panicnow
@panicnow@lemmy.world
- Comment on How do passkeys work across devices? 2 weeks ago:
Depending on the site, you can use one device to login to another without installing additional software. For instance, if you have an iPhone with a passkey for microsoft.com stored on it, you can login to Microsoft.com using the iPhone.
Here is a webpage that has some screenshots to show you what I mean. You can probably google some other examples.
appleinsider.com/…/microsoft-finally-lets-users-s…
It is possible to sync passkeys across devices but at this point is mainly within a single ecosystem.
- Comment on But how would they be able to live on that? 4 weeks ago:
I have a house. I say have because while I have the title to the house, the bank has a lien that basically means they own it. Like a stock, my house increases in value. The government in my state then taxes me on the value of the house. Taxing me on unrealized gains in the house (I have not sold it) is like taxing a rich person on the unrealized gains of stock (that they have not sold).
It is possible to come up with ways to tax stock. It will be imperfect like all tax systems are. It will be better than what we have now.
- Comment on Sweeping EU rules for tech giants take effect today. Here’s what’s changing | CNN Business 2 months ago:
I agree that decrypt/encrypt is bad—it is simply not E2EE. The solution would have to be a better method of public key distribution for ‘federated’ systems.
While I don’t know anything specific about facebook messenger, E2EE doesn’t necessarily preclude what you suggest. A messaging service could store the entire chat history encrypted without decryption keys. When you get a new client you could restore the entire history in encrypted form onto your device. You would then use a recovery key you would possess to decrypt the message history on your end. At no time would the messaging service have the keys to decrypt. I’m not saying that is what facebook does.
- Comment on Sweeping EU rules for tech giants take effect today. Here’s what’s changing | CNN Business 2 months ago:
Why do you need to control both ends for E2EE? Both ends need a public and private key to encrypt and decrypt messages. You need a method of key exchange. I would prefer to have an offline method (phone call, in-person) of validating a key (like iMessage and Signal have). But I don’t see a reason to need to control both ends.
- Comment on Passkeys might really kill passwords 2 months ago:
If you enable advanced data protection apple cannot recover your account. You need your recovery keys or a designated recovery contact.
The apple doc implies (to me) that a SIM swap only works after you authenticate on an apple device (e.g. using your password) even without advanced data protection. I have never tested that.
You can use the long process (many days) to recover an account assuming you haven’t enabled advanced data protection. I’m okay with that as it is perfect for my grandparents (I had an older relative who got their account back through this method).
I get that you could SIM swap to recover other accounts (not Apple) if they have SMS as a recovery method. That sucks and it really sucks for people who don’t get that an email or SMS recovery can be a giant hole in security.
- Comment on Passkeys might really kill passwords 2 months ago:
The document you linked says it requires a combination of your apple account password plus an SMS text sent to a pre-registered phone number? Seems like a pretty good setup for most people. Also has the alternative of recovery contacts and recovery keys.
It looks like turning on advanced protection would eliminate the SMS method but I am not 100% sure. Then you would need recovery keys or recovery contact.
support.apple.com/en-us/102651
My biggest worry in these cases is not that I get locked out, but rather that Apple mangles my keychain. I have a USB CSV of my passwords in my bank safety deposit box. With passkey I am not sure of how I would get a similar backup.
- Comment on Why Everyone Should Still Use an RSS Reader in 2024 3 months ago:
I will vouch for it. I use it on my iPad constantly and have few complaints. I don’t think it syncs well between iPad and Mac or Phone when using iCloud sync, but I think they have other methods and I don’t really need sync since I do my media consumption on the iPad.
- Comment on Why Everyone Should Still Use an RSS Reader in 2024 3 months ago:
arstechnica has a premium RSS for $3 a month that has no ads. I love it.
- Comment on Americans will measure with anything but the metric system. 3 months ago:
What was the prank?
- Comment on xkcd #2875: 2024 4 months ago:
- Comment on A new Type of Mastodon Signup that gives people a sense of Agency 5 months ago:
That sounds very slick. I never really used twitter so had no reason to use mastodon instead, but I am glad it exists!
- Comment on A new Type of Mastodon Signup that gives people a sense of Agency 5 months ago:
If you migrate your own account to a new server, do other people follows of you automatically migrate too? Or do all your followers need to then update to follow you at the new location?
- Comment on Getting in a pickle over hardware 7 months ago:
Oof. I would buy more efficient hardware with those rates too!
- Comment on Getting in a pickle over hardware 7 months ago:
Get a power measuring device if you don’t have one and consider the real cost of buying something new if you already have something. For instance, I have an older gaming laptop I am considering repurposing for my home automation stuff. While idling it draws about 10w which is amazing to me and a number I never would have guessed. For me that works out to (24 hours * 10w * 365 days* 1000w/Kw ) 87kwh per year. I pay about 10 cents per kwh so say $10 a year. Buying something to save a little power will never work out.
My current home server is an intel NUC from 2013! It can’t do some of the things I would like to add on, but it is a great media server and downloader. Powerful hardware isn’t really a necessity.
- Comment on [deleted] 7 months ago:
Can I use Proxmox on generic hardware that will run Linux? I was unfamiliar with it but I am intrigued once I went to the website.
- Comment on Looking for a email-provider where i can host my oen domain 9 months ago:
Another same reply. There is a catch-all now but there wasn’t originally.