I have a slight struggle that I wonder if anyone else can relate to. I'm a creative "type" in that both my job (scientist) and hobbies (many, over the years) require constant innovation, in addition to the usual labor, to keep them going.

I have a note/journal app where I store my ideas. Sometimes these are ideas with acute utility e.g. an experiment design that I can test out the next day at work or maybe an idea for a paper. Other ideas are what I would consider "highdeas" - insights or thoughts that seem amazing when you're stoned but after you sober up they're kind of nonsense. The former are productive and the latter are non-productive forms of creativity (barring any offshoots of the latter that prove useful later on).

But then sometimes I get idea in-between. Say, an insight into how certain human behaviors are a certain way or maybe a rant on a topic/issue in my lab work that is interesting but not valuable enough to publish or bring up in a formal meeting. My question / discussion topic for you, is, what do you do with these sort of self-ascribed interesting ideas that have no immediate value? One option is to write them out on a forum, as I am currently doing, but I would end up writing all day. Does anyone else keep track of these? Do you schedule a follow-up with these intermediate ideas for future inspiration? I currently use Joplin which is great but I don't think there are any features to stimulate creativity in this manner.

This will probably be controversial, but I disagree with the current password policy. Checking against a list of known broken passwords sounds like a good idea, but that list is only ever going to get bigger. The human factor has to be taken into account. People are going to reuse passwords. So whenever their reused password gets hacked from a less secure site, it's going to add to that list.

Ideally, a password would be unique. Ideally, users should maybe ever use a password manager that generates garbage as a password that no one could hack. An ideal world is different from reality. Specific requirements are going to lead to people needing to write things down. In the past, that was on paper, like Wargames. Now, it's going to lead to people pasting their username and login into text documents for easy reference. That's probably what i'm going to have to do. Was my previous method of reusing passwords safe? No. Will my new method of remembering passwords be safe? Probably not either.

I'm not entirely sure what all the account security is about, either. For my bank, sure, a complex password. I have a lot to lose there. For an account on a glorified message board? There's better ways to establish legitimacy. 4chan, of all places, dealt with this (nod to 2chan), by having users enter a password after their username that got encoded and displayed as part of their username to verify that they were, in fact, the same user.

So the topic for discussion would be, what's the endgame here? Where is the line drawn between usability and security? I may well be on the wrong side of this, but I think it's worth discussing.

Edit: I think there may be some good reasons, evidenced in this reply. I think it was a good discussion none the less, since it wasn't obvious to me and perhaps not to other people.

Edit 2: I'm going to hop off, but I think there's been some good discussion about the matter. As I said in the original post "I may well be on the wrong side of this". I may well be, but I hope I have addressed people well in the comments. Some of my comments may be "worst case" or "devil's advocate" though. I understand the reason for security, as evidenced above, but i'm unsure about the means.

I'm making an effort to cut out meat from my diet and I'd love to hear what everyone's favourite vegetarian meals are.

For a long time I have been making pasta with ground beef and I recently found out that I can just not put the beef in and it tastes even better. The tomato sauce really gets a chance to shine without the beef.

I can install Linux or Windows or even BSD on my laptop without much hassle, and get the updates directly from the OS vendors.

This isn't the case for smartphones. You don't have choice over your OS. You don't even get android updates directly from Google, and have to wait for device manufacturers to release the updates. Why is it so?

Freshly minted user here, so here is a bit of feedback from the first hour of using ~s.

#1

Having topic-info line below the topic-text-excerpt block creates some usability friction, because if the the excerpt is large-ish, then the "xx comments" link is pushed way down, sometimes below the fold.

https://imgur.com/FUwKHo7.jpg

This is an issue (at least for me) because it interferes with efficient selection of topics to read.

You spot a promising topic, you open excerpt, skim through the top part, if it still shows promise, use the "xx comments" link to open it in.

Key point is that I would very rarely read the whole excerpt before deciding to see the comments. However with existing layout the "xx comments" link sits at the very bottom of the excerpt, requiring scrolling down, correcting for an over-shoot (if the link was below the fold) and then zeroing in on the link.

In comparison, if the link were to stay above the excerpt, it will be within few pixels from where my mouse is after clicking on the "open excerpt" triangle.

#2

If this were my site, I would probably just swapped topic-meta with topic-info, like so - https://imgur.com/fJ3tKxc.jpg.

The rationale here is that meta carries information that is less important and less frequently used/needed that topic-info. I know that I would be more interested in the comment count and the topic age than in tags.

#3

The topic-text-excerpt font size is too big. The index is nice, compact and has a very light feel to it. Then you click to expand the excerpt and it's like - WOAH, HERE'S SOME TEXT FOR YOU.

I'm new to Tildes, but I've been using Markdown-based comment systems
for more than a decade: both Reddit and GitHub. My programming blog has
been written in Markdown for the past 8 years. Overall I've probably
written several novels worth of content in Markdown in my life.

I've already noticed that Tildes has made a serious mistake in its
handling of line endings: All line endings are treated as hard line
breaks. This diverges from CommonMark and most uses of Markdown in
practice. If I wanted a hard line break, I'd put two spaces at the end
of the line, as specified by both CommonMark and the original Markdown.
Line endings should be otherwise be soft.

GitHub made the same mistake with its "GitHub-flavored Markdown," though
fortunately this mistake has been limited to issues. GitHub README.md
files don't have this behavior, nor does GitHub Pages. It the only other
Markdown system I've used with this flaw.

Why does this matter? If I'm writing more than a single sentence, I
never edit my comment inside my web browser. I edit it using my text
editor of choice, Vim, since it's far more comfortable. I don't even
have to copy-paste the text between applications. Instead, I have an
add-on, Tridactyl, that does this seemlessly and effortlessly.

Hard line endings just don't work well with long prose — exactly the
type of content that Tildes is encouraging — particularly when edited in
a proper text editor that knows about paragraphs and can do its own line
wrapping. Editing long lines is annoying and takes extra care. That's
why we have soft line endings after all.

I'm leaving all my line endings in this post so that you can see the
mess Tildes makes with it, with the ragged right-hand side due to font
differences. If I had written this in nearly any other Markdown system,
the text would have flowed into the page without issues. It is a mistake
for Tildes to do differently. This sort of compatibility issue is
probably going to be annoying enough to keep me off the site.

In today’s age, we have a wealth of knowledge available on the fly, and a wealth of misinformation too. Every day I see someone on the internet either mis-informed or ill-informed, even with google and research at their fingertips. What is something you wish the general public would actually take the time to learn about beyond a very surface level interpretation?
Many issues can’t be solved based on just surface level knowlege.

My biggest answer is politics in general, because it controls our world yet it feels like 70%+ of people don’t know what they are talking about beyond layman knowlege, and we’ve seen what happens when tons of people set themselves on a belief and even argue for it when they don’t know what they don’t know.

I don’t know anything about politics but even I can see that people are talking out of straight emotion most of the time.

So, i ask you nice tildes’ers Tilderds Tilderotatoes, what’s something you wish to inform us about that most people don’t read into very much? Can be political or otherwise.

It’s a broad question I know, but that leaves room for a lot of discussion.
Thanks for reading

A few years ago I got into improving my knowledgebase of personal security - theory and tools - but it didn't go much farther than reinforcing everything with 2FA and setting up a password manager, plus setting up a VPN and full disk encryption.

It seems like we're amidst a rising tide of data breaches due to, IMHO, laziness and cheapness on the part of many companies storing personal data.

So, recently I've embarked on my second journey to improve my own security via habits and software and teaching myself. Privacytools has been a super helpful resource. My main lesson this time is to take ownership/responsibility for my own data. To that end, I have switched to KeyPass with yubikey 2FA (still trying to figure out how to get 2FA with yubi on my android without NFC), moved over to Joplin for my note taking (away from Google and Evernote) and also switched to NextCloud for all of my data storage and synchronization. I'm also de-Googling myself, current due-date is end of March when Inbox is shut down.

So my question / discussion topic here, is, what are everyone's thoughts on the future of practical personal security and privacy? More decentralization and self-hosting? That's what it looks like to me. Blockchain tech would be cool for public objects like news articles, images etc. but from what I understand that has zero implication for anything personal. The other newish tech is PGP signatures, which I'm still having trouble implementing/finding use for, but surely that will change.

There is this topic but that ended up just being about encryption which I think is a no-brainer at this point. I'm more so looking for the leading edge trends.