The phone is not the second factor on your laptop. Your laptop is.

They demand affirmation as as his campaign fleshes out expect similarly targeted legislation.

lol it was a reference to your joke about going to the theatre, but the theatre being no fun.

Abraham Lincoln was assassinated in a theatre while sitting next to his wife. So the question "other than that, Mrs Lincoln, how was the play" is a quip used to highlight that something really nasty is being ignored.

Like if Mrs Lincoln walked out of the theatre having just lost her husband and someone said "well other than that, Mrs Lincoln, how was the play".

Man it's not funny now that I explained it.

"If you trust Apple to secure the secure domain on the phone, why don't you trust them to sync to another secure domain?"

Because trusting the keys into the secure enclave on the device is worlds away from trusting the enormous amount of untrusted infrastructure needed to transmit those keys to a cloud service.

"The "phone as second factor" has terrible usability. Apple isn't interested in it."

Congratulations. You win the "most wrong thing said on Slashdot today" award.
https://support.apple.com/en-a...
https://support.apple.com/en-a...

I could probably Google a dozen more links. Not only is Apple interested in it, but they are a member of the FIDO alliance and have already implemented it:
https://www.apple.com/au/newsr...

Have a nice day!

It was working months ago, but the satellite kept connecting to someone else's phone before they could get the connection to work.

Distro choice is so personal I don't advocate one but suggest trying a variety in VMs then choosing what suits your use case. Free prebuilt VM free abound online. VMs are a fine way to sample distros and keep a Windows install where useful. Of course you can run Windows VM on your Windows host for testing versions like LTSC.

I mostly have Linux hosts (I use Xubuntu LTS) with Windows guests which is a very convenient way to install Windows as one may revert to the clean install snapshot I take after install. I sample other distros as VM and when I upgrade make a VM of my old install as a very convenient backup.

For example you might try Linuxes in VMs on your Windows host, then choose a distro for bare metal. To retain your familiar Windows install on the same machine or anywhere you like (including external drives) you could make a VM of it.

LTS releases are normally best for reliability but if you need something bleeding edge for a specific task it can live in a VM instead of being the host OS.

Think of passkeys as building the TOTP device directly into every device you use. Your laptop, phone, ipad, digital dildo, whatever. They all have TOTP built right in to them. So when you turn it on and scan your fingerprint, enter your code, swipe the pattern, use face unlock or whatever, that's factor one. The device itself is factor two. So with the regular unlock mechanism you're used to, you get 2FA for free bound to a device that is (theoretically) not cloneable.

In other words, logging in to every service yo use is as easy as unlocking your phone and twice as secure.

Passkeys are SUPPOSED to be device dependant, because they turn your device into a big second factor of auth. Allowing them to be synced across multiple devices would break their fundamental nature. If you need multiple devices, just add a passkey on your other device to your SSO provider and done. You just need to enroll each of your devices once. It's really not as much trouble as it sounds and it's MUCH more secure than passwords.

Passkeys were designed pretty carefully. There's no perfect balance between security and convenience, but Passkeys are not at all a bad solution.

So, other than that, Mrs Lincoln, how was the play?