Isn’t this functionality already built into the default web UI?
Isn’t this functionality already built into the default web UI?
But when you have a problem, you complain to your representative that represents your area and knows all the details. That’s a powerful thing.
In the UK at least there are a lot of seats that are swung by those holding them rather than their party.
That way still ends up with candidates that you didn’t vote for though, the ranked choice method means you always have a vote in each round.
In any round though you only have 1 vote still, it’s just collecting the votes ahead of time? The only thing you lose is knowing who is in each round in advance?
In your example, wouldn’t the same candidates have been knocked out in each round regardless?
I was more thinking https://en.m.wikipedia.org/wiki/Deccan_Traps
More than 1 million cubic kilometres of lava. Enough gasses to cause a mass extinction event.
Ugh, life took ages to get started. Lazy bacteria!
It’s still a hell of a long time if you consider that the entirety of recorded (ish) history is only a few thousand years long.
Updated comment to remove an order of magnitude.
It’s not X turning into Y when it comes to evolution. There were all kinds of different dinosaurs, that evolved I to all kinds of different niches. Most of those then went extinct due to rocks falling from the sky, or the entirety of India turning into a huge volcano etc.
So it’s not that a T-Rex turned into a chicken, it’s that T-Rexs lived alongside other dinosaurs that developed feathers and filled more niches etc. those that survived eventually became birds. (Have you ever seen an Emu up close?!? No wonder the Australians lost to them 🤣)
Disclaimer: I have no specific knowledge. Also, remember this happened over (billions? hundreds of millions) of years.
Other comments about just not noticing feathers are valid too.
A) discord
B) make friends with one person that does this or plays with other groups, then join them when they are playing with others
oooh, ty
they just send a OTP to your email with the idea that you should be keeping your email secure (and that email providers are more secure than they can be)
The whole site seems like a PoC - the accounts don’t even have passwords! (I could actually kinda get on board with this)
You can probably get the URL for a companies SharePoint pretty easily, but you need a login. You are able to get a PAs credentials through a phishing link etc but need the 2fa code.
You do the IT phishing attack (enter this code for me to fix your laptop being slow…), get them to enter the code and now you have access to a SharePoint instance full of confidential docs etc.
I’m not saying it’s a great attack vector, but it’s not that different to a standard phishing attack.
You could attack anything that’s using the single sign on. Attack their build infrastructure and you now have a supply chain attack against all of their customers etc.
It helps but its not enough to counter the limits of human gullibility.
It requires the bad guy to go to the page and ask the user to enter the code the bad guy gets
It’s not that different is it? You still need to get a user to share/enter a live code?
From a practical PoV - most people have their phone on them all the time. A work phone or a physical token can (and will) get forgotten, a personal phone much less.
Bad actor goes to super secret page while working on ‘fixing’ and issue for the user. They then get the 2 digit request code and ask the user to input it to ‘resolve’ the issue.
Mostly the same as any other 2fa social engineering attack I guess, but the users phone does display what the code is for on the screen which could help… But if your falling for it probably not.
They said that the option to use other authenticators were disabled by their company
The ms authenticator works in ‘reverse’ in that you type the code on the screen into the phone. I assume this is preferable to corporate as you can’t be social engineered into giving out a 2fa token. It also has a “no this wasn’t me” button to allow you to (I assume) notify IT if you are getting requests that are not you.
I don’t believe that the authenticator app gives them access to anything on your phone? (Happy to learn here) And I think android lets you make some kind of business partition if you feel the need to?
I would split digital privacy from the foss and Linux discussions. They attract the same people, but are fundamentally different topics.
It also means you could get deeper into the digital privacy topic which is more useful to most people.
For the digital privacy one, ask for a volunteer (or do you!) ahead of time and get them to do GDPR requests for apple, Google, Microsoft, Meta etc. sanitizer anything they want to hide, but do a demo of what big tech actually knows about them.
Then go though how to prevent that and have a discussion on the pros and cons of that data collection. (Eg I don’t care about Google data tracking as I find the Google location history really useful)
And their bedtime brew (with vanilla and nutmeg) is the best decaf I have found too!