Great Moments in Computer Programming

[Ice Cream Jonsey]

I can't remember if I already wrote this, so apologize if this is a re-run.

I enabled 2FA for Facebook because it seemed like people could gain control of your Facebook page if you clicked some link or whatever. FB has awful security. People get hacked all the time.

I used Google Authenticator. So if I wanted to login and it wasn't saved/cached, I had to use that. I wanted to check FB when I was last on a trip and I was going to use a new laptop.

I couldn't.

I could not do so.

They STOPPED SUPPORTING GOOGLE AUTHENTICATOR. This 2FA solution which was so important, so amazing, so incredible... yeah, they just gave it up and of course I couldn't get a code for something they weren't accepting any longer.

2FA is stupid and should never be used. A username and password is all that is ever necessary.

[Jizaboz]

You said what? WHAT?!

GA is the most popular authenticator, even on an iPhone. Man, FB as a company just sounds like it's totally deflating lately! I don't think their VR rooms and shit will catch on. I see what people are doing with that sort of thing with their own tools and it looks nothing like the Meta crap.

[Ice Cream Jonsey]

I thought Google's was the most popular as well. But I must be wrong!!

[Flack]

Microsoft has rolled out an updated version of Phone Link for Windows 11 that supports iOS. Once you connect your iOS device to your computer via Bluetooth, you can send text messages to your phone through your computer.

You just can't receive them.

When someone texts me on my phone, their message does not show up in the app. I can send THEM a message from the app and THAT shows up both on the app AND on the phone. So the phone has both sides of the conversation, but the app only shows my side.

[Ice Cream Jonsey]

It is incredible to me that none of their stuff ever works, while at the same time their web automation solution is so unbelievably amazing.

[Flack]

After begging for help on Twitter, several people recommended I dump Phone Link and try an open source solution called KDE Connect, which I did. To get it working, you have to install KDE on both your computer and your phone. Unlike Phone Link which uses Bluetooth, KDE talks over the network, so step one was to go open ports on my firewall.

Once I got everything installed and talking, I discovered that KDE Connect can do about 30 neat things with an Android phone, and exactly two with an iPhone -- copy files to and from the device, and "ring" your phone remotely to find it. For these things to work, the phone has to be unlocked (open) and the app has to be running... meaning the find my phone would literally only work if you had the app open and running and lost your phone and tried to find it in the short period of time before the screen locked.

So, my two current options are one that sort of works but is a little wonky, or one that does almost nothing.

[Casual Observer]

Sorry you're an Apple user

[Ice Cream Jonsey]

Sorry you're an Apple user

I'm going to do something positive with your comment.

35 years ago there was platform bashing, but everyone's computers DID stuff. Great stuff!

Now there's platform bashing because everything everywhere is broken and nothing works.

[objectinspace]

I enabled 2FA for Facebook because it seemed like people could gain control of your Facebook page if you clicked some link or whatever. FB has awful security. People get hacked all the time.

I used Google Authenticator. So if I wanted to login and it wasn't saved/cached, I had to use that. I wanted to check FB when I was last on a trip and I was going to use a new laptop.

I could not do so.

Did you actuallly check google authenticator? Did it stop generating codes? Did you attempt to enter a generated code into facebook?

They STOPPED SUPPORTING GOOGLE AUTHENTICATOR..

At the risk of gaslighting you, I don't think this is correct. Facebook has its own 2FA implementation in their app that will let you confirm the request from another logged-in device. They used to have a code generator, but this feature has been removed. Third party solutions like MS or Google authenticator should still work. I don't use the Google one, but MS's still works (and fuck you for making me check (respectfully)).

This 2FA solution which was so important, so amazing, so incredible... yeah, they just gave it up and of course I couldn't get a code for something they weren't accepting any longer.

Yeah, I think they went to using a notification instead of a code, which is a lot easier. However I cannot defend this move as I just tried said notification effort five times and it failed to do anything. They also deserve whatever they get for making this as confusing and unhelpful as possible.

[Ice Cream Jonsey]

Did you actuallly check google authenticator? Did it stop generating codes? Did you attempt to enter a generated code into facebook?

Let me expand my comments, as I know you have a dog in the fight!

By "I could not do so," I meant that I had Google Authenticator on my previous phone. I never installed it on my current one. I worked at a place that required us to go in there 30 times a day. When I got my new phone, I was not working at such a dump, so I never installed it. I had forgotten at the time that I used it for FB too. If you just leave yourself logged into FB, you never have to use the authenticator.

At the risk of gaslighting you, I don't think this is correct. Facebook has its own 2FA implementation in their app that will let you confirm the request from another logged-in device. They used to have a code generator, but this feature has been removed. Third party solutions like MS or Google authenticator should still work. I don't use the Google one, but MS's still works (and fuck you for making me check (respectfully)).

I think that I remember reading something that said they were sunsetting support for the Google authenticator.

I tried to see where I got the info from that Google Authenticator was being sunset. First article that came up that I saw said that it could still be used. I think I saw it on FB's UI? Now I am not sure and can't remember.

Yeah, I think they went to using a notification instead of a code, which is a lot easier. However I cannot defend this move as I just tried said notification effort five times and it failed to do anything. They also deserve whatever they get for making this as confusing and unhelpful as possible.

I guess I would describe the issue as this - Facebook simultaneously:
1. Has a lot of people use their stuff who aren't computer experts
2. Has a reputation for having a difficult process in place to get your account back
3. Gets itself into situations where one account is hacked, and that account direct messages other accounts to get them taken over as well

I don't know how you fix that.

[objectinspace]

I think I saw it on FB's UI? Now I am not sure and can't remember.

Yeah, that's what I mean by them deserving the rant for making this confusing. From what I recall from earlier today, the UI said something like, 'you have it set up to use a code generator, but this feature is no longer supported. Please log in and choose a different recovery method' WHen I read this, I also assumed that meant they were not supporting code generation for account recovery... because that's basically what it fucking said. Your conclusion is entirely logical from the information they gave. But I think they just mean facebook's own code generator.

I guess I would describe the issue as this - Facebook simultaneously:
1. Has a lot of people use their stuff who aren't computer experts
2. Has a reputation for having a difficult process in place to get your account back
3. Gets itself into situations where one account is hacked, and that account direct messages other accounts to get them taken over as well

I don't know how you fix that.

Yep. All this. My own personal experience:

I do not especially care about my facebook, I have it for job reasons but do not use it. I had to change my password for some reason and fell back on an email+password combination that was in a leak database (dropbox, if I remember correctly)

Within 6 hours, someone from another country tried logging in with it. I want to say this was a victory for 2FA, but what actually happened was they saw the login was suspicious and locked my account before it got to that stage.

[Jizaboz]

Still zero regrets for never creating a Facebook account

[Flack]

Today at work I got a new iPhone. The iPhone said I could move my settings over from my iPad by placing the two devices close to one another. When I moved the iPhone near the iPad, the iPad lit up and said "cannot sync without WiFi." I unlocked the iPad and connected to WiFi. After that, the original pop-up went away. The iPhone suggested I restart the process by turning the iPad off and then on again. When I did that, the pop-up returned, but said I was not connected to WiFi. I closed the pop-up, unlocked the iPad, connected to WiFi, and waited -- nothing. If you want to know how to keep an IT guy busy for 30 minutes, I repeated this process two dozen times until I gave up.

[Ice Cream Jonsey]

I have probably written about this before, put the fingerprint-to-login on Macbooks is one of the nicest new features of modern computing and I don't know if it's work policy or the stupid Mac itself, but it absolutely does not let you use it. Maybe once a week I can actually use this timesaving feature.

In their defense, I do get my fingerprints changed every 17 hours.

[pinback]

Workin' great for me, boss!

[Jizaboz]

Yeah, I'm with Pinback. I use that feature constantly. The man ain't never fingerprinted me, but Apple has like 10k copies lol

[Ice Cream Jonsey]

I hate OTPs and 2FA so much. One of the big reasons why is that billions of devices and billions of lines of code for older devices were written before this incredibly stupid pattern came into play everywhere.

I have a Kindle 3rd Generation. For whatever reason, by not using it, it failed to work. Would reset all of the time. One of the things I did to try to get it to work is to "deregister" it on my Amazon.com account.

Well, I did some stuff and wanted to re-register it. Here's the issue:

The firmware for the Kindle wants a username and a password - your Amazon credentials.

Amazon has stupidly and indefensibly demanded that a 2FA code accompany all logins.

**They never updated the Kindle firmware to have an understanding of this. **

When you put in your username and password, you are told by the Kindle that it doesn't match an account. OF FUCKING COURSE IT DOES. I noticed a text message sent to my phone. I did some more digging and apparently the work around is to try to login a second time - after being told there's no record of your account! - and use the OTP the second time.

2FA is one of the dumbest things in my industry. Nobody was made safer for this nonsense and Amazon apparently isn't big enough of a company to have the ability to hire someone who can fix this for the devices they happily sold everyone. What a piece of shit company. I guess I am glad that the process doesn't involve locking me in my home and them sending a tornado my way.

[RealNC]

2FA is one of the dumbest things in my industry.

With people using 12345678 as their password, they had to come up with something to cut down on "my account was hacked" support requests. Valve lead the way here and started enforcing it before anyone else, since most Steam users are dumbasses.

[Ice Cream Jonsey]

Vivaldi browser (and others) HIDES the fuggin "X to close" button on tabs. God to Christ's Hands I wish they wouldn't do that shit.

Separate angering incident: is it time for us to all agree that downloading files on a phone is an enormous shitshow? Can we?

[AArdvark]

What files? Like APKs or torrents?