17

Yeah well fuck right off then. I'm just going to build a bot to auto signup for every possible username combination left in the latin alphabet. Then after the media bullshit dies down they'll be changing this policy.

👺

Comments
  • 4
    you are ready to create billions of accounts?
  • 4
    @stop you don't need to create all of them.

    Just enough to send a message.
  • 7
    I'd love to support you in this cause.

    I don't see a reason why they should not allow this. Unless their architecture is modelled in a shitty way.
  • 2
    @sariel with 6 character usernames you are breakinf the billion barrier. And you probably have to create the accounts and delete them to trigger this.
  • 3
    But would it be enough to create an account, delete it, then register a new account under the same email? 🤔
  • 0
    just send a message
  • 2
    @theKarlisK then probably the spam detection will be triggered
  • 2
    @stop don't do it for like 999 accounts ... have a pool of emails - have a cooldown before the email is reused as well as a cooldown before the account is being deleted.
  • 2
    @theKarlisK this guy scrapy's
  • 4
    @Floydimus Oh its most definitely a stupid management decision at microsoft tO sAvE mOneY

    Should be if your account is dormant for 6 months, it's deleted. Multiple warning emails, that's how (respectful, non FAANG) services usually do it.
  • 1
    So they prevented you from giving your account the name of another account which doesn't exist anymore but once hosted the release repo of an important package that is deprecated for a long time but can still be found as dependency in some high-profile projects which did not care to update yet?

    Wonder what reason they could have for that...
  • 1
    that makes no sense.

    what if someone went to jail or the hospital ?
  • 0
    oh no! fuck. :(
    I was about to request exactly this and man I'd even be happy to pay a fee for the service... darn this sounds like stupid lazyness.
  • 1
    @catgirldev couldn't people just fork it in that case?
  • 0
    M$ bs
  • 0
    @Oktokolo sounds to me that sourcing our deps from the source is a bad idea then. Maybe we should instead use a package manager with signatures and trust keys....

    I wonder if such a system exists?/s
  • 2
    @catgirldev it stops being important to you 🤣
  • 0
    @sariel Yes, they exist - and are based on repos with known identifiers too.
  • 0
    @Oktokolo Linux package managers like apt, dnf, apk are more of what I was thinking about.
  • 0
    Ugh the deleted account they for some reason got rid of included that, heres a point stop trying to 'clean up' after me !!! assholes !
  • 2
    @sariel Well, their domain names are security relevant too. The keys their package managers use are as correct as the initial key in the iso image, the user downloaded from a website only identified by the domain name. Maybe the user even verified the ISO's fingerprint - using information from the same site of course...

    Identifiers are important because trust on first use is pretty common. Well-known identifiers changing ownership can be a severe security issue.

    A less permanent version of what Github does should be done everywhere: Keep abandoned names locked away for some time to avoid impersonation attacks in the (often surprisingly long) timeframe between a project's death and its users realizing that.
  • 1
    @catgirldev the Project:...

    One literally takes it to the grave.
Add Comment