ewintr's recent activity
-
Comment on Opinion by Brian Merchant: I’ve always loved tech. Now, I’m a Luddite. You should be one, too. in ~tech
-
Comment on GitHub slated to mandate 2FA in ~comp
ewintr Link ParentNo problem. I have two keys, because losing one would really suck if I didn't have a spare. One is on my desk, so always within reach when working, and the other is on my keychain, so I always...No problem. I have two keys, because losing one would really suck if I didn't have a spare. One is on my desk, so always within reach when working, and the other is on my keychain, so I always have it with me if I am outside my house.
I am not too worried about someone else stealing it and getting access. It is two-factor, they don't have the passwords (or the usernames) and they don't know what services I use. But more important, most likely a thief is just interested in selling my devices and would ignore the key. I don't think I am interesting enough for a targeted physical attack. (As opposed to a targeted phishing attack, for instance.)
For years I have been rather paranoid about privacy and security, to the point that started to become a problem to function in the 'normal' world. Nowadays I try to follow the advice that you don't need an unbreakable lock (that doesn't exist), you just need to have a better lock than your neighbours.
-
Comment on Eight under-appreciated elevated horror films that will scare your pants off, in an artistic way in ~movies
ewintr Link ParentFor me Titane definitely delivered the most intense "Wait. What did I just watch?" response when walking out of the cinema that year. I agree that the movie as a whole does not deliver, but being...For me Titane definitely delivered the most intense "Wait. What did I just watch?" response when walking out of the cinema that year. I agree that the movie as a whole does not deliver, but being so wack and still being able to keep my attention until the end does count for something. Parts of the story were well done, I think. Calling it a complete waste of time is exaggerating.
-
Comment on GitHub slated to mandate 2FA in ~comp
ewintr Link ParentOk, I'll take your point. Thanks for explaining. Personally I am not too worried about this because my real important accounts fall in either of two categories: accounts where I can set up MFA...Ok, I'll take your point. Thanks for explaining.
Personally I am not too worried about this because my real important accounts fall in either of two categories: accounts where I can set up MFA with a hardware token, my Yubikey, and accounts where the service insists that the only possible MFA is with SMS or their shitty app. Unfortunately the latter type is by far in the majority, but both fall outside the scenario discussed here.
But you are right, this is a personal evaluation that might be different for others. Let this exchange serve them as a guidance. Thanks again for pointing it out.
-
Comment on GitHub slated to mandate 2FA in ~comp
ewintr Link ParentWell, that is not completely true. This still protects me from attackers that somehow have guessed/stolen/brute forced my password and have thus gotten only access to one factor of the...f you have Bitwarden store both your password and the TOTP secret in this way, it is more convenient, but you are degrading the security to basically the same as if you didn't use TOTP at all for that site.
Well, that is not completely true. This still protects me from attackers that somehow have guessed/stolen/brute forced my password and have thus gotten only access to one factor of the authentication. There are still two factors necessary to get in and the password is only one of them.
You are right that if the Bitwarden extension is compromised, the attacker gets hold of both factors. However, I'd say that once we get to the point of compromised browsers and extensions, you've already lost, because then the attacker can steal anything you have access to and show you anything they want. This includes stealing the OTP you generated on your separate device.
-
Comment on GitHub slated to mandate 2FA in ~comp
ewintr Link ParentIf by "multiple installations of Bitwarden" you mean multiple Bitwarden clients (app, plugins, online vault) that use the same Bitwarden server (official cloud service, or selfhosted) to...If by "multiple installations of Bitwarden" you mean multiple Bitwarden clients (app, plugins, online vault) that use the same Bitwarden server (official cloud service, or selfhosted) to synchronize, then yes.
The easiest way to look at it is this: that QR code that you scan when you set up a OTP for some random web service contains a code that lets authenticators generate the OTP. This code, also called "authenticator key", is simply a long string of letters and numbers that look like this: QAAJNZMP7NGQGRM7XJK2S2AQ3BAQF....
This authenticator key is stored in Bitwarden alongside you username and password and other details of your account for that web service. It is also synchronized to all your apps together with your username and password. So even if you have never accessed the web service before with your phone, only with your laptop, the Bitwarden app on your phone got this key together with your username and password from the central server and is able to generate a valid OTP from that.
-
Comment on GitHub slated to mandate 2FA in ~comp
ewintr Link ParentThe best option I know (and use) is a password manager that can function as an OTP generator. I use Bitwarden. I press Ctrl+L to fill in my credentials on the login form, but it also copies the...Right now the best option for most is time-based one time password systems a la google authenticator.
The best option I know (and use) is a password manager that can function as an OTP generator.
I use Bitwarden. I press Ctrl+L to fill in my credentials on the login form, but it also copies the OTP to my clipboard. Then, as the next page comes and I have to fill that in, I can do so conveniently by pressing Ctrl+V.
To login to Bitwarden I use a hardware token as second factor, so the whole chain is still MFA.
-
Comment on Europe is cracking down on Big Tech. This is what will change when you sign on in ~tech
ewintr Link ParentAt least now the services are motivated not to make their algorithms too shitty. Because when they fill it with too much advertsing and other unwanted rubbish, people can just opt out from that....At least now the services are motivated not to make their algorithms too shitty. Because when they fill it with too much advertsing and other unwanted rubbish, people can just opt out from that. Previously you had to ditch the whole service and your accumulated network there, which is of course much harder.
-
Comment on Synology NAS owners: any tips for a beginner? in ~tech
ewintr LinkSome things I wish I'd known before I bought my 923+, or learned while using it: I wanted to save energy and have it automatically switch off when it is not in use (and start it up with WakeOnLan...Some things I wish I'd known before I bought my 923+, or learned while using it:
- I wanted to save energy and have it automatically switch off when it is not in use (and start it up with WakeOnLan when I need it). The term "in use" is a bit ambiguous with a server that runs all kinds of background stuff, but I was surprised at the list of things you need to disable before this works: https://kb.synology.com/en-us/DSM/tutorial/What_stops_my_Synology_NAS_from_entering_System_Hibernation
- I also maxed out the RAM with the idea of running Docker containers and Virtual Machines. This works nice, but for the VM's it is good to know that you are limited by the amount of CPU cores too. So even if you have the RAM, you still can't run twenty VM's. See this page for guidance: https://kb.synology.com/en-global/DSM/tutorial/How_many_virtual_machines_can_I_run_on_my_Synology_NAS
- The built in reverse proxy sucks if you want to do anything more than the most basic of things. My solution was to run a small Debian VM with nginx and direct all outside traffic to that instead. This worked perfectly. But then again, I have a some experience using nginx for this. It may not be the best solution for you.
- It is performant enough to run VM's, but be aware that some specific actions can be very slow. In my case things like running Debian's
aptto upgrade the system, or building a Docker container where agonizing slow. I did not dig further, but I suspect that software often forces filesystem syncs, which I can imagine is a slow operation on a device like this because it has a lot of file caching machinery, lots of calculations for the RAID setup, etc. But this is all speculation on my side. - In the end I decided I wanted to do the automated shutdown and wake up so I removed all containers and VM's. Then the goal becomes to have it start up when you want to access a file share, in my case mounting a folder in Linux over NFS. This has some gotchas and I plan to write a blog post about it, but actually there is already a good one about it here: https://dj-does.medium.com/nfs-mounts-and-wake-on-lan-25c0c1d55c90
-
Comment on TikTok’s plan to take on Spotify and Apple Music in ~tech
ewintr LinkSorry, but I am a bit skeptical on this. As long as the algorithm is not public, there will definitely be a way to direct this randomness for those who show up with enough money.Because the record labels or the managers, the artists — they’re actually pretty accustomed, historically, to having a good amount of control over what gets featured the most. Like in terms of what gets playlisted, what gets pushed on radio, or what gets featured in the iTunes Store or even physical retail.
The beauty of TikTok is that it is completely random. There is no longer the ability to say this is the song, or these are the artists who we are going to keep featuring. The community decides what is going to work.Sorry, but I am a bit skeptical on this. As long as the algorithm is not public, there will definitely be a way to direct this randomness for those who show up with enough money.
-
Comment on Elon Musk’s X is throttling traffic to websites he dislikes in ~tech
ewintr Link ParentIt has been the slowest loading website I know of for ages. This was already the case long before Musk took over. It never seized to amaze me how a large tech company could fuck up something so...It has been the slowest loading website I know of for ages. This was already the case long before Musk took over. It never seized to amaze me how a large tech company could fuck up something so simple as showing me a short text, a problem that has been solved for decades.
I suspect the reason is that my browser throws away all cookies on exit and that this triggers all kinds of scripts and popups that a logged in user does not need to see. It must be, because even if I wanted to, the site would just be unusable.
-
Comment on Backward compatibility, Go 1.21, and Go 2 in ~comp
ewintr LinkThere is an interesting discussion on lobste.rs on this. Both on how a language with such promise will evolve and whether they are actually keeping that promise.There is an interesting discussion on lobste.rs on this. Both on how a language with such promise will evolve and whether they are actually keeping that promise.
-
Comment on The war on remote work has nothing to do with productivity - the goal is avoiding a commercial real estate crash in ~finance
ewintr Link ParentSo the thought process is: if there is less demand for office space, we are screwed. Therefore we must force our own employees back into the office because.... this will magically change the rest...So the thought process is: if there is less demand for office space, we are screwed. Therefore we must force our own employees back into the office because.... this will magically change the rest of the market too?
I still don't get it.
-
Comment on Many temptations of an open-source browser extension developer in ~tech
ewintr (edited )Link ParentBit late for the party, but my reason is simple: I just don't like it. For me it feels the same as if someone stands in front of a window in my house looking in while I do my private stuff. Would...Bit late for the party, but my reason is simple: I just don't like it. For me it feels the same as if someone stands in front of a window in my house looking in while I do my private stuff. Would that be OK with you?
But it gets worse: in the case of trackers, they are using my resources (power, bandwidth, etc) that cost me money to do it.
But it gets even more worse: the goal here is not to satisfy some personal voyeuristic tendencies, but to get some leverage and manipulate me into doing something (buy this, vote that, etc) that I don't want to.
But it get even more worse: there is not just one of them, but whole hordes, like a flock of paparazzi. So much that I actually do notice them, because webpages become slow, etc.
So in summary: I am paring in both money and time for a flock of paparazzi to spy on me with the goal of manipulating me. I may not notice it immediately, but who in their right mind would ever consent to such a thing?
-
Comment on <deleted topic> in ~music
ewintr Link ParentHow does this work? All I see is a login screen. Is it invite only?How does this work? All I see is a login screen. Is it invite only?
-
Comment on I’m really trying to appreciate the World Cup from the US in ~sports.football
ewintr Link ParentBut they still have separate competitions and separate tournaments. It is useful to be able to differentiate the two in some way. Nowadays I have to double check every time I see something like...I have a significant issue with that. They play the same game, on the same size pitch, with the same sized goal and the same sized ball. Hell, some of them are even playing in men’s shoes, causing debilitating injuries.
But they still have separate competitions and separate tournaments. It is useful to be able to differentiate the two in some way. Nowadays I have to double check every time I see something like "World Cup" somewhere in the news or the TV guide, that is pretty annoying.
But this goes both ways. I think the other cup should be tagged as "football.mens".
-
Comment on It's time to change how we cover Elon Musk: After a weekend of whoppers about X and fighting Mark Zuckerberg, the press should take a more skeptical approach in ~tech
ewintr Link ParentBlendle experimented a bit with both subscription and pay-per-article, if I recall correctly. But it failed to catch on. One of the reasons was you had to read the articles in their app/website...Blendle experimented a bit with both subscription and pay-per-article, if I recall correctly. But it failed to catch on. One of the reasons was you had to read the articles in their app/website and some major publications objected to that. They wanted to control the whole user experience.
-
Comment on Bringing back the minimal web in ~tech
ewintr Link ParentGemini is an interesting experiment, but I have stopped using it. The problem for me with their approach is that it creates a separate, disjoint space next to the one we are on now. I don't want...Gemini is an interesting experiment, but I have stopped using it. The problem for me with their approach is that it creates a separate, disjoint space next to the one we are on now. I don't want that. I want all the content, including the stuff on the regular web, but presented in a minimalistic way.
A long time ago I had the idea to build an experimental browser that would utilize the way websites are supposed to be built to construct such a better interface. Namely by separating HTML for semantic structure, CSS for presentation and Javascript for dynamic parts. The browser would ignore CSS and Javascript, parse the structural HTML and present the content in a general sober minimal interface.
This was doomed to fail, because hardly any website is built like that and you would not be able to surf the web with it. But sometimes I wished I had gone through with it, just to see what it would look like.
Maybe I should do it anyway. Maybe the limitations can turn into a quality filter. "If I can't view this website, it was probably rubbish anyway" Or something like that.
-
Comment on Do you tag your music? What's your method? in ~music
ewintr LinkMy solution to not get overwhelmed with tagging is to take a very critical look to what I actually want from it. Specifying genres, for instance, is a very hard thing to do and I never use it. I...My solution to not get overwhelmed with tagging is to take a very critical look to what I actually want from it. Specifying genres, for instance, is a very hard thing to do and I never use it. I never ask my player to play some 90's east coast rap inspired songs with a female vocalist, so why would I add that information? Either I play a song or an album on purpose, or I use it as a background radio and then I want it to randomly play tracks from my whole collection.
The only thing I really want from tags is a clear and consistent overview in de library of my player. For that I need:
- Album Artist
- Album name
- Song name
- Album track number
The rest is irrelevant to me. But even if it weren't, there is no system that can cater every piece music out there. Rather than trying to invent the perfect system I just make do with the four fields above. I collect live performances and technically a performance is not an album. But you would still want to group the songs and preserve the order. How would you do that? By stating that it is an album anyway. Problem solved.
My process is:
- Make sure the four tags are present and correct
- Delete/clear everything else
The tool I use for that is EasyTag.
-
Comment on Asking advice re search engines, search technique in ~tech
ewintr Link ParentI switched from DuckDuckGo to Kagi about a year ago and haven't regretted it one second. The main benefit for me is that I am the paying customer. No tricks needed to avoid advertisements. You...I switched from DuckDuckGo to Kagi about a year ago and haven't regretted it one second. The main benefit for me is that I am the paying customer. No tricks needed to avoid advertisements. You really are the user they want to service, instead of them tricking you in numerous ways to earn more ad money. I have the ability to tweak search results to my taste. Others have talked about blocking and boosting different sites, but you can also do tricks like rewriting urls on the result page. For instance, I have it set up so that all links to reddit point to old.reddit.com.
It might be a weird way to describe it, but altogether this gives me a much more peaceful search experience. It just works how I want it to work and nothing else. Occasionally I still end up on Google because someone else linked to it and I am surprised by how noisy the page is and how much irrelevant stuff it contains.
For the record, I am doing something similar with a small Linux machine that only cost 90 euros when it was new. It has internet en a browser, I can stream anything and it is faster than any smart tv I have ever seen.
If you don't need the best of the best (i.e. 4K, or 8K) you can make do with anything that can do 1080p over HDMI. I think even old Raspberry Pi's can do that.
In case anyone is curious, I use a small wireless keyboard/mouse combo to control it. I ripped my blu rays and play them with
mpvand project them on a big screen with my beamer. I like nice audio and video, but this part of the setup was a no-brainer: cheap and simple.