I believed Trump was insane/an idiot during his 1st mandate. I no longer believe so.

I firmly believe he is an ingenious antagonist with ulterior motives using advanced manipulation and destabilization techniques. He moved the Overton window so far and fast that the world doesn't know how to react, and any reaction will be too little too late.

Trump is taking the USA's economical/social structure apart at a frightening pace, and unfortunately a lot hinge on the USA elsewhere.

He should not be seen as incompetent/unfit for office, he should be seen as a hostile entity to get rid of yesterday.

And I fear it's too late, the USA won't react until he's made the "necessary constitution changes" and been elected for his 3rd mandate.

Getting rid of Europe's ties with the USA will be arduous but I don't see any alternative

Of course kerberos tickets can be abused too in a lot of fun ways, but on a modern network PTH is pretty much dead and a surefire way to raise a lot of alerts

(You are absolutely right that privileged accounts must never login on less privileged assets, however!)

Well I don't disagree that it might be possible to abuse cloud sync in some way to export the secrets, but it's not quite as egregious as just including the secrets by default in an app backup

Not perfect, but (imho) still better than SMS 2FA, mail 2FA, or lack of 2FA

Citation needed? Yubico authenticator doesn't (the secure enclave is the Yubikey). I'd be very surprised if MS Authenticator and Authy (which I don't use but are the most popular apps that I know of) support such backups

You should decide whether you are building this for yourself or as a product to others. Each stance is perfectly valid but are somewhat not compatible, the software can be very opinionated or intuitive but attempts to be both seem to often fail.

If you are building opinionated software for yourself and are ok with alienating a part of the userbase: great, some great software are built this way! (Alacritty, Kakoune come to mind). This should be clearly communicated to prospecting users though, it may need to convey "this software has strong opinions you may not agree with, that's fine but it may not suit you" somehow.

If you aim for maximum reach: expect your sense of what is "intuitive" to constantly be challenged, and to have to make many difficult compromises. You also need to take feedback from a more forgiving angle, and above all, assume good faith from your users. In this instance, GP stated their enthusiasm for your shared vision of the problem space, and your knee-jerk reaction was calling them a troll.

Builders of opinionated software should pay trolls no heed and refrain from engaging, and builders for maximum reach should think trolls don't exist.

footnote: `toad run` expecting a folder and not a command seems to fall in the "opinionated" ballpark

When ChatControl will be in place, it'll only be a matter of time

[0] CVSS is often poorly understood and used by internal teams so for our internal engagements, we prefer words like "minor", "medium", "major", "critical" to describe criticity and impact and "easy", "medium", "hard" to describe exploitation difficulty (which loosely translates to likelihood), and the reasoning behind all this is very similar to what CVSS does

However:

> I think this is a uniquely American problem because America is a unique country. No other nations have the incredible wealth, diversity, and rights of America, and looking to other countries to emulate is imo, a mistake.

- increased wealth should be correlated with a reduction in shootings,

- population diversity is not a unique feature of the USA, it is comparable, or arguably lower, than most European countries,

- same for rights: the rights of a USA citizen are comparable to the average EU citizen. Many EU countries allow the possession of guns (although most forbid taking arms out of one's home unless it's for transport, e.g., to the firing range, and most EU states vehemently forbid concealed carry). There are some differences regarding Free Speech, however, where most EU countries allow it largely, but restrict hate speech more.

It's true that shootings are a somewhat unique USA problem, but I'd look more into cultural differences than into rights and demographics.

Apple is extremely user-hostile, going to great lengths to strip users of control of their devices, gaslighting them into staying in the walled garden (with great success), while simultaneously siphoning as much user data as it can get away with, and employing as many dark patterns as it can to prevent the users from exercising their rights (it's worse than Meta in this regard).

Truly, Apple always amazes me with its ability to put expensive rose tinted glasses on its users's noses.

We have no proof of extraterrestrial life. Yet.

The malware my family is most exposed to nowadays have names: Onedrive, iCloud, Google Drive. They are all designed to collect all the user's data, are all opt-out, opting out is filled with dark patterns. And regarding dark patterns, having recently gone through the motions of downloading all my data and then deleting my X, Facebook, Instagram, Microsoft, Google and Apple accounts, I can confidently say that Apple is by far the _worst_. Yes, when it comes to exercising one's rights, Apple is worst than even _Facebook_.

Users are much less exposed to non-branded malware nowadays, as the incentives to torrent random crap have mostly disappeared, and protection against spam/fishing has improved.

Would it happen as often if the tooling was free?

1: you can set secure defaults at one place globally, but your code must be correct all the time to be free of SQLi

2: it's usually not the same persons who configure the DB and who write the code.

Security is an onion, not a coconut.

I strongly think you are wrong, and I strongly disagree with your points, but I don't see why your opinion should disappear, lest this thread turn into an echo chamber.