I bought Reus 2 (A puzzle god game) at launch last month - game changer!

Finally a game that I enjoy playing on the deck and actually want to play after work on my commute etc. highly recommend it.

Isn’t this functionality already built into the default web UI?

A) discord

B) make friends with one person that does this or plays with other groups, then join them when they are playing with others

It’s probably a single dev that made the decision, then moves onto something else. They (probably?) don’t have the ability to just raise a recurring PO etc to easily pay you and don’t care enough to worth through the paperwork.

If you had a paid licencing model they may have done it, or just found another lib/ wrote their own.

What is their monetisation plan? Currently they don’t seem to have anything other than donations?

🤣

oooh, ty

they just send a OTP to your email with the idea that you should be keeping your email secure (and that email providers are more secure than they can be)

The whole site seems like a PoC - the accounts don’t even have passwords! (I could actually kinda get on board with this)

yeh, thats what I mean, who knows what the state of the market will be in 25 years, unless its an insurance backed guarantee, be very suspicious of it.

Or that they were expecting to be out of business by then…

Yeh, they have managed to keep the range and attraction that you have both a new student trying to buy the cheapest possible set of furniture for their student flat and some rich retirees fitting out their holiday home buying in the same place.

I got a POÄNG chair, love it. But there are cussions for it that are more expensive than the entire chair I bought!

It’s amazing, and probably great for the upsell as there is always something slightly nicer.

Nvidia IS making a profit on it though. It’s the whole “in a good rush, sell shovels” thing.

AMD uses chiplets in their CPUs, you can see it in the picture - they have a CPU bit, a GPU bit and an AI bit.

Much like you can buy SKUs with or without graphics you will be able to buy models with or without AI.

Oh it WILL cause security issues. It’s just a tradeoff against if they are worth the benefits.

You can probably get the URL for a companies SharePoint pretty easily, but you need a login. You are able to get a PAs credentials through a phishing link etc but need the 2fa code.

You do the IT phishing attack (enter this code for me to fix your laptop being slow…), get them to enter the code and now you have access to a SharePoint instance full of confidential docs etc.

I’m not saying it’s a great attack vector, but it’s not that different to a standard phishing attack.

You could attack anything that’s using the single sign on. Attack their build infrastructure and you now have a supply chain attack against all of their customers etc.

It helps but its not enough to counter the limits of human gullibility.

It requires the bad guy to go to the page and ask the user to enter the code the bad guy gets

It’s not that different is it? You still need to get a user to share/enter a live code?

From a practical PoV - most people have their phone on them all the time. A work phone or a physical token can (and will) get forgotten, a personal phone much less.

Bad actor goes to super secret page while working on ‘fixing’ and issue for the user. They then get the 2 digit request code and ask the user to input it to ‘resolve’ the issue.

Mostly the same as any other 2fa social engineering attack I guess, but the users phone does display what the code is for on the screen which could help… But if your falling for it probably not.