Anonymous
My feedback
4 results found
-
2,617 votes
An error occurred while saving the comment Anonymous
supported this idea
·
-
120 votesAnonymous
supported this idea
·
-
125 votesAnonymous
supported this idea
·
-
192 votes
An error occurred while saving the comment Anonymous
commented
Governments (including US) use push notifications for surveillance and they issue gag orders to companies when doing so.
https://www.schneier.com/blog/archives/2024/03/surveillance-through-push-notifications.htmlI don't need absolutely instant push notifications from my email, but I do need to be notified *eventually* that I have new mail. Just give me an option to do a wake-poll-sleep on a timer in the app where I can choose the frequency. I would probably set it to 15 or 30 minutes personally, but it wouldn't be unreasonable to set it to hours.
What I want to avoid is me constantly opening my mail app all day long just to check for new messages.
Anonymous
supported this idea
·
I should **NEVER** be expected to type my master password into a website. It should always **ONLY** be entered into an installed extension or mobile app, and ideally one that isn't auto-updated.
If you require users enter their master password into a website, you are putting users at risk of DNS attacks, compromised server infrastructure attacks, etc. While syncing an encrypted database to the cloud is certainly useful and should be retained, user should not be fetching client code from a server regularly (outside of user-controlled updates through a highly secured update system).
Training users to enter their master password into a website is a great way to encourage users to get phished as well. If they only ever enter their password into a mobile app or browser extension, they are much less likely to be phished.