ethersteeds (u/ethersteeds)

ethersteeds commented on Yep, Passkeys Still Have Problems fy.blackhats.net.au/blog/... · Posted by u/todsacerdoti

novok · 3 days ago

Pre-passkeys, was this lockout issue a true issue with apple and google accounts? Or have passkeys added a general lockout issue that didn't exist before? Also passkeys in their current implementation are not possible to back up or export yourself, unlike passwords in the past.

Security engineers are prioritizing preventing key copying over lockout issues, unilaterally, on literally billions of people. It improves their metrics internally, at the cost of an externality on the entire world. This kind of stuff invites odious regulation as more and more stories of lockout with no recourse surface.

And unlike passwords, there is no good provider migration story. There is a roach motel issue. Yes it is being 'worked on', but passkeys and such have been out for many years, the willful denial whenever you ask people running these standards about these issues is incredibly irritating. The fact they tend to avoid questions about this like politicians decreases trust in the motives of such standards.

ethersteeds · 2 days ago

> Pre-passkeys, was this lockout issue a true issue with apple and google accounts?

Yes, absolutely. I have a second Google account I created and lost the password to. I can't reset it because it wants to know the exact month I opened it. I don't even know if it was 2012 or 2016, I'll never guess the month.

ethersteeds commented on “Super secure” messaging app leaks everyone's phone number ericdaigle.ca/posts/super... · Posted by u/e_daigle

coppsilgold · 4 days ago

If you intend to use SMS (phone numbers) as a resource constraint (sign up requires 'locking up' a resource that is worth at least a few cents) then at least you can offer a ZKP system where the 'consumed' phone number is not tied to an account. You could also offer to accept cryptocurrency for this function - call it a donation.

That Signal did none of those things implies that privacy was not their objective. Only secure communications was.

It's possible that the reason behind their anti-privacy stand is strategic, to discourage criminal use which could be used as a vector of attack against them. Doesn't change the fact that Signal is demonstrably anti-privacy by design.

ethersteeds · 4 days ago

Your first formulation I agree with:

> privacy was not their objective. Only secure communications was.

> Signal is demonstrably anti-privacy by design.

But your second is uncharitable and misses Signal's historical context.

The value of a phone number for spam prevention has been mentioned, but that's not the original reason why phone numbers were central to Signal. People forget that Signal was initially designed around using SMS as transport, as with Twitter.

Signal began as an SMS client for Android that transparently applied encryption on top of SMS messages when communicating with other Signal users. They added servers and IP backhaul as it grew. Then it got an iOS app, where 3rd party SMS clients aren't allowed. The two clients coexisted awkwardly for years, with Signal iOS as a pure modern messenger and Signal Android as a hybrid SMS client. Finally they ripped out SMS support. Still later they added usernames and communicating without exposing phone numbers to the other party.

You can reasonably disdain still having to expose a phone number to Signal, but calling it "anti-privacy by design" elides the origins of that design. It took a lot of refactoring to get out from under the initial design, just like Twitter in transcending the 140-character limit.

ethersteeds commented on Maybe you’re not trying usefulfictions.substack.c... · Posted by u/eatitraw

yousif_123123 · a month ago

I've always noticed that when I'm giving advice to someone or trying to help out, it always feels their problem is easier than whatever problem I have. As someone with some anxiety around things like calling some company to get something done or asking a random stranger for some help in a store, I would gladly do it if it was to help someone else (family member or friend). But when it's for me I find it harder.

I wonder how much psychologically we can be more confident and less anxious when we're doing something for others vs ourselves..

ethersteeds · a month ago

This is a fascinating phenomenon, isn't it? I've heard it invoked as "it's always easier to clean someone else's room." And anxiety does seem to be the key. Very often the actual blocker isn't the difficulty of a task, but how we relate to it.

ethersteeds commented on Steam Frame store.steampowered.com/sa... · Posted by u/Philpax

skrebbel · a month ago

What a weird site. Am i getting it right that this "Deckard" was the code name for the Frame, it's out now, but the makers of the site went through all that trouble make a dotcom and a pedantic design but can't be bothered update it now that it is, indeed, out?

ethersteeds · a month ago

The timeline on the site you're critiquing says the project was confirmed in 2021. So they've been waiting a while.

And it's not out, it was "revealed" today with "early 2026" estimate for availability. No price yet.

https://store.steampowered.com/sale/hardware

ethersteeds commented on FAA to cut flights by 10% at 40 major airports due to government shutdown cnbc.com/2025/11/05/faa-c... · Posted by u/mikhael

speed_spread · a month ago

There should be a drug that makes reality feel like this. It would be very popular.

ethersteeds · a month ago

The drug is called "having lots of money"

ethersteeds commented on Jack Kerouac, Malcolm Cowley, and the difficult birth of On the Road theamericanscholar.org/sc... · Posted by u/samclemens

philipallstar · 2 months ago

"Only misogynists could like this novel" is pretty reductive.

ethersteeds · 2 months ago

It is, but it's your reduction.

The discussion is about a novel whose main appeal is described as "scenes one can imagine themselves in" with "more style than substance". That's a valid thing to enjoy, but not for everyone.

The idea that it appeals to boys and not girls was conflicted with further nuance: while girls might be hard pressed to see themselves in it, so too would some boys.

While one can make the argument that the beats' values and writings are at least complimentary to misogyny, that wasn't the discussion happening here previously.

ethersteeds commented on Nine months later, is still the "Gulf of Mexico" to news outlets niemanlab.org/2025/10/nin... · Posted by u/giuliomagnifico

jack_tripper · 2 months ago

That's why I'm surprised Trump didn't sign an executive order to rename the 'Canada goose' bird to 'America goose'.

Is he asleep at the wheel, or how did he miss this opportunity?

ethersteeds · 2 months ago

I always said Canada geese are stealing the American workers' job of last resort: sleeping in the park. He really should do something.

ethersteeds commented on Alaska Airlines' statement on IT outage news.alaskaair.com/on-the... · Posted by u/fujigawa

thaumasiotes · 2 months ago

Gaseous fluorine is diatomic.

You can't really add a bunch of fluorine ions to water because they'd all be negatively charged. We say we're adding "fluoride", but really we're adding ionic compounds that include fluoride.

This seems analogous to the difference between chlorinated water (toxic) and salt water (not at all toxic). It's always interesting to me that adding chlorine to water makes it poisonous, and adding sodium causes it to explode, but adding sodium chloride does... nothing in particular.

ethersteeds · 2 months ago

Makes it ready for your pasta!

ethersteeds commented on When is it better to think without words? henrikkarlsson.xyz/p/word... · Posted by u/Curiositry

ethersteeds · 2 months ago

On that note! I am an intensely verbal person, with words and narrative as my primary mode of thought. This essay and discussion reminds me of a desire I've felt before to develop the muscles, so to speak, of thinking without words.

Does anyone have any advice or techniques to that end?

ethersteeds commented on A Word on Omarchy xn--gckvb8fzb.com/a-word-... · Posted by u/rozhok

neeeeeeal · 2 months ago

Agree with this 100%. The article reads as a super gatekeepy “he made different choices than me so I’m going to trash it and him” piece. The author’s perspective seems to be “how dare he use bash scripts! REAL programmers use system level languages”. Come on buddy.

Author claims there is no structure to the project but one look in the GitHub repo says there clearly is. Also, how many users will now try Arch (or Ubuntu via Omakub) as a result of this? If the answer is a positive number and DHH wants to put his time and weight behind it, that’s a good thing.

ethersteeds · 2 months ago

I'll admit I read only the summary linked at the beginning, so I surely skipped over minutae that might have lost me. That said, I disagree with this and gp: the conclusion strikes me not as gatekeepy but reasonable and humane to inexperienced users:

> In fact, it is Omarchy that complicates things further down the line, by including a number of unnecessary components and workarounds, especially when it comes to its chosen desktop environment. The moment an inexperienced user wants or needs to change anything, they’ll be confronted with a jumbled mess that’s difficult to understand and even harder to manage.

> If you want Arch but are too lazy to read through its fantastic Wiki, then look at Manjaro, it’ll take care of you. [...]

> On the other hand, if you’re just looking to tweak your existing desktop, check out other people’s dotfiles and dive into the unixporn communities for inspiration.

That strikes me as very fair. I don't think it's gatekeeping to say that setting users up with a "distro" that eschews package management for a pile of curl|sh invocations is a bad idea for which there are much better approaches.