the only conclusion i get from this article is that using WordPress is unsafe; just like using Node, Python, Arch Linux, and any platform whose package manager allows community sourced packages.
i find it hilarious how no one has "left a trace" in this post's comment section yet.
on the other hand, i think having to register an account on an unknown service (i don't know what will Discus do with my data) just to leave a comment is something the average reader (including myself) will not do; this being the exception, not the norm. in fact, i used a throwaway email for creating this account.
but i can also see how hard it would be to moderate an account-less comment section.
~~so, i will invite anyone who reads my comment to, instead of only replying here, forwarding any replies to any of my contact methods available on my website: https://jotalea.com.ar/~~ ignore this part, i do read HN often, so i will likely see the replies.
a couple years ago i read a blog post about someone talking about how fragmentation in word processors work, explaining that most word processors started as "this software does only what i need, and will not have X feature that Y has because it's annoying/bloated" [0].
to paraphrase what he said, "instead of K9s, PostgreSQL, Redis, Oauth, WebSocket Gateway, Service Discovert; we're going to use git, html and json", I had a panic attack as soon as I read that.
oof, a ton of them, here are a few that passed my minimum quality standards and made public: a video compression service (inspired by 8mb.video) [0], a music player that gets songs from a specific repository for Geometry Dash [1], a screenshot tool "for crappy OSes" (windows) [2], spaghetti C code that prints "i love you" to stdout [3], more spaghetti code [4], and a speedhack cheat for singleplayer games on Linux [5]
alright, i'll take your point and say that Google is not a viable SSO provider. now what?
sure i could buy a custom domain and host an email server on it, but now i have to care about server maintenance, SSL, and paying yearly for the domain. but that doesn't mean i get to keep it forever! just as Google can, the hosting provider can block my account, or even go down itself. then what? i'd be in the same situation where i'm locked out.
or suppose i don't have money to pay for the domain (which is a rare possibility, but it is not impossible). now someone buys my domain, and registers an email with the same address as mine. now what? i'm screwed!
i agree that having only one centralized login method for all of one's accounts is bad, but this article doesn't provide a safe alternative.
i dislike AI-generated images as much as the next guy does.
but saying that "everyone hates AI images" is an exaggeration and outright false. we are a minority.
i will bring up tiktok, the "normie app". on there, an AI-generated series of videos (with a general quality as bad as you might imagine) gained lots of traction and, for one week, it became the fastest growing account. [0]
and "normies" liked it. i can tell you there was plenty of people genuinely watching that shitshow.