Whole-known-network
<p>The failure of passkeys to date is a particularly dramatic example of this because it's extremely high-stakes, visible, and black-or-white (you're either switching your auth to passkeys or you aren't, whereas other apps you may use in a casual or incorrect capacity). But the same problem exists in other domains, and it's almost as bad.</p>
<p>This is a particularly painful and comprehensive example of an industry-wide trend, which is that vendors are expected to deliver things as fully-formed, self-explanatory products. Users, already justifiably wary of the upgrade treadmill, reflexively flinch away from anything that looks like a big learning investment, which means "user education" is treated as a sort of taboo, something that *cannot* be made a prerequisite to using a product, because if you're explaining, you've already lost.</p>
<p>This is a great writeup of the continuing failure of passkeys to meet their potential. It demonstrates the gordian knot:</p><p>1. the ecosystem is confusing due to the plethora of different interacting layers<br />2. therefore, to simplify, every vendor attempts to own as many layers as they can, obscuring other vendors' tools<br />3. therefore, users are confused into thinking that passkeys are platform-specific, because their platform vendor is obscuring alternatives</p><p><a href="https://arstechnica.com/security/2024/12/passkey-technology-is-elegant-but-its-most-definitely-not-usable-security/" target="_blank" rel="nofollow noopener" translate="no"><span class="invisible">https://</span><span class="ellipsis">arstechnica.com/security/2024/</span><span class="invisible">12/passkey-technology-is-elegant-but-its-most-definitely-not-usable-security/</span></a></p>
<p><span class="h-card" translate="no"><a href="https://mastodon.social/@shriramk" class="u-url mention">@<span>shriramk</span></a></span> ah sorry, I added a layer of my own interpretation there. Nevertheless, in point 2 under "Speed development", it does mention the special case of Thomson gazelles. And what I like is that it provided some sources for its claims. Gemini doesn't seem to do this as far as I have tried.</p>
<p><span class="h-card" translate="no"><a href="https://tech.lgbt/@nami" class="u-url mention">@<span>nami</span></a></span> how do you spell it in Cyrillic (if you do)?</p>
<p>- Have you tried turning it off?<br />- Yes, but when I turned it back on, it...<br />- No no no, you misunderstood.</p>
<p><span class="h-card" translate="no"><a href="https://mastodon.social/@shriramk" class="u-url mention">@<span>shriramk</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.nu/@richcarl" class="u-url mention">@<span>richcarl</span></a></span> yeah I think the connotations intended by a lot of people saying it's just glorified auto complete are not valid, but I think the description of it as auto complete is helpful for understanding its strengths and limitations, it just needs to be understood that it's auto complete that is several orders of magnitude better than its predecessors</p>
<p><span class="h-card" translate="no"><a href="https://mathstodon.xyz/@jaycech3n" class="u-url mention">@<span>jaycech3n</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.nu/@richcarl" class="u-url mention">@<span>richcarl</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.social/@DRMacIver" class="u-url mention">@<span>DRMacIver</span></a></span> I agree — it's more a political statement than a technical one. And I get where it's coming from. But it's definitely not a useful (IMO) summary, and I think it also makes people who are less knowledgeable jump to conclusions that I am not sure are warranted. Maybe it gives them the technical cover to come to (quite reasonable) socio-political conclusions…</p>
<p><span class="h-card" translate="no"><a href="https://mastodon.social/@DRMacIver" class="u-url mention">@<span>DRMacIver</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.nu/@richcarl" class="u-url mention">@<span>richcarl</span></a></span> Sure, but to be fair, the other direction also assumes the conclusion by the same toen.</p>