I mean, isn't the idea from them that you have 2 or more of them?
Shure not everybody does that and some sites don't really support that but thinking about this concept of having "physical key s" to your data makes a lot of sense to me.
Don't know how this change will affect my trust in the concept
> I mean, isn't the idea from them that you have 2 or more of them?
So now I need to buy an extra phone from a different manufacturer than the one I already own, or sign up for another paid service? I’m starting to see what their motive might be now.
Is it even a requirement of the passkey standard to allow the user to create more than one passkey for your website?
As any kind of key you need to be able to replace them after you lose them (think of a flood or a house fire) so either:
1. You accept a non-trivial risk to be locked out forever of what you used those keys for
2. You still have a password login to revoke/create keys
3. You invest in enough redundacy to never lose all of your keys
IMHO only 2. is viable and then keys are just a different implementation of a password manager.
My keychain has two physical keys, and these change only every time I move.
Of passkeys, I have quite a bit more, with new ones added at least every few weeks. That makes them much harder to physically or even logically replicate one by one.
> My keychain has two physical keys, and these change only every time I move.
How often they change is irrelevant, the point is how you would recover them.
> Of passkeys, I have quite a bit more, with new ones added at least every few weeks. That makes them much harder to physically or even logically replicate one by one.
But what is your plan if you lose them? either you plan to never lose them (3.), you have a way to replace them (2.) or you accept the risk to get locked out (1.)
> How often they change is irrelevant, the point is how you would recover them.
How is it irrelevant if I can only use my recovery authenticator for the services I’ve enrolled it in, yet enrolling multiple physically separated authenticators is a huge pain practically?
It’s like changing the locks on various doors in my house every other week and trying to have a copy of all keys with friends or relatives living out of town.
Isn’t the whole point of a passkey that it’s meant to use a chain of trust to prove that you’re you via biometrics or a physical factor? I’ve read that they’re intended to remove the need for 2-factor authentication because they are both factors, which implies you shouldn’t be allowed to reset them.
Resetting 2-factor authentication by proving access to only one factor (email) defeats the purpose of requiring 2 factors. If they can be reset via email, they might as well not exist at all. Even if we assume that nobody other than the user has legitimate access to the emails sent to the user (which is often untrue), emails can be trivially intercepted by a third party.
Not to mention that if I’ve lost access to the device where I am signed in to my email account, I won’t be able to access my email account to reset my passkeys anyway, because access to my email account would also require a passkey that I no longer have.
> Isn’t the whole point of a passkey that it’s meant to use a chain of trust to prove that you’re you via biometrics or a physical factor?
No actually! The biometric auth is more of a “liveness check” than anything else.
The point of passkeys is to replace the primary factor — the password — with a new primary factor that isn’t fundamentally “broken” in the ways passwords are. Password hashes can be stolen from servers, users frequently reuse them across different services, they are frequently very weak, and they are phishable. In contrast passkeys are guaranteed to be strong, unique, and there is nothing worth stealing from servers for attackers (only a public key).
Many websites are using passkeys not as a primary factor, but as the second factor, or as both factors. That implies that they are meant to serve as some combination of “something you are” and “something you have”. The fact that you logged in with one by using biometrics proves both that you are you and that you have your phone. They’re certainly not “something you know” because they are designed specifically so that you are not allowed to know them.
Allowing both “something you are” and “something you have” to be reset simultaneously via proof only of “something you know” (the password to your email account) means that once that reset happens, you’ve gone from two or three factors to one factor.
Allowing passkeys to be reset by email is not compatible with using them as anything other than the primary factor. If you’re using them as both factors, you’d get equivalent security if you implemented sign-in via only magic links. If you’re using them as the second factor along with a password, but you allow them to be reset via email, you actually only have one factor.
Thats not how piracy in germany works. Torrenting for german content is quite uncommon. Normally the pages either point to sites hosting a streamabale version of the video content or point to a external file hoster (e.g. Rapidgator).
> Torrenting for german content is quite uncommon.
Obviously, because, as the chain of comments above your shows, torrent users are easily caught and get fined to hundreds of euros per downloaded movie. Then they stop using torrent and tell all their friends about the experience. This has been going on for more than a decade, maybe two. So by now, German culture has adapted and people don't use torrents.
The cease and desist fine (about 900 euros these days) is what the lawyer wants. Max return on investment for a single letter. You don’t have to react to this letter which will bring about the second letter with the generous offer to pay less, this repeats until around 340 Euro are reached.
Then you may get a court order that states what the lawyer accuses you of and this you have to react to. The court just states this and gives you 2 checkboxes. If you check the one saying “I reject the accusation completely” the lawyer needs to decide. He invested some 40 euros into the court order but going to court is a different ballgame and not his main business model so they have to weigh the chances.
The owner of the router that the file went through is responsible for access to the router. Since the owner has so far not said anything to his Defence there is a possibility that multiple people including family members had access to the router and the lawyer might, in court, be presented with a list of people and their addresses which satisfies the defendants task to erschütter the accusation for the court and leave the lawyer with the option to figure out whodunnit or rather who in the list is going to fold and pay.
This is really not his business model. That said they do go to court and people get sentenced to pay the fine.
Years ago I did exactly this by modifying my client to never seed/share, and also to fake my reported sharing stats so the private trackers wouldn’t boot me for failing to share.
Those were the days.
Now, I no longer fear the ISP or copyright holder chasing me (seems ISPS and laws moved on where I am) and don’t bother with modifications any more.
There are some services where you send a torrent file/magnet link and it’ll download the file for you, so you can download over HTTPS. I believe those particular services intentionally don’t reseed.
That's a very technical nitpick — GP's general point ('Obviously, because, as the chain of comments above your shows, torrent users are easily caught and get fined to hundreds of euros per downloaded movie.') stands.
You are downvoted, but from my experience, you are pretty correct. Most people I know will use a streaming site, then sharehosters (good old boerse comes to mind - Megaupload, Rapidshare and Uploaded were the big hosters I remember)
I even know of more people using Usenet then torrents! The amount of work to use torrents safely just isn't worth it for most people.
They are downvoted because it was an obvious and low-quality statement, as another comment outlined. Torrents publicly expose IPs and thus can be seen by copyright Nazis, but streaming/direct downloading has so far been safe.
True but it is possible for them to capture one of these sites and go through the logs to check for IPs. So it would be best to use these with a VPN also.
I'm not aware of this having happened for movie downloading but it has happened to data breach forums, the police in Holland have contacted some downloaders there after they took down a platform (raidforums): https://tweakers.net/nieuws/208638/politie-mailt-duizenden-n... (in Dutch, sorry)
So it's not unprecedented and certainly within the legal realm of possibility even though this is a different country.
On January 26th, Mirantis made Lens closed source.
I personally found it to be a useful tool, as it provided a good overview of existing Kubernetes clusters and easy access to them. Since I used OpenLens, I did not notice the license change and the removal of the source code until now.
Would love to hear about alternatives or best practices for cluster management below.
I’m sold, just bought a license - we just deployed our first multi cluster application and constantly switching contexts has started to drive me up the wall. Thanks!
Also interested in other tools. I don't mind working on the command line but Lens (and OpenLens later on) has been my tool of choice for keeping an eye and managing on our K8s stuff.
We have been working on an alternative project for several months, and will open its source on April 22nd. I truly believe this project will keep open source forever, it will be a project backed by CNCF Foundation, hope you can give a try after we open its source.
We have been working on an alternative project for several months, and will open its source on April 22nd. I truly believe this project will keep open source forever, it will be a project backed by CNCF Foundation, hope you can give a try after we open its source.
Some Lights are buggy and the fix is not yet out.
Also Highlighting Tracks based on a fitting Key is only availible in the Alpha Branch of the software, which obivously has lots of other issues.
Besides that its an easy software which can handle all of my other feature requirements and it runs really nice.
So i would really recommend it ;)