philomory@lemm.eetoProgrammer Humor@lemmy.ml•The OTP you want to use was already usedEnglish
11·
1 year agoThat’s not quite right though, there’s the factor you know (password to your vault), and the factor you have (a copy of the encrypted vault).
Admittedly, I don’t use that feature either, but, it’s not as bad as it seems at first glance.
I’m always keen to shit on Google, but, this is about “having search terms in the query string” and “having links that take you directly to the thing you clicked on without any redirect dance to obfuscate the Referer header”. With all the other shit to legitimately complain about from Google, this seems so silly to focus on. Google isn’t even the one that sent the Referer header, that would be your browser (which, Chrome didn’t exist yet at the time). RFC1945, from 1996, for HTTP 1.0, even explicitly stated that any application that communicates over HTTP (i.e. a web browser) should offer the user a configuration option to disable sending Referer headers.
Edit: slight clarification, Chrome did exist during part of the time period that the lawsuit covers, though it only started to pick up serious market share towards the end of the relevant time period.