I love the Internet Archive but they are pretty clearly legally in the wrong here.

Not morally, mind. I support open access to knowledge. But they very clearly broke copyright law here.

Perhaps the only way to get rid of them for sure is to require a CAPTCHA before all posts. That has its own issues though.

Password is necessary for two-factor authentication. The factors of authentication are something you know (like a password), something you have (like a cell phone), and something you are (like a biometric).

An example of three-factor authentication would be this—imagine a spy going into a secret bunker. They need to scan their iris, insert a key card, and then enter a passcode before the door opens. This has all three factors of authentication; the passcode is something they know, the key card is something they have, the iris scan is something they are.

If it just sends a code to your phone, that’s one-factor authentication (something you have). Anyone with your phone can get into your account. Unless, of course, your phone hides its notifications and you have a screen lock. Then that’s actually two-factor authentication because you also need to know the phone PIN or have the biometric.

If it just asks for a password, that’s one-factor authentication (something you know).

If it asks for your password and then sends a code to your phone, which you need a fingerprint or face scan to unlock, you have achieved three-factor authentication.

Edit: Interesting tidbit—in the USA, you can rent a mailbox at the post office to receive mail when you don’t want to give out your real address. Useful for privacy reasons. I’m sure they have similar things in other countries. These mailboxes come with a key. This is actually two-factor authentication, because the keys usually don’t have the mailbox number written on them! So you have to have the key and also have to know which mailbox among the hundreds at the post office it opens.

TOTP is standardised by RFC 6238 so all TOTP clients must comply with the standard and therefore work equally well. Pick the one whose UI you like the most and is otherwise good enough for your use case and personal preferences. It’s similar to arguments over CPU thermal paste—its presence or absence makes a much larger difference than the method of application.

You do, however, want to pick something that is free and open-source and also popular. Google Authenticator (closed source) definitely is a functional TOTP client but you have to trust that the Google engineers have done a good job building a secure app. Since it’s Google, they probably have, but a principle in security is that you should not have to trust more people than absolutely necessary.

Yes, but this is like replacing the front door of your house with a bank vault door. Yes, it’s more secure, but there is a point of “reasonably secure enough” for most people and at some point, you are just inconveniencing yourself for no tangible gain.

It’s not a hard concept. In almost every well-designed security system, the weakest links are invariably the humans

The passwords are stored locally. You can test this yourself by turning off your WiFi or disconnecting your Ethernet cable and then going to about:logins. All the passwords will still be there.

I think you’re right in terms of the American spectrum. Do you have a link to the bot calling the Ayn Rand institute centre-right? I did some more digging into it.

I will happily retract my comment if you can.

Just in curiosity, what is an example of a centre-right (by American standards) source for you? I make no comment about the Ayn Rand Institute as I know nothing about it

It would probably be some synthetic American government cheese-like product.

Which I’m sure if the Germans had come up with it and not the Americans would also be described as being nutritious

That’s correct. It’s intended for a US audience.

If it were based on the European Overton window and you were American then there’s a good chance you would complain about its centre being centre-left for you.

It’s not wrong; you’re just not in the intended audience.

It’s not really possible to give internationally correct ratings. What an American considers centre-left is different from what a Frenchman considers centre-left, which is different from what a Pole considers centre-left. You can only report one, and the other two will then complain about it being wrong from their perspective.

Someone just told me that it “labels everything short of fascism as ‘left-leaning’” and “tries to shift the Overton window” even further right than it already is in the US.

And I suppose that is correct if your idea of the spectrum of normal political opinions is restricted to what you see on Lemmy, especially if your instance hasn’t defederated from Hexbear yet.

“I like Apple devices because they respect my privacy”

Because I am a developer and I have also been a sysadmin, and I really do not care. Yes, the format is good but I’m not particularly excited for it.

And I suppose sysadmins and application developers are not people?

My argument is not “we have a current standard”, it’s “people don’t give enough of a shit to change”.

I think this might sound like a weird thing to say, but technical superiority isn’t enough to make a convincing argument for adoption. There are plenty of things that are undeniably superior but yet the case for adoption is weak, mostly because (but not solely because) it would be difficult to adopt.

As an example, the French Republican Calendar (and the reformed calendar with 13 months) are both evidently superior to the Gregorian Calendar in terms of regularity but there is no case to argue for their adoption when the Gregorian calendar works well enough.

Another example—metric time. Also proposed as part of the metric system around the same time as it was just gaining ground, 100 seconds in a minute and 100 minutes in an hour definitely makes more sense than 60, but it would be ridiculous to say that we should devote resources into switching to it.

Final example—arithmetic in a dozenal (base-twelve) system is undeniably better than in decimal, but it would definitely not be worth the hassle to switch.

For similar reasons, I don’t find the case for JPEG XL compelling. Yes, it’s better in every metric, but when the difference comes down to a measly one or two megabytes compared to PNG and WEBP, most people really just don’t care enough. That isn’t to say that I think it’s worthless, and I do think there are valid use cases, but I doubt it will unseat PNG on the Internet.

What’s wrong with PNG?

A normal amount of adverts I think are fair though. Asking to get the content, not paying anything for it, and refusing to watch adverts is just a bit too cheeky, in my opinion.

Give me a bunch of open AI models and a big GPU to play with and I’ll generate twenty gigabytes of weird anime fetish content.

This is the only true use of AI