twovests
twovests wrote
Reply to i’m gay by hollyhoppet
good poste
twovests wrote
Reply to comment by Dogmantra in Beware the Google Password Manager by voxpoplar
This is definitely a fair question. It's not entirely verifiable by onesself, and there's a lot weird security things to consider.
I also use 1Password. In terms of trusting someones server, that's actually a big reason they use end-to-end encryption. It means the server holds encrypted data, but not the means to un-encrypt. So, if 1Password's servers were compromised and the encrypted password vaults were downloaded, it'd still be extremely difficult and expensive to extract someones passwords from it. (They have a blogpost on this.) There'd be easier ways to get that information from someone. Relevant XKCD.
In terms of trusting code, it's rather difficult. There are open-source components that people may look at, but it's possible to sneak things in to code in a litany of ways. (Most popular: Ken Thompson's "compiler hack", 1984).
I don't know if I'm more tech savvy than you, but I can't verify any of this on my own. I do have some cryptography experience and I can vouch that 1Password's methods seem 1. Good, and 2. Rad as fuck. But my faith is in the vocal, extremely-critical, and never-satisfied tech community that is always prepared to rip to shreds any security company that fails.
Anyways, all this rambling aside, passwords are outdated but we still need them, and password managers are the only real option around the flaws of passwords. MFA / 2FA is also very very good, so even if your passwords are lost, they'll need to do more to get into your accounts. I use 2FA, so I could list my passwords here and still feel safe.
twovests wrote
Reply to comment by devtesla in Beware the Google Password Manager by voxpoplar
Yeah, Google is kind of like this unknowable extremely complex eldtritch being that you can't comprehend all at once, has tentacles in all manner of affairs, and is kinda fucked up.
1Password (and other managers!) has a single, solitary focus. I'd expect if it's compromised, it's less of a mistake on their end and more of a new piece of security research. (Or, on a personal level, malware.)
I think security keys are a really good thing and I hope we can all settle on USB C soon so they can be ubiquitous. Physical keys for electronic doors are really easy for almost anybody to understand, even people with no technology knowledge.
twovests OP wrote
Reply to things i can't stop thinking about by twovests
- how long certain relationship articles on the icarly wiki:
twovests OP wrote
Reply to comment by mm_ in This fucked up cold brew hack will make you weep by twovests
It's good!!
I might recommend doing it in two, smaller batches. I ground very fine, and lost about 1/3 the cup because the puck in my aeropress was practically solid.
twovests OP wrote
Reply to comment by Presidential_Afro in This fucked up cold brew hack will make you weep by twovests
thank you
twovests wrote
Reply to i got a latte by oolong
yes!!! yes!!! nice!!!
twovests OP wrote
Reply to comment by oolong in coffee is religious for me by twovests
https://www.jstpst.net/f/coffee
ta-da :D
twovests OP wrote (edited )
Reply to comment by neku in i am concerned about disinformation campaigns utilizing the networks of social infrastructure we're building and i don't trust any website except wikipedia. the sun does not shine. AMA by twovests
i mean all jokes aside i use it for learning things
are there some big issues with wikipedia that i'm not aware of?
twovests OP wrote
Reply to comment by voxpoplar in Have any US residents here moved out or planned to move out? by twovests
ah sorry for this late reply
i'd feel weird about that and i don't know why but i appreciate the offer
twovests OP wrote
Reply to comment by emma in Shouldn't we be concerned about the economy? by twovests
thank you
twovests OP wrote
Reply to Shouldn't we be concerned about the economy? by twovests
Also "Onevest" has nothing to do with investments or money, it was just a play on my old username, I swear I'm not an investing firm infiltrating y'alls postmill haha i swear
twovests OP wrote
Reply to this is a FREE SPEECH TAKEOVER of f/OnlyTitlesNoPostBodies. you can now POST TOP-LEVEL COMMENTS on your own posts by twovests
like this!
still no post bodies though :\ it says that right in the first amendment :\
twovests OP wrote
Reply to comment by hollyhoppet in Do we have a ToS or privacy policy? by twovests
But aren't there like, legal requirements jstpst has to meet? Like GDPR and stuff like that?
I don't suspect y'all of anything crummy, but if it's not a concern for us and if we've been running with dozens (hundreds?) of users for so long, I guess I'll be fine too.
twovests OP wrote
Reply to comment by devtesla in new rule: self top-level comments will get you banned from f/OnlyTitlesNoPostBodies!! you can still reply to comments on your post though by twovests
we have f/just_post for that
twovests OP wrote
twovests OP wrote
Reply to comment by devtesla in Do we have a ToS or privacy policy? by twovests
Oh nice, the signed and recently updated warrant canary was pretty cool too.
(Granted, I didn't check if the signature matches)
twovests wrote
Reply to [META] ban self-commenting by AresUII
fuck yeah i'm down for additional rules
weakening expression in the name of spirit
twovests OP wrote
Reply to comment by neku in GENERAL WARNING: Do *not* put your leftover popcorn kernels in the bottom of your stove so that when you bake a delicious Lasagna you will also have a Popcorned Desert waiting for you!! It won't end the way you wish! by twovests
general alert! just watch out!
twovests wrote
"Around the world, we have seen the virus spread at funerals, as well as a second wave of infections, taking hold just as cunts were getting on top of the virus, as we are now. For example,"
twovests OP wrote
Reply to comment by voxpoplar in Why is JavaScript only used on websites and webapps? by twovests
Oh I love these "weird JS behavior" talks and they're probably the reason I felt "Hmmm" in the first place about JS. (And the dependency issues you mentioned)
So while Javascript doesn't exactly make it hard to write good code, it makes it extremely easy to write incredibly awful code
This is an impactful takeaway
twovests OP wrote
Reply to comment by musou in Why is JavaScript only used on websites and webapps? by twovests
Ooh I have nothing to add but I appreciate this perspective, esp. as someone who hasn't done anything real with concurrency
twovests OP wrote
Reply to comment by emma in Why is JavaScript only used on websites and webapps? by twovests
Right? I can't articulate what weird mental blocks I had about JavaScript but it's over 20 years old but I feel you entirely on that "hm JS on DOS? wack".
twovests OP wrote
Reply to comment by musou in Hey WebDev people, what tools should I use for a simple full stack web app? by twovests
Django sounds appealing to me since I already love Python a lot. Phoenix appeals to me because of the name, and then I can tell people "Yeah I have a side project using Python and Phoenix" and it sounds really rad, like I'm a sorcerer in a fancy tower
twovests OP wrote
Reply to iphone se 2020, day 1 review from someone who has used android exclusively for the past six years by twovests
another good thing: Apple sign on will offer to proxy your emails to keep your address private.