F13's recent activity
-
Comment on Meta scrambles to delete its own AI accounts after backlash intensifies in ~tech
-
Comment on I think I have a broken AT&T route? in ~tech
F13 Link ParentHmm, that's interesting. I've heard of attempting to pull the certificate out of the AT&T device and using it to authenticate, but never really explored it.Hmm, that's interesting. I've heard of attempting to pull the certificate out of the AT&T device and using it to authenticate, but never really explored it.
-
Comment on I think I have a broken AT&T route? in ~tech
F13 LinkFor what it's worth, I have discovered an intermittent issue with my similar AT&T connection that only started showing up in the last week or weeks. As best as I can track it down, I will randomly...For what it's worth, I have discovered an intermittent issue with my similar AT&T connection that only started showing up in the last week or weeks.
As best as I can track it down, I will randomly end up under double NAT. That is to say, my router will sometimes receive an IP address in the 172 range on the WAN. The internet still functions as it should, but all of my port forwards break and due to DDNS all of my domain names get updated to the non routable IP.
A release/renew has so far fixed the issue, as has waiting several days.
I am also using AT&T fiber with my gateway put into passthrough mode.
-
Comment on A few questions about replacing our clothes washing machine in ~life
F13 Link ParentThey may not be built like they used to be, but they are still better than almost everything else on the market, as evidenced by their warranty that is 5 years longer than anybody else.They may not be built like they used to be, but they are still better than almost everything else on the market, as evidenced by their warranty that is 5 years longer than anybody else.
-
Comment on What possession(s) do you have that continue to delight you every time? in ~talk
F13 Link ParentI hadn't even considered to include my iFixit kit but you are so right! Every time I go to use it I am happy I decided to get it instead of any of the vast array of cheaper and less well designed...I hadn't even considered to include my iFixit kit but you are so right! Every time I go to use it I am happy I decided to get it instead of any of the vast array of cheaper and less well designed options on Amazon.
-
Comment on What possession(s) do you have that continue to delight you every time? in ~talk
F13 Link ParentThat's awesome. How much space does it need, and how often do you need to put eyes/hands on it? In my house that sort of thing might need to be in the crawlspace.That's awesome. How much space does it need, and how often do you need to put eyes/hands on it? In my house that sort of thing might need to be in the crawlspace.
-
Comment on What possession(s) do you have that continue to delight you every time? in ~talk
F13 Link ParentCan you say more about your filtration system? Do you also do softening?Can you say more about your filtration system? Do you also do softening?
-
Comment on What do you use for 2fa? in ~tech
F13 Link ParentPut another way - syncing asks the question "How can I maintain access to my accounts if I lose my physical device?" 2FA asks the question "How can we ensure that this authentication cannot...Put another way - syncing asks the question "How can I maintain access to my accounts if I lose my physical device?"
2FA asks the question "How can we ensure that this authentication cannot succeed if the user does not have access to the physical device?"
They are diametrically opposed.
-
Comment on What do you use for 2fa? in ~tech
F13 Link ParentIt depends on your perspective. You're approaching the conversation from a strictly functional perspective. I'm discussing the theory, while hoping to caveat it with the functional reality....It depends on your perspective.
You're approaching the conversation from a strictly functional perspective. I'm discussing the theory, while hoping to caveat it with the functional reality.
Allowing secrets to exist on multiple devices fundamentally breaks the security promise of 2FA, full stop. That's because the security promise of 2FA is precisely that that situation does not occur. More precisely, that in order to provide a 2FA key, you must be in physical possession of a previously validated physical device. That's the 2nd factor. Something you have.
My concession is that in reality, strict adherence to the 2FA paradigm is not necessarily the only or even best way to address a given risk or threat model. A second instance of a single factor - namely, a second password, another "thing you know" - can be enough. But that's a personal decision and I think it's important to be aware of the tradeoff. And implementing a "weak" 2fa system is more or less the same as a "hard" password, which as far as a second instance of a single factor goes, is a good choice.
-
Comment on What do you use for 2fa? in ~tech
F13 Link ParentIt fundamentally breaks 2FA because it is no longer a situation that requires a 2nd factor. Not every threat model requires a second factor - as you indicated, in some cases, a second passphrase...It fundamentally breaks 2FA because it is no longer a situation that requires a 2nd factor. Not every threat model requires a second factor - as you indicated, in some cases, a second passphrase is enough. But that's not what the 2fa security model is assuring, and by allowing secrets to leave the 2nd factor, that assurance has been broken.
-
Comment on What do you use for 2fa? in ~tech
F13 LinkI use a Yubikey. It provides actual 2FA without syncing because I always have the physical device with me. I can access the TOTP codes using the Yubico Authenticator app on whatever device I am...I use a Yubikey. It provides actual 2FA without syncing because I always have the physical device with me. I can access the TOTP codes using the Yubico Authenticator app on whatever device I am using at the time.
Including TOTP secrets in a password manager that syncs (or anything that syncs) is fundamentally breaking 2FA. It might be a reasonable tradeoff for you in your situation, but it defeats the point of 2FA. If you are confident you don't actually need the security of 2FA and are good with bypassing it, then syncing is a reasonable choice.
The exception to the above is if you have a reasonable guarantee that wherever you store your 2FA secrets itself requires strong 2FA to access. That's usually not the case for people though, because the whole reason they store 2FA secrets outside the 2nd factor is because they don't want to accept the convenience tradeoffs that come from 2FA security.
-
Comment on US President Joe Biden pardons son in ~society
F13 Link ParentThat allows pardons to be used offensively - Biden could pardon Trump to ensure he can never be president.That allows pardons to be used offensively - Biden could pardon Trump to ensure he can never be president.
-
Comment on How has your industry changed in the past decade? in ~life
F13 Link ParentIn my opinion, one of those arguments is reasonable and the other is made in obvious bad faith.In my opinion, one of those arguments is reasonable and the other is made in obvious bad faith.
-
Comment on Finding real images in ~creative
F13 Link ParentIt was a trip for a friend's wedding! Perspectives will vary, of course, but if you ask most of the locals they will say please, please come and support the local industries that provide an...It was a trip for a friend's wedding!
Perspectives will vary, of course, but if you ask most of the locals they will say please, please come and support the local industries that provide an economic reason for conservation.
On some level, without government intervention (which is unlikely on a large scale), people paying to go on safari is what makes the land more valuable as a habitat than as farming land (or any other use).
There is some impact, of course, and that perspective is not necessarily the "correct" one.
-
Comment on How has your industry changed in the past decade? in ~life
F13 Link ParentJust to set expectations, I agree with you. The bigger solution is state owned housing when needed. That said, I think it's very disingenuous to imply that being homeless is approximately equally...Just to set expectations, I agree with you. The bigger solution is state owned housing when needed.
That said, I think it's very disingenuous to imply that being homeless is approximately equally as desirable as renting. There are lots of reasons to prefer renting.
-
Comment on Finding real images in ~creative
F13 Link ParentIt's possible, although the mornings were misty and we didn't go out really in the evening. I'll PM you a link to the closest I have to that readily on hand.It's possible, although the mornings were misty and we didn't go out really in the evening. I'll PM you a link to the closest I have to that readily on hand.
-
Comment on How has your industry changed in the past decade? in ~life
F13 Link ParentI have mixed feelings on this perspective. On the one hand, I agree with you. On the large scale, housing scarcity must be influenced by those who own homes but do not live in them. But there's...I have mixed feelings on this perspective.
On the one hand, I agree with you. On the large scale, housing scarcity must be influenced by those who own homes but do not live in them.
But there's two points that make me hesitate to go down the "all landlords are inherently evil" path:
- Some people prefer to rent. Renters can't exist without landlords.
- Practically, if gowestyoungman didn't own those properties, it is not necessarily true that they wouldn't be owned by someone else who doesn't live there. That weakens your point that every property they own is a property they are depriving someone of.
-
Comment on Finding real images in ~creative
F13 LinkI was in Kenya on the Maasai Mara in 2020 and took lots of photos. No tigers, but lions, cheetahs, giraffes, etc. Would that be of interest? I can send you some if that's what you're looking for.I was in Kenya on the Maasai Mara in 2020 and took lots of photos. No tigers, but lions, cheetahs, giraffes, etc. Would that be of interest? I can send you some if that's what you're looking for.
-
Comment on AirPods or not? in ~music
F13 Link ParentI don't know what it is. Something about the shape of my left ear I guess! The A series fits me well, it's a shame they don't get any noise canceling. But I guess I just have to go back to them.I don't know what it is. Something about the shape of my left ear I guess!
The A series fits me well, it's a shame they don't get any noise canceling. But I guess I just have to go back to them.
-
Comment on <deleted topic> in ~society
Unfortunately, so far, this product does not generate maximum possible value, and is therefore a losing proposition.