this post was submitted on 04 Dec 2023
111 points (100.0% liked)

the_dunk_tank

15910 readers
19 users here now

It's the dunk tank.

This is where you come to post big-brained hot takes by chuds, libs, or even fellow leftists, and tear them to itty-bitty pieces with precision dunkstrikes.

Rule 1: All posts must include links to the subject matter, and no identifying information should be redacted.

Rule 2: If your source is a reactionary website, please use archive.is instead of linking directly.

Rule 3: No sectarianism.

Rule 4: TERF/SWERFs Not Welcome

Rule 5: No ableism of any kind (that includes stuff like libt*rd)

Rule 6: Do not post fellow hexbears.

Rule 7: Do not individually target other instances' admins or moderators.

Rule 8: The subject of a post cannot be low hanging fruit, that is comments/posts made by a private person that have low amount of upvotes/likes/views. Comments/Posts made on other instances that are accessible from hexbear are an exception to this. Posts that do not meet this requirement can be posted to [email protected]

Rule 9: if you post ironic rage bait im going to make a personal visit to your house to make sure you never make this mistake again

founded 4 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 15 points 11 months ago (1 children)

ummm have they heard of 'passkeys'? like that thing that solves all these issues without any biometrics and personal information and cant be stolen as easily? like one login on a malicious device, and boom all your biometric data is now in the hand of the attacker. physical passkeys? good luck compromising that lol

also yes, this is obviously so cops can get to into your stuff and company's can collect your biometric data

[–] [email protected] 9 points 11 months ago* (last edited 11 months ago) (1 children)

to be fair the way most fingerprint scanners are implemented it isn't possible to extract the actual fingerprint (that I know of). but with a malicious device I guess they probably could procure a different type of scanner

Agreed tho I will stick with a master password I know and a hardware token that I have, probably until I die, unless something way better comes out that doesn't allow legal compulsion

[–] [email protected] 7 points 11 months ago (1 children)

that true, and i guess it is worth mentioning that many physical passkeys use fingerprint scanners. the only difference is that your fingerprint never gets send on the internet at all

[–] [email protected] 6 points 11 months ago

yeah, once you get into identifying users across devices with fingerprints I get way more skeptical. But local-to-device fingerprint scanners usually just generate and match identifying material internally, if anything goes to the host OS it's just like, a hash or something, iirc.