Recent comments in /f/technology
hollyhoppet OP wrote
Reply to comment by twovests in rant about capitalism and software by hollyhoppet
jstpst will have stories when i'm dead
twovests wrote
Reply to rant about capitalism and software by hollyhoppet
It is seriously bonkers to me that people see advances in technology due to competition, clap their hands and go "That's the power of capitalism :)" and their thinking turns off right there and doesn't go any further.
Btw when will jstpst have stories? We need to compete
musou wrote
Reply to rant about capitalism and software by hollyhoppet
the amount of terrible code i've shipped that's still running on servers years later really haunts me. and you're exactly right, when i log off at the end of the day the absolute last thing i want to do is look at my text editor for even one more minute. i've heard it said that the sign of being a professional is that you don't enjoy it anymore. i feel like the main thing keeping me in software is that i don't want to suck all the joy out of anything else i like to do, the way a career in software has sucked all the joy out of programming
hollyhoppet OP wrote
Reply to comment by cute_spider_ni_srsly in rant about capitalism and software by hollyhoppet
tfw alienated by capitalism
cute_spider_ni_srsly wrote
Reply to rant about capitalism and software by hollyhoppet
I wish I hadn't been pushed into coding for a living, since I would love to code outside of work but seriously cannot after a workday. I ought to be a plumber or hvac technician, but it feels hard to change over at this point. Plus that changeover would reduce my allocated resources by half.
I like the nest that I work in - I'm the sole developer for a system that tracks a company's data. When I'm pressured to do something quickly it's because the whole company is trying to change what it's doing quickly, which is okay.
But it does suck out a lot of my technology passion.
twovests wrote
Reply to [NSFW] Security flaw left ‘smart’ chastity device users at risk of permanent lock-in by Dogmantra
holy shit apparently they also make a "pear of agony" type device
hahaha fuck
Dogmantra OP wrote
Reply to comment by neku in [NSFW] Security flaw left ‘smart’ chastity device users at risk of permanent lock-in by Dogmantra
not that I would get into this situation for multiple reasons but if I did somehow manage it I would simply accept my new life rather than take the angle grinder approach.
Dogmantra OP wrote
Reply to comment by voxpoplar in [NSFW] Security flaw left ‘smart’ chastity device users at risk of permanent lock-in by Dogmantra
"smart" lock designers don't consider that they are designing locks, they design consumer tech products that happen to lock. this is evidenced by the fact that many smart padlocks can be disassembled while locked.
voxpoplar wrote
Reply to [NSFW] Security flaw left ‘smart’ chastity device users at risk of permanent lock-in by Dogmantra
how could you design something like this without a physical unlock jesus christ
neku wrote (edited )
Reply to [NSFW] Security flaw left ‘smart’ chastity device users at risk of permanent lock-in by Dogmantra
researchers said it may require the intervention of a heavy-duty bolt cutter or an angle grinder to free the user
wwwaaaaaaaaa
cute_spider_ni_srsly wrote
Reply to [NSFW] Security flaw left ‘smart’ chastity device users at risk of permanent lock-in by Dogmantra
okay so that device needs a technological-equivalent safe word.
cat wrote
Reply to comment by voxpoplar in I just went to using DuckDuckGo as my default search engine. by Moonside
yes yes yes yes a lot more convient than bookmarking things imo, i guess consumes more bandwidth but in this day and age it can take you directly to site or search term
things i use alot
!sr <subreddit name>
!yt <video search>
!tw
!d / !dic / !di, !t
voxpoplar wrote
DDG is cool it has built in shortcuts to other search engines. If you end your query with !w it will search wikipedia etc.
neku wrote
good luck. im gonna become a Bing guy
hollyhoppet wrote
one of us, one of us
twovests wrote
Reply to comment by Dogmantra in Beware the Google Password Manager by voxpoplar
This is definitely a fair question. It's not entirely verifiable by onesself, and there's a lot weird security things to consider.
I also use 1Password. In terms of trusting someones server, that's actually a big reason they use end-to-end encryption. It means the server holds encrypted data, but not the means to un-encrypt. So, if 1Password's servers were compromised and the encrypted password vaults were downloaded, it'd still be extremely difficult and expensive to extract someones passwords from it. (They have a blogpost on this.) There'd be easier ways to get that information from someone. Relevant XKCD.
In terms of trusting code, it's rather difficult. There are open-source components that people may look at, but it's possible to sneak things in to code in a litany of ways. (Most popular: Ken Thompson's "compiler hack", 1984).
I don't know if I'm more tech savvy than you, but I can't verify any of this on my own. I do have some cryptography experience and I can vouch that 1Password's methods seem 1. Good, and 2. Rad as fuck. But my faith is in the vocal, extremely-critical, and never-satisfied tech community that is always prepared to rip to shreds any security company that fails.
Anyways, all this rambling aside, passwords are outdated but we still need them, and password managers are the only real option around the flaws of passwords. MFA / 2FA is also very very good, so even if your passwords are lost, they'll need to do more to get into your accounts. I use 2FA, so I could list my passwords here and still feel safe.
twovests wrote
Reply to comment by devtesla in Beware the Google Password Manager by voxpoplar
Yeah, Google is kind of like this unknowable extremely complex eldtritch being that you can't comprehend all at once, has tentacles in all manner of affairs, and is kinda fucked up.
1Password (and other managers!) has a single, solitary focus. I'd expect if it's compromised, it's less of a mistake on their end and more of a new piece of security research. (Or, on a personal level, malware.)
I think security keys are a really good thing and I hope we can all settle on USB C soon so they can be ubiquitous. Physical keys for electronic doors are really easy for almost anybody to understand, even people with no technology knowledge.
voxpoplar OP wrote
Reply to comment by Dogmantra in Beware the Google Password Manager by voxpoplar
That's fair. I think with this stuff the cloud things are going to be inherently more risky even if they're more convenient because you're relying on the company hosting it not fucking things up way more.
I use KeePass now which just saves passwords in an encrypted file that you unlock with a programme. It's open source so there's a bunch of different versions of the UI for it and you don't need to worry about a single company going bankrupt for it. If someone wants to steal the passwords they need both the file itself and the master password to open it. There's phone versions too so you don't need to have access to your passwords tied to your desktop. And if you do want to sync it between systems you can sync it like an ordinary file in Dropbox etc, taking into account the risks that can pose too if someone steals those accounts.
Dogmantra wrote
Reply to comment by devtesla in Beware the Google Password Manager by voxpoplar
I getcha, I'm just in that awkward middle ground where I know enough about tech stuff to understand why it's good but not enough to be satisfied that it's secure. I'm probably bein way too cautious about this and not cautious enough about other stuff tho.
devtesla wrote
Reply to comment by Dogmantra in Beware the Google Password Manager by voxpoplar
The google password manager is particularly bad because it can learn password that you didn't particularly want it to learn.
A third party password manager like 1Password is great, it'll never do something that you didn't want it to do and the design is secure. I've used it for years. Can't vouch for other methods though
Dogmantra wrote
Reply to Beware the Google Password Manager by voxpoplar
so as someone who is more tech savvy than the average person but not as much as an IT professional, I've always been wary of password managers. they remind me of those phone cases that have space to put your cards and cash in: a great way to lose your phone and wallet at the same time.
while I get that this is a specific case and relies on user error while doing stuff I wouldn't do, the conclusion is that there are genuine security flaws in the way google handles/d password management. So how can I, as someone who doesn't have the time or knowledge to verify things like this, be sure that a password manager I'm using is safe? This is a genuine question btw. I know that my current password method is somewhat insecure, but I feel like password management is relying too much on the integrity of someone else's server and code that I can't verify.
devtesla OP wrote
Reply to comment by hollyhoppet in This Video Has 8,263,012 Views by devtesla
I should make a script
hollyhoppet wrote
Reply to This Video Has 8,263,012 Views by devtesla
you're obligated now to update the title of this post every hour
hollyhoppet wrote
i couldn't get through the whole article this guy is just... too much lol
ellynu wrote
Reply to rant about capitalism and software by hollyhoppet
if capitalism is efficient then how come google starts and then kills 800 products a year? checkmate capitalism.