> The character of Prisoner 849 is commonly speculated to be Gina, as her model (Female 1) and skin are the first character to appear in alphabetical order; this is even reinforced by UnCreature giving the female player a bio while the male player bio just reads "See Female Player". However, the character of Prisoner 849 is completely up to the player's choice, hence the use of neutral nouns in this article.
Add the lie "emails are delivered instantly, so the user can click a link I email them within 1 minute"
And the lie "users always read emails on the same device they're logging into a website with"
And the lie "users can always view HTML email so no need to send a plaintext equivalent, especially if I have a long complex URL I want them to click"
And the lie "Clickable links sent in email are more secure than passwords so I'll stop supporting passwords and instead rely on email delivery of a link for all logins. Whoever clicks that link first is definitely the user who wanted to log in"
If you try to create a Discord account with Firefox Klar as your default browser, on Android, immediately upon signing up you'll be banned. I have to assume this is because it clears cookies and thinks you're a bot farm.
> And the lie "users always read emails on the same device they're logging into a website with"
Or the same browser, or the same browser-profile. For example, on my phone I have external links (from other apps) opening in incognito mode by default.
Claude, for my non Gmail domain, expects me to click a magic link on every device I wish to use it. Its wild that a product like that cannot take a password, or a passkey.
I'm surprised that this has not triggered all of the reminiscences of sitting running mailq at intervals for hours to watch mail that hasn't even left the local sending machine yet.
> Clickable links sent in email are more secure than passwords so I'll stop supporting passwords and instead rely on email delivery of a link for all logins
God, I fucking hate that.
I have a fucking password manager, I have various machines and things open. Just let me fucking log in.
If anyone is reading this who is in charge of the internet please stop doing this.
I seem to spend half my life logging into thing's, confirming 2fa,confirming biometric data. Then when I go back to the first thing it's timed out and I have to sign in again.
It is with much hesitation that I write this, because I just implemented such a flow.
My reasoning was this: my customers keep forgetting their password and somehow that becomes a trigger to contact me. No passwords, no problem.
I tried convincing them to use password managers but that was pointless.
But I see the pain and frustration so I will add passwords. And I quite liked the passkey idea, have to see how that works. Not that my customers would ever use it, but I would. It literally never occured to me.
To be clear, no shade on actual devs faced with actual problems. My ire is reserved exclusively for the "we must do this because it is on the checklist, no I don't understand what a subnet is" people.
A lot of those same people seemed perfectly capable of insisting on 60 day password rotation back when they could use nist guidance as an authority to appeal to (for about five years after the recommendation changed too).
Specifically the revocation of such guidance. If the field gave even the slightest deference to empiricism we wouldn't be changing our password every 180 days, but here we are.
So agreed. It’s fucking crazy. Password manager is so much easier and more secure. If you do this dumb email or SMS OTP flow, at LEAST support passkeys for my password manager!
It’s wild that they’re like “it’s more secure to not have a password” and then choose two unencrypted delivery mechanisms for the very short OTP.
Sure, people who reuse passwords are not secure. And fair, I guess it’s a tragedy of the commons. But at least continue supporting it and make it dead simple for password managers if you actually care bout security
I thought the same for a long time but now i don't know. If your computer is compromised, they can exfiltrate your password, but with a hardware key they can't, so i think that's legitimately more secure than password+otp. It still needs a pin though to protect against device theft.
I bring this up because there's been a ton of compromised developer packages recently and windows itself is being attacked so even if you're pretty good about protecting yourself, you still might get screwed.
I don't think it should be the sites' responsibility to guess whether the browser session is the have device will receive an SMS message... The fact that it is SMS is already bad anyway.
Time-code apps or passkeys are a different story.
1. You should be able to make backups.
2. There's nothing to intercept in plaintext.
3. The all can (unlike SMS features) be locked down by default and require a second layer of unlocking, so that they usually aren't accessible to someone who grabs your phone out of your hand.
It absolutely should be the Bank's concern when this is how 99% of their customers will use it. Some even have deliberate integration between the baking and 2FA apps.
Mirror's Edge has a female protagonist, but it's not an FPS (First Person Shooter). It's a parkour simulator which technically lets you shoot a gun in limited sections of the game, but the protagonist is a pacifist and you get a bonus for decommisioning guns rather than firing them.
So it looks like the two categorisations, for the most part, don't intersect.
Notable counterexamples would include Rise of the Triad, Ion Fury, No One Lives Forever, Wolfenstein: Youngblood and Far Cry 6, but definitely rare. You'd be clutching at straws to describe Portal or Alien: Isolation as FPS (they're a puzzle game and survival horror game respectively), likewise the Resident Evil / Clock Tower / Fatal Frame / etc. games with the novelty option of switching to first-person view, they're naturally third-person perspective. Left 4 Dead has one female character out of four you can play. You might count that one DLC for Bioshock: Infinite where Elizabeth gets a shot (https://www.youtube.com/watch?v=1E1lh-pb6Is). You might count the few FPS RPGs that there are with customisable characters (so yes Fallout, but not Mass Effect as it's third-person). But female protagonists are massively more prevalent in survival horror, metroidvania, third-person shooters (Tomb Raider, Monster Hunter, Horizon Zero Dawn, etc) and other genres besides FPS.
There have always been people trying to push low-effort, low-value things as high-value things by copying the superficial aspects of high-value things. People literally do "judge a book by its cover", and can be tricked into buying it even when the contents are worthless.
People in a bookshop don't want to have to read entire chapters of each book they're thinking of buying in order to be sure they're all legitimate books of value. They want the bookseller to have done that for them, and know every book in the shop had at least some effort put into it.
The internet is not a bookshop. An enshittified platform like Amazon is not a bookshop. If a slopmaker can pay a platform to tout absolute slop, you now can't trust the platform. It's all so tiresome.
It's now just easier to perform that dishonesty and waste even more people's time than ever before.
Yeah, this is why it's obnoxious and this is why scummy marketers do it. If you don't aggressively turn it off, they leech an implicit endorsement out of you.
Please see the graph "Growth of the Math 2 Population by Major (2019-2024)". UCSD's Math 2 class is remedial high-school level maths. It has grown from under 100 students in 2016-2020, to more and more people each year starting from 2021.
UCSD tested the people who took this class, and 25% of them could not answer the question "Fill in the box: 7 + 2 = [_] + 6" (with only pencil and paper allowed, no calculators or other electronics)
I'm suggesting the problem is not limited to Berkeley. They both show the same underlying issue, there's a growing number of students attending university without the prerequisite maths skills they need to succeed.
It seems they're now at the point where the sheer number of students that need improved maths skills overwhelms the staff, resulting in them failing.
But my point was that while you might expect remedial math students to fail (they're in remedial math for a reason), you shouldn't be having 1/3 of students failing a CS class (except perhaps if it's full of humanities majors who were required to take it for some odd reason)
What you're seeing there is churnalism; journalists just want to get a piece printed and move on. Sometimes the whole piece comes from a source that benefits from the piece being printed, not just the expert. https://en.wikipedia.org/wiki/Churnalism
Sometimes the expert benefits just by being in the news, see for example NPR banning the expert they quoted 77 times, law professor Carl Tobias. Mainly because he'd write to them offering his opinion on the topics of the day, and as he is a law professor, even if the topic isn't law, NPR journalists couldn't help but accept his quotes to pad out their articles. https://www.mediaite.com/media/nprs-new-rule-for-2026-stop-q...
reply