[bduerst]

How do you solve problems arising from bad actors without an object representing the user?

[psanford]

We're just talking about software delivery here. Its the same as Debian not requiring you register before using `apt` to install packages (or every other linux distro).

[bduerst]

The article gives specific examples like virtual meeting software that doesn't have users, just URLs. It's more than that.

[hedora]

The solution for that is easy: Don't share the new URL with someone that was a jerk in the past. (And don't make it easy to guess meeting URLs)

[bduerst]

How do you share a URL without a user representation to share with? How do you prevent others from sharing URLs with bad actors? Or meeting passwords?

https://en.wikipedia.org/wiki/Zoombombing

[tedunangst]

You send the url to your friends however you like. Email, chat, QR code. You don't send it to people who aren't your friends.

[bduerst]

> How do you prevent others from sharing URLs with bad actors?

Sure, but then the student who shares their interactive class URL (w/ or w/o password) on 4chan still isn't accounted for.

[wpietri]

It depends on context, but often having an object representing the user is at best a speed bump to a bad actor. Social media's an obvious example here. I know Twitter does quite a lot to limit bad actors, but the outcome is still not great.

The vast bulk of sites want to make signup easy, meaning user objects are cheap. Cheap user ids are easily disposed of and replaced. So if you need to keep bad actors out, user accounts may not help a ton.