There is no pair for the enterprise users signing in with their company's SSO or those using Passkey.
I think what some sites do is have a visually hidden, not required password field that a password manager can fill in. If it's not a password-based auth, the flow goes to the next step but if it is, it reveals the password field which may already be filled in.
If someone enters a username that doesn't exist in the system then you randomly prompt for password or alternate method, so it looks like an account may exist.
Username enumeration isn't usually considered a vulnerability, but it does make other attacks, like credential stuffing, easier. I.E. you can focus attack resources on usernames that have active accounts.
It's very low on my list of concerns though, usually there's much worse problems when I pentest.
It's done that way as an overreaction to B2B customers which may want totally isolated per-tenant systems.
Take Okta login for example. Okta wants to offer big hyper-secure customers an option of "if you want, we can run our system in your cloud/data-center/whatever". To support that kind of system, you go to to the https://login.okta.com/ page and enter your email, JUST your email. Okta uses that to look up which customer tenant you belong to, then sends you to customer.okta.com where you enter your password. This way, the password only goes through infra owned by big-customer.
Okta then just builds everything with his indirection so they can move customers to it.
There is a company that makes a plurality of government software that still used VBScript-based HTML pages that required IE7 compatibility mode for their court management software when I left a few years ago.
Doing close work with your eyes can cause your ciliary muscles (they flex your lenses to focus) to be overworked. They seize up, and lose the ability to relax to their former length. When your lens can't relax, you can no longer focus to infinity.
Are you talking about Virginia where their constitution requires two legislature votes and an election between changing district maps? A fact everyone knew before attempting a redistricting to eliminate Republicans seats by forcing six districts to run through Fairfax…
California, Illinois, and New York, rigged decades earlier than your screen told you to be mad at republicans who in reality are playing catch up on gerrymandering.
But I noticed you’re trying to avoid the actual point.
Virginia illegally pushed a new map against their own state constitution and their Supreme Court shot it down. Cry more about it.
Yes, I’m a partisan hack. Yeah that’s what’s going on here. You read the referendum question they pushed in Virginia and pretend you’re on the correct side of legitimacy.
>California, Illinois, and New York, rigged decades earlier than your screen told you to be mad at republicans who in reality are playing catch up on gerrymandering.
Gerrymandering gave Republicans more seats than they deserved if all votes were equal in 2010 (+9), 2012 (+19), 2014 (+17), 2016 (+21), 2018 (+2), 2020 (+2). The closing of the gap since 2018 is the reason why Republicans restarted gerrymandering and made it their platform.
My memory also starts more than a year ago, but I have clear data to show that gerrymandering over-represented the GOP for more than a decade - on top of the Senate being structurally biased in favor of Republicans.
- the pardon of anyone involved with Jan 6, both the invasion of the capitol, the fake electors and the truthers that were condemned for lying in court or just plain contempt;
- the promotion of 2020 election deniers to positions of power over the elections in the current administration;
- the promotion of incompetent but loyal people at the head of the DOJ, FBI and DNI, who all refused to answer the question "who won the 2020 election" in a straight manner during hearings;
- the strategy of universal gerrymandering being a capstone of the GOP platform;
- the Supreme Court's recent ruling on VRA, and subsequent action to make sure it is applied ASAP even though the election affected has already begun (which is the exact opposite of how they ruled in the past);
- the constant refusal of Hesgeth to commit to the rule of law;
- the prosecution brought against six lawmakers for daring to remind soldiers they can only follow lawful orders;
- the constant accusations of voter fraud that don't exist;
- the attempt to forbid early voting, impose citizenship obligations
But really, don’t you think it is just so interesting that almost all of Reddit agrees with you almost verbatim. How strange that they are have your exact talking points!
Distraction from the mortgages, taxes, inflation etc. all of which is the modern equivalent of slavery. When the slaves are distracted they are unlikely to rebel.
Or the vast grift… or the $1bn request for “ballroom” funding… or $1.5tn for the defense department… or the ballooning public debt at $40tn and counting, now cresting above 100% yearly gdp.
"Gaming"[0] companies are audited for the expected value each coin toss/slot machine roll etc. has - typically it's a high and unusually precise percentage, like e.g. 95.1681%.
The scam in is advertising, that emphasizes how much you can potentially win, even though obviously on average the house takes those few percent each time.
[0] A term they like to use to describe themselves.
It’s a scam when the house takes $1 from that $100 each time. These unlicensed internet gambling halls most certainly take their cut, whatever that amount is.
It's only a scam if they don't disclose that. If the house brought the two people together I'd say it's fair as services rendered. I don't get mad when a bar charges more than the base cost of the alcohol.
> now everyone but the house is guaranteed to lose.
Gambling is about more than making money. Most gamblers do not expect to win, they do it because its entertaining. Paying $1 for the opportunity to participate in the coin flip is something many people are happy to do. Negative EV does not equal losing because you forgot to include the entertainment value.
Scams involve deception. There is no deception in a business that is upfront about taking a fee to match gamblers.
This would happen to me when I played pool. I would master a skill overnight, somehow, and come back to the table the next day leveled up--far better than I had left off the day before.
This is one of those situation where both things can be true at the same time.
Social media companies have shown that they do not give a shit about the mental health of their users, quite the opposite seems to be true. Yes, parents are responsible for teaching their children about the reality of modern social media, but they can only do so within the limits of their abilities and understanding. It's similar to smoking. Yes parents are responsible for teaching their children about the dangers of smoking and encourage them not to, but no one thinks removing the age restriction from tobacco is a sane idea.
One one side you have big companies paying huge amounts of money to super smart people to get teens hooked on their products.
On the other side you have parents who on average dont understand how social media algorithm works or in some (too many cases) they cannot follow the logic to a second order effect.
Even here we have comments saying something like "be smarter and teach your kid to be smarter than big social media companies" not understanding that addiction cannot always be defended by improved IQ. Geniuses can have addictions too.
Why stop at removing restrictions on social media, why have laws at all, they're just mindless paternalism! why should we have seatbelts? why have laws against murder? Mindless paternalism is all those laws are!
Not all laws are are meant to protect people from themselves, most laws aren't.
Murder isn't illegal because we want to protect people from the results of their actions, it's illegal because we want to protect people from the actions of others. (Or, failing to do that, punish the aggressors in response) Surely you see the difference?
Basically, the argument is that people's liberty should only be restricted up to the point of defending the liberty and rights of others. If an action hurts no one other than its actor, the state has no right to restrict them. People should be free to live in line with their wishes and conscience up to the point of not violating the rights of others.
With regard to seatbelt laws, I would ask the same question, as I do think that the seatbelt laws are also paternalism and morally wrong.
But no one, including the government, is omniscient. This turns all agency into "exploitation", and the only logical conclusion is that all decisions for all people should be made by the most informed. Surely you don't argue that would be a good thing?
The mindless paternalism is the point! People like this want a Nanny State to enforce their own ideals, as they arbitrarily believe themselves to be morally superior.
That’s why these laws happen to begin with. It starts as “Think of the children”, and ends with the death of the anonymized internet.
Governments crave that, and scared, hapless citizens who refuse to learn how to raise a child want Daddy Gubament to do it for them, and so push these laws into existence.
"Almost every state has some sort of parental responsibility law that holds parents or legal guardians responsible for property damage, personal injury, theft, shoplifting,
and/or vandalism resulting from intentional or willful acts of their un-emancipated children."
"Parental responsibility laws are one vehicle by which parents are held accountable for at least a
minimal amount of damage caused by their children as a result of intentional acts or vandalism"
Using social media is not a crime. I think what we’re talking about here is child welfare or child protection laws (which all 50 states probably also have).
if disallowing social media use below the age of 16 becomes a law (like the article's proposed bill), and a kid breaks that law, this seems like a perfect example of holding the parents liable?
but also yes, child welfare laws and such are also pretty fitting examples. i dont think the person asking for an example was really asking in good faith, anyhow.
My understanding in this case the social media company is liable for allowing a child to access social media. So is not a crime for a child to use social media.
> Children cannot be left with the responsibility for staying away from platforms they are not allowed to use. That responsibility rests with the companies providing these services. They must implement effective age verification and comply with the law from day one
sure, that sounds right for how it is currently. my parenthesis above is probably wrong.
but the whole point of my example was showing that its absolutely possible to hold parents accountable for their childs actions. there are dozens of laws that do so already. so there is no excuse why a social media ban could not be written in the same fashion as those laws, rather than moving parental responsibility onto tech companies.
Laws hold parents accountable for their childrens' crimes, not their noncriminal actions. Nothing about this is saying that accessing social media is a crime -- that would be more similar to drug possession laws, firearms licensing, etc.
If your child is drinking: they are violating the alcohol possession age limit themselves; you are liable for their crime plus child endangerment if you gave them the alcohol; and whoever sold or supplied them the alcohol is violating a separate law. Sounds like we're trying to apply the same structure to social media, except (so far) with no possession/usage law.
I don't really see how that is relevant? Isn't that law making a parent responsible for actions their child commits that hurt others? Child protection laws like preventing child labour, not selling alcohol/cigarettes, etc aren't this.
its an example of holding the parent responsible when the child breaks a law.
if accessing social media below 16 becomes illegal, this is a literal perfect example of holding parents accountable for their kids illegal activity. you can't possibly get more relevant.
there is no reason to shift parental responsibility onto tech companies. we have existing laws that can be used as templates for social media bans.
Correct me if the US is different, but in the country I live in the onus is on the bar or liquor store if they sell alcohol to a child, not on the parent. Why would it be different for a social media ban?
Oh man where I'm from they'd probably just laugh and put them to bed. jkjk
To be honest I did some brief searching and couldn't find anything! The parent will be liable if someone at your home drinks and drives home drunk, but I couldn't find anything specific about children consuming alcohol alone. It is only illegal to sell alcohol to minor, underage alcohol consumption is explicitly legal if supplied and supervised by an adult.
Now I'm sure if the child were to be young enough other child abuse laws could come into play, but it looks to be exceedingly rare.
okay, so we now have: parent/homeowner responsible if someone drives home drunk, parent responsible if child gets drunk via abuse/neglect laws, and parent responsible for other crimes and damages caused by a child via dozens of individual laws.
is that enough examples to satisfy your initial request?
(which was a request for examples of the extremely broad statement: "We used to hold parents liable.")
So I asked for examples because there is a large difference between "We used to hold parents liable" meaning "we used to, socially, hold parents accountable for raising well adjusted humans" (which I would mostly disagree with) vs. "we used to persecute parents for normative laws" (which I mostly agree with).
I know your point is talking about point 2, but I believe OPs comment was about point 1. But I also still don't know what the "used to" means in the original, do we not anymore?
We're trying to authenticate a pair: user/pass.
reply