• 106 Posts
  • 2.58K Comments
Joined 1 year ago
cake
Cake day: October 4th, 2023

help-circle
  • I don’t think that the problem is 2FA itself so much as poor UX on existing systems.

    Let’s say that I have a little USB keychain dongle in my pocket with an “approve” button and a tiny screen. When I sign in, at the time that I plug my password in, I plug the dongle in. It shows the information for whom I am approving authentication. I push the “approve” button.

    It’s got a trusted display (unlike a smartcard, so that a point-of-sale system can’t claim that I’m approving something other than what I am).

    It can store multiple keys, and I basically use it for any credentials that I don’t mind carrying with myself.

    I then keep another, “higher security” dongle at home with more-sensitive keys.

    Does that add some overhead relative to just entering my password? Yeah. But is it a big deal? No. And it makes it a lot harder for someone to swipe credentials.

    I agree that using phone-linked SMS 2FA authentication is problematic (for a number of reasons, not just because it locks you to a phone, but because there are also privacy implications there).



  • for some reason

    It’s called price discrimination.

    If there are multiple groups of potential purchasers who have different levels of willingness to pay, if you can identify some characteristic of people willing to pay more, then you can create a version of the product that targets that characteristic and thus the group.

    Price discrimination (“differential pricing”,[1][2] “equity pricing”, “preferential pricing”,[3] “dual pricing”,[4] “tiered pricing”,[5] and “surveillance pricing”[6]) is a microeconomic pricing strategy where identical or largely similar goods or services are sold at different prices by the same provider to different buyers based on which market segment they are perceived to be part of.[7][8][2] Price discrimination is distinguished from product differentiation by the difference in production cost for the differently priced products involved in the latter strategy.[2] Price discrimination essentially relies on the variation in customers’ willingness to pay[8][2][4] and in the elasticity of their demand. For price discrimination to succeed, a seller must have market power, such as a dominant market share, product uniqueness, sole pricing power, etc.[9]

    • “Product versioning”[8][16] or simply “versioning” (or “second-degree” price differentiation) — offering a product line[13] by creating slightly differentiated products for the purpose of price differentiation,[8][16] i.e. a vertical product line.[17] Another name given to versioning is “menu pricing”.[14][18]

    In this case, you’re going to have something like a group of “value customers” who care a lot about how much they need to spend on the game. And then you’re going to have “premium customers” who aren’t too fussed about what they pay, but want the very fanciest experience.

    If you had just one version, sold the game at the “value customer” price, then you’d lose out on what the “premium customer” would pay. If you sold it at the “premium customer” price, then you’d have a bunch of “value customers” for whom the game would no longer be a worthwhile purchase, who wouldn’t buy the game, and you’d lose the sales to them. But by selling it at multiple prices, you can optimize for both groups.

    EDIT: l’d also add, on the technical rather than economic side, that I’ve messed around with having a custom HRTF model myself, as Linux (and maybe elsewhere, dunno) games that use OpenAL let you specify a custom HRTF model in the config file. My own impression was that any impact on audio experience was pretty minimal. Might be different if someone had really weirdly-shaped ears or something, dunno.



  • https://understandingwar.org/backgrounder/russian-offensive-campaign-assessment-october-21-2024

    Russia appears to be scrambling to reduce tensions with South Korea following credible reports of intensified North Korean cooperation with Russia, including South Korean and Ukrainian intelligence warnings that a contingent of North Korean troops has deployed for training to Russia. South Korea’s Foreign Ministry summoned Russia’s Ambassador to South Korea, Georgy Zinoviev, over reports of the deployment of North Korean military personnel to Russia.[12] The Russian Embassy in South Korea falsely framed the event as a voluntary meeting, as opposed to a diplomatic summons, and notably claimed that any cooperation between Russia and North Korea “is not directed against the security interests” of Seoul.[13] Kremlin Spokesperson Dmitry Peskov claimed that Russia-North Korea cooperation “should not cause concern” to other states, and that information about the alleged presence of North Korean troops in Russia may be “contradictory.”[14] The Kremlin’s apparent desire to assure South Korea that its cooperation with North Korea is not a threat to Seoul suggests that the Kremlin remains very concerned about the prospect of Seoul’s potential pivot towards providing Ukraine with necessary military support, and the implications of worsened relations with Seoul for Russian security interests in the Asia Pacific region. Russia has previously attempted to court Seoul in order to mitigate the impacts of its growing reliance on North Korea, as ISW has noted.[15]

    Well, if ISW is correct about the Kremlin aiming to reduce tensions, it doesn’t sound like tensions are being reduced a whole lot.






  • No problem. If you’re into this capcom music thing, the comments on that video may also be fun to read, as there are people who clearly got really into it. Stuff like:

    I supported Shuttle missions from STS-26 to STS-135.  It was a tradition to play “Countdown” continuously in my car as I was making my way into work on launch day.  After the program ended, I would only hear it when playing “Signals” at home or in the car.  Fast forward 11 years.  Launch day for the newest vehicle in U.S Space Exploration, Artemis.  Heading in to support the launch, a few blocks from the house, the news guy on the radio mentions the “Countdown of Artemis”.  Countdown?  Artemis?  COUNTDOWN!!!  I stopped the car, turned around,  went back home, grabbed “Signals”, started “Countdown” and headed in to work.  The tradition continues…  Ad Astra!

    Or

    I have a friend who is an astronaut and has been in space. I asked  him if he knew of this song, and with a wide eyed grin, he replied - “every astronaut knows this song”. Now how cool is that! Rush frames the excitement of the space journey so well, it had to register with these space pioneers as well! For the record, I’ve seen Rush 23 times, beginning with GUP and can’t begin to say how impressive each and every show was. They’re living evidence that the Mozart’s and Bach’s of the past,  still exist in modern times.



  • That was my reaction too – North Korea has a history here – but that doesn’t seem to mesh with the article text.

    But sometimes the diplomats and company officials know the money they are sending to Pyongyang is not legitimate, Ryu Hyun-woo, who was once acting ambassador to Kuwait, told RFA.

    “People can buy a counterfeit $100 bill for $20,” he said. “When I was short like $200, I would put in fake bills.”

    He said that internal counterfeiting was discovered internally in 2015 and 2016, when sanctions against North Korea were getting more stringent.

    Though North Korea may have been the origin of high-quality fakes of the $100 bill, Ryu thinks that that’s not the case today.

    “It is questionable whether North Korea can currently secure the appropriate materials to produce counterfeit money,” he said.







  • The feature list of the language is so long at this point that it is pretty much impossible for anyone new to learn C++ and grok the design decisions anymore.

    Even if it is possible, it’s a high bar. The height of that bar matters in bringing new people in.

    I have seen decades of would-be “C++ killers” come and go. I think that in the end, it is C++ that kills C++. The language has just become unusably large. And that’s one thing that cannot be fixed by extending the language.


  • Well, he’s on fedia.io, so I assume that he recommends that.

    Keep in mind that that’s an mbin instance. It has a different UI (much of which, though not all of which, I like), but last I looked, which was some time back, didn’t have mobile client support other than a PWA. That may or may not be significant to you, depending upon your usage. It also has native support for Mastodon-style microblogging.

    Your home instance is a lemmy instance, so it’ll look and work somewhat-differently.

    My main irritation with the mbin UI last I looked was the difficulty of bringing up the subscriptions list. On the other hand, it did a collection of other things that I liked that lemmy presently does not, like permitting resizing inline images.


  • Apparently the EULA blocked them from lawsuits, as people have tried suing them before.

    This guy tried suing them six years back over his $4500.

    https://www.vice.com/en/article/star-citizen-court-documents-reveal-the-messy-reality-of-crowdfunding-a-dollar200-million-game/

    Ken Lord was one of those fans, and an early backer of Star Citizen. He’s got a Golden Ticket, a mark on his account that singles him out as an early member of the community. Between April 2013 and April 2018, Ken pledged $4,495 to the project. The game still isn’t out, and Lord wants his money back. RSI wouldn’t refund it, so Lord took the developer to small-claims court in California.

    On June 13, 2018, a judge ruled in favor of Star Citizen. According to Lord—and the LA county court records—the judge dismissed the case without prejudice, saying an arbitration clause buried in the Star Citizen end-user license agreement prevented Lord, or anyone, from taking RSI to court for a refund on a game that some backers think may never come out.

    I suppose a class action lawyer might be able to find some jurisdiction in which they were taking money and running afoul of consumer protection laws.

    Thing is, I think that a class action lawyer is going to want to go after someone with money, and when CIG runs out of funds, I don’t expect that they’re going to be a very interesting target.