Technology

59232 readers

3876 users here now

This is a most excellent place for technology news and articles.

Our Rules

Follow the lemmy.world rules.
Only tech related content.
Be excellent to each another!
Mod approved content bots can post up to 10 articles per day.
Threads asking for personal tech support may be deleted.
Politics threads may be removed.
No memes allowed as posts, OK to post as comments.
Only approved bots from the list below, to ask if your bot can be added please contact us.
Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago

MODERATORS

287

Google will now make passkeys the default for personal accounts (arstechnica.com)

submitted 1 year ago by Tibert@jlai.lu to c/technology@lemmy.world

189 comments fedilink hide all child comments

Passkey is some sort of specific unique key to a device allowing to use a pin on a device instead of the password. But which won't work on another device.

Now I don't know if that key can be stolen or not, or if it's really more secure or not, as people have really unsecure pins.

you are viewing a single comment's thread
view the rest of the comments

[+] lloram239@feddit.de -8 points 1 year ago (1 children)

An online authentication system is quite literally the one central thing your whole digital life depends up on. If it's broken, it can completely f'up your life and remove you from existence in the digital space. So there is extremely good reason to be skeptical when big-company tries to force you into a new thing. Especially when said big-companies have a history of f'n things up on purpose (remember G+ forcing real names on everybody and bundling previously unrelated accounts into one monolithic one?). Or take HTTPS, which was sold us with "bringing more security", when what it actually did was kill large chunks of the open and self-hosted Web.

[–] robotica@lemmy.world 11 points 1 year ago* (last edited 1 year ago) (1 children)

Are you seriously arguing against HTTPS?

[+] lloram239@feddit.de -7 points 1 year ago* (last edited 1 year ago) (1 children)

Yes. It's one of the major reasons why the Web turned into a cooperate controlled hellscape. Note, I am not arguing against encryption, just against HTTPS crappy implementation of it. It's also going to get even worse with QUIC.

[–] spiderplant@lemm.ee 1 points 1 year ago

HTTPS is definitely not a major reason the web turned corporate. It has its problems for sure though.

Look at Gemini if you want an example of a decent web ecosystem that has HTTPS as a requirement for the protocol.

Gemini benefits from two things that the web has lost:

small size: just like the web was once small, Gemini is still too small for any copos to consider it as an option to push their content or services although I believe there has been some small examples of this being tried.
simple browser spec: Gemini benefits from having a number of browsers, none of which implement anything as interactive or insecure as JS(mime types other than gem text tend to be opened by other applications) and no one browser is influencing the spec for their own goals. This means all Gemini content is static once loaded by the client. No injected ads, no scraping of data and no hijacking of the tech by private companies.