More data contradicting the existence of “echo chambers”. As I’ve argued many times before, the concept of an echo chamber or information bubble is not real. The podcast below is an interview of an author of a study where they actually intervened and changed the information diet of 20,000 people (with consent!), then surveyed them after three months. They observed essentially no changes to the study subjects’ beliefs and attitudes. They also observed that the typical person, while they tend to gravitate towards people with similar political leanings, only get about 50% of their content from such like-minded people. They get the rest from neutral sources and maybe 20% from non-like-minded people.

Varied information diet + No change in attitudes when information diet is forced to be different = no echo chamber.

Listen to the podcast episode here

⤋ Read More
In-reply-to » How is everyone finding GitHub CoPilot? 🤔 Good / Bad ? 🤔

@prologic@twtxt.net

  1. It’s criminal: Copilot was only possible because of massive theft of other peoples’ work (no compensation or even acknowledgement to any of the developers whose code was used to create Copilot)
  2. It’s positioned to put software developers out of work or so fully de-skill them that they no longer know how to code anything but prompts (after which come corporate-justified salary and benefits decreases)

Don’t use it. No one should ever use it. You’re destroying your own future as a software developer by leaning on and supporting these things.

⤋ Read More

How Google Authenticator made one company’s network breach much, much worse | Ars Technica

🤦‍♂

WHY are these big companies treated as though they are the be all and end all of infosec? These are rookie mistakes Google’s making, at scale.

Unfortunately Google employs dark patterns to convince you to sync your MFA codes to the cloud, and our employee had indeed activated this “feature”. If you install Google Authenticator from the app store directly, and follow the suggested instructions, your MFA codes are by default saved to the cloud. If you want to disable it, there isn’t a clear way to “disable syncing to the cloud”, instead there is just a “unlink Google account” option.

Like, never ever put your multi-factor tokens into a single cloud storage location! The whole point of this being “multi” factor is that there is a separate, independent physical factor involved in the authentication process. If the authenticator app on your phone puts the tokens in the cloud, then it reduces the security that comes from having a second factor. This is basic stuff.

Of course, never ever use Google Authenticator. All it does is generate TOTP and HOTP codes, which you can do with any OTP app, preferably an open source one that’s been vetted.

⤋ Read More
In-reply-to » Truly don’t like the extra tap/click that’s required to gaining access to a new post. Whose idea was it to hide it behind “details"? Whoever was it, they can bite my shinny ass! >:-)

@prologic@twtxt.net really?! Woah. If I were to run a pod, that would be first modification I would apply. See how Elk (elk.zone) does it.

Elk interface showing how it does new posts
Download

Elk interface showing how it does new posts

⤋ Read More

Truly don’t like the extra tap/click that’s required to gaining access to a new post. Whose idea was it to hide it behind “details”? Whoever was it, they can bite my shinny ass! >:-)

⤋ Read More