[continued from previous message]
https://github.com/github/feedback/discussions/2811
Oh no! There most certainly is no fee for creating a discussion here :-)
Thank you for letting me know - we'll look into fixing this and report back. ;-)
I bet it's the old story:
Older users choose larger fonts,
that younger designers never expected would then exceed their tiny boxes
and get clipped... in just the wrong places!
------------------------------
Date: Fri, 20 Nov 2020 18:58:12 -0500
From: Gabe Goldberg <
gabe@gabegold.com>
Subject: Nice solution to password problem -- if only
Please note: We are using a passwordless system to manage Snopes
Accounts. This means we'll email you a verification code each time you log
in. If you do not receive your verification code within a few minutes of logging in, please check your spam folder.
We're using a passwordless login system for a few key reasons:
1. It's momore secure. With a username and password system, users tend to choose a password they're comfortable with (such as their birthday or pet's
n name) or credentials they've used for other accounts. As a result, if
hackers get access to one account, they can gain access to many, leading to
a *domino effect* that can put all of your information at risk. A
passwordless system removes this threat.
2. It's simpler. Since your Snopes account will be tied to your email, you won't need to remember complicated passwords or periodically renew your password to keep your information safe. All you'll need to do is remember
the email address associated with your account to log in.
3. It's becoming the norm. Many other industry leaders are moving towards passwordless login systems for both reasons above, so it very well may soon
be used by other websites you frequent.
https://www.snopes.com/faq/what-is-passwordless-login-and-why-does-snopes-use-it/
[What could go wrong with that? So having your email compromised
automatically compromises every site using this system, what a great time
saver. GG]
------------------------------
Date: Sun, 22 Nov 2020 15:03:45 -0500
From: Gabe Goldberg <
gabe@gabegold.com>
Subject: When Ships Are Abandoned, Stuck Sailors Struggle to Get By
and Get Paid (Atlas Obscura)
``We are satisfied with little, but even that little is impossible today.''
When Captain Alexander Ovchinnikov took over command of the ship Gobustan in Istanbul, the term COVID-19 hadn't been coined yet, quarantine was was the stuff of apocalyptic science fiction, and few people outside of China knew where Wuhan was. It was December 25, 2019. Ovchinnikov, 39, was still on
that ship through the summer, along with 11 other crew members: The second engineer was Russian too, the cook was Ukranian, and the rest were from Azerbaijan. At least one had been on board since October 2019, and none of
them had received a salary since January. The crew of Gobustan had been
stuck since June 16 in the Italian port of Ravenna, on the Adriatic Sea.
``We live like in prison. We get up, have breakfast, do some routine activities, then we have dinner and go to bed,'' said Ovchinnikov. Their
days were all the same and the stillness was shaken only by cleaning and maintenance activities. Sure enough, the ship was clean as a whistle.
https://www.atlasobscura.com/articles/sailors-on-abandoned-ships
Risks? Flags of convenience, politics, corruption, malfeasance...
------------------------------
Date: Mon, 23 Nov 2020 17:54:05 -0500
From: Jan Wolitzky <
jan.wolitzky@gmail.com>
Subject: Another way every system eventually becomes email
RISKS doesn't usually post cartoons, but Randall Munroe's XKCD today is appropriate:
<
https://xkcd.com/2389/>
"I'll never install a smart home smoke detector. It's not that I don't trust the software--it's that all software eventually becomes email, and I know
how I am with email."
------------------------------
Date: Fri, 27 Nov 2020 11:09:56 -0800
From: Rob Slade <
rslade@gmail.com>
Subject: Microsoft 365 "Productivity Score"
Those who use Microsoft 365 can now get a "Productivity Score." And so can the boss.
https://www.independent.co.uk/life-style/gadgets-and-tech/microsoft-365-office-surveillance-productivity-b1761570.html
How many times do you use email, or chat? Do you turn off the Webcam when on video meetings? Employees are ranked against their peers. Optionally, the boss can also share the data with Microsoft, in order to see how your
company is doing against the competition. Which means Microsoft gets lots
and lots and lots of company and user data.
Privacy issues, much?
------------------------------
Date: Mon, 23 Nov 2020 14:32:17 -0500
From: Jack Christensen <
christensen.jack.a@gmail.com>
Subject: Re: Microsoft Is Making a Secure PC Chip with Intel and AMD's Help
(RISKS-32:38)
"So there are fewer people involved, and the PC is going to be more secure
for it."
Interesting statement. Open-source proponents might make exactly the
opposite argument.
------------------------------
Date: Mon, 23 Nov 2020 07:53:52 +0000
From: A Michael W Bacon <
amichaelwbacon@gmail.com>
Subject: Re: Technology To Catch HOV Lane Violators Is Coming To Virginia
(Deist, RISKS-32.38)
I recall a story I was told some 20 years ago while being driven along the
road in question, that the CCTV operators overseeing the operation of the
HOV 3+ lanes on the I395 (Shirley Highway) had observed that the passenger seats of many vehicles appeared to be occupied by opera divas in full song.
------------------------------
Date: Mon, 23 Nov 2020 11:54:01 -0500
From: "Richard A. DeMattia" <
rademattia@sbcglobal.net>
Subject: Re: What happens when you test TCL TVs
It is truly an abomination that a line of mass-produced consumer products
would be released with such egregious security failings. However, in my
world and perhaps in certain parts of the REAL world, SSH on my home cable router is port-forwarded to a machine that is not the television. And on my
TCL 40S330 purchased 20-Nov-2020 ssh and telnet are both rejected at that
host.
I don't have any comment on the serving up of the file system... well hardly any.
------------------------------
Date: Mon, 23 Nov 2020 07:31:16 +0000
From: A Michael W Bacon <
amichaelwbacon@gmail.com>
Subject: Re: Whale Sculpture Stops Train From Plunge in the Netherlands
(RISKS-32.38)
Taking up Brian Inglis's suggestion of a Limerick (RISKS-32.38) ...
In Holland they tell a tall tale,
Of a train that was stopped by a whale.
It seemed quite a fluke,
But it earned a rebuke,
For the driver, whose train left the rail.
------------------------------
Date: Mon, 23 Nov 2020 18:46:24 -0500
From: Gabe Goldberg <
gabe@gabegold.com>9
Subject: Re: Letter to Consumer Reports magazine
Right -- far too many household objects have delusions of computerhood (toothbrush with timer and several brushing modes, blood pressure monitor, electric razor charging station with multiple indicator lights, etc.). I actually don't mind them having localized/isolated computing power but I'm selective about what goes online. For example, I could connect garage door opener to Internet and control it with smartphone app -- but no.
TVs should be TVs, not computers.
That's how TVs are used in our household, but the horse is already out of
the barn. You could also say watches should be watches, vacuum cleaners should be vacuum cleaners, phones should be phones, cars should be cars, refrigerators should be refrigerators. The issue is cooked. What may not
be cooked is how we end up regulating the privacy and security
issues. I hope not, in any case.
Before me is a copy of the notes for a talk I gave several times in the
early 1990s to groups in Europe in which one slide asks "What's the difference between a computer with a television in it and a television
with a computer in it?" and the next answers "None". I wanted to
prepare them for a networked future with active media where computing and networking would be so widespread and common as to be invisible.
I can't recall that they ever got it.
Pete Kaiser
------------------------------
Date: Mon, 23 Nov 2020 07:49:13 +0000
From: Stefan Lueders <
Stefan.Lueders@cern.ch>
Subject: Re: Online password '123456' more popular than ever and easy to
crack (Kruk)
I do not agree its conclusion. While I agree that passwords should be
complex and long, rather passphrases, and ideally go along with second
factor authentication, the problem in the below lies somewhere else: in the increasing need to register with an email address / password combination to even the simplest webpages to get some random content (newsletters, bulletin boards, etc.) such that the website owners can market those email
addresses. The risk of exposure of personal information, if those sites are compromized, on that pages is zero. The password complexity (and use of 2FA) should be proportional to the risk --- where PII is at stake, complex
passwords & 2FA are a must. But for a page where I am forced to register
just with an email address to access content, like RISKS, any password can
do.
------------------------------
Date: Wed, 25 Nov 2020 05:25:18 -0700
From: "Keith Medcalf" <
kmedcalf@dessus.com>
Subject: Re: Online password '123456' more popular than ever and easy to
crack (Kruk, RISKS-32.38)
And this points out why one should *NEVER* use a so-called "password
manager" because they are inherently untrustworthy and have access to all
your passwords.
If you want to publish all your passwords for everyone to see, why not just write them on a sticky-note and stick it on your window, or send it as a
letter to the editor of your local newspaper? Or post them on Twitter or whatever the kids are using these days ...
------------------------------
Date: Fri, 27 Nov 2020 16:20:50 -0500
From: Gabe Goldberg <
gabe@gabegold.com>
Subject: Utah monolith: Internet sleuths got there, but its origins are
still a mystery (BBC News)
It took just 48 hours for the first person to get there.
When officials in Utah on Monday revealed they had found a shimmering, metal structure deep in the Red Rock desert, they refused to say exactly where.
They hoped that would be enough to deter amateur adventurers from setting
off to find it, risking getting dangerously lost in the process.
But there was little chance that people would abide by this advice. By Wednesday, pictures were emerging on Instagram of people triumphantly posing with the monolith, eager to show the world that they had got there first -
even if the wider mystery of why it is there remains unsolved.
They were aided by Internet sleuths who had quickly geo-located the
structure on Google Earth and posted the co-ordinates online.
https://www.bbc.com/news/world-us-canada-55071058
The risk? Trying to keep secrets.
[... and then it just disppeared... PGN]
------------------------------
Date: Mon, 1 Aug 2020 11:11:11 -0800
From:
RISKS-request@csl.sri.com
Subject: Abridged info on RISKS (comp.risks)
The ACM RISKS Forum is a MODERATED digest. Its Usenet manifestation is
comp.risks, the feed for which is donated by panix.com as of June 2011.
SUBSCRIPTIONS: The mailman Web interface can be used directly to
subscribe and unsubscribe:
http://mls.csl.sri.com/mailman/listinfo/risks
SUBMISSIONS: to risks@CSL.sri.com with meaningful SUBJECT: line that
includes the string `notsp'. Otherwise your message may not be read.
*** This attention-string has never changed, but might if spammers use it.
SPAM challenge-responses will not be honored. Instead, use an alternative
address from which you never send mail where the address becomes public!
The complete INFO file (submissions, default disclaimers, archive sites,
copyright policy, etc.) is online.
<
http://www.CSL.sri.com/risksinfo.html>
*** Contributors are assumed to have read the full info file for guidelines!
OFFICIAL ARCHIVES: http://www.risks.org takes you to Lindsay Marshall's
searchable html archive at newcastle:
http://catless.ncl.ac.uk/Risks/VL.IS --> VoLume, ISsue.
Also,
ftp://ftp.sri.com/risks for the current volume/previous directories
or
ftp://ftp.sri.com/VL/risks-VL.IS for previous VoLume
If none of those work for you, the most recent issue is always at
http://www.csl.sri.com/users/risko/risks.txt, and index at /risks-32.00
ALTERNATIVE ARCHIVES:
http://seclists.org/risks/ (only since mid-2001)
*** NOTE: If a cited URL fails, we do not try to update them. Try
browsing on the keywords in the subject line or cited article leads.
Apologies for what Office365 and SafeLinks may have done to URLs.
Special Offer to Join ACM for readers of the ACM RISKS Forum:
<
http://www.acm.org/joinacm1>
------------------------------
End of RISKS-FORUM Digest 32.39
************************
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)