I agree with this. It is a real problem. The author of the article is not stupid.

The auth-auth confusion has infected the OAuth2 standard. OAuth2 docs say that the "auth" is for authorization, not authentication. But it is used widely for authentication, as it can be used for that also. Sort of. OpenID is an authentication standard built on top of it OAuth (correct me if I'm wrong), but frequently the term OAuth is used instead. Or maybe OpenID is not fully implemented in a particular case and plain OAuth is actually used for authentication.

(I am currently working on making my website compatible with a school roster provider. They tell me to use OAuth for authentication. I'm still trying to figure it out, but I don't think they are actually using proper OpenID.)

Casually using the term "auth" makes people lazy and forget the difference between the two concepts.

It would be so cool!

What percent of emails are malcious?

Is it 99.9 or 99.9999? I forget.

Yet, I use email and I find it useful.

What percent of streaming video is porno? More thn 50%? We better shut down youtube and netflix.

There is the steal-your-passwords-and-CC-numbers malicous.

And there is the steal-your-cpu-cycles-and-make-your-fan-whine-while-your-are-on-the-site malicious.

If it is the second, just leave the site.

A Flash emulator could be written in WebAssembly. No plugin required. Actually, someone is already doing it: https://github.com/ruffle-rs/r...