Obligatory “fuck Spez.” I’m sure I’m not the first.
Points two and three break my heart, and exemplify why I have no interest in contributing content over there. I don’t go on sites like that to make money. There are a few - esp in niche hobbies - who do, and that’s fine, but it’s hardly the primary purpose and some folks from the FP sub have survived and thrived in the time since.
I call BS - with notable exceptions for a particular omnipresent retail chain whose ToS was recently updated so they could do substantial tracking of your traffic.
A company I work with is wholesale migrating both internal and external accounts to a third-party auth provider in whom I have very little faith. That is a concerning security risk.
Using open wifi hotspots is hardly a best practice in any world, of course, but I’m hard-pressed to believe that it takes precedence over, say, ticking the boxes on NIST CSF or PCI compliance. Or just plain old “shoulder surfing” which has always been a risk in public, but becomes much more concerning given we all have a computer screen in our hand constantly and it’s often full of data useful to someone with ill intent.
They might not get your pw or 2FA codes, but knowing your username is plenty for them to convincingly call you later, pretending to be from the bank. “Now that you’ve changed your pw, the system will send one extra 2FA code to your device as a test. Please read me the code when the text message comes in.”
Ente Photos is now open source end to end, both server and app.