diff --git a/src/script.md b/src/script.md index 3b1ae7e..ce707c6 100644 --- a/src/script.md +++ b/src/script.md @@ -198,6 +198,51 @@ because again, if a victim will be phished, and give their password to a malicio [setting: void] [transition: once elevator doors close; "all muzak radio presents: the most irritating possible configuration of sound waves, a joint collaboration by creed and nickleback." and then have an image of nails on a chalkboard, but subtitle: "muted for your nonlistening pleasure".] +### the war on passwords + +*i* will ask the question not enough others will. +Why is there a "war on passwords?" + +because society is dictated by incompetants. + +ok let me elaborate. I've said it before and I'll keep saying it: the way *you* will get hacked is you will be phished. +A third party will have you bypass your security to take control of your credentials. +There's the old fashioned deposed nigerian prince scam. There's the classic "leaving your device behind, unlocked" issue. +Do the kids still have fun pranks for that? Back in my day we'd take a secreenshot of the desktop, rotate it upside down, then switch the desktop to not show icons or the taskbar, make its background our screenshot, then go into display settings and flip the monitor to upside down. Cynically, I imagine current versions of windows don't have advanced options like that anymore. + +anyway, the point being; at no point did anyone mash their keyboard fast enough to guess your password. That isn't a thing, and it hasn't been a thing for longer than most of us have been alive. +if you've ever worked in a painfully corporate office, it's much more like "tailgating" - where you scan your badge to open the door, then some infiltrator walks through the door you opened for them. Much like how in real life, spies are not james bond. They're some rando in a bar who buys you a beer. +but. +If i tell an employer it's cyberpunk out there and i'll protect their property from those who would traverse the blackwall... that makes them feel much cooler than what would actually be effective in real life; nagging people to see their hall pass. + +so the world takes all kinds of measures to say "no, boss, it's not that you're an overgrown child who put his password into a banner ad that said he's the millionth visitor the moment he was left unattended... it's the passwords that are the problem." +our indifferent tech overlords are *constantly* acting like passwords are an undue burden on us poor fools, so if we use some technology that they themselves don't understand, *then* we'll be safe. +and, as ever, let's look at how facebook fucked it all up. +[https://nuangel.net/2024/10/does-facebook-store-passwords-insecurely/] +facebook's own security team says they will intentionally accept something other than your password in place of your password. +and that they consider this a good thing. + +Anyone who needs to be told that that's incredibly fucking stupid is beyond salvaging. + +But on the bright side, you and I can officially say we are more qualified cybersecurity experts than the combined efforts of a now-TRILLION DOLLAR COMPANY. + +How about google? here's me trying to get an API key so i can upload videos to my own god damned channel, and possibly dare to dream of pulling comments too. +Not allowed unless you use 2-step. And google authenticator doesn't count, i guess google doesn't actually believe in it. +Don't worry, you won't ever have to use one of those licentious and sinful passwords, stored in your browser... if you switch to a passkey stored in your browser. +Totes different, trust me bro. +oh well, guess i'll have to do whatever everyone else does. + +and just for some icing on the cake, *fucking gmail* is saying "hey give us your *real* email address, from a *real* email provider. Just in case." + +because again, the issue google has with passwords is that I can take my password and leave. But if i soulbind my entire life to my cellphone number, google can contact me, directly, whenever it wants. +[https://www.youtube.com/watch?v=_lNJIpn1Pcg] + +as ever i remind you; whatever a tech company says you must do, imagine me saying the same to your daughter. +There should be no special pleading for an indifferent, amoral amalgamation of parasitic interests. Even moreso one that has enough money to be effectively above the law. +[computer skit; something like typing into google "c-suite executive arrested for crimes", and have the search result do the thing like when it helps your spelling, but it's "let me stop you right there. lmao."] + +### the real question + it is time at last. Let us get to the bottom of the true question. [alt vo] will this make me more secure?