Home to all things "Mildly Infuriating" Not infuriating, not enraging. Mildly Infuriating. All posts should reflect that. Please post actually infuriating posts to !actually_infuriating@lemmy.world
I want my day mildly ruined, not completely ruined. Please remember to refrain from reposting old content. If you post a post from reddit it is good practice to include a link and credit the OP. I'm not about stealing content!
It's just good to get something in this website for casual viewing whilst refreshing original content is added overtime.
Rules:
1. Be Respectful
Refrain from using harmful language pertaining to a protected characteristic: e.g. race, gender, sexuality, disability or religion.
Refrain from being argumentative when responding or commenting to posts/replies. Personal attacks are not welcome here.
...
2. No Illegal Content
Content that violates the law. Any post/comment found to be in breach of common law will be removed and given to the authorities if required.
That means: -No promoting violence/threats against any individuals
-No CSA content or Revenge Porn
-No sharing private/personal information (Doxxing)
...
3. No Spam
Posting the same post, no matter the intent is against the rules.
-If you have posted content, please refrain from re-posting said content within this community.
-Do not spam posts with intent to harass, annoy, bully, advertise, scam or harm this community.
-No posting Scams/Advertisements/Phishing Links/IP Grabbers
-No Bots, Bots will be banned from the community.
...
4. No Porn/Explicit
Content
-Do not post explicit content. Lemmy.World is not the instance for NSFW content.
-Do not post Gore or Shock Content.
...
5. No Enciting Harassment,
Brigading, Doxxing or Witch Hunts
-Do not Brigade other Communities
-No calls to action against other communities/users within Lemmy or outside of Lemmy.
-No Witch Hunts against users/communities.
-No content that harasses members within or outside of the community.
...
6. NSFW should be behind NSFW tags.
-Content that is NSFW should be behind NSFW tags.
-Content that might be distressing should be kept behind NSFW tags.
...
7. Content should match the theme of this community.
-Content should be Mildly infuriating. If your post better fits !Actually_Infuriating put it there.
-The Community !actuallyinfuriating has been born so that's where you should post the big stuff.
...
8. Reposting of Reddit content is permitted, but attribution is not required in any way. No links to Reddit in post body
-If you would like to provide a source link, do so in the comments but not in the post body.
...
...
Also check out:
Partnered Communities:
Reach out to LillianVS for inclusion on the sidebar.
All communities included on the sidebar are to be made in compliance with the instance rules.
How hard is it to implement email verification?
The worst login option is Google and Facebook, because they don’t allow creating separate accounts without identity verification by phone number or by connecting a phone with Google services. For now, other services still allow creating an account without linking your identity, but that won’t last long 😢
How hard is it to implement email verification?
Harder, actually.
That's the point of OAuth, which is what you're seeing there.
The idea is that you're you and you have a... google account. This shitty little website doesn't want to be responsible for you login details, because those can get stolen. Maybe they contain an email address, which is a problem. Software needs to be updated, it's all a big. They don't want to touch anything in terms of security that identifies you as you.
Maybe all the website does is save your favorite pepe memes. They don't need anything else from you, but they still need to have something to get a user id and make sure nobody messes with your pepe meme collection. That's where this system comes in, because the rest of website becomes significantly easier. They don't need to store anything personally identifying, all they get is an ID and they can connect it with your pepes.
The only downside to OAuth is, as you can also see, that it's corpos you don't want to trust that are offering it.
Okay, but where is the link to this Pepe memes page?
Yeah show us deh memes
Was just about to say getting Auth right is super hard. Getting someone else to do it for you is a godsend.
Well there is that, but it also gets them potentially a whole bunch of extra info about you, and lets them link you up with data from other sites they may own or share data with.
It does tell you what you're about to give them, but 25+ years in the industry has taught me only too well that nobody ever reads anything ever.
It reminds of this:
There were more options on the website, but I forgot the name of the website, and I cannot find it now... :(
What!? I can't even log in using my PornHub credentials? Fucking amateurs.
How is it login with YouTube and login with Google two different things. It's the same login.
What website is this?
It's kirka.io.
How hard is it to implement email verification?
Securely? Very fucking difficult.
If I don’t have the option to use email or continue as guest I refuse to use whatever the site or app is.
Datamining.
What do they get that you wouldn't get from signing up regularly ?
If you use the same Google account for a bunch of different third party websites, Google gets to associate your activity on those websites to you, giving them more points of data about you. They wouldn't offer themselves as a login option if they didn't make money out of it.
Also if you use your Google email for many other services it becomes even harder to ditch Google afterwards.
I can see how they got there from the implementation side. There's a library they used for their site, maybe a CMS, where all those choices are just a click away. But for email they have to get their hands on an SMTP server. And that takes non-zero effort.
Exactly this
Yes, I prefer an Email/password, too, so to depend less on third-parties, and keep it more transparent.
Yet, OAuth/OpenID is significantly easier legally and financially than Email processing (even via outsourced services as MailChimp) and store someone's personal information as Email address in databases, if compared to a social account ID, in long term.
Not only that, but OAuth providers have APIs to get sufficient User information, and regularly actualize, including: Name, Email (yet, by requested/allowed scope only), activity on that social network as posts/channels/followers count etc., which may be a requirement for their Staff/algorithms to determine the priorities for transactions/support and/or security involved.
This right here. I'd rather my email stay the source of truth for auth, but totally sympathize with website owners that don't want to store and protect any sensitive user data (like an email address and password).
I do wish some sites would offer the magic link option if they don't want to keep password hashes. It has problems too, but can be a simple way sometimes.
On some level I know the OAuth flow should be pretty safe. The idea that I have one identity that gets me into multiple sites makes a lot of sense. And I'm already using the same email in most places, so it's not like I'm anonymous anyway.
And yet... I can't convince my paranoia that 'sign in with Google' isn't oversharing. I always worry that authorizing with other sites will give too many permissions to see/alter Google/whatever data, or that clicking it will take me to a fake Google/whatever page where I give away my creds.
If you log in with social media, they get more than your email address. Data mining.
They do not, normally, unless you specifically allow that. Yet, indeed, many services enable/require quite permissive scopes by default.
Regardless of your privacy choices, if you are using a shared login, that activity is connected with your broader profile.
If i cant log in with an independent email then I'm not logging in.
I had the same problem yesterday as I was investigating tailscale. And while I get it for that service, there's no reason for some of the other services that ask me to link my other accounts to them as a means of logging in.
No. I will not consolidate my log-in profiles under companies that dont see me as a person, care about my privacy, and are working with hostile governments to track me.
Semi-Anonymous or nothing. Period.
I feel conflicted. OAuth gets a lot correct in so far as most sites don't have to deal with a lot of difficult auth bits, but also I don't like having to rely on big (usually social media) companies to be the auth source.
I think about dnssec a lot.
It feels to me like there should be some form of public key infrastructure where there is a global root key (or short list of) then providers that can issue certificates out to other smaller organizations or individuals who could then use that source of trust to prove who they are. Imagine OAuth but you could just fill in your provider of choice (self hosted?) and if the certs checked out everything would verify correctly.
That being said who does the bits around ensuring that you are who you say you are. I suppose a government body running such a system could work though I sweat at the idea of going to the dmv to reset a forgotten password or report a stolen identity.
Idk maybe if I think about this enough I can come up with a cryptography secure system...
You just invented passkey with oauth.
In the EU, plenty of national ID systems exist. A world where a unified standard exists for these systems and I can just use the "EU login" standard instead of having to rely on a specific (usually American) vendor to manage my auth would be great.
That's like every freaking store offering me a "points" plan. All this shit is getting out of hand already.
VK? The Russian porn site?
I've always hated that shit. Why would I want to add dependencies to my fucking logins?
I dislike sites like this, I usually click away or just don't sign up
Oauth should become federated, just as email.
Then the browser should generate the buttons based on which oauth services you actually use.
Whatever site that is, I dont need to be there.
Guess I’m not logging in
