this post was submitted on 30 Aug 2024
55 points (83.1% liked)

News

23287 readers
4375 users here now

Welcome to the News community!

Rules:

1. Be civil


Attack the argument, not the person. No racism/sexism/bigotry. Good faith argumentation only. This includes accusing another user of being a bot or paid actor. Trolling is uncivil and is grounds for removal and/or a community ban. Do not respond to rule-breaking content; report it and move on.


2. All posts should contain a source (url) that is as reliable and unbiased as possible and must only contain one link.


Obvious right or left wing sources will be removed at the mods discretion. We have an actively updated blocklist, which you can see here: https://lemmy.world/post/2246130 if you feel like any website is missing, contact the mods. Supporting links can be added in comments or posted seperately but not to the post body.


3. No bots, spam or self-promotion.


Only approved bots, which follow the guidelines for bots set by the instance, are allowed.


4. Post titles should be the same as the article used as source.


Posts which titles don’t match the source won’t be removed, but the autoMod will notify you, and if your title misrepresents the original article, the post will be deleted. If the site changed their headline, the bot might still contact you, just ignore it, we won’t delete your post.


5. Only recent news is allowed.


Posts must be news from the most recent 30 days.


6. All posts must be news articles.


No opinion pieces, Listicles, editorials or celebrity gossip is allowed. All posts will be judged on a case-by-case basis.


7. No duplicate posts.


If a source you used was already posted by someone else, the autoMod will leave a message. Please remove your post if the autoMod is correct. If the post that matches your post is very old, we refer you to rule 5.


8. Misinformation is prohibited.


Misinformation / propaganda is strictly prohibited. Any comment or post containing or linking to misinformation will be removed. If you feel that your post has been removed in error, credible sources must be provided.


9. No link shorteners.


The auto mod will contact you if a link shortener is detected, please delete your post if they are right.


10. Don't copy entire article in your post body


For copyright reasons, you are not allowed to copy an entire article into your post body. This is an instance wide rule, that is strictly enforced in this community.

founded 1 year ago
MODERATORS
all 10 comments
sorted by: hot top controversial new old
[–] Chozo@fedia.io 61 points 2 months ago (1 children)

"Bank Robbers used Honda, Toyota, and Camry getaway vehicles"

Like... okay? That's hardly the issue. The login systems used have nothing to do with the crimes being committed.

The article's paywalled, so I dunno if there's much more to it than this, but this seems like a ridiculous headline.

[–] cm0002@lemmy.world 16 points 2 months ago (1 children)

Right, and the article makes it sound like a good thing that an SSO provider should be policing things. I see it as almost as bad as PayPal "policing" things against their moral code i.e. when they freeze funds for completely legal NSFW creators

[–] tal@lemmy.today 5 points 2 months ago* (last edited 2 months ago)

Right, and the article makes it sound like a good thing that an SSO provider should be policing things

I've been very leery about the idea of letting companies own someone's credentials via SSO in general, so if it encourages at least diversification away from a few SSO providers, I'm kind of enthusiastic about SSO providers imposing restrictions on people using their services.

[–] MagicShel@programming.dev 47 points 2 months ago (1 children)

You don't need to be vetted to use OAUTH. And you shouldn't need to be. It would kill OAUTH completely.

[–] cheese_greater@lemmy.world 12 points 2 months ago (2 children)

Won't this make it super easy to track down whoever's using this?

Yeah. You have to make a developer account to make an API token in order to setup any of those oauth options.

Granted, you could just put in random bullshit in the developer accounts, but generally I'd bet google would still know who the person involved is.

[–] MagicShel@programming.dev 7 points 2 months ago

So I'm thinking back to the times I've used it. I want to say I assume they have a way to track where this is being used based on referrer, but I don't remember clearly enough. I don't think a given token has to be tied to any URL. You just get a token and validate it with a service.

But people who use it on a daily basis could probably answer more definitively. I've just used it a couple of times and didn't bother retaining it because it's easy to figure out when you need it.

[–] garpujol@discuss.online 20 points 2 months ago

Blaming the company for SSO lol

[–] Hotzilla@sopuli.xyz 7 points 2 months ago

Uh, someone really don't know how OAuth works.