So can the Mercator projection (or any projection really). Why is the author complaining about the California-Japan distance when they can just recenter near there?
i don't think anyone would deny that third party logins are convenient -- either from the user perspective or from the developer perspective. but they are also a huge vector for privacy-invasive ad-profiling, if that's the login provider's business model.
that is true, but that is virtually always because of password re-use. if you use a password manager and randomly-generated passwords unique to each service, this is almost entirely mitigated.
with a single third party login for all services, though, if that third party account gets compromised the results are catastrophic.
> with a single third party login for all services, though, if that third party account gets compromised the results are catastrophic.
The same can be said of the password manager account. It's turtles all the way down.
The fact that we rely on users to not reuse passwords, the fact that using a password manager is all but required to get reasonable security despite being far from convenient, these indicate a major failure to serve the actual needs of users, in my view.
Users have head space for 1-3 strong passwords. They can tolerate carrying maybe 1 security token with them. They can tolerate a little bit of security setup when using a new device for the first time, and they can tolerate a touch or fingerprint scan at authentication time. All authentication systems can and should operate within these parameters.
No web site or app outside of an authentication provider should ever present a user a screen asking them to pick a strong password that they have never used before. That is asking a user to do something that the human brain cannot reasonably do for 99% of the population. At best, a browser or password manager will intervene at that point and pick the password for them. At worst, the user ignores the warning and picks the same password they use for everything else.
> The same can be said of the password manager account. It's turtles all the way down.
What password manager account, what are you talking about? There is never any password manager account, yes, I have heard that some weird people are synchronizing their passwords to some strange 3rd party services but those don't matter. You have one password. Encryption password for login database and that one is local and never transmitted over the internet. If you know a password manager that provides this decryption password to their servers, please open the topic here and they will be bashed to hell for this.
I am a tad more strange, my password manager is synchronized with my sftp server using private key and I am not only randomizing the passwords for each site but also the email address (imagine sha(user+salt) + delimiter + sha(domain + master password)@mydomain.com). And I will never in my life use any SSO as they are mostly spyware designed for tracking users across the sites and certainly not for what they are advertised for. They will break with firefox latest addition? FINE! At least people will stop using them.
One thing are companies self hosted SSOs. Sure, I can trust those for company services. For anything else, like "login with google" or "login with facebook"? Yeah right, my hearth is jumping out of joy and barely waits to use it. It actually works in reverse, if you dont allow me to register using non SSO account (email, password) I wont use your service/webpage/whatever.
It doesn't for corporate usage... having to create accounts for every new employee on every service you use, and then remove those accounts when someone leaves is not scalable. Having SSO is needed.
I use 1Password (and the browser extension) for all my passwords, but I still choose "Sign-in with Google" when that's an option.
The "Sign-in with Google" button is makes it much quicker to create an account and slightly quicker to log in.
Also, I can rely on my Google 2FA rather than setting up and filling in a different TOTP for each site. Something like U2F or WebAuthn would make the filling-in part more convenient, but even sites that offer 2FA usually don't offer those. (And many sites don't even offer 2FA.)
Using 1Password's 2FA feature would make TOTP more convenient, but I'm a little nervous about putting 2FA in 1Password. This might be overly-conservative thinking, though.
I agree it can be super convenient, though 'Sign in with Google' is totally broken for me, because I've accumulated a handful of google accounts.
Every time I log in to a service, I have to guess which account it's associated with (bearing in mind I may have signed up years ago). And if I'm wrong, half the time it immediately attempts to create a new account, and then I'm stuck with a bunch of empty dummy accounts on various services.
The real evil here is that the surcharges are "all on top of the price that regulators have agreed customers should pay for their electricity service."
Utilities support basic human necessities. We need power for light and heat. When the base cost for these necessities rises (to subsidize infrastructure projects), the poor are the hardest hit. And the fact that these governments are essentially "hiding" taxes inside of utility payments is outrageous.
The proper way to help the poor afford utilities is to just give them cash, or pay for the utilities on their behalf with cash. Obfuscating prices distorts the market, and that leads to opportunities for corruption and inefficient allocation of resources.
I agree that the power and distribution infrastructure hold special status as utilities, subject to whatever regulations as needed since it doesn't make sense to run wires from 5 different sellers to each home.
What I am saying is the price of a utility (or anything) should not be based on how much a person earns. If the utility needs to raise prices to cover their costs, they should raise prices. If the government wants to help poor people, the government should give cash to poor people, or pay the utility on their behalf. But the price of whatever is sold should not be masked.
And if the utility needs to raise prices, they should be raising the prices, not adding fees. I can understand splitting out the cost of delivery vs cost of generating electricity, but beyond that is just unnecessary confusion for a buyer.
Why are human missions so much more costly than robotic missions? Answer: Life Support.
If our (very) long-term goal is to stake humanity's claim on other planets/asteroids/etc., then it makes sense to work on improving and expanding Life Support capabilities in harsh environments. I see it as an investment in the future -- it may not seem to have immediate benefits, but these are key milestones and steps for reaching the ultimate goal.
It's not really the life support. It's the lower risk tolerance, the need to bring people back and the tyranny of the rocket equation.
You can just abandon a robot on Mars. But if you want to send people to the Moon or Mars you will need to send them with a spacecraft and fuel that will allow them to return. The tyranny of the rocket equation then forces you to build extra large rockets like Saturn V, SLS or Super Heavy Starship. You need exponentially more fuel as you increase payload mass in order to have the same capability.
SpaceX solves that with refueling in low Earth orbit, that allows to scale rocket fuel needs linearly with regard to payload instead of exponentially. And with refueling at the destination in case of Mars. But the need to bring fuel with you is still a big limitation for the Moon missions.
> SpaceX solves that with refueling in low Earth orbit, that allows to scale rocket fuel needs linearly with regard to payload instead of exponentially.
I don't think that's the case. The rocket equation has the delta-v under exponent, not the mass ratio. Fuel mass scales linearly with payload in any case.
I don't think orbital refueling changes any scaling laws. It just means you can launch several small rockets instead of one huge one. Total mass launched stays approximately the same.
> But if you want to send people to the Moon or Mars you
> will need to send them with a spacecraft and fuel that
> will allow them to return.
Though you are correct for political reasons, there are more than enough people willing to take a one-way trip to Mars. I'm one of them. I love my family, but they know that if Patrick Forester calls me one day because he has only enough O2 for a one-way mission, I'm going.
I'd even go if the mission was to see which of the radiation, CO2, microgravity, nutrition, heat, or isolation kills me first, to improve that for the next bunch. I feel that the goal is that important. Lots of others feel as I do.
> "The Sola TS became concerned about the situation. However, because the Ingstad wasn’t showing automatic identification system (AIS) data, initially neither the Sola TS nor the traffic station on shore could identify the frigate to warn it of the imminent danger."
I will briefly add that Indonesian food is massively popular in the Netherlands ("East Indies" being a former colony). Rijstaffel [1] -- literally, "rice table" -- is a national specialty that is celebrated by the Dutch, although I will admit that the history of the meal is rooted in that former colonialism.
Well, Netherlands is a special case, of course. But relatively unknown compare to korea/thai/japan. These country population is much smaller than indonesia yet their cuisine is everywhere.
They are, it's one of the reasons they [Nielsen] bought Arbitron back in 2013. The PPM devices use low-frequency tones encoded into the audio stream at the time of broadcast.
To add to this (and to refute a specific example brought up in the blog post): "learning ops" is not a way to reduce the complexity of software deployment. In fact, Docker exists specifically to solve that exact problem -- in net, it reduces the complexity and challenges of deployment in distributed systems.
Some complexity is unavoidable due to a project's scope and requirements -- introducing new complexities can oftentimes reduce the overall complexity of the system.
Complexity comes about when systems integrate too closely. If you're running multiple systems in the same environment, eventually, they have to work around each other, or it leaves the temptation to take advantage of what's there anyways. Docker establishes firm boundaries and reduces the cognitive load of the developer and ops teams.
