Difference between revisions of "User:Tepples/axes to grind"

From Pin Eight
Jump to: navigation, search
(Resolved: Bulk and lag, with citation)
(Twitter no longer requires SMS for 2FA; Steam Link is no longer a hardware product)
 
Line 10: Line 10:
 
;2-factor authentication on Twitter is expensive because you need a separate cell phone line for each Twitter account
 
;2-factor authentication on Twitter is expensive because you need a separate cell phone line for each Twitter account
 
:This restriction was in place for years, and [https://jessysaurusrex.com/2014/09/15/a-rant-twitter-your-2factor-authentication-sucks-or-why-brands-get-hacked-on-twitter/ Jessy called it a major reason why brands get hacked]. ([https://twitpic.com/csq7i6 Picture of error message]) Sometime by mid-September 2016, Twitter increased this to 10 accounts.<ref>[https://support.twitter.com/articles/110250 Add your phone number to your account]. Twitter. Accessed 2016-09-15.</ref>
 
:This restriction was in place for years, and [https://jessysaurusrex.com/2014/09/15/a-rant-twitter-your-2factor-authentication-sucks-or-why-brands-get-hacked-on-twitter/ Jessy called it a major reason why brands get hacked]. ([https://twitpic.com/csq7i6 Picture of error message]) Sometime by mid-September 2016, Twitter increased this to 10 accounts.<ref>[https://support.twitter.com/articles/110250 Add your phone number to your account]. Twitter. Accessed 2016-09-15.</ref>
 +
;2-factor authentication on Twitter is expensive because the user has to maintain an active cellular subscription to receive codes through SMS
 +
:Twitter didn't add TOTP until April 2017. And until November 2019, not only did it require SMS to set up TOTP,<ref>Abhimanyu Ghoshal. "[https://thenextweb.com/twitter/2017/04/17/twitter-now-supports-two-factor-authentication-apps-heres-secure-account/ Twitter now supports two-factor authentication apps, here’s how to secure your account]". ''The Next Web'', 2017-04-17. Accessed 2017-09-18.</ref> Twitter still sent TOTP users a code through SMS on every login.<ref>Jack Morse. "[https://mashable.com/2017/06/16/twitter-two-factor-authentication-major-problem/ Twitter's 2-factor authentication has a serious problem]". ''Mashable'', 2017-06-16. Accessed<!-- 2017-09-18, --> 2017-12-04.</ref> ([https://tech.slashdot.org/comments.pl?sid=11338069&cid=55522395 All in 1 post]) Users of phone-based 2FA must use a line specifically capable of SMS; when tested in 2017, Twitter could not place voice calls to a Frontier landline or an AT&amp;T wireless home phone. This affects users in the United States, where pretty much every cellular carrier other than Truphone charges pay-as-you-go subscribers not only for sending SMS but also for receiving SMS. (Cheap unlimited MVNOs have been mentioned<ref>[https://slashdot.org/comments.pl?sid=11630709&cid=55958677 Anonymous Coward recommended TextNow]</ref> but not evaluated.) But in November 2019, Twitter recognized the threat of SMS swap attacks and began to allow use of U2F or TOTP without SMS.<ref>Catalin Cimpanu. "[https://www.zdnet.com/article/twitter-will-finally-let-users-disable-sms-as-default-2fa-method/ Twitter will finally let users disable SMS as default 2FA method]". ''ZDNet'', 2019-11-21. Accessed 2019-11-22.</ref>
 
;Chromebook verified mode runs only JavaScript
 
;Chromebook verified mode runs only JavaScript
 
:Sell your old Chromebook and buy one that uses Linux 3.15 or later. Once updated to Chrome OS 69 or later, these have [https://www.omgubuntu.co.uk/2018/08/chrome-os-69-linux-for-chromebooks Crostini], an environment to run X11/Linux applications in a container on Chrome OS. Crostini works on all Chromebook models introduced starting in second quarter 2019, so print out the Crostini list at home or at a library or load it onto your smartphone.
 
:Sell your old Chromebook and buy one that uses Linux 3.15 or later. Once updated to Chrome OS 69 or later, these have [https://www.omgubuntu.co.uk/2018/08/chrome-os-69-linux-for-chromebooks Crostini], an environment to run X11/Linux applications in a container on Chrome OS. Crostini works on all Chromebook models introduced starting in second quarter 2019, so print out the Crostini list at home or at a library or load it onto your smartphone.
 
;You must be this tall to develop a video game optimized for a TV
 
;You must be this tall to develop a video game optimized for a TV
:Graphically heavy PC games can use Steam Link, and graphically light PC games can use a laptop.
+
:The graphically light games that an indie budget can afford are likely to run on a laptop with Intel graphics. Graphically heavy PC games running on a desktop PC can be viewed on a laptop or tablet on the same LAN through the Steam Link application or a GPU manufacturer's application.
 
;You must be this tall to port a nearly completed PC game to a console
 
;You must be this tall to port a nearly completed PC game to a console
 
:Xbox One [http://support.xbox.com/en-US/xbox-one/apps/developer-mode-activation-app-faq developer mode] costs $19 for individuals who are Windows 10 licensees.
 
:Xbox One [http://support.xbox.com/en-US/xbox-one/apps/developer-mode-activation-app-faq developer mode] costs $19 for individuals who are Windows 10 licensees.
Line 41: Line 43:
 
== Open ==
 
== Open ==
  
*2-factor authentication on Twitter is expensive because the user has to maintain an active cellular subscription to receive codes through SMS. Twitter didn't add TOTP until April 2017, and not only does it require SMS to set up TOTP,<ref>Abhimanyu Ghoshal. "[https://thenextweb.com/twitter/2017/04/17/twitter-now-supports-two-factor-authentication-apps-heres-secure-account/ Twitter now supports two-factor authentication apps, here’s how to secure your account]". ''The Next Web'', 2017-04-17. Accessed 2017-09-18.</ref> Twitter still sends TOTP users a code through SMS on every login.<ref>Jack Morse. "[https://mashable.com/2017/06/16/twitter-two-factor-authentication-major-problem/ Twitter's 2-factor authentication has a serious problem]". ''Mashable'', 2017-06-16. Accessed<!-- 2017-09-18, --> 2017-12-04.</ref> ([https://tech.slashdot.org/comments.pl?sid=11338069&cid=55522395 All in 1 post]) And this number must specifically be capable of SMS; when tested in 2017, Twitter could not place voice calls to a Frontier landline or an AT&amp;T wireless home phone. This affects users in the United States, where pretty much every cellular carrier other than Truphone charges pay-as-you-go subscribers not only for sending SMS but also for receiving SMS. (Cheap unlimited MVNOs have been mentioned<ref>[https://slashdot.org/comments.pl?sid=11630709&cid=55958677 Anonymous Coward recommended TextNow]</ref> but not evaluated.)
 
 
*Games for modern video game consoles don't support community-developed mods. This affects anyone who has played ''Team Fortress'' or ''Counter-Strike'', series that began as mods of ''Quake'' and ''Half-Life''.
 
*Games for modern video game consoles don't support community-developed mods. This affects anyone who has played ''Team Fortress'' or ''Counter-Strike'', series that began as mods of ''Quake'' and ''Half-Life''.
 
*There are only an estimated 105.4 million legally distinct musical hooks, and BMI alone controls a tenth of them. This affected George Harrison.
 
*There are only an estimated 105.4 million legally distinct musical hooks, and BMI alone controls a tenth of them. This affected George Harrison.

Latest revision as of 18:44, 22 November 2019

Some forum users have characterized some of my philosophical stances as "axes to grind". But changes in technology and policy have rendered some of the older stances obsolete.

Resolved

No 4-5" tablet running Android with Google Play as a counterpart to iPod touch
Use a low-end Android phone with no SIM.
2-factor authentication is expensive for prepaid cellular users who pay per incoming SMS
A TOTP app works on a tablet, even offline, and Google Chrome on a PC with USB and sufficient RAM can use U2F keys. And despite a help page stating that it requires a cell phone number,[1] the combination of an Android tablet with Google Play and one-time paper backup codes works as well as of January 2018.[2]
2-factor authentication on Twitter is expensive because you need a separate cell phone line for each Twitter account
This restriction was in place for years, and Jessy called it a major reason why brands get hacked. (Picture of error message) Sometime by mid-September 2016, Twitter increased this to 10 accounts.[3]
2-factor authentication on Twitter is expensive because the user has to maintain an active cellular subscription to receive codes through SMS
Twitter didn't add TOTP until April 2017. And until November 2019, not only did it require SMS to set up TOTP,[4] Twitter still sent TOTP users a code through SMS on every login.[5] (All in 1 post) Users of phone-based 2FA must use a line specifically capable of SMS; when tested in 2017, Twitter could not place voice calls to a Frontier landline or an AT&T wireless home phone. This affects users in the United States, where pretty much every cellular carrier other than Truphone charges pay-as-you-go subscribers not only for sending SMS but also for receiving SMS. (Cheap unlimited MVNOs have been mentioned[6] but not evaluated.) But in November 2019, Twitter recognized the threat of SMS swap attacks and began to allow use of U2F or TOTP without SMS.[7]
Chromebook verified mode runs only JavaScript
Sell your old Chromebook and buy one that uses Linux 3.15 or later. Once updated to Chrome OS 69 or later, these have Crostini, an environment to run X11/Linux applications in a container on Chrome OS. Crostini works on all Chromebook models introduced starting in second quarter 2019, so print out the Crostini list at home or at a library or load it onto your smartphone.
You must be this tall to develop a video game optimized for a TV
The graphically light games that an indie budget can afford are likely to run on a laptop with Intel graphics. Graphically heavy PC games running on a desktop PC can be viewed on a laptop or tablet on the same LAN through the Steam Link application or a GPU manufacturer's application.
You must be this tall to port a nearly completed PC game to a console
Xbox One developer mode costs $19 for individuals who are Windows 10 licensees.
You must be this tall to port a video game that uses buttons to a handheld platform that English speakers are likely to own
Android isn't the answer here, as external gamepads are unpopular due to their bulk and Android's lag.[8]. Make a PC game playable with a keyboard or HID joystick, sell it on itch.io and then Steam, and then once you see $50K in revenue, you will probably have become "this tall". Besides, Nintendo has opened its developer program to the public as of July 7, 2016.
iOS requires a recurring fee to run software you compiled
Xcode since version 7 allows deploying apps built from source to devices on your Apple ID. Any purported recurring fee is to distribute software to the public, to distribute software to others in your organization, or to keep up with new Xcode dropping support for old macOS and new macOS dropping support for old hardware.
The Ken Thompson attack allows a backdoor to propagate to a freshly compiled self-hosted compiler
If a language has multiple compilers, at least one as published source code, diverse double-compiling detects this attack. Other languages can be bootstrapped through an implementation in a language for which a clean compiler can be verified through DDC. For example, use OCaml to compile old Rust and old Rust to compile new Rust.
TLS is too expensive for hobbyists
If your personal website is too small for a $10 VPS, use DreamHost. For the certificate, use Let's Encrypt. If your present shared web host makes renewal every 9 to 12 weeks a hassle, use SSLs.com ($15 for 3 years at a time) to cover the remainder of your hosting contract while you plan migration to DreamHost.
iPhone 7 and later cannot charge and use headphones at once
Use the Zerkar splitter, which allows charging and either Lightning or 3.5 mm headphones at the same time. (Thanks TheFakeTimCook. If only there were the same thing for the Game Boy Advance SP...)

Soon resolved

Android window management is all maximized all the time, leading to an impractical 10 inch calculator
Will be retired once Android Nougat reaches entry-level tablets.
HTML Application Cache was deprecated before all major browsers supported Service Workers
Service Workers[9] allow a web application to run offline, bypassing a desktop or mobile platform's native app store. Among major web browser publishers, Apple was the last to implement Service Workers, beginning to add them to WebKit in August 2017,[10] and they remain "In Development" in the fourth quarter of 2017.[11] Will be retired once the API ships in Safari, probably in iOS 12.

Open

  • Games for modern video game consoles don't support community-developed mods. This affects anyone who has played Team Fortress or Counter-Strike, series that began as mods of Quake and Half-Life.
  • There are only an estimated 105.4 million legally distinct musical hooks, and BMI alone controls a tenth of them. This affected George Harrison.
  • Information security techniques based on whitelisting software sources, such as code signing certificates, can be cost-prohibitive for hobbyists and low-volume software businesses. This affects the_Bionic_lemming.
  • New web browser features requiring TLS, such as the Service Workers needed for offline web applications and the Media Capture API need for voice chat, do not work across a private network because setting up a secure context can prove impractical. This affects greggman.
  • Without ads, a lot of websites would go out of business because they're not sticky enough for a monthly subscription to one site. This affects you and other users of the forum you rode in on.
  • Without JavaScript or WebAssembly, OS-independent rich apps would have to run in an x86 or x86-64 VM instead.
  • Many rural users still can't get wired broadband even in 2017. This affects Guilty and Rahsennor on forums.nesdev.com and TheHappySpaceman on YouTube.
  • Many Seattle residents can't get broadband because of Director's Rules. Though CenturyLink deployed gigabit fiber throughout much of Seattle during 2015, coverage doesn't appear full.
  • Many sites are broken in Safari because not every hobbyist or nonprofit web developer can afford a separate computer just for testing on a 2% browser.
  • Broadcast rights prevent an e-sport based on a proprietary video game from entering the public consciousness the way, say, football has. This has affected several Super Smash Bros. tournaments, most notably one in 2010.

References

  1. "Install Google Authenticator". Google. Accessed 2017-09-18.
  2. Sign in faster with 2-Step Verification phone prompts. Google. Accessed 2018-01-19.
  3. Add your phone number to your account. Twitter. Accessed 2016-09-15.
  4. Abhimanyu Ghoshal. "Twitter now supports two-factor authentication apps, here’s how to secure your account". The Next Web, 2017-04-17. Accessed 2017-09-18.
  5. Jack Morse. "Twitter's 2-factor authentication has a serious problem". Mashable, 2017-06-16. Accessed 2017-12-04.
  6. Anonymous Coward recommended TextNow
  7. Catalin Cimpanu. "Twitter will finally let users disable SMS as default 2FA method". ZDNet, 2019-11-21. Accessed 2019-11-22.
  8. drinkypoo and mrfaithful
  9. "Service Workers Nightly". W3C, 2017-10-13. Accessed 2017-10-13.
  10. Thomas Claburn. "Apple signals it's willing to let next-gen web apps compete with iOS apps". The Register, 2017-08-04. Accessed 2017-10-13.
  11. "WebKit Feature Status". Accessed 2017-10-13.