Posts by John69 72 publicly visible posts • joined 9 Mar 2022
They say "Comparitech researchers aggregated more than 2 billion real account passwords leaked on data breach forums in 2025". Surely this means that large numbers of systems are still storing passwords in plain text rather that salted/peppered hashes? Is that not the news story, rather than "people are using weak passwords"?
What happens when you block their internet access? They did it for a robot vacuum and the manufacturer issued a remote kill command https://www.tomshardware.com/tech-industry/big-tech/manufacturer-issues-remote-kill-command-to-nuke-smart-vacuum-after-engineer-blocks-it-from-collecting-data-user-revives-it-with-custom-hardware-and-python-scripts-to-run-offline
From a quick skim of the other link I am not sure that is the risk. They claim "Even a colluding issuer and relying party should not be able to link a specific user to a session." However I think it does need the "issuer" to know who owns every phone, and you not be allowed on the internet without a spyware TPM chip. https://eprint.iacr.org/2024/2010
> Or have you religiously put into your contacts the numbers of every hospital in the region, all the numbers of the staff in the car showroom you happen to be buying from this week, every neighbour in a one mile radius who might spot something happening?
How did they get my number?
I do read email from those not in my address book, they have their own folder but I look frequently enough. If people insist on using a technology dominated by scammers that demands immediate attention then they should expect some cost.
It seems most of the complains are based on the system being used. I am no expert, and I gave Passkeys a quick test. Using ubuntu and KeePassXC I got a fully backed up and transferable Passkey login to Github in only a few minutes with no hardware or external service required and no confusing multiple systems asking me to do the job.
The real problem is the requirement to have a password backup, but this is not inherent to the Passkey technology but the implementations by the servers.
"Some can't cope with anything more complicated than passwords." Passwords are the most difficult to use. The user has to determine if the entity they are talking to is the same as who they talked to last time. HTTPS sort of provides this via a third party, but it is not easy. A system that does not require one to do this should be easier. The dark web manages it with PGP, how can the rest of the world make it so hard?
There is spotify car thing, where some people may not be able to listen to music, but what about the actual car thing? [Fisker owners](https://www.reuters.com/business/autos-transportation/ev-startup-fisker-files-bankruptcy-2024-06-18/) are finding out about that, and imagine how the UK would have handled it if Rover going bust had bricked all Rover cars? It seems this should be top of the list when it comes to legislation about digital resiliancy.
The idea that we should give capitalists all the power, and expect them to act in the best interests of society is completely naive.
The only answer is for us all to run the algorithms to block this stuff, eg. by training our own AIs from Hugging Face on what we want want blocked. Or we could take the power from the capitalists in a more direct way.
I could be missing something here, but could not the crypto woo be stripped out of this story leaving "The brothers made an order for $25m of things, the traders bought the things for $25m from the brothers and they never honored the original order". This does not on the face of it seem the most novel model of financial fraud, and it would seem that procedures to prevent have developed over the millenia. Have the crypto traders of today forgotten what the Phoenicians knew of commerce?
It seems the components are there. With all the models on HuggingFace, libreoffice and the noncommercial text and data mining exception to copyright this shoud be doable and it shoudl be able to eclipse the non-comercial models is they are restricted in what they can use to train.
There was a time when if you saw a photo then what was depicted must have happened. Then photoshop came along and there was a short time when some people could be fooled by a photoshopped image. Then everyone learned and photoshop became an everyday tool.
I see no reason to think deep fakes will be any different. Once we learn we cannot trust video this will be no different to photoshoping someone head into a sex scene.
I do not believe there is much future for freely available AI image detecting software. The nature of generative adversarial networks means people will just incorporate whatever detection tool in the learning algorithm.
What CoPilot is learning, and this is the same for all LLMs, is what the most likely next word is given the preceding words. How exactly the output relates to the input in a legal sense is something the courts will decide. How similar that process is to human learning is something we shall all have to figure out.
Historically national regulations come before international ones. Obviously the right international regulations will be better than the right national regulations, but that is no reason not to implement the national regulations before the technology hits the street.
Surely if Tiversa was able at access this document then LabMD was as guilty as if the document had been put on bittorrent? If their security was so bad that Tiversa could access the file it was only luck that hackers did not make it available. Like claiming drink driving is fine as long as you do not kill anyone?
> Airbnb has said that long-term stays "of 28 days or more" remain its fastest-growing category
Is it only me for whom this is the most worrying thing? Does this not indicate that AirBnB is now an accommodation provider rather than a holiday provider? When I stayed at an AirBnB in NY everyone else there was living there not on holiday.
Quite. What does "assigning of tasks using the @ mention" actually mean? Are people using excel as a task tracking system? Is this a task tracking system for people who's tasks involve excel? Is this an IM client?
I generally thing that if you are using excel for anything that matters you are using the wrong tool, but I am quite sure that using it as a task tracker is wrong.
> a quick search shows me stats of 37% survival rate for babies born at 23 weeks
The number is very context dependent. For comparison, the WHO says 90% to those born under 28 weeks die within the first few days of life in poorer countries. What the number is for a poor woman in a country with one of the highest maternal mortality in west is certainly a question but I would be surprised if it is that high.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2026
