xyguy

Pretty much every OSHA rule came from some kind of death or dismemberment of they guy before you. As a wise foreman once said, "Better a pain in the ass than your ass in pain”

KISS launcher is exactly what I was looking for in a launcher. 5 always used apps at the bottom calendar and weather widgets on the home screen, search for everything else. It seems like it used to have a lot of problems with custom icons but lately it's been pretty much perfect.

This guy isn't kidding about the garage door springs. I had some of the old style ones in my old garage that broke and launched a piece of metal across the garage right past my head and made a giant dent in a 2x4. Those things are vicious.

From a Star Trek perspective, when they have to eject the (warp) core they are also in for a pretty bad time.

Hopefully more Justin and Tawny than Alex.

This is more like triple bolting the door but leaving a window open. There's nothing inherently wrong with the door, its still secure but you can bypass the secure option with a less secure method.

You also get additional protection because rather than each website holding onto a hashed (hopefully) copy of the user passwords that can be stolen in bulk, stealing the public keys for a passkey from a site wouldn't compromise the account. Someone would have to get access to your physical device or hack your password manager individually to get access to your passkey.

And and, the magic for most people is no more passwords and 2 factor stuff to deal with. The standard is still new, and in the cases where you want to use physical keys, its always best to keep 2 in case one gets smushed or goes through the washer. Some sites that have passkeys enabled only let you have 1 passkey. So in that case its kind of risky to make a passkey the only way to sign in.

This is the real takeaway, if you have a forgot password button that bypasses everything then none of it is anything more than a login accelerator.

This is just someone siting in the middle and modifying a page not to show the passkey login option anymore and then stealing a password/session token.

As far as I can tell, this has almost nothing to do with passkeys specifically and would only apply in a situation where a website has a username and password fallback in case a passkey isn't created or isnt working.

I haven't done any work for the military but i can say that all the legacy systems I've worked on were because the specific software they need was written only for Windows 98 and the developer or company that created it is long gone. Keeping it going is a chore but switching to literally anything else is out of the question.

I could see for military applications that having the known quantity of a working piece of software that isn't changing anymore and can be swapped as an entire unit is an advantage, especially if it doesn't touch the internet in any capacity. But eventually you run out of people who know what to do if any changes need to be made.