It is hard to do well which is why I worry. Google probably has the best overall account security, you could fo worse than modeling after them.
The short answer to your question is Passkeys. But you need a whole system of account recovery around them.
I love Lemmy and Voyager and the Fediverse. That said, if it were to become mainstream I forsee some problems. The fact that the login relies on only passwords is pretty terrible. Also, this makes the service vulnerable to bots, sock puppet accounts, brigading, etc.
What are you scared of?
If you are worried your parents will see your browsing history, that is you threat model.
If your concern is government surveillance, you need to do more than just clear your browsing history.
I feel like OP missed an opportunity to title this post “Fedora Flatpaks Fall Flat”
Great article, BTW
Looks like this happened:
OpenSSH server has had built-in support for WebAuthn keys since 8.2.
According to Framework support, there are no supported models as of yet.
I have a Framework 13 AMD running Linux Mint. It works great and I love it. Modular IO ports are super nifty.
Here are the downsides as I see them:
I expect 2&3 will come in the future and I can upgrade! The fact that I can upgrade rather than throw it away in the future offsets 1.
What type of key do you have. Yubikey 5 supports multiple protocols including some you can use with SSH:
SSH would need to implement webauthn to support FIDO.
Secure can also mean more resilient. The infosec C-I-A triangle has three legs. Confidentiality, Integrity and Availability. Immutable distros are more resilient and thus offer better availability in the face of attacks or accidents.
I like S3 because I only pay for what I use and it has auto storage tiering.
So what’s the deal with the crows?
So influencers will replace journalists? What could possibly go wrong?
Awk is a turing complete programming language.
While there is no system for monitoring the companies, experts can reverse engineer the apps and debug the devices. Thusfar, experts who have done this have found no evidence of these types of activities. All the evidence is anecdotal. I believe if this was a widespread practice, evidence would have been uncovered by now and we would have been reported on widely.
The implication here is really scarier than if they were listening to our conversations. It means they do not need to listen to our conversations. The telemetry they already have is so good that in many cases they know what you will say with such high degrees of accuracy that people assumed that they had to be spying on their conversations.
Either way, we need to demand an end to this unprecedented mass surveillance.
I got ISDN from work in 1995. MSN was my ISP for some reason. It was glorious! In FPS shooters I had a 30 ping while everyone else had 200. I was a beast !
The reason it has gotten so expensive is that the lake they use to flood the locks is dangerously low. Thing is that lake is also their main source of drinking water. So there is limited capacity unless you deprive the Panamanian people of drinking water. It is a complex issue, and bluster and threats will not make it any better.
Who would buy this and how would they monetize it? In browser ads? A freemium paid model to remove the ads?
How would that work exactly? Google would sell Chrome but keep paying teams if developers to work on Chromium?
Do you have a few minutes to learn about our lord and savior Linux?
Go read the FIDO threat model if you want to understand how it protects against specific attacks. It is pretty secure.
https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-security-ref-v2.0-id-20180227.html