@Bluewall granted, #Ransomware also does and the #neurotypical wording may imply that only that is being accepted.

• Tho granted #DDoS does make a resource inaccessible and #MITM'ing #SSH will act like a #DoS on said connections, as mismatching #Pubkeys rightfully throw an error and cancel the connection attempt…

#Phishing doesn't impact the availability of data directly, so it's the only one where I could reasonably exclude it since phishing is only done as a means to obtain credentials, aka. obtaining access to an entrypoint.

@koenvh #FunFact: THIS is actually real when it comes to #OnionServices on #Tor / @torproject despite (or rather because of) having a self-routing and self-administrating, self-authentificating namespace utilizing #Pubkeys for addressing.

• @alecm / @alecmuffett actually has a pretty substantial list.

Mine merely covers a few #BonaFide ones and there are literal #scam businesses when it comes to the kinds of sites I won't name nor list!

@jamesh @itisiboller @finestructure

Maybe it's because the entire #TechStack on #WebDevelopment is a cancerous growth which tires to solve serious structural integrity issues with more and more flex-tape?

I think that using proper #E2EE with #PGP #Pubkeys for both Users and Servers would've alleviate the issues.

The whole #SSL fuckshitstack is bad and sadly we failed to teach users basic #TechLiteracy and now we can only broom away the glass shards before the kids trample in them...

@ljrk @lexd0g And yes, I know that #passwords are bad but besides #SSH & #PGP #Pubkeys there is no good way to authenticate that isn't like a #TOTP / #HOTP - like #2FA or some confirmation message...

#Passkey don't make people more #TechLiterate and actually learn how to use a #PasswordManager|s or exercise #SelfCustody of Keys...

Nor do they save the problem that platforms / logins don't do basic behaviour-based protection against just spamming credentials or irregular patterns.