commit: d9691cc6b1773c15d0d528ee554475463c2e5090
parent 13b04ec73cbbd180c63a6c11ab455a67b883e5b6
Author: Haelwenn (lanodan) Monnier <contact@hacktivis.me>
Date: Wed, 24 Oct 2018 09:29:36 +0200
articles/My issue with Github (and Microsoft buying it).xhtml: Fix images link
Diffstat:
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/articles/My issue with Github (and Microsoft buying it).xhtml b/articles/My issue with Github (and Microsoft buying it).xhtml
@@ -33,8 +33,8 @@ And one of my favorite thing from coders is <q>but GitHub allows you to edit wit
<p>I posted about this on the fediverse before, probably on social.hacktivis.me (RIP). So here github with their dark pattern (Update is highlighted, so not enough privacy given?) is randomly asking me to confirm my account recovery settings. And it is actually bad for security because here it means that Facebook could gain access to Github Accounts. What could go wrong? (Note: I do have a bit of write access to few projects on github).</p>
<p>Also I use the <abbr title="Time-based One-time Password Algorithm">TOTP</abbr> token regularly and I have recovery codes in case I would lose it (actually all stored and encrypted with <a href="https://www.passwordstore.org/">pass</a>, maybe I should change that).</p>
<figure>
- <img src="images/github_confirm_recovery.png" alt="Github asking me to confirm my account recovery settings, I could risk getting locked out of my account"/>
- <img src="images/github_confirm_recovery_expanded.png" alt="Same but tooltips extended to see that “Recovery Tokens” is actually a sign-in with facebook in disguise"/>
+ <img src="/images/github_confirm_recovery.png" alt="Github asking me to confirm my account recovery settings, I could risk getting locked out of my account"/>
+ <img src="/images/github_confirm_recovery_expanded.png" alt="Same but tooltips extended to see that “Recovery Tokens” is actually a sign-in with facebook in disguise"/>
</figure>
<p>One thing I wonder is: <a href="https://queer.hacktivis.me/objects/aeb38dc5-61c9-47c9-b2c6-2827dc80dcb9">Is github putting a similar thing to people not using token?</a>. 2FA is quite useless in my case so I could remove tokens, and I could quite imagine other people doing that but on which 2FA actually increases security. Woops, less people being secure because of a bad design. (Also security ≠ usability is bullshit, but that will be for a later time)</p>
<p><a href="https://queer.hacktivis.me/objects/4e657d4d-8eb2-40a2-af0d-1b2ec9531fe4">Post for comments and sharing on the fediverse.</a></p>
diff --git a/feed.atom b/feed.atom
@@ -1,7 +1,7 @@
<?xml version="1.0" encoding="utf-8"?>
<feed xmlns="http://www.w3.org/2005/Atom">
<title>Home feed — Cyber-Home of Lanodan</title>
- <updated>2018-10-24T07:27:36Z</updated>
+ <updated>2018-10-24T07:28:47Z</updated>
<id>https://hacktivis.me/feed</id>
<link href="https://hacktivis.me/feed" rel="self" />
<link href="https://hacktivis.me/home" rel="alternate" />
@@ -14,7 +14,7 @@
<link rel="alternate" type="text/html" href="/articles/My%20issue%20with%20Github%20(and%20Microsoft%20buying%20it)"/>
<id>https://hacktivis.me/articles/My%20issue%20with%20Github%20(and%20Microsoft%20buying%20it)</id>
<published>2018-09-24T05:23:13Z</published>
- <updated>2018-10-24T07:27:36Z</updated>
+ <updated>2018-10-24T07:28:47Z</updated>
<content type="xhtml"><div>
<!--#include file="/articles/My issue with Github (and Microsoft buying it).xhtml"-->
</div></content>
