It depends on your threat model. It does mostly reduce the benefit from 2FA, but you are probably still very safe if you use a random password per site. I mostly use 2FA when forced (other than a few high-value accounts) so I don't worry about it. For most people having a random password which is auto-filled so that you don't type it into the wrong site is more than sufficient to keep themselves secure.
These are real issues however they are pretty easy to mitigate, and I would say that the upsides of a password manager far outweigh the downsides.
Make sure that you are regularly typing your master password for the first bit. After that you'll never forget it. You can also help them out by saving a copy of their master password for them at least until they are sure they have memorized it. There are also password managers where you can recovery your account as long as you have the keys cached on at least one device.
This is far, far outweighed by the risk of password reuse. This is because when a single one of the sites you use gets hacked then people will take that credential list and try it on every other site. So with a password manager there is just one target, without it is one of hundreds of sites where you reused your password. Many password managers also have end-to-end encryption so without your password the sync service can't be hacked (as it doesn't have access to your passwords).
The idea is that by making it free to individuals they build up market familiarity and expectation. Free personal use is just marketing for the paid product. Then they can turn to businesses and convince them that they should offer their system as a service and charge them for it.
The closest alternative is probably Plus Codes. They are driven by Google but are free to use for everything with a pretty plain and simple Terms of Use.
Instead of words they use an alphanumeric encoding. The main downside is that this can be less memorable but the upside is that it works for users of all languages and you can shorten the codes by using a Country or City reference as well as control the precision.
The best option is probably using a geo: URL. This should open in all devices in their favourite mapping application. Example. If you want to link to a specific store or similar beyond just a location you can add a "query" which some apps will use to highlight that. Example.
Another decent option is Plus Codes. These are a bit shorter and easier to manage but lack a URL format as far as I can tell. MJ75+P3 Toronto, Ontario.
You can also just link to an alternative service such as Open Street Maps. This avoids Google but still imposes a particular service on others.
Yeah, this is basically my line. If I intentionally subscribed I will be sure to unsubscribe properly once (maybe twice). But if it was unsolicited then it will be marked as spam.
Probably not. Google Ads explicitly allows mismatch between displayed domain and actual domain. This is literally a supported configuration with no tricks.
The link you sent gives me a "Redirect Notice" interstitial that mitigates this attack greatly.
Allowing showing different domains than the actual click target is wildly reckless and should be punishable.
"Oh but our poor advertisers want to use click tracking and it is too hard to set up on their main domain". Oh boo hoo, I'm sure if it is important to them they will figure it out.
I regularly consider doing this. Obviously it is great from a privacy perspective. But I hate dealing with cash, especially change. With cards I just have one thing in my wallet and it just works forever. My bank account is automatically charged at the end of the month. With cash I need to keep refilling my wallet and carry around annoying change.
I would love to have something digital but also private (like Monero). But so far I have been picking convenience over privacy.
This is sort of a scam though. Credit cards give rewards, but then charge the business for the processing fees. So the business needs to raise prices to cover the fees. So really no one is getting that 2% except for the card network. And if you don't use a card you lose 2%.
It is basically a protection racket. "It would be a shame if you didn't use our credit card and had to pay 2% more everywhere"
Yes, I know it is complicated. Handling cash also costs non-trivial amounts. I know that the EU has limits on fees (and that is why basically no credit cards have rewards there). I also know that some businesses see the fee as more of a marketing costs because higher spenders tend to use cards and people tend to spend more on cards.
Yeah, the nice thing about per-app is that you can configure it for each app separately. But I'll be honest that isn't something that I regularly do. If I am voice chatting with friends that will usually be a superset of what I want to send to a game's voice chat.
Instead of system wide PTT per-app you may consider some software that mutes your mic for all apps as PTT, then just leave the mic "active" per-app.
I don't know if a tool that will do this but on my mouse I have configured a mic mute toggle. So I push to start and stop. However technically I don't think there is any restriction to setting up PTT via this mechanism.
This is my dream. However I think my target market is smaller and less willing to pay (personal rather than business). However maintenance is low effort and I want the product for myself. So even if it doesn't make much or anything I think I will be happy to run it forever.
The ultimate dream would be to make enough to be able to employ someone else part time, so that there could be business continuity if I wasn't able to run it anymore.
There is definitely isolation. In theory (if containers worked perfectly as intended) a container can't see any processes from the host, sees different filesystems, possibly a different network interface and basically everything else. There are some things that are shared like CPU, Memory and disk space but these can also be limited by the host.
But yes, in practice the Linux kernel is wildly complex and these interfaces don't work quite as well as intended. You get bugs in permission checks and even memory corruption and code execution vulnerabilities. This results in unintended ways for code to break out of containers.
So in theory the isolation is quite strong, but in practice you shouldn't rely on it for security critical isolation.
It depends on your threat model. It does mostly reduce the benefit from 2FA, but you are probably still very safe if you use a random password per site. I mostly use 2FA when forced (other than a few high-value accounts) so I don't worry about it. For most people having a random password which is auto-filled so that you don't type it into the wrong site is more than sufficient to keep themselves secure.