Who's trying to break the internet today?

abates said:

This is in violation of the licenses both wiki operate under,

Click to expand...

Really? I was under the impression that wikis generally are under a "Yeah everything here's free to use, whatever" license. And if that's not the case, then what's the legal basis for the maintainers of one wiki to just leave and copy everything over to another one?

Also: There is one instance where a wiki was allowed to leave and completely wipe the (at the time, still Wikia if not WikiCities) original version from Jimmy Wales' server for good: WikiFur. I don't know how that happened, and I'm still kicking myself for never asking the owner about it when he was still around.

Specifically most Wikis these days use the Creative Commons "CC BY-SA" license which allows anyone to share and remix the content however they like. The sticking point is the "BY-SA" part which adds two conditions, one of which copying-pasting the content violates.

That condition is "Attribution — You must give appropriate credit, provide a link to the license, and indicate if changes were made. You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use."

If someone is spinning off a wiki, they will export the entire history of each article which includes attribution for every user who worked on it, satisfying the attribution condition.

On the other hand, if someone copy pastes the current revision of an article from one wiki to another, the revision is displayed on the second wiki as though it was their own work and no attribution to the original authors is given. You can do this while satisfying the license by including a template or note of some kind linking back to the original wiki to say "Some or all content on this page is from this other wiki, here's the page so you can see who worked on it" but in my experience 99% of the time someone who is copypasting won't bother.

NovaSaber said:

TF Wiki's situation is complicated because the old site is still up too (apparently someone who wasn't an admin pre-move gained administrator access, or something like that?), or at least it was the last time I heard it mentioned.

Click to expand...

TFWiki was code-forked from Teletraan 1 on Wikia back in September 2008. Teletraan 1 languished for a while but is rebuilding, my understanding is that generally the new contributors endeavour to not use TFWiki's articles as the basis for their own even with the CC-BY-SA Creative Commons License applying to both wikis.

For whatever it's worth, I invoked that license and provided attribution to TFWiki in my article on universal streams on the Fanon Wiki (which is also part of Fandom, formerly Wikia).

They're claiming this is more secure, but it sounds bad to me:

I'm unclear how a PIN is any less stealable than a password. Obviously they can't mandate biometrics because Windows is (for now) capable of being installed on desktop computers, which have no built-in cameras or fingerprint scanners, so this is arguably a step backward for those users.

I'm pretty sure this kind of PIN never gets sent over the internet connection, it just tells the device itself to use its passkey.

So it probably is less vulnerable to interception (and also useless if not entered from the device with the passkey)...but just as guessable if your device itself gets stolen. (Actually more guessable because it's shorter and simpler.)

Oh, I thought it meant they were getting rid of passwords to log into the computer itself. How are they going to "force" every website on the internet to abandon passwords in favor of however this works? And is it only going to apply if you're using Edge, which nobody actually does?

This is for Microsoft account stuff, which would include logging into your computer (or doing administrator stuff on it from non-administrator accounts), but also online things like Outlook, OneDrive. Office 365, etc..

Or finding your BitLocker Key if your drive gets encrypted by a vibecoded update...

NovaSaber said:

I'm pretty sure this kind of PIN never gets sent over the internet connection, it just tells the device itself to use its passkey.

So it probably is less vulnerable to interception (and also useless if not entered from the device with the passkey)...but just as guessable if your device itself gets stolen. (Actually more guessable because it's shorter and simpler.)

Click to expand...

I have to use this on my work computer, and yes, Windows Hello basically uses your computer as a passkey itself for M365 etc.

The PIN though, despite being called that, can be an actual password. You can enable additional character types and make it as long as you want, if desired, but it will not be used anywhere outside of your machine itself.

The parts that sound bad to me are

On the consumer side, with Microsoft Password Manager, users can now save and sync passkeys across devices signed in with their Microsoft account, with support for iOS and Android rolling out soon through Microsoft Edge.

Click to expand...

So, they're going to force me to connect my phone to my Microsoft account if I want to ever be able to check my email on it?

Microsoft Entra ID account recovery, generally available today, strengthens security for recovery flows by enabling users to regain access to their accounts through a robust identity verification process.

Click to expand...

Since "Bitlocker" and "making passwords not work" are more likely reasons to get locked out of my stuff than anyone else ever getting into it, this just sounds like an excuse to collect more data, which means it would be much worse if anyone else ever did get into it than it is now.

Users can regain access after losing all authentication methods by using government-issued ID and biometric face checks. At general availability, we are expanding our identity verification ecosystem with two new partners—1Kosmos and CLEAR1—joining our existing partners Au10tix, IDEMIA, and TrueCredential.

Click to expand...

So, just like most ID verification bullshit, it's not even handled by the government or by the large corporation that probably already has more data than you explicitly gave it, but by companies no one ever heard of that have data harvesting as their entire business model.

Also, "save and sync passkeys across devices" sounds like the opposite of passkeys being device-specific, which would defeat the point of them

This is exactly why I block Windows updates.

There's also an assumption that the device has webcameras. Even if you -wanted- to, you can't do biometric ID like that without a camera, and not all machines have one. Same with the ID.

Dekafox said:

There's also an assumption that the device has webcameras. Even if you -wanted- to, you can't do biometric ID like that without a camera, and not all machines have one. Same with the ID.

Click to expand...

Good point. My desktop does not have a webcam. My laptop has one, but my antivirus attacks it if it tries to do anything.

Something not necessarily political this time, but Google search basically killing itself:


A few choice bits from the article:

At Google I/O this week, the company announced the biggest change to Search in 25 years. The ten blue links? Gone. Instead, you get “generative UI” – custom interactive widgets, built on the fly by Gemini. You get “information agents” that monitor the web for you around the clock. You get mini-apps you can build right inside the search box, using natural language. And with Gemini Spark, you get a personal AI agent that runs 24/7, connected to your Gmail, your Drive, your calendar, your photos, and soon your local files and third-party services.

Click to expand...

And they'll build the ads directly into the answers:

It turns out there’s a small but growing body of research – some of it from Google’s own researchers – exploring exactly how ads could work inside LLM-generated output. And the ideas are as fascinating as they are unsettling.

One approach, proposed by Google Research, is what you might call a “token auction.” In this model, advertisers don’t buy ad slots on a page. Instead, they bid, token by token, on the actual text the model generates. Each advertiser brings their own LLM, and an auction mechanism decides whose model gets to influence the next word. The output is a weighted blend of competing interests, shaped by who’s willing to pay more.

Another approach – also from Google researchers – fits the new “Search” much more precisely. It’s called “prominence allocation.” Here, when a user submits a query with commercial intent, the system runs an auction that doesn’t just decide which ads appear, but how prominently the LLM writes about each one. The auction outputs a prominence score for each advertiser, essentially telling the model: give this product 35 words, that one 20, and this one zero. The ad isn’t next to the answer. The ad is the answer. Or rather, it shapes how much space and enthusiasm each product gets within the answer.

Click to expand...

As to what they told he ad agencies after that?

Then, one day later, Google held Marketing Live, its annual keynote for advertisers. Same campus, same week, different audience. And there, the language changed completely. Vidhya Srinivasan, VP of Google Ads, put it plainly: “The best ads must be answers.” Ads are already running inside AI Mode. They’re not banners next to the output. They’re generated by Gemini to read as part of the conversation. And advertisers who want to appear in the new AI search? They must hand over creative and targeting control to Google’s system. “You can’t choose keywords anymore,” Srinivasan said.

So yes, Google didn’t talk about ads in the I/O keynote. Everything they announced is the new ad system. One that, in the eyes of Google, no longer needs the open web as an intermediary. And now, they’re gradually turning it on.

Click to expand...

They can get fucked, I'm switching to bing.

I quit using Google as my main search engine years about (DuckDuckGo has been better for at least as long as I've been using it), but wow, they've decided to just...have Google "search" not even be a search engine at all anymore?

Why? Even if I wanted to ask questions to an AI for some reason, I'd expect there to be a different site for that, seperate from the one that, by definition, has the sole purpose of finding other websites.

I'm starting to think it's time we nerds ditch the Web entirely and start building something new of our own, from scratch.

My backup plan is Fujinet. It's still the internet, but it's niche enough that no one is trying to destroy it yet.