worsedoughnut

@worsedoughnut@lemdro.id

This is a remote user, information on this page may be incomplete. View at Source ↗

100% Certified Good Boy

Used to mod Smash Bros Brawl on the Wii (Smash Bros Legacy TE Co-Lead & Stage 3D Modeling)

Now I’m a NYC-based Penetration Tester

⁨Comment⁩ on ⁨Canada declares Flipper Zero public enemy No. 1 in car-theft crackdown⁩ ⁨⁨4⁩ ⁨months⁩ ago⁩:
Insane take.

You’re talking about outlawing the equivalent of a lock picking set. This tool is used by legitimate security researchers and professional penetration testers all the time. Making this type of hardware less accessible only hurts.
⁨Comment⁩ on ⁨Music Piracy Is Back, Baby⁩ ⁨⁨4⁩ ⁨months⁩ ago⁩:
I made a concerted effort one evening to go into my downloads folder on my PC, rename all the nameless garbage filenames, and then actually move and sort them into my pictures/documents/etc folders.

Was a huge pain in the ass, but it saved me so much effort looking for stuff later on down the line. Also, changing Firefox’s default download setting to prompt me for a name and location every time certainly helped.
⁨Comment⁩ on ⁨Discord Servers asking for Phone Numbers and 'Verification Levels'⁩ ⁨⁨5⁩ ⁨months⁩ ago⁩:

And yet all websites seem to still exist using only email verification.

Yes, and unless you haven’t noticed spam comments and fake account are rampant across most popular online services.

that a server admin and a company shouldn’t be asking for excessive security for recreational uses.

And yet most people don’t care, and just add their phone number to their Discord account without a second thought; because it’s not excessive, it’s the norm. You can’t even make an account on Instagram without providing your phone number, and in some cases and selfie while holding up a security code on a piece of paper to verify you are human. I’m not saying this slow creep into collecting user date should just be hand-waived away by virtue of it’s widespread adoption, but the matter of fact is that if it was really viewed as such an egregious breach of privacy by the average person, then it wouldn’t have survived since no one would be using the affected services.

they need to look into other methods of securing their servers

You seem to be willfully ignoring the fact that phone number verification is the answer to this question. Real people tend to have one phone number, fake phone numbers are easy to create but cost money, emails do not cost money.

Do you really not see the intrinsic benefit of requiring a phone number as the strictest form of online security for a tragically spam-laden service like Discord?
⁨Comment⁩ on ⁨Discord Servers asking for Phone Numbers and 'Verification Levels'⁩ ⁨⁨5⁩ ⁨months⁩ ago⁩:

information that’s stored without clear legal specifications of what’s done with it

First of all, this is just patently false, Discord lays out precisely what they will and won’t do with information you provide to them in their Privacy Policy. That said, I’m not exactly championing giving every website or service you log into your phone number.

Regardless, you’re still putting the blame in the wrong place. The onus for securing the server is still on the server admins, and they’re doing exactly that by leveraging the security options made available by Discord. Don’t blame the admins for taking necessary steps, blame one-click spam bot SAAS providers for making it a necessary step in the first place. I would even argue blaming Discord is even a step too far, because phone number verification does actually work to limit account creation spam.

As crippling as it might be to your sense of privacy, phone numbers are still a decent enough way to limit account spam since most spam creators are taking the path of least resistance and not going through the effort to set up a voip / prepaid throwaway phone line for every new account they create.

They can dial it back one notch and still have spam/bot protections.

This is a ridiculous claim to make, because of how useless the tier before phone verification is:

High is the next step security setting you can lockdown your server with. Including requiring a verified email AND being registered on Discord for more than 5 minutes. You must also be present in the server for longer than 10 minutes.

Those are not legitimate restrictions, please do not pretend like they are.

You have to balance privacy / security with convenience in the modern age. If you put more weight on your phone number than on your desire to interact with that video game community, then just don’t join the server and claim the moral highground.
⁨Comment⁩ on ⁨Discord Servers asking for Phone Numbers and 'Verification Levels'⁩ ⁨⁨5⁩ ⁨months⁩ ago⁩:
As someone who had run & managed a Discord server with 10,000+ users, there’s only so many options available to us to try and limit bot spam and throwaway account raids.

Yes it’s needlessly intrusive to an extent, but you really should try and look at it from their perspective. We didn’t run that setting 24/7, but we were also a pretty niche (albeit relatively popular) server. For a server that exists for a fully advertised steam game, I can kinda understand the urge to lock down the security settings to the maximum.Even some of the best server-ran bots which try and stop / catch suspicious accounts just can’t do the trick sometimes, and the best solution after that is unfortunately the nuclear option.
⁨Comment⁩ on ⁨8 Years later my Steam Link is still getting regular updates⁩ ⁨⁨5⁩ ⁨months⁩ ago⁩:
Maybe, but it’s far more likely it’s just dependancies and other 3rd party library packages being updated.

The Steam Link Linux package also still gets the taste update now and then on my old Ras Pi, but mostly these days it’s just the Android app being given bug fixes (even though the last one is from October).
⁨Comment⁩ on ⁨Behold The Hyundai Uni Wheel. Transportation May Never Be The Same⁩ ⁨⁨6⁩ ⁨months⁩ ago⁩:
Fascinating, but in the video they very quickly swipe off-screen that the top speed their new system was able to achieve was 120 kph / ~75 mph.

I imagine something like this would have to be limited to vehicles that never need to approach speeds above that on a highway, so maybe busses or indoor shipping & receiving vehicles.
⁨Comment⁩ on ⁨Video of ceramic storage system prototype surfaces online — 10,000TB cartridges bombarded with laser rays could become mainstream by 2030, making slow hard drives and tapes obsolete⁩ ⁨⁨6⁩ ⁨months⁩ ago⁩:
I know it’s been said already, but actually a ton of off-site backup services opportunity exclusively on tape. It’s significantly cheaper and more reliable for cold storage solutions.
⁨Comment⁩ on ⁨Discord will switch to temporary file links to block malware delivery⁩ ⁨⁨7⁩ ⁨months⁩ ago⁩:

that offered a paid service of file storage

This is just patently false, so you’re either completely clueless or are being dishonest to stir up outrage.
⁨Comment⁩ on ⁨Discord will switch to temporary file links to block malware delivery⁩ ⁨⁨7⁩ ⁨months⁩ ago⁩:
Don’t move the goal posts. It’s 100% not an advertised feature to use Discord uploads as cloud storage or an off-platform CDN.

The unintended side effect that you’ve so clearly described is the exact reason they’re implementing the protections in question.
⁨Comment⁩ on ⁨Discord will switch to temporary file links to block malware delivery⁩ ⁨⁨7⁩ ⁨months⁩ ago⁩:
It literally isn’t, what the hell are you smoking?
⁨Comment⁩ on ⁨Privacy advocate challenges YouTube's ad blocking detection⁩ ⁨⁨8⁩ ⁨months⁩ ago⁩:
If only newpipe didn’t suck so hard though.
⁨Comment⁩ on ⁨YouTube cracking on ad blockers.⁩ ⁨⁨8⁩ ⁨months⁩ ago⁩:
Do we really need a new post about this, with the same screenshot, every time it happens to someone for the first time?
⁨Comment⁩ on ⁨Phones should have FM radio again⁩ ⁨⁨8⁩ ⁨months⁩ ago⁩:
Yeah but at least you’ll know exactly when the lithium ones go bad…
⁨Comment⁩ on ⁨Google Podcasts to shut down in 2024 with listeners migrated to YouTube Music⁩ ⁨⁨8⁩ ⁨months⁩ ago⁩:
I could understand consolidation when you’re as big as google and lot of these one-off apps (Duo, Allo, Podcasts, Measure, Hangouts, etc.) are all clearly just testing grounds for either specific features eventually destined for their mainline apps, or just neat ideas that never caught on and couldn’t be monetized enough to warrant keeping the service alive.

The real issue is: they almost NEVER actually make the “consolidated” app reach feature parity with the one it gets folded into.
⁨Comment⁩ on ⁨X is no longer labeling ads for some users⁩ ⁨⁨9⁩ ⁨months⁩ ago⁩:
And clearly it’s working…
⁨Comment⁩ on ⁨Gamers nexus on LTT⁩ ⁨⁨10⁩ ⁨months⁩ ago⁩:

I mostly watch LTT for the entertainment value but I’ve never taken their reviews particularly seriously.

Except, people spending hundreds to a thousand dollars on PC hardware do clearly trust him and his channel for the final “should you buy this or not” stance at the end of each review. It’s not a negligible amount of influence he has on the tech review space, and it’s explicitly because of their click-bait / algorithm friendly thumbnails and titles that they’re able to reach such wide audiences and become the top few results when someone searches for a product.

it is clear that Linus knows his stuff

Is it? I’ve been watching for years and he always excudes “content creator persona” and very rarely expresses and real technical knowledge. He’s essentially the youtube star version of that one kid who built their PC and never shuts up about it; he has certainly educated himself on consumer tech stats and comparisons, but his background and especially his current work have very little to do with actual technical know how.

And I’m not even saying that’s a “bad thing”, since he has writers and staff and now the Lab who should be able to reach that level of understanding and let him be just the face on the screen. But the fact is like Steve has said, that clearly also isn’t what’s actually happening behind the scenes.
⁨Comment⁩ on ⁨Gamers nexus on LTT⁩ ⁨⁨10⁩ ⁨months⁩ ago⁩:
How Linus publicly responds to these very fairly laid out criticisms will really affect their standing in the tech review space going forward.

Linus generally sucks at taking warranted feedback & criticism, so I can see him crashing and burning super hard in whatever post or podcast comment he makes publicly about this.

This looks like a huge issue as far as moving from a “haha wacky video” tech channel and a “hard data driven testing” tech channel, but also it’s not like they haven’t done “serious” reviews prior to the Labs stuff in the past so I’m not about to hand wave away their issues as “growing pains” or anything like that; it’s just indicative of sloppy workflow and low effort internal culture.
⁨Comment⁩ on ⁨Battle of the Helmsmen will now commence. 8 pilots enter. 1 pilot leaves.⁩ ⁨⁨10⁩ ⁨months⁩ ago⁩:
Just load him into the pattern buffer and pull the plug.