ago for my BS degree. They 1000% sold my contact information as some part of the deans/honors list process. I reached out to them and stopped that so fast.

They offer payment plans for a cell phones I’m waiting for the day that they start offering payment plans to purchase video games. They’ve already trialled with it with the hardware with the Xbox Series X launch with their all access pass, which don’t get me wrong was a great deal but, eventually we are going to hit the point where the everyday person if they want to buy a video game is going to have to do one of those by now pay later plans through like affirm or something, which is a scary thought. As is if it gets much higher than $100 it will qualify for paypals 6-month equal financing deal if you have their credit card, if this change had been just 6 months prior it would have already been qualified for it because they just recently raised their minimum so I think it’s like $120 or $140

This is my ideology as well, not the piracy part but the I refuse to buy a game for more than $30 and that game better have rocked the internet in terms of how amazing it was. For prospective the last game that I purchased for $30 was Elden ring when it went on sale a few months back and the last one prior to that was satisfactory when it launched on epic games

To be honest, they could launch the game as a 1 MB file that brings you to a black screen that says get fucked, and they would still make their money’s worth just out of the people who will blindly buy the game because they’ve been waiting for GTA 6 for so long that they bought it release day.

And then they could just move back to GTA V pretending nothing happened because the same people that would have impulse purchased GTA 6 with zero research are also the people who play GTA V religiously spending money on the micro transactions there and that isn’t going to cut their addiction