this post was submitted on 13 May 2024
536 points (90.5% liked)

Mildly Infuriating

35601 readers
415 users here now

Home to all things "Mildly Infuriating" Not infuriating, not enraging. Mildly Infuriating. All posts should reflect that.

I want my day mildly ruined, not completely ruined. Please remember to refrain from reposting old content. If you post a post from reddit it is good practice to include a link and credit the OP. I'm not about stealing content!

It's just good to get something in this website for casual viewing whilst refreshing original content is added overtime.


Rules:

1. Be Respectful


Refrain from using harmful language pertaining to a protected characteristic: e.g. race, gender, sexuality, disability or religion.

Refrain from being argumentative when responding or commenting to posts/replies. Personal attacks are not welcome here.

...


2. No Illegal Content


Content that violates the law. Any post/comment found to be in breach of common law will be removed and given to the authorities if required.

That means: -No promoting violence/threats against any individuals

-No CSA content or Revenge Porn

-No sharing private/personal information (Doxxing)

...


3. No Spam


Posting the same post, no matter the intent is against the rules.

-If you have posted content, please refrain from re-posting said content within this community.

-Do not spam posts with intent to harass, annoy, bully, advertise, scam or harm this community.

-No posting Scams/Advertisements/Phishing Links/IP Grabbers

-No Bots, Bots will be banned from the community.

...


4. No Porn/ExplicitContent


-Do not post explicit content. Lemmy.World is not the instance for NSFW content.

-Do not post Gore or Shock Content.

...


5. No Enciting Harassment,Brigading, Doxxing or Witch Hunts


-Do not Brigade other Communities

-No calls to action against other communities/users within Lemmy or outside of Lemmy.

-No Witch Hunts against users/communities.

-No content that harasses members within or outside of the community.

...


6. NSFW should be behind NSFW tags.


-Content that is NSFW should be behind NSFW tags.

-Content that might be distressing should be kept behind NSFW tags.

...


7. Content should match the theme of this community.


-Content should be Mildly infuriating.

-At this time we permit content that is infuriating until an infuriating community is made available.

...


8. Reposting of Reddit content is permitted, try to credit the OC.


-Please consider crediting the OC when reposting content. A name of the user or a link to the original post is sufficient.

...

...


Also check out:

Partnered Communities:

1.Lemmy Review

2.Lemmy Be Wholesome

3.Lemmy Shitpost

4.No Stupid Questions

5.You Should Know

6.Credible Defense


Reach out to LillianVS for inclusion on the sidebar.

All communities included on the sidebar are to be made in compliance with the instance rules.

founded 2 years ago
MODERATORS
 

Please use a personal email. My email is 'mail' @ 'my actual name'. It does not get more personal than that

But you can't use emails starting with mail@, admin@, support@, info@, main@, etc.

Instead they advised me (3 times) to create a personal email on a service like Yahoo, Outlook, Gmail, Orange, etc

you are viewing a single comment's thread
view the rest of the comments
[–] neatchee@lemmy.world 8 points 6 months ago (2 children)

You're not wrong, but this isn't really a security matter, it's an "apparent uniqueness" matter. Their goal, I assume, is to satisfy critics enough that a given petition's participants are sufficiently unique while keeping the barrier to filling out the form as low as possible. So they end up in a situation where neither of perfect, but they're both "good enough" for what the business needs.

I dealt with this in the anti-cheat space: my goal was never to remove all cheating, because that's too expensive (insanely so). My goal was to make the public believe they weren't playing against cheaters too often. If the solution was forcing the cheaters to perform at a level that was just below the most skilled human players, that was actually a success, because if the players can't differentiate between cheaters and pro players, then they can't effectively determine how prevalent cheating actually is.

Part of me hated that we had to treat it that way, but another part of me understood that if I pushed too hard on "eliminating cheating" my department would become more costly than it was worth and they'd pivot away from gameplay that needed anti-cheat at all

[–] kashifshah@lemmy.sdf.org 2 points 6 months ago* (last edited 6 months ago) (1 children)

Risk management is the name of the game, as always, eh?

That’s a slick technique for anti-cheat, heh. What did you think of the Call of Duty “fake data” approach? That cracked me up - things in game that only cheaters can see, so they end up self-reporting themselves as cheaters lol

[–] neatchee@lemmy.world 2 points 6 months ago (1 children)

As it ever will be, much as it may pain our moral sensibilities.

Re: CoD - I loved it. Laughed my ass off. Absolutely a big fan of creative approaches to getting cheaters to tell on themselves. I proposed something similar to my team when we had a problem with players manipulating the position of objects in the world so they were directly in front of the player: add an object of the same type inside map geometry and attach a "kill volume" to it, so it was like a landmine. Move the object in front of the player and they instantly die :P Wish we'd done it but couldn't get the level designers' time to implement it unfortunately

One we did do though: back when the product I worked on was on PS3 one of the big problems was hacked consoles spoofing platform entitlements (the thing that tells the game what purchases they should have access to). So we added an entitlement that couldn't be acquired in any legitimate way, and gave you a specific item in game. Then we just checked player inventories once a week for anyone with that item and banned their account, their console, and any account that played on that console for a meaningful amount of time. Did the same thing with an item you could only get to by clipping through geometry. Even put the word "intrusion" in the item's name haha.

The cheats are so technically complicated at this juncture that the creative stuff is often the most effective. I mean, people are literally voluntarily installing hypervisor rootkits to run the cheats, so they can talk to their drivers below even the kernel. It's so hard to come to with technical solutions to a problem like that that doesn't wind up costing massive server processing power to validate every input.

[–] kashifshah@lemmy.sdf.org 1 points 6 months ago (1 children)

Haha that is a great idea! Give the landmine kill a special animation just to make sure that the cheaters get the message or let them figure it out in time lol?

Heh, did you share that inventory technique on news.ycombinator? I could have sworn that I read a story there a team doing that.

I know exactly what you are talking about - I was digging into the modding of this one game and happened upon a cheater’s forum. Blew my mind that the first step was to completely gut your computer’s security lol. But at the same time, was enlightening to see that. Seems like some of the work has been moved to the Anti-Cheat systems, but I’m guessing that there must be large gaps in what the AC can actually do for you at the application level?

[–] neatchee@lemmy.world 2 points 6 months ago* (last edited 6 months ago)

Let em figure it out. Wasting their time is a core strategy in reducing their impact and will to continue cheating

I certainly didn't share it myself but it's possible my old boss did!

TBH, in my very personal opinion the third party anti-cheat apps are like 50% placebo. Just makes people feel better. They are very protective of their "secret sauce" but I can say none of them are anywhere close to perfect. The thing they're best at is taking the easy stuff off our plates so we can focus on the more difficult problems of hardening the game itself and analyzing telemetry.

[–] kashifshah@lemmy.sdf.org 1 points 6 months ago (1 children)

I spent about a decade in the enterprise software development space, so I totally get it. I couldn’t put it into words as well as you did, however.

After watching the FCC bigwigs debate robocalls several years ago, I’ve become a believer in a future where your internet access is always authenticated to your real life ID, dark web excepted of course.

In their case, it was posited as a best-in-class solution to the problem of spam in the telephony space. Same logic applies to email. I mean, look at what Twixxer did with the verified checkmark requiring a credit card. The trend is already there.

I get the fear of being de-anonymized on the internet, but it may be the case of something we hate being something we need, when you start to throw deepfakes into the mix.

[–] neatchee@lemmy.world 3 points 6 months ago (1 children)

Funny you mention the robocall thing... I'm literally leaving a company that works on that problem (though not as their primary business) Wednesday. It was a short stint - mostly because they are resistant to solving massive technical debt problems and I'm not trying to doom my future self - but what I witnessed was....depressing. Getting anything done was like pulling teeth, and that's with the recent FTC pivot to taking this stuff more seriously. STIR/SHAKEN is a reasonable start but it still has almost no teeth behind it.

I'm with you on the identity issue. I mean, if we're being really honest, the only people losing out by not implementing strong personal identification verification are the legitimate end users because the threat actors have gotten so unbelievably good at fingerprinting user behavior. And it's only going to continue getting worse. With ML growth as unfettered as it is, there is nothing we can do. So I'd much rather take the reigns and make identity verification a robust feature instead of a bug we can't squash.

[–] kashifshah@lemmy.sdf.org 2 points 6 months ago (1 children)

Kudos for looking out first your future self - I had to leave the field entirely after it got to the point where I couldn’t stand to look at a computer anymore. Still can’t for more than an hour, two years later.

I intend to reply more later, because this does deserve a longer reply, but I am short on steam.

In the meantime, have you heard of login.gov? Check that out. The day that .com gets a hook into that is the day that identity problems are (mostly) solved.

[–] neatchee@lemmy.world 2 points 6 months ago (1 children)

Yes! I LITERALLY just set up my stuff there a few days ago for TSA Precheck and CBP because I'm heading to Japan next month. I love what they're doing.

[–] kashifshah@lemmy.sdf.org 0 points 6 months ago

Heh, I saw it on news.ycombinator.com back when it was announced- they have made strides if you can access TSA now!

In the beginning it was just a form for every manner of authentication and then a big CTA, essentially telling other .gov entities to start making project requests.