"Difficult to recover from" was referencing setting all of your accounts back up. I should have also included "lost" and "broken" to make that more obvious. Many hardware (most? all?) passkeys do not allow for backup and restore.
But I do see an issue with stolen hardware passkeys being used for access too if they're a primary factor. With the mitigations you mentioned hopefully holding up.
They will almost certainly lead to vendor lock in. Why do you think they won't? Apple's password manager is definitely an example of vendor lock in. Many others have a simple to use export feature to CSV or something that others can understand
Edit: it could be that you don't know what the WebAuthn/FIDO2 specification says or we understand it differently? Do you know how the attestation mechanism works? That ties the key to a device or software authenticator (the software authenticator is likely going to tie it to the device somehow, possibly even via a TEE).
There is no full stop there... A password that is sufficiently long will never be cracked no matter the hashing algorithm in use. Passwords are easily transferrable and can be communicated to a third party in the event of an emergency. They also provide tunable security, where you can trade off security for convenience if you want.
Some (not all, I know) passkeys are tied to a device. Stolen device means stolen passkey, and it's potentially very difficult to recover from that. Passkeys are also locked to a certain standard, passwords have no such restrictions.
Tbh I don't understand the move for passkeys replacing passwords. They should become the second factor when a user wants additional security. They're perfect for that niche.
It's interesting what people expect of Proton Mail. I've used it for a long time but for only one reason really: their revenue stream is my subscription and not ads. I've never even given a second thought to all their encryption claims. Even with Proton Mail if I ever wanted to send a "secret" email I'd wrap the content in my own personal keys.
With respect to IP addresses of email logins, I'm surprised they ever claimed they don't have logs. You've always been able to review the IP of a login through the web UI as far as I remember. Was the idea that that was also supposed to be encrypted?
Personally I'm OK with them complying with court orders, but I understand that "the definition of criminal is state defined" and that poses serious issues. It kinda seems like if you want to do something that could be considered criminal at some point in your life by your country you should consider something other than a 3rd party email provider for those messages. Signal would be a step up in that regard if you still wanted to use a third party.
Security is constantly used as a guise for removing consumer rights and as someone who has been in the security industry for about 9 years I'm so sick of it.
First and foremost, everyone please understand: the user should be allowed to opt into your concept of insecurity: you do not know their threat model and you do not know their risk tolerance.
Using exploits in low level drivers in the wild is approaching APT level, and even if there were a simple one to use it'd likely be useless without some sort or local access to the device (bar some horror show bug in a Bluetooth or WiFi firmware). The risk is incredibly low for the average person. I'd put it pretty close to 0.
Wire transfers aren't instant and for large sums (your inheritance) the banks will likely require more than just a request from your app. If the bank cares about that then they can also use the attestation APIs which would be more than sufficient, as much as I hate them.
This boogey man of the APT going after my technologically illiterate with nation state level exploits needs to die. Long ago we entered a new era of security where it just isn't worth it to waste exploits. Especially when you can just text people and ask for their money and that works plenty well.
Security is not a valid reason to soft brick consumer devices at some arbitrary end of life date.
The coordinated strike had an immediate impact. Millions of people in Dubai and Abu Dhabi woke up on Monday unable to pay for a taxi, order a food delivery or check their bank balance on their mobile apps.
I honestly can't tell if this paragraph is supposed to be satirical.
Congress please dear god grow a spine.
Look at this person over here using branches, show off
JavaScript alone is not a simple beast. It needs to be optimized to deal with modern JavaScript web apps so it needs JIT, it also needs sandboxing, and all of the standard web APIs it has to implement. All of this also needs to be robust. Browsers ingest the majority of what people see on the Internet and they have to handle every single edge case gracefully. Robust software is actually incredibly difficult and good error handling often adds a lot more code complexity. Security in a browser is also not easy, you're parsing a bunch of different untrusted HTML, CSS, and JavaScript. You're also executing untrusted code.
Then there is the monster that is CSS and layout. I can't imagine being the people that have to write code dealing with that it'd drive me crazy.
Then there are all of the image formats, HTML5 canvases, videos, PDFs, etc. These all have to be parsed safely and displayed correctly as well.
There is also the entire HTTP spec that I didn't even think to bring up. Yikes is that a monster too, you have to support all versions. Then there is all of that networking state and TLS + PKI.
There is likely so much that I'm still leaving out, like how all of this will also be cross platform and sometimes even cross architecture.
I'm so sick of this; that wasn't her platform. People constantly saying that was her platform stopped people from actually looking at her platform. I'm so sick of Dems that think they can just not vote because they don't fall in love with their candidate. Politics is practical and the USA just shit the bed and it will have a real impact on the world. All of the Dems or left leaning people who didn't vote are complicit.
Async features in almost all popular languages are a single thread running an event loop (Go being an exception there I believe). Multi threading is still quite difficult to get right if the task isn't trivially parallelizable.
I imagine the low level form of each model being free indefinitely, possibly ad supported. It's already probably becoming the most consistent "we're pretty sure this is from a human" training data they have.