yes it makes me question the entire article

MAC addresses don't leave the local network when using TCP/IP. I don't understand this part of the article.

AI *is* replacing people. If you haven't seen this, you aren't paying attention or don't have insight into whats happening in businesses. Most people only work at one company so it's understandable. I consult for over 200 businesses per year and AI is absolutely replacing people right now.

in what legal way would a phone call be any different than an MFA challenge as far as impacting whether a phone could be subpoenaed? both involve another side with exhaustive logging. neither provide your employer with any access to your device. if you use your phone to place a call, you've exposed it just as much as using it to do MFA imho

it doesn't support "phish resistant" MFA with push notifications

we allow users to use their personal devices for MFA as a convenience, and we provide physical Yubikeys to users that prefer not to use their personal device for MFA. we do not provide phones or require anyone to use their own for anything. the vast majority of users opt to use their own device rather than carry the yubikey

yes this is the best technique we've found so far, but some users still rush to install a fake one or seem to struggle with basic reading comprehension.

the point is that this problem shouldn't exist in the first place

that would be nice but our corporate phone system doesn't do SMS and I'm not of fan of having the techs use their personal devices for work purposes. plus users tend to bother them directly if they know their cell #. we really aren't a bunch of idiots, this is just not a simple problem to solve

we are IT. we aren't involved in making job offers. we just get a ticket to onboard Bob Smith

difficult to send them anything until they are onboarded to our communications system, which requires the MFA app. Kind of chicken and egg situation

My IT team regularly has to help iPhone users install the Microsoft authenticator app for MFA as part of adding them to our email system. It is very difficult to walk someone through this over the phone as there are so many fake authenticator apps with very similar icons. They even work, they just charge a $10/month subscription for something the official MS app does for free.

AI didn't set the password to 123456 in mcdonalds hiring system. Is this award just going to anything that in any way remotely involved AI?

I agree. The summary evens mentions staff having time to attend training sessions or take a walk. These are real benefits being delivered even with a product that noone would argue is at the cutting edge of current AI. As you mention, with time and experience people will find ways to maximize these benefits even as the product itself improves.

I know, I know, don't feed the trolls ...

While not explicitly listed it could be argued that it is implicitly listed via:

1. The Constitutions' Ninth Amendment:

Ninth Amendment
The enumeration in the Constitution, of certain rights, shall not be construed to deny or disparage others retained by the people.

2. The Bill of Rights' Tenth Amendment

Amendment X
The powers not delegated to the United States by the Constitution, nor prohibited by it to the States, are reserved to the States respectively, or to the people.

That is, does the Bill of Rights or Constitution say that we CAN'T repair?

isn't that basically what PCI, HIPAA and such were supposed to be?