It's not the cost, it's the headache. Do I need to worry about setting up SSO, do I need to work with procurement, do I need to do something in our SOC2 audit, do I need to get it approved as an allowed tool, etc.

Whether it's $100/year or $10k/year it's all the same headache. Yes, this is dumb, but it's how the process works at a lot of companies.

Whereas if it's a free tool that just magically goes away. Yes, this is also dumb.

SMS 2FA is good enough for most people most of the time. It's very bad at preventing high-skill targeted attacks against individuals, but it's perfectly good at preventing mass brute-force attacks.

It's popular because it solves the problem (not ALL problems, but the one they're trying to solve) and it's easy and low-barrier to implement and use.

The problem with this is no one can agree about what "at scale" means.

Like yes, everyone knows that if you want to index the whole internet and have tens of thousands of searches a second there are unique challenges and you need some crazy complexity. But if you have a system that has 10 transactions a second...you probably don't. The simple thing will probably work just fine. And the vast majority of systems will never get that busy.

Computers are fast now! One powerful server (with a second powerful server, just in case) can do a lot.

I think it's perfectly fair for them to say "we're not doing this any more". The sketchy part is deleting the public registry at docker.io/bitnami rather than just no longer updating it. Why can't docker.io/bitnami become the 'legacy' registry, receive no future updates, so at least folks who don't hear this news won't have pulls suddenly fail?

edit: like if I have a package on NPM and I want to stop offering it, I think it's shitty to just delete it. That breaks builds.

>>>Others didn't even know what was going on at the time and were let into the capital building by police officers and were arrested anyway.

If you're part of a mob and the police get out of your way that's not them "letting you in", that's them falling back as opposed to causing more violence. I think J6 folks were treated extremely gently, all things considered. If the guy in front of you breaks down a door and then you walk in behind him, you're also doing something wrong.

https://www.snopes.com/fact-check/capitol-police-waving-vide... for a specific fact check to the "police waved them in" claim.

>>>The Democrats in the UK

Those aren't the Democrats. I do think the UK is going too far with their speech controls and their "online safety" laws.