How about using M$ Edge on Linux? /s

Seriously though, one of my friends uses Edge on Windows, Linux, and Android. I still couldn’t wrap my head around his decision.

Judging by the craiglist watermark on the bottom right, it’s probably just a meme listing.

Just FYI, Arch Linux has a tool called Archiso that you can use to create live ISO image. You can copy the default releng config and edit the package list accordingly.

Translation:

今天我们吃鸡腿 - We are eating drumsticks (“The Future”) today

dog furiously eats broccoli (Wayland icon)

等下 - Wait a minute

味不对劲啊 - That doesn’t taste right

你是不是又坑我了 - You are not tricking me, are you?

我看看 - Let me see

我就知道吗 - I knew it! (⁠ﾉ⁠´⁠･⁠ω⁠･⁠)⁠ﾉ⁠ ⁠ﾐ⁠ ⁠┻⁠━⁠┻

你是真狗啊 - You are the real dog You are such a dog

Don’t think my phone runs Nvidia… or Wayland 🤔

Let me introduce you to running postmarketOS on Nvidia Tegra SoC. /s

The first link is basically an “advertisment hidden in a normal, professional-looking article”. All they’re saying is how these ways are not secure, but most importanly, how their solution is more secure, published under their own site.

When you take this into account, their claims start to break down: while yes, email and SMS MFA might be inherently less secure since the code could be transmitted via an insecure channel, saying TOTP is not not secure because “you device can be hacked” is a kinda bad take: if your device is already hacked, you’d have a much bigger problem: even if you are using security keys, the hacker would already have access to whatever service you might be trying to protect. As for the lost/stolen case mentioned in the article, if you put TOTP code in a password manager (as most would probably do if they’re doing this), that shouldn’t be a problem. The only way this would be a problem is that the TOTP secret is stored in plain text, which would be the same for any authentication methods.