Had my revenge. Last week I failed to reach the summit the long way, but today, on another beautiful spring day with millions of wildflowers, I did. In spite of walking in full view of the Bay Area, for something like 2 hours I was entirely alone on the trail, not counting some cows, birds and insects. About 4.5h round trip including lunch, ~2000 ft up from the parking lot. Ed Levin Park, Monument Peak.
If we were to have single-sign-on across several instances/apps in the #fediverse, what does this do to Fediverse handles?
Let's say I want #sso across a Mastodon account on masto.example and an OwnCast account on own.example. Do I pick one of those and use it at the other, so I log into OwnCast as @j12t@masto.example? Or is this simply treated as a synonym for, say, @johannes@own.example, and I could also use @johannes@own.example to log into my account at masto.example?
Obviously these are hypotheticals, no such code exists.
If we were to have single-sign-on across several instances/apps in the #fediverse, what does this do to Fediverse handles?
Let's say I want #sso across a Mastodon account on masto.example and an OwnCast account on own.example. Do I pick one of those and use it at the other, so I log into OwnCast as @j12t@masto.example? Or is this simply treated as a synonym for, say, @johannes@own.example, and I could also use @johannes@own.example to log into my account at masto.example?
@J12t it may not be the right solution for the fediverse, but I think the natural way to have a portable identity is to have the definitive identifier be the public key. Then any account at a particular host amounts to an alias to that key, and signing on consists of proving that you have the corresponding private key. It would lose the convenience of having an ID that you can directly use for communication, but until communication isn’t host-specific that’s built in to portability
@J12t The only way it can work now would be for you to create other accounts on eg Pixelfed, Lemmy and tell those instances to use OAuth and your Mastodon account to authenticate (perhaps using rel=me to nominate where to get authentication from). You’d need some way to regain access of your Mastodon instance disappears. None of these services support OAuth like this. Yet.
I certainly can believe that a 21 year old can be a good systems or network administrator. What I’m baffled about is that apparently highly classified documents live on that network in a form that allows the sysadmin to view them in clear text. Why?
The "Good people at about.me" (yes, that's what they sign their e-mails with!) apparently think they meet the letter of the law by auto-subscribing me to an unknown number of separate mailing lists and simply send me marketing e-mail from the next list if I unsubscribe from one.
Can somebody explain to me how a 21 year old of any kind can have access to strategy level classified information of any kind?
Maybe they can have access to classified information about the electronic box in their tank they have been taught how to repair, but even that is a maybe in my book. But big picture info on an active war zone?
Disclaimer: I have no experience in either the military or government
My understanding is that you can have clearance to access something, but without the "need to know." Just because you have the ability to access something doesn't mean your allowed.
I’ve been thinking for a while that a number of people who suddenly seemed to be very concerned about free speech — often to the exclusion of paying attention to anything else at the same time — were played. Because free speech, for a whole range of parties, was and still is a smoke screen. And a very good one at that, because it lets their “cause” be supported loudly by their very opponents. Until they accomplished what they wanted. #unpopularopinion
@J12t It's not a bad idea IMHO but I'd rather see it happening on a per-project basis, or even per repo... They could run their own instance and create a "user" for each project or repo that wants it to send out the feeds... An option to filter from the source might be good as well.
I so hate programming languages that aren't extremely picky about syntax at compile time, or as early as possible. Nothing worse than the language silently deciding "he probably meant X" when it was a silly editing mistake and being wrong. Argggghhh.....
Who is going to IIW in Mountain View CA next week? (Internet Identity Workshop --iIt's an unconference that brings all the digital identity people together across the industry.)
I think I will run a session on #identity and the #fediverse, to explore what we could do to get #sso across the fediverse using current best identity practices. Join me?
Would authors dealing with (human) name collisions and automated responses to collisions, but who aren’t technical, find this useful? (Just saw a toot from someone dealing with this w Amazon.) @J12t
Question: for those of you who have more than one #fediverse account -- like accounts on several #mastodon servers, or also accounts on #funkwhale, #mobilizon, #boowyrm, #pleroma, #pixelfed, #peertube#owncast etc -... Would you prefer to show to the world they are all yours (e.g. by connecting them with rel=me links) or keep them entirely separate so nobody can tell it's you on Mastodon who listens to that music on Funkwhale, say or reads those books?
@J12t for me personally, it would be great to be able to link them. Each serves its own purpose, yes, and I retoot on my main (mastodon) account from them as a central "feed" type thing.
Giving the person the option to see where else I am, but actually just decide they don't care about my toots but love my photos or book choices to follow the other account(s) instead
@J12t I do both. I do have multiple accounts on Mastodon for multiple personas, et I also have a bunch of accounts on different platforms (#peertube, #pixelfed, #mobilizon#lemmy and some more obscure things)
Morgan Stanley, in response to my #CCPA data access requests, makes me create an account (childhood friend! First pet's name!) in order to let me download a PDF file that only says I need to e-mail them my government-issued identity document.
The "secure website" with the PDF proudly claims "digital signature is VALID" (whatever that means), has a Reply button, and the disclaimer: "Emails ... will be deleted without response."