spit-evil-olive-tips's recent activity

  1. Comment on Weekly US politics news and updates thread - week of February 22 in ~news

    spit-evil-olive-tips
    Link
    Fact-check from Politifact: No, the snow isn’t government-generated.

    Fact-check from Politifact: No, the snow isn’t government-generated.

    The users posit various explanations for this phenomenon: "fake snow," alien technology, a simulated reality, and a massive government conspiracy.

    3 votes
  2. Comment on Perseverance rover’s descent and touchdown on Mars [Real time video of the landing] in ~space

    spit-evil-olive-tips
    Link Parent
    I don't know many details about it either, but I know it involves the awesomely named Deep Space Network. It definitely gets split up among multiple groundstations as the Earth rotates. There's...

    I don't know many details about it either, but I know it involves the awesomely named Deep Space Network.

    It definitely gets split up among multiple groundstations as the Earth rotates. There's probably a ton of complexity around scheduling antennas to point at different targets (since the DSN supports more than just the Mars mission) and probably scheduling / multiplexing that downlink from Mars (since it's useful to receive real-time telemetry from the rover at the same time as you're downloading multi-GB video & picture data in the background).

    2 votes
  3. Comment on Tildes is pushing out the minority voice in ~talk

    spit-evil-olive-tips
    Link Parent
    Welcome! I'm glad you're here, and hope you stick around.

    Welcome! I'm glad you're here, and hope you stick around.

    6 votes
  4. Comment on Perseverance rover’s descent and touchdown on Mars [Real time video of the landing] in ~space

    spit-evil-olive-tips
    Link Parent
    30 gigabytes... Some of my dayjob involves downlinking megabytes at a time from spacecraft in low-Earth orbit, and that's hard enough. I'm in awe of what it must take to downlink gigabytes from Mars.

    This probably took most of their bandwidth since landing

    30 gigabytes...

    Some of my dayjob involves downlinking megabytes at a time from spacecraft in low-Earth orbit, and that's hard enough. I'm in awe of what it must take to downlink gigabytes from Mars.

    4 votes
  5. Comment on TV Tuesdays Free Talk in ~tv

    spit-evil-olive-tips
    Link Parent
    Make sure you also watch Better Call Saul when you're done. I was also a latecomer to Breaking Bad, didn't really get into it until after it ended its run, and also took a few attempts at watching...

    Make sure you also watch Better Call Saul when you're done.

    I was also a latecomer to Breaking Bad, didn't really get into it until after it ended its run, and also took a few attempts at watching it before I got into it.

    Better Call Saul is backstory / prequel for Saul Goodman, Mike Ehrmantraut, and Gus Fring. It's one of the few spinoffs that I think is better than the original (not to say Breaking Bad isn't good, of course - just that Better Call Saul is fantastic)

    1 vote
  6. Comment on (The MTV show) Daria: The 90s neoliberal fantasia as seen from the point of view of a 90s teenager/millennial in ~misc

    spit-evil-olive-tips
    Link
    I was born in '87 and I think this video absolutely nails it. 11:35 in. I stopped and paused to write this quote down.

    I was born in '87 and I think this video absolutely nails it.

    11:35 in. I stopped and paused to write this quote down.

    The Cold war ended in 1989 and the War on Terror didn't begin until 2001 so the 90s were quite literally the only sustained period in 75 years where the US wasn't in a forever war with an infinite and loosely defined enemy.

    10 votes
  7. Comment on Weekly US politics news and updates thread - week of February 15 in ~news

    spit-evil-olive-tips
    Link Parent
    Ted Cruz’s Cancún Trip: Family Texts Detail His Political Blunder

    Ted Cruz’s Cancún Trip: Family Texts Detail His Political Blunder

    Text messages sent from Ms. Cruz to friends and Houston neighbors on Wednesday revealed a hastily planned trip. Their house was “FREEZING,” as Ms. Cruz put it — and she proposed a getaway until Sunday. Ms. Cruz invited others to join them at the Ritz-Carlton in Cancún, where they had stayed “many times,” noting the room price this week ($309 per night) and its good security.

    7 votes
  8. Comment on After years of prep, NASA's Perseverance rover is ready to land on Mars Thursday in ~space

  9. Comment on Starting March 16, LastPass users on the free plan will only be able to use it on one "device type" (either PC or mobile) in ~tech

    spit-evil-olive-tips
    Link Parent
    I'm giving that as one example of a way in which my entire Bitwarden database might be compromised. Another example might be a Chrome or Firefox extension I already have installed that gets...

    I'm giving that as one example of a way in which my entire Bitwarden database might be compromised. Another example might be a Chrome or Firefox extension I already have installed that gets hijacked, pushes malicious code, and that code uses an exploit to get around whatever sandboxing measures the browser has in place, then exfiltrate my password store right after I enter my master password for decryption.

    However it happens, let's assume the bad guys got a hold of my full, unencrypted password database. Worst-case scenario for a password manager like Bitwarden. How bad is it?

    If you're storing the TOTP secret key (which is all you need, along with the current time, to generate a typical 6-digit 2FA code) alongside the passwords, the attacker now has absolutely everything they need to impersonate you. By copying those secret keys from your phone into Bitwarden, you've reduced it to a single factor.

    Instead, if the 2FA secrets are stored separately (such as on a phone, or a hardware token) the attacker will be unable to log in to any 2FA-enabled account. If the threat model is "someone stole my laptop while Bitwarden was unlocked" then maybe they have my phone as well, but in the "browser extension stole them" scenario, it seems extremely unlikely.

    Lack of 2FA means the attacker in this scenario couldn't access my email (critical, since so many "reset password" workflows use email verification), my bank, my Amazon account (either to buy things with my account, or spin up AWS instances and mine Bitcoin), or many other things.

    This is the real value of 2FA in my mind - I had a worst-case scenario breach of all my site-specific passwords, but storing the 2FA keys separate from the passwords allowed me to limit the damage and retain control of my most important accounts.

    3 votes
  10. Comment on Portland police officers guard Fred Meyer dumpsters, face off with residents seeking discarded food after power outage in ~news

    spit-evil-olive-tips
    Link

    Workers at the Hollywood West Fred Meyer threw away thousands of perishable items because the store, like many others, had lost power in an outage brought on by the region’s winter storm.

    Images on social media showed mountains of packaged meat, cheese and juice, as well as whole turkeys and racks of ribs that had been tossed into two large dumpsters near the store.

    3 votes
  11. Comment on Texas' grid operator warns rolling blackouts are possible as winter storm escalates demand for electricity in ~enviro

    spit-evil-olive-tips
    Link Parent
    The best analogy I've ever heard for understanding this "did climate change cause weather event X?" is the "steroid era" of Major League Baseball. The peak of the steroid era was the 1998 season,...

    The best analogy I've ever heard for understanding this "did climate change cause weather event X?" is the "steroid era" of Major League Baseball.

    The peak of the steroid era was the 1998 season, when two players both broke a home run record that had stood for almost 40 years.

    You can point to an individual home run in an individual game by either McGwire or Sosa, and ask "did steroids cause that home run?" - but that's not really that interesting of a question.

    You could theoretically build a model of that player's hitting power with and without steroids, and use it to predict that without steroids it still would have gone far enough to be a home run. But, it can never be answered definitively, and even if you could the answer isn't really relevant. The aggregate trend is what's important, not any single event.

    14 votes
  12. Comment on Starting March 16, LastPass users on the free plan will only be able to use it on one "device type" (either PC or mobile) in ~tech

    spit-evil-olive-tips
    Link Parent
    As always, it depends on your threat model, but I'd argue it's not true 2FA, because the password and TOTP secret key for sites are stored alongside each other in the Bitwarden database. Access to...

    As always, it depends on your threat model, but I'd argue it's not true 2FA, because the password and TOTP secret key for sites are stored alongside each other in the Bitwarden database. Access to that database is nominally protected by 2FA, but if an attacker gains access to that, they have one-factor authentication to every site saved in the database.

    For example, if my laptop is stolen while I'm logged in to Bitwarden, the thief can log in to any of my accounts, even ones like AWS that prompt for the 2nd factor every time. If I keep 2FA secrets separate (on my phone) then the thief is out of luck unless they steal both my laptop and phone, and bypass the security on my 2FA app.

    13 votes
  13. Comment on Starting March 16, LastPass users on the free plan will only be able to use it on one "device type" (either PC or mobile) in ~tech

    spit-evil-olive-tips
    Link Parent
    bitwarden-rs is the best self-hosted option I know of. I use the "official" Bitwarden backend rather than self-hosting, but I've heard good things about the self-hosted option. Before I switched...

    bitwarden-rs is the best self-hosted option I know of. I use the "official" Bitwarden backend rather than self-hosting, but I've heard good things about the self-hosted option.

    Before I switched to Bitwarden I had a self-hosted setup using pass plus syncthing.

    8 votes
  14. Comment on Starting March 16, LastPass users on the free plan will only be able to use it on one "device type" (either PC or mobile) in ~tech

    spit-evil-olive-tips
    Link
    They were acquired by LogMeIn back in 2015. I guess the surprising part is how long they waited before moving a previously-free feature behind a paywall like this. If anyone's getting kicked away...

    They were acquired by LogMeIn back in 2015. I guess the surprising part is how long they waited before moving a previously-free feature behind a paywall like this.

    If anyone's getting kicked away from LastPass as a result of this, I use and recommend Bitwarden. The killer feature of having your passwords synced between desktop/laptop and mobile is not locked behind a paywall.

    We had threads with general password manager recommendations here and here.

    31 votes
  15. Comment on Texas' grid operator warns rolling blackouts are possible as winter storm escalates demand for electricity in ~enviro

    spit-evil-olive-tips
    Link
    40% of Austin Energy homes without power amid failed 'rotating blackouts'

    40% of Austin Energy homes without power amid failed 'rotating blackouts'

    Nearly 200,000 Austin Energy customers woke up without power Monday and were not expected to get it back until Tuesday — possibly late in the day — because of a so-called rotating power outage that didn't rotate, leaving parts of the city in the cold and dark.

    Local government leaders and Austin Energy officials held a news conference Monday to address the lingering questions. Fittingly, it started 20 minutes late and began with Travis County Judge Andy Brown losing signal on his phone as he was forced to log in from his car because his Hyde Park home was without electricity.

    8 votes
  16. Comment on Texas' grid operator warns rolling blackouts are possible as winter storm escalates demand for electricity in ~enviro

    spit-evil-olive-tips
    Link
    From 2011: Texplainer: Why Does Texas Have Its Own Power Grid?

    From 2011: Texplainer: Why Does Texas Have Its Own Power Grid?

    Texas' secessionist inclinations have at least one modern outlet: the electric grid. There are three grids in the Lower 48 states: the Eastern Interconnection, the Western Interconnection — and Texas.

    The Texas Interconnected System — which for a long time was actually operated by two discrete entities, one for northern Texas and one for southern Texas — had another priority: staying out of the reach of federal regulators. In 1935, President Franklin D. Roosevelt signed the Federal Power Act, which charged the Federal Power Commission with overseeing interstate electricity sales. By not crossing state lines, Texas utilities avoided being subjected to federal rules. "Freedom from federal regulation was a cherished goal — more so because Texas had no regulation until the 1970s," writes Richard D. Cudahy in a 1995 article, "The Second Battle of the Alamo: The Midnight Connection."

    6 votes
  17. Comment on Adding ioctl support to Linux's io_uring subsystem in ~comp

    spit-evil-olive-tips
    Link
    Background articles if you've never heard of io_uring - it's one of the most promising new-ish features in the Linux kernel: Jan 2019: Ringing in a new asynchronous I/O API Jan 2020: The rapid...

    Background articles if you've never heard of io_uring - it's one of the most promising new-ish features in the Linux kernel:

    Jan 2019: Ringing in a new asynchronous I/O API

    Jan 2020: The rapid growth of io_uring

    2 votes