>It turned out the device was a store demo unit that wasn’t properly wiped before it was sent to Collery. He said he used the phone for a couple of weeks before all of his data was erased, seemingly due to a remote action that triggered a complete reset
Seems a massive nothing burger, they fucked up, gave him another plus a credit note.
I used to always use GPG, had my keys listed on keybase, which cross references my social media and websites to validate they're me. And there already is the first problem, how do you get and trust a public key? Key servers are chock full of fake keys. Just search Linus Torvalds on there...
But even then, the sheer amount of people who'd complain and wonder what the block of base64 data was at the bottom of the e-mail, or the strange attachments I'd have (including signing other attachments) was too much to have to deal with. For the once in a million people who ever looked at key signing...
I use GnuPG daily and mandate that everyone in our organization do the same. As part of the onboarding process, I have a doc explaining how to install GnuPG, generate keys and how to share their public key in a specific place in our network.
Once you force people to do it, it is not terrible once they get the hang of it.
I wouldn't recommend for your own mental stability to look at /r/sysadmin when it comes to any sort of DNS or E-Mail issues. It really shows just how many bad systems administrators there are out there, who do not have a basic understanding of the systems they're using.
Just a few years ago, Atlassian required you to add an unnecessary include: record to your SPF record, and wouldn't use your domain for emails until they scanned your SPF record for that include. https://jira.atlassian.com/browse/AX-1477
You'd think companies generating as much email as Atlassian would know what they're doing.
So Hashcash was, as far as I'm aware, the first PoW system ever developed, but I'm not aware of it ever actually being deployed as an antispam measure. And indeed, the history of bitcoin also demonstrates why Hashcash would have ultimately failed as a spam-prevention measure: bitcoin can only be effectively mined by large, dedicated farms (or just outright stealing others' resources). There is no clearing price for compute that would have let regular people (especially those on anemic hardware, think "feature phone in Africa") send email while prohibiting people with access to large resources (e.g., botfarms) from mass email.
At least in part, because of your workflow, is that it's a ticketing system. Much easier to manage than having people reply to e-mails (even when you specifically state "REPLY ABOVE THIS LINE!" they are absolute cretins.)
Which is in the RFC, but yet the sheer amount of times I sign up for something. Like a bank, or a financial firm, get the confirmation e-mail, and then click "Verify your address"
And get HTTP500 as their SQL has kicked up a stink
(The RFC also allows for (recursive (comments, so there's probably a middle ground between insanely overengineered specifications and a )))regex( someone found on a PHP forum somewhere (and yes this post is a valid email address (assuming there is a local regex account (or alias)))
My bank does a PUSH notification that is "Please log into the app to read an important message", which is usually just my monthly statement or whatever.
And then also sends an e-mail, which sometimes I confuse and think is ANOTHER message, and log in again....
It has a "Download this message as a PDF" button, which just takes you to a web-browser wrapper....
reply