This is a quite scary map. They are all over my local area. It may technically be possible to route a drive around them, but if you take the most convenient path between any two points at least one camera will spot you. I'd have to leave my neighborhood through back roads and enter local shopping areas through sidestreets.

This data shouldn't even be collected in the first place, let alone consolidated into a national network that any police officer can decide to spy on me through.

I like the concept of them, and I want them to work well purely so people stop using bad passwords. But nearly everywhere does it differently and weirdly and likely wrongly.

When I log into my Amazon account with a passkey, it then asks me for a 2FA code. The 2FA code is stored on the same device as a passkey, that step literally does nothing. After I do the 2FA code, it then prompts me to create a passkey. No! I have one. I signed in with one.

Some devices give me the option to use a QR code. I like that option usually, I can easily use my phone to authenticate. But sometimes i can’t get the QR code to appear. Support varies by OS, browser, and set of installed extensions. And there’s no easy way to control which of those three handles the passkey when something decides wrongly.

I had to troubleshoot something on someone else’s computer, and saw that they logged in to windows with a passkey and QR code. I’ve looked, and I can’t seem to set that up on my windows computer. There isn’t an option to and I have no idea why.

This does unfortunately actually work pretty well as a security measure. The new domains that are cheap and good for fun side projects, are also cheap for scammers.

For a while I noticed all the scam links my grandmother was getting were from ‘.top’ domains. I fully blocked it at the DNS level. Her DNS settings also block all newly registered sites for 90 days. She hasn’t ever had issues with it. But these have actively prevented her from clicking on scam links multiple times.

Facebook, google, and all the popular sites are all older than 90 days, on popular well known TLDs. My grandmother doesn’t seek out new trendy sites.

It was definitely something I considered when buying a new domain. I sorted by price, and then immediately ignored all the cheapest domains that were ~$1 because I’ve seen them being used for scams. They may be cheap but good luck using them.

The revocation mechanism is basically just a list of revoked certificates. Without expiration dates, those lists will grow infinitely.

I’m pretty sure YouTube’s built-in AI summary is also biased towards not “spoiling” the video.

Like if the title is a clickbait “this one simple trick to..” the ai summary right below will summarize all the things accomplished with the “trick” but they still want you to actully click on the video (and watch any ads) to find out more information. They won’t reveal the trick in the summary.

So annoying because it could be a useful time saving feature. But what actually saves time is if I click through and just skim the transcript myself.

The ai features are also limited by context length on extremely long form content. I tried using the “ask a question about this video” and it could answer questions about the first 2 hours in a very long podcast but not the last third hour. (It was also pretty obviously using only the transcript, and couldn’t reference on-screen content)