zlacker

[return to "Google Web Environment Integrity Is the New Microsoft Trusted Computing"]
1. baz00+8t[view] [source] 2023-07-27 07:01:00
>>neelc+(OP)
The problem here is that most people don't give a crap. I was explaining this situation to my girlfriend last night over a drink. She's a high level academic with a strong mathematical and logical background in a different field but she didn't really formulate an opinion on it past "if my stuff keeps working, why is it a problem?". Which is fair, because it's a hypothetical risk, but the side effects are a net negative and the open nature of the web is at risk.

As always people see the happy path down the middle of the forest, not the creatures waiting to leap out and eat them two steps down the line.

◧◩
2. genoci+xt[view] [source] 2023-07-27 07:05:18
>>baz00+8t
> "if my stuff keeps working, why is it a problem?"

"Is your stuff going to keep working? There's literally a website dedicated to the products Google has killed. What makes you think you're so special that they won't do that to something you use?"

Of course, you're probably sleeping on the couch that evening...

◧◩◪
3. baz00+Mt[view] [source] 2023-07-27 07:07:39
>>genoci+xt
Well that's exactly it. Her entire professional life is also tied to a free Gmail account she refuses to pay for too.
◧◩◪◨
4. genoci+nu[view] [source] 2023-07-27 07:13:15
>>baz00+Mt
I will preface this with the agreement that I am kind of an asshole on some things. With that out of the way...

I would find quite a bit of value in getting that person locked out of their google accounts and forcing them to deal with the consequences; Especially if the lock-out was just me getting in and changing their password so that their access can still be recovered. A little controlled scare would be far better than getting locked out at some unknown/unprepared-for point in the future.

So perhaps in your case, the wise thing to do would be to ask your gf to try to pretend she was locked out of her google accounts for a week. Force her to see how much she relies on it, and how bad it is when that spf actually fails. You could probably accomplish it by allowing her to change the password to something she doesn't know for a week.

◧◩◪◨⬒
5. baz00+nv[view] [source] 2023-07-27 07:23:08
>>genoci+nu
I would agree but it's best to boil the frog slowly I find. One divorce was enough here ;). I've just got her to back up her stuff onto OneDrive and an external disk so if she's hacked or the house burns down then she's covered. Next is MFA. Then a custom email address which will feed into your point. I'm selling it on taking control of her identity.
[go to top]