I mean anything you have to "install" from an app store tied to a phone OS. Sometimes if there is no other option I install the app/complete the task and uninstall.
The app guys have normalized the idea that every "bright" idea they get about how to exploit my data or waste my attention, they have a right to push it out to my phone, if I have installed their app.
So the stupid apps keep updating with new shit everyday whether I need it or not.
Wat? If my laptop gets infected and the bad actor tries to access my (insert account protected with MFA here), their ability to do harm is limited by spreading things across two devices.
Not at all, but I think a lot of these companies have something in place which is roughly equivalent to a budget of resources they are willing to put towards processing your requests in a given time frame (independently of context windows) that artificially acts that way.
I can get a couple of hours of good responses out of Gemini (with a fixed price monthly payment) working on a project per day before quality takes a serious nosedive.
Not if it's scoped to the username/domain in some way (e.g. by making the client-sent value H(password, username, domain) rather than just password or H(password)).
But that would require a canonical and secure (i.e. not (only) controlled by server-fetched code) way of client-side password preprocessing, and if you have that, you can just as well use a PAKE, modern instances of which have all of these nice properties and more.
Except, if you run rounds on the client and server, you now never handle plain passwords (that users might be reusing) and reversing the thing you store into something you can use against that services' API is still just as hard (if not harder because you need to do either do the total rounds on plain or the server rounds on a very long input)
It's not the same. If you the un-hashed password leaks it can often be used to authenticate on other websites since people reuse passwords. You can't do that if all you have is the hashed password.
I think you missed the other websites reference. If you're at the point of being able to steal the table of users, you're probably not too concerned about using the credentials to login to that website.
Thank you! My point exactly. This is ugly as hell. So many brilliant developers and tech minds congregating to judge someone going through a sad time in their life based on an emotional post to some web forum.
Calm down, I know plenty of talented developers at FAANGxyz companies who are less articulate and have weaker writing skills compared to OP (at least in the post you're replying to, I do agree the original post was a bit off, but clearly it was written in some type of emotional state.. you know with his calling himself unhirable and all.)
It seems that a lot of people replying here never understood the phrase "don't just a book by its cover". So many people are opining about OPs character in definite, and it's just unpleasant to witness. Sure, the whole calling VPs directly thing is a bad idea, and definitely inappropriate, but I can understand someone feeling like they're doing the right thing to advocate for an issue they see to be impactful. I wish I could CC this to all the people postulating OPs universal lack of empathy. I agree that he could benefit from therapy, because honestly we all can benefit from therapy; but all the posts implying he needs to be medicated or psychoanalyzed are reprehensible. I see someone who is upset with where they are, so they wrote a post conveying that in a slightly conceited way, yet so many talented minds in the field of tech are coming to this post to say that he has delusions of grandeur.
He is the book, and this post along with the comments he's making are the cover. You can give advice on what's presented without insulting his character.
