zlacker

> Do we know for a fact there are Microsoft employees who were told they have to use CoPilot and review its change suggestions on projects?

It wouldn't be out of character, Microsoft has decided that every project on GitHub must deal with Copilot-generated issues and PRs from now on whether they want them or not. There's deliberately no way to opt out.

https://github.com/orgs/community/discussions/159749

Like Googles mandatory AI summary at the top of search results, you know a feature is really good when the vendor feels like the only way they can hit their target metrics is by forcing their users to engage with it.

replies(3): >>XorNot+Z1 >>dsign+u3 >>nyarla+eC1

>>jshear+(OP)
Which almost feels unique to AI. I can't think of another feature so blatently pushed in your face, other then perhaps when everyone lost their minds and decided to cram mobile interfaces onto every other platform.

replies(3): >>Frost1+X2 >>diggan+43 >>hoistb+i4

>>XorNot+Z1
To some degree I think part of its “hey look here, we’re doing LLMs too we’re not just traditional search” positioning. They feel the pressure of competition and feel forced to throw whatever they have in the users face to drive awareness. Whether that’s the right approach or not, not so sure, but I suspect that’s a lot of it given that OpenAI is still the poster boy and many are switching to using things like ChatGPT entirely in place of traditional search engines.

>>XorNot+Z1
> I can't think of another feature so blatently pushed in your face

Passkeys. As someone who doesn't see the value of it, every hype-driven company seems to be pushing me to replace OPT 2FA with something worse right now.

replies(1): >>simonw+f5

>>jshear+(OP)
Holy sh*t I didn't know this was going on. It's like an AI tsunami unleashed by Microsoft that will bury the entire software industry... They are like Trump and his tariffs, but for the software economy.

What this tells me is that software enterprises are so hellbent in firing their programmers and reducing their salary costs they they are willing to combust their existing businesses and reputation into the dumpster fire they are making. I expected this blatant disregard for human society to come ten or twenty years into the future, when the AI systems would actually be capable enough. Not today.

replies(1): >>diggan+t7

>>XorNot+Z1
"social" in the mid '00s was like that.

>>diggan+43
It's because OTP is trivially phishable: setup a fake login form that asks the user for their username and password, then forwards those on to the real system and triggers the OTP request, then requests THAT of the user and forwards their response.

Passkeys fix that.

replies(1): >>diggan+i7

>>simonw+f5
Except if you use a proper password manager that prevents you from using the autofill on domains/pages others than the hardcoded ones. In my case, it would immediately trigger my "sus filter" if the automatic prompt doesn't show up and I would have to manually find the entry.

replies(1): >>ipsi+Fa

>>dsign+u3
> What this tells me is that software enterprises are so hellbent in firing their programmers and reducing their salary costs they they are willing to combust their existing businesses and reputation into the dumpster fire they are making. I expected this blatant disregard for human society to come ten or twenty years into the future

Have you been sleeping under a rock for the last decade? This has been going on for a long long time. Outsourcing been the name of the game for so long people seem to forgot it's happening it all.

>>diggan+i7
And yet that's not enough, even when someone very definitely knows better: https://www.troyhunt.com/a-sneaky-phish-just-grabbed-my-mail...

Turns out that under certain conditions, such as severe exhaustion, that "sus filter" just... doesn't turn on quickly enough. The aim of passkeys is to ensure that it _cannot_ happen, no matter how exhausted/stressed/etc someone is. I'm not familiar enough with passkeys to pass judgement on them, but I do think there's a real problem they're trying to solve.

replies(1): >>diggan+vc

>>ipsi+Fa
If you're saying something is less secure because the users might suffer from "severe exhaustion", then I know that there aren't any proper arguments for migrating to it. Thanks for confirming I can continue using OTP without feeling like I might be missing something :)

replies(2): >>skydha+nh >>simonw+1R

>>diggan+vc
> If you're saying something is less secure because the users might suffer from "severe exhaustion"

Something "$5 wrench"

https://xkcd.com/538/

>>diggan+vc
Passkeys genuinely do protect against severe exhaustion attacks.

replies(1): >>diggan+cN2

>>jshear+(OP)
>Like Googles mandatory AI summary at the top of search results, you know a feature is really good when the vendor feels like the only way they can hit their target metrics is by forcing their users to engage with it.

People like to compare "AI" (here, LLM products) to the iPhone.

I cannot make sense of these analogies; people used to line up around the block on release day for iPhone launches for years after the initial release.

Seems now most people collectively groan when more "innovative" LLM products get stuffed into otherwise working software.

This stuff is the literal opposite of demand.

>>simonw+1R
Yeah, but they genuinely also prevent you from moving away from companies in the process of enshittification, since the whole export/import thing seemingly hasn't been figured out or even less been deployed yet.

Besides, if you ignore security alarm-bells going off when exhausted, I'm not sure what solution can 100% protect you.