• 0 Posts
  • 9 Comments
Joined 2 years ago
cake
Cake day: April 13th, 2024

help-circle





  • I don’t see it catching on at all… I think forcing people to record themselves is asking way too much, and not everyone uses the command-line or the same application/machine for everything. Plus they acknowledge that it can be faked and that LLMs can/will get better at faking it.

    Proving a request came from a human is a many-billion dollar task right now, and nobody seems close at all to coming up with a workable solution. The only thing even remotely feasible (IMO) that I’ve seen so far (and which still doesn’t actually prove anything) is charging money for accounts. But tons of people still don’t want to do that, even though it would lessen the amount of bots and make it easier to ban bad behavior if everyone needed an account to access a site. I don’t like that option, but it is an option. Making payments on the web easier (and less tied to the whims of Visa et al) probably also needs to happen.




  • I wouldn’t blanket call the removal of PFS a “failure” as they put it… it does make the protocol much simpler (and hence easier to understand/audit as well) and it’s not always a necessity for every single person’s threat model… which is an important phrase the article doesn’t even mention.

    IMO arguing about security or privacy without both people first defining their threat models… is like claiming apples are objectively better than bananas in every way.