There are a few main benefits.

1. For hardware-backed keys they can’t be stolen aside from physically stealing the hardware. So unless your machine has malware there is no way for an attacker to authenticate using them.
2. Even for software keys the site you authenticate to doesn’t learn enough to impersonate you. For example if for some reason your bank leaked some logs with PW + MFA someone could use that to log in as you (although admittedly short timeouts on MFA validity makes that window very small).
3. The browser ensures that you only authenticate to the correct domain. So it prevents phishing. (Although a password manager that only fills into the correct domain also accomplishes this.)

So I think if you are using unique passwords with an automated password manager the effective benefit is quite small. However for the “average computer user” who likely has less than 5 passwords that they use for everything it forces a pretty high base level of security.

I doubt Gaussian blur is an accurate model of real-world situations.

At the end of the day if you are worried about the codes being painted over print a few out and paint over them. Then scan with a variety of scanners.

If I had to come up with some more digital tests I would guess that a few of these are more representative of real-world situations:

1. Lower contrast. For example lighten or darken the whole code. This would simulate things like scanning in low light or with glare.
2. Block out sections of the code. This will test error correction levels and simulate partial damage or pockets of extreme glare.
3. Skew the code in various ways. This simulates the perspective shift of people scanning the code from an angle.

Ideally combine them in a bunch of scenarios then try to scan with a variety of scanner implementations.

No, the DRM wouldn’t work at higher levels so you would have the same requirements with regard to 4k.

Let’s take a little recess and circle back.

Please be civil and polite. This type of aggressive comment insulting people because of the tools that they use isn’t welcome here.

You seem to be making this very complex. But it really isn’t. Yes, git doesn’t track renames. So you are working around it by splitting your operation into 2 commits.

1. A pure rename.
2. A file change.

This way 1 is always considered a rename and 2 is just a regular file change with the same path. You may also consider tweaking the default rename detection threshold with flags like --find-renames or options like diff.renameLimit.

Would it be nice if Git tracked renames? Probably. But that isn’t how the data model works so it is unlikely to happen soon. But maybe they could add some metadata.

I think it doesn’t really make sense. Because you can’t “squash” one commit. squash is taking multiple commits and making them one.

When you do a “squash merge” you are really saying “squash all the commits that are on this branch and not the target” then merge.

So you can’t “squash a merge commit” you need at least one additional commit to squash in.

I feel like this is getting at something interesting and revealing but I am not convinced by what it says.

“There is no limit to the type of WhatsApp message that can be viewed by Meta,” the agent wrote in the email. He added that “Meta can and does view and store all the text messages, photographs, audio and video recordings” in an unencrypted format.

I highly doubt this is true. This is because there are third party clients such as https://github.com/mautrix/whatsapp that send E2EE encrypted messages on WhatsApp. If literally all messages where available in an unencrypted format it would mean one of the following things.

• The E2EE protocol is broken and Meta knows the “crack”.
• That official client does a completely different protocol which uploads all messages in addition to doing the E2EE protocol.

Security are also reverse-engineering the official client. So if it was regularly doing this I would assume someone has noticed.

What I suspect is happening is that some features in the client (like Meta AI) are very easy to frequently activate and upload a large amount of messages when Facebook then archives. It would be quite likely that the average user is using these frequently. This could reasonably result in the vast majority of messages being available to Facebook.

But I think if the reports are exaggerated it doesn’t help sell the case.

No, but you can still choose to choose software that doesn’t steal and sell your data. You can also support laws that make doing this illegal.

The idea that putting this on your phone is bonkers is bonkers to me. Why would you want to carry around a journal or paper when you have everything on your phone? It can also be more easily backed up and synced.

It shouldn’t be normal that this data is stolen and sold. That is 100% the problem, not the fact that people track things on computers.

You have obviously never tried dereferencing a null pointer.

you’re just paying more for no reason

You are basically paying the credit card fees for not using a card. It is a protection racket. “It’d be a shame if you didn’t use our credit card and had to pay extra due to card processing fees”.

We should do what the EU did. Clamp card fees to a small value so that they can’t meaningfully offer customers rewards which creates this twisted incentive.

Or stores just make the customer pay (most of) the card fees. As you said lots of smaller stores do this and I’m more than happy to pay with debit.

They are legal if you follow the regulations. The problem with the “rideshare” companies is that they don’t. We should just call them “unregulated taxis” rather than pretending that they are a different service. I think just about every taxi company these days is on some app or another (often the same that call unregulated cabs in countries that actually got their shit together and banned the unregulated ones).

Nah it’s worse. Bitcoin actually has legitimate uses. (Yes, they are a minority of actual usage, but they exist.) NFTs are only useful for speculation, gambling and money laundering.

“Rideshare” is also the least accurate term used to dodge regulations. It is just a taxi/cab. You are paying someone to get you from one place to another. They aren’t sharing their ride, they were never going where you are going before you told them to.

Please be polite. If you don’t like a post you can downvote it. If you would like to comment please be more civil.

Nah, 90% chance that they do something stupider.

The “dumb” solution is to just import both into one feed reader then export a new OPML. I assume most readers will deduplicate (at least to a basic degree) on import.

How is this faulty? The degree of damage is incredibly relevant. We don’t make everything that could ever cause damage illegal, because we have nothing left. Laws are a balancing act of pros and cons to society.

A car has far less visibility (they are inside a box with a few windows) will will do far more damage if they hit someone. A cyclist has dramatically better visibility (they have basically an unobstructed 180° view) and especially when going slow is very unlikely to cause significant damage (posing risk of significant harm only the the most frail and elderly).

If not requiring complete stops for cyclists leads to 1% more cyclists on the road (because their travel is easier) it almost certainly causes less harm overall due to how dangerous cars are and also their indirect health effects (both inactivity when driving and the pollution).

So no, the logic isn’t faulty at all and probably one of the most important arguments.

I use https://difftastic.wilfred.me.uk/ which is well, fantastic. I have it set up as the default diff for Git and it is really nice.