HackerTrans
TopNewTrendsCommentsPastAskShowJobs

hsdropout

no profile record

comments

hsdropout
·2 года назад·discuss
That's not 2FA, that's two of the same factor.

The factors are:

- Something you know

- Something you have

- Something you are (biometrics)
hsdropout
·2 года назад·discuss
Aha good point, my bad.
hsdropout
·2 года назад·discuss
This has been in their guidance since at least 2017.

"Verifiers SHOULD NOT impose other composition rules (e.g., requiring mixtures of different character types or prohibiting consecutively repeated characters) for memorized secrets. Verifiers SHOULD NOT require memorized secrets to be changed arbitrarily (e.g., periodically). However, verifiers SHALL force a change if there is evidence of compromise of the authenticator"

https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.S...

Also worth pointing out that NIST doesn't set policy, so unfortunately this doesn't directly "forbid" anything, though many other policies reference 800-63.
hsdropout
·2 года назад·discuss
Do non tech people run Linux? I've not seen this.
hsdropout
·2 года назад·discuss
Discussion here as well:

https://news.ycombinator.com/item?id=41370877
hsdropout
·2 года назад·discuss
Agreed. This is also a feature of Microsoft's Purview product:

https://learn.microsoft.com/en-us/purview/insider-risk-manag...
hsdropout
·2 года назад·discuss
I'm glad to see https://isevenapi.xyz/ made the list.
hsdropout
·2 года назад·discuss
This was recently decided by the US Supreme Court.

https://apnews.com/article/supreme-court-social-media-biden-...
hsdropout
·2 года назад·discuss
1. Don’t smoke

2. Try to maintain a healthy weight

3. Reduce your meat intake

4. Avoid ultra-processed foods

5. Drink less alcohol

6. If you notice anything you are worried about, see a doctor

7. Keep up to date with screenings

8. Get physical

9. Wear sunscreen

10. Manage stress

11. Look into genetic risk

12. When faced with a diagnosis, knowledge is power

13. Don’t fear treatment

14. Talk about it

15. Live life to the full
hsdropout
·2 года назад·discuss
I sometimes use these in Windows when I expand characters with FormD[0] as part of username validation.

If the expanded count doesn't match, a diacritic might be present.

[0] https://learn.microsoft.com/en-us/dotnet/api/system.text.nor...
hsdropout
·2 года назад·discuss
https://www.un.org/sites/un2.un.org/files/attention_economy_...
hsdropout
·2 года назад·discuss
And the other 50% is concentrated power of will.
hsdropout
·2 года назад·discuss
Are you referring to the first amendment? If so, this allows you to speak against the government. It doesn't prevent you from entering optional contracts.

I'm not making any statement about the morality, just that this is not a 1a issue.
hsdropout
·2 года назад·discuss
Apparently I phrased my response poorly. I was responding to the narrow context of the idea that devs aren't using Azure VMs instead of Macs. I was not disputing the popularity of Azure.
hsdropout
·2 года назад·discuss
Previous submission from 4 days ago:

https://news.ycombinator.com/item?id=40226114
hsdropout
·2 года назад·discuss
>Windows on Azure

Lol, citation needed if you actually believe this.

>or Microsoft oriented stacks.

is a very complicated way to say Windows desktop.
hsdropout
·2 года назад·discuss
Of the organizations that have Exchange Server on premises, I'd bet the lions share are hybrid, with regular user mailboxes in the cloud, using the server(s) for application relays, etc.
hsdropout
·2 года назад·discuss
Not sure if I'm missing your intentional irony, but NIST was one of the best places to send folks who think user password rotations are a good idea.

I said "was" because pretty much everyone has now caught up, but NIST updated guidance shortly after big breaches were able to be studied.

> Verifiers SHOULD NOT impose other composition rules (e.g., requiring mixtures of different character types or prohibiting consecutively repeated characters) for memorized secrets. Verifiers SHOULD NOT require memorized secrets to be changed arbitrarily (e.g., periodically). However, verifiers SHALL force a change if there is evidence of compromise of the authenticator

https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.S...
hsdropout
·2 года назад·discuss
>I’ve never ever received spam from GitHub.

I wonder how long they will keep investing in both GitHub and Azure DevOps. I'm worried they are just busy ruining other experiences at the moment, but enshittifying GitHub is on the list of things to do.
hsdropout
·2 года назад·discuss
Or tint people yellow to make a point: https://www.theblaze.com/news/joe-rogan-accuses-cnn-video-di...