© 2024 @skaffi@infosec.pub

TEXT FROM THIS ACCOUNT IS CREATIVE WRITING PROTECTED BY COPYRIGHT. USAGE IN RESEARCH, DEVELOPMENT OR TRAINING OF AI IS RESTRICTED BY THE TERMS OF THE LICENSE HERE LINKED: https://pasted.drakeerv.com/raw/9awr7SCK

  • 0 Posts
  • 5 Comments
Joined 2 years ago
cake
Cake day: July 6th, 2024

help-circle
  • Coming from XP, 7 felt like an upgrade, but I wouldn’t say I was enamoured. Peak Windows for me was 2000, and while it probably lacks more useful modern features than I recall, I definitely still think it’s the best looking, and the visually most well put together version of Windows there has ever been.

    I love Linux, and I love how it has managed to bring back, or even surpass, the enjoyment and the sense of wonder and possibilities, that I used to feel in regards to computer use, back then. And I love how it enables me to install, create and customise any graphical elements of the desktop environment to my liking. One of the first things I managed to do, after switching to Linux, was, in fact, to convert my desktop into a very convincing Windows 2000 look-alike - just looking at the desktop, I doubt many people would have been able to tell that it wasn’t actually the real McCoy. Nowadays, though, I wouldn’t want my desktop to look like Windows of any variety. I use a few different styles, depending on mood, that are all either replicas of other, real desktop environments from the 90’s, or they’re imaginary “fantasy desktops” from the 90’s of an alternate reality. I love that can just do that, not just because I love that particular aesthetic, but also because it is SO much more usable for me. The current trends in visual design, aren’t just off putting to me, it’s difficult and straining to parse too, what with the contrasts that are all out of whack, and lines and outlines all but seemingly banned, and with all the drop shadows and the transparency effects, and things fading and sliding around everywhere all the time, it’s just so much visual noise, and it makes my head hurt. The late 90’s is when GUIs and the graphical part of UX were at their peak, in terms of usability and readability, if you ask me. It’s sad to me that almost every type of design since has seemingly been a direct or indirect rejection of that period. I wonder how much better GUIs could be, if they had stuck with all the things that worked well from back then, and had then continued to build off of that.

    Sorry I think I went off on a tangent there.

    As for 7 being the peak in terms of usability, what with some of the features it had over earlier versions, you may be right. I think 7 was the first version that had indexed searches, or at least had them enabled by default, and I remember how good that felt, experiencing it for the first time. But wasn’t 10, on release, pretty equivalent to 7, really? IIRC, much of its dark patterns, ads, spyware and enshittification was only added gradually over its lifetime, wasn’t it? Going by memory, I think I even appreciated the minor facelift it got, as it seemed essentially like the same thing, but with the Vista-esque/Aero-style glassy, glossy, noisy stuff gone or heavily muted and toned down, which made it much less distracting.



  • A hassle, huh?

    Security questions are an idiotic type of “security”, so of course I never enable them if they’re optional, which they almost always are. As I said, I can count on half a hand how often I’ve used them in recent years.

    Occasionally, though, they can be the least bad two-factor option available on a service that either requires 2FA or which makes itself, indeed, a hassle to use when you don’t have any 2FA enabled, such as by throwing captchas at you up the wazoo. If such a service only offers 2FA by email, text message or security questions, then hell yeah, I’ll take the latter option any day of the week. Needing an emailed link or code to log in, now that’s a hassle. Same deal with text messages, but with the additional benefit of them being insecure as hell. You know what’s not a hassle, though? Having one extra field auto-filled by your password manager. That’s the hassle-free option.

    As for taking things seriously or not - are you really trying to tell me that you don’t have anything that’s important enough to care about keeping secure? And if not, why would you not care about keeping anything that’s important secure? Especially when it’s so easy, and indeed, hassle-free, to have that security fully automated and handled by your password manager. If your gut reaction to security is that it’s a hassle, then I’m sorry to say that you most likely have both poor security, and unnecessarily difficult or annoying-to-use security, too. Do you subject yourself to the mental load of having to remember all of your hundreds of passwords in your head? Talk about a hassle. Or do you just use the same password for everything? Now that would be a hassle, to have not just one random account somewhere compromised, but to have all of your accounts, everywhere at once, compromised.


  • You had to share your password over the phone? That’s asinine. And you say it was your bank, and a major one, to boot? Wow. If that’s their approach to security, I’d tell them they can just look up my password in their database, which I’d assume to be in plaintext too (and to actually just be a really big Excel sheet).

    Anyway, regardless, you need some passphrases in your life! So much easier to deal with, if you ever have to share it out loud, and more importantly, a whole lot easier for you to parse and manually type, on the occasions where it can’t be auto-filled. As I said before, Correct Horse Battery Staple! :)


  • As long as you can choose the answer, you can also choose what the question really is. You can just decide that questions about your mum’s maiden name are actually asking you about the last name of the doctor that delivered your first born.

    Or, better yet don’t tie security to personal or externally verifiable information about yourself. In the one or two cases, in recent years, where I’ve had to fill out such (in)security questions, I’ve just treated them as additional password fields, where I just create additional fields for them in my password manager, and generate long, random responses as their correct answers. Why yes, my mother’s maiden name is Correct7Horse@Battery!Staple, why do you ask?