BakedCatboy @ BakedCatboy @lemmy.ml

Posts

1

Comments

363

Joined

2 yr. ago

Gotcha, that sounds like searx is a good option then. At first I thought you were giving a reason why searx isn't a suitable alternative as the gp comment is downvoted a bunch.

Can't you just not enable the Yandex backend if you're selfhosting searx?

Oh nice, I completely forgot about the vault export since I've never used it. I was expecting to be able to "view" the passkey data when editing an entry like how you can view the password. It's kind of inscrutable when viewing a single entry currently.

The key difference is that during normal use, the private key of the passkey doesn't leave the device (or password manager). The passkey basically comes in 2 parts, the public and private (secret) part. In order to log in, the website presents a cryptographic challenge that is only solvable using your private key - and crucially you can solve the challenge without revealing your private key. An attacker could get your answer to the challenge and still be unable to solve additional challenges without the private part of your passkey.

This of course makes it basically impossible to manually log in using a passkey and a keyboard, without any password manager to do the cryptographic calculations (unless you have a LOT of paper and time), but the security advantage of making it near impossible to be phished is generally regarded as a net positive. In order to steal a passkey there would need to be a vulnerability in the software, since passkeys make it much harder to trick a user into giving it away (since tricking the user into logging in on a fake website doesn't work due to the aforementioned cryptography, the main way to steal a passkey would be to trick the user into exporting it - which is a much higher bar).

If you mean the "passkeys" that are becoming popular as a "password replacement", it's basically speaking a public private keypair. What makes it more secure is that, under normal conditions (aside from backing up the passkey), the private "secret" part of the keypair never leaves the app or device it's stored on. It's only used temporarily to sign messages and prove that you have the secret key, unlike a password which needs to be sent securely to a server to validate.

You could in theory store a backup on a USB drive but since passkeys are new, it highly depends on the password manager you use to store the passkey. Since passkeys are more complex than something you can memorize/type, it has to be stored in a password manager of some sort to be useful, so you would need to check that password manager allows backing up passkeys. There is currently work being done to standardize the formats/protocols to transfer passkeys so it seems this is very much up in the air. For example, I use BitWarden which stores passkeys, but it seems like I can only add or delete passkeys to an entry, not export them and apparently they get exported with the passwords when the vault is exported. BitWarden also syncs your vault to every logged in device though so you could see that as a form of backup. Going one step further, even though BitWarden doesn't have a passkey export/backup feature yet (in addition to Bitwarden's vault export), the self-hosted server also stores all your passwords including passkeys in regular files which also can be backed up (this is how I back up my VaultWarden instance) - although it would probably be hard to use that backup in any other way besides restoring it onto a BitWarden server instance.

Edit: I didn't realize passkeys were exported with the vault export, since I haven't used it and noticed that editing an entry doesn't allow you to view passkey data - only remove, updated my comment to reflect that.

I concur about rechargeables - it doesn't seem common for devices that take AA or AAA to have a battery gauge and it would be nice to be able to check the level on my rechargeables stock so I can know if I should top them off without needing to put each of them into the charger.

By dropping prices during the evacuation, the airlines ensured that flights filled up more quickly, making it harder for many to escape.

Bro I just... Wtf

First I'll say, if you aren't able to boot a windows installer off of a flash drive (and nothing's wrong with your flash drive and you created it without errors and there isn't a setting in bios preventing you from booting it like disabled USB boot) then it could be a hardware issue that Linux won't fix (it's not clear how you tried to reinstall windows). But if you're able to get to the windows logo or the menu for safe mode then it sounds like it "POSTs" (gets past showing the bios screen) and windows should be reinstallable. In short, I think it's unlikely to be a problem that only Linux can fix if you want to stick with windows.

That said, if you are otherwise interested in trying Linux and create a USB installer, most will allow you to exit the installer or choose to go into a temporary "live desktop" where nothing is saved, so it's a good opportunity to try out how that distro feels to use - just don't save anything important. And if you do end up installing either OS, you can use that "live mode" to use programs to back up any files from your main hard drive to another plugged in drive.

Is that petg? For some reason I usually have problems with petg and infill patterns that cross over itself so I usually switch to gyroid. I think it has something to do with the speed and flow and the properties of the filament that make it especially bad when the infill lines cross over itself. You can probably tune temps, speeds, and feeds to get it to work but I find it easier to just not use that infill pattern.

At least with radicle all the forks will still exist even if the authoritative copy is taken down. And even then I think because radicle is like BitTorrent, anybody who pinned the main repo would still be seeding it so it would be very hard to scrub it completely. The main challenge in using radicle is getting an active contributor with some reputation to maintain their copy on there. Otherwise there's no momentum and nobody will pin the countless mirrors published by randos.

Either that or charging a micro transaction for loading the page. But yeah the goal is to make it cost a small amount that is insignificant to a regular user but adds up to a huge amount at the scale of a spam farm. And it's also the same rationale behind hashing passwords with multiple rounds. It adds a tiny lag when you log in correctly but adds an insane amount of work if you're checking every phrase in a password cracking dictionary using an offline attack because it adds up. (In the online scenario you just block them after a few attempts)

They seem to just keep getting better and better. When I scratched the lens on my index due to my own carelessness they replaced the headset for free. It's been 5 years since I bought it and the controller strap broke last week and they sent me a free replacement. Any other company and I would have expected my only option to be buying a new controller.

It's from the Onion! The artist is Ward Sutton but he's drawing the comics from the point of view of a character named "Kelly" who is a parody of an old right wing guy (according to the Internet) who hates political correctness, hence the exaggerated scenarios in the comics. The "haha yes" sickos guy (who I guess sometimes shows up in a thought bubble) usually feels like a parody of how the right views various left wing policies in that the comic overplays / exaggerates the disastrous effects of said policies (to make fun of how absurd those fears are) while the "leftist sickos" cheer on the disastrous results.

The comics basically make fun of how extremely the right views progressive policy and the sickos guy is kind of pointing out how absurd it is to view someone as bad faith (ie a sicko knowingly cheering on the disastrous effects of a progressive policy) who supports something as simple as green energy, drug legalization, or bike lanes. It's fun to use as a reaction image to anything progressive happening because obviously wanting something like for example affordable healthcare obviously doesn't make you a sicko. (Or in this case wanting a terrible person to actually face actual legal consequences for the harm they've done)

Things around me aren't that far per se, but you have to cross a 45mph road (where people regularly drive 55-60 because it's designed like a highway) along several sections of unconnected sidewalk if you want to get there without a car. The sidewalks are 4ft wide at most and have no separation from the car lanes so you have to walk with cars whizzing by just a couple feet from you. There's also no shade.

For reference - it takes 5 minutes to drive to the nearest grocery store 1 mile away, but walking it's 31 minutes with the unpleasant conditions I mentioned. So I've never walked there. I could bike and it would take 10 minutes, but biking along cars at 50mph doesn't sound fun. I also live on a bike path, but it doesn't go to the nearest grocery store so the nearest one along the bike path would take the same amount of time as if I walked to the nearest one (25 minutes). That one is 3.5 miles (11min) by car or a 1hr walk.

Seems doable - my first thought would be to use an esp c6 that supports WiFi 6 and wpa3, and im sure I've seen some people bit bang fast ethernet from a microcontroller and bridge that to the WiFi.

My main problem is that I have wpa2 iot devices that don't have Ethernet ports, so they won't connect to my ssid which has 6ghz enabled and thus is forced by my router manufacturer to be in wpa3 only mode.

Well, apparently lots of people here who are familiar with ripping and burning CDs found it confusing - so I don't think it's dumb to point out the confusing wording, especially to clarify for those who don't know that burning means writing and ripping means reading. I at least initially recoiled in horror at the thought of burning data onto the rare find.

The least they could do is say that they burned a copy/blank or ripped the original instead of mixing it up and saying that the original was burned. It makes it sound like they were writing to the original.

Does the other iOS user have 18? I'm the 1 android user in a 3 person group chat and I'm wondering if I should try to get one of them to update.

Hah I wish we could ignore them. It seems to just vary from ISP to ISP in the US but our small town ISP turns off your connection and puts you behind a captive portal forcing you to click through and accept what you did wrong before your connection is turned back on.