felbane
@felbane@lemmy.world
- Comment on Password managers are less secure than promised 8 hours ago:
Sure, but at the end of the day even if you don’t update your vaultwarden server or you rely on an insecure storage sync system like dropbox, your actual vault is encrypted with a key that only you know. Even if your server is hacked or the kdbx is leaked, your passwords are safe until someone breaks AES.
Contrast that with hosted services, who could very easily attach their own keys to your encryption key (whether now or in the future at the behest of the state) and you’d be none the wiser. E2EE doesn’t matter much when the other end is controlled by someone else.
I’m not disagreeing that most people just want something to work without thinking about, and for that reason I’m glad that services like bitwarden and lastpass and protonpass exist. My intent was not FUD, just shining a light on the fact that keeping your passwords secure does not require trusting a company.
- Comment on Password managers are less secure than promised 11 hours ago:
tl;dr:
- If the password manager server is hacked and compromised, then syncing your passwords with the compromised server will lead to compromised passwords (duh)
- None of the providers tested have (or have had in the past) compromised servers.
and an observation or two:
- Vaultwarden is free, self-hostable, and doesn’t rely on trust in a third party.
- Keepass (and its client variants, like KeepassXC which is pretty great) is even more secure because there is no server, just an encrypted file you can store anywhere.
- Comment on Razer account “Human Verification” promotes World ID biometric verification 1 week ago:
Okay well have you tried the BLAMMO GFY-AYM2? Half the price and now with 50% less spyware!
- Comment on What if the Epstein files are the distraction? 2 weeks ago:
Sure, and to be clear I mean a liberty and peace that includes everyone that has historically been marginalized and abused by this nation’s governments and by people who think they’re superior to everyone else.
The problem with a melting pot (particularly one that was started by murdering and stealing land from a continent’s worth of indigenous people) is that it puts bigots right next to the people they hate.
The benefit of a melting pot is that if the incoming generation can avoid being programmed into hatred by their parents, society trends toward true equality and equity.
I’m trying to maintain optimism that this current extreme escalation is the flailing death throes of a generation raised into bigotry and self-aggrandization, and that we’ll come out the other side of this being a better society (the younger generations today are so much more openly altruistic and progressive on the whole).
- Comment on What if the Epstein files are the distraction? 2 weeks ago:
In a sane world, any one of the atrocities would be enough to put a stop to these people.
In a realistic world, shining a light on all these different atrocities would be sufficient to convince enough people to protest/threaten the power of the spineless patricians who refuse to convict and remove the fascists from power. For example if Billy Bob the redneck says “I’m fine with kidnapping brown people but fiddling kids is too far!” then Epstein might convince him to support impeachment/removal.
In the current clown world we live in, nothing that the fascists say or do will un-brainwash their base, and somehow that’s enough to prevent everyone else from making a cohesive stand against the evil.
So to answer your question: no, it’s not worse. It’s a desperate attempt to make something start tipping the scale back toward liberty and peace.
- Comment on Lawsuit Alleges That WhatsApp Has No End-to-End Encryption 3 weeks ago:
Tell me you don’t understand how Signal’s E2E mechanism works without telling me you don’t understand how Signal’s E2E mechanism works.
- Comment on Silent Storage Solutions for Homelab? 4 weeks ago:
under a pile of pillows
maybe not literally though, hard drives do need some cooling…
- Comment on Microsoft may soon allow IT admins to uninstall Copilot 4 weeks ago:
You do! It’s called Linux.
- Comment on MySQL users be warned: git commits in mysql-server significantly declined 2025 5 weeks ago:
Honestly, I’m fine with this outcome.
- Comment on Creators of Tailwind laid off 75% of their engineering team 5 weeks ago:
The chief valid complaint against Tailwind is that it effectively removes the cascading part of CSS in favor of what amounts to inline styles.
- Comment on Linux Slicer 1 month ago:
My experience with Orca on Windows is the same. Any complex model causes bedshitting, and I’ve tried basically all of the solutions suggested on their issue tracker. I had mild success with affinity tweaking (ie forcing the slicer to only use real cores. not hyperthreads) but it’s still hitting a ceiling.
At home where I’m running linux, Orca is perfect.
- Comment on (Technology Connections) I made my whole-home humidifier slightly less terrifying [34:38] 1 month ago:
Is the other half Hand Tool Rescue?
- Comment on xkcd #3186: Truly Universal Outlet 1 month ago:
thisisfine.gif
- Comment on 3D Printing’s Biggest Scam Is Even Worse Than We Thought! (PLA-CF) 1 month ago:
Honestly whether it’s PLA or not it seems incredibly foolish to print with filament impregnated with carbon fibers. Like, “hey this lead tastes sweet” level of foolish.
- Comment on Explained: Why you can't move Windows 11 taskbar like Windows 10, according to Microsoft 1 month ago:
I read some article or saw some video claiming that explorer was basically a react app now, which is why unlocking the screen takes 3.5 business days when you enter the correct password.
- Comment on what do y'all use for CI/CD? 1 month ago:
Thanks for the write-up! I’ve been trying and failing to do DOOD and POOP runners via forgejo, but I haven’t had the time or energy to really dig in and figure out the issue. At this point I just want something to work so I’ll give your setup a try 😎
- Comment on what do y'all use for CI/CD? 1 month ago:
please share, I’m interested in doing the same
- Comment on Jimmy Carr on Why Everyone Is Wrong About AI 2 months ago:
Wait until he learns that physics is just applied mathematics
- Comment on Valve: HDMI Forum Continues to Block HDMI 2.1 for Linux 2 months ago:
How hilarious would it be if the AMD board member was the one who veto’d the driver 😅
- Comment on That's interesting 2 months ago:
Wait I thought we were all in agreement that the nexus point was Harambe?
- Comment on I Went All-In on AI. The MIT Study Is Right. 2 months ago:
Auditing the code it produces is basically the only effective way to use coding LLMs at this point.
You’re basically playing the role of senior dev code reviewing and editing a junior dev’s code, except in this case the junior dev randomly writes an amalgamation of mostly valid, extremely wonky, and/or complete bullshit code. It has no concept of best practices, or fitness for purpose, or anything you’d expect a junior dev to learn as they gain experience.
Now given the above, you might ask yourself: “Self, what if I myself don’t have the skills or experience of a senior dev?” This is where vibe coding gets sketchy or downright dangerous: if you don’t notice the problems in generated code, you’re doomed to fail sooner or later. If you’re lucky, you end up having to do a big refactoring when you realize the code is brittle. If you’re unlucky, your backend is compromised and your CTO is having to decide whether to pay off the ransomware demands or just take a chance on restoring the latest backup.
If you’re just trying to slap together a quick and dirty proof of concept or bang out a one-shot script to accomplish a task, it’s fairly useful. If you’re trying to implement anything moderately complex or that you intend to support for months/years, you’re better off just writing it yourself as you’ll end up with something stylistically cohesive and more easily maintainable.
- Comment on I Went All-In on AI. The MIT Study Is Right. 2 months ago:
As someone who has been shoved in the direction of using AI for coding by my superiors, that’s been my experience as well. It’s fine at cranking out stackoverflow-level code regurgitation and mostly connecting things in a sane way if the concept is simple enough. The real breakthrough would be if the corrections you make would persist longer than a turn or two. As soon as your “fix-it prompt” is out of the context window, you’re effectively back to square one. If you’re expecting it to “learn” you’re gonna have a bad time. If you’re not constantly double checking its output, you’re gonna have a bad time.
- Comment on How does "DNS" work on the dark web? 2 months ago:
TOR was invented by the US military so I’d be really fuckin shocked if the other branches of government/allies weren’t acutely aware of how it works and what its strengths and weaknesses are.
- Comment on What OS does the Batcomputer use? 2 months ago:
Bat Software Distribution
- Comment on Cloudfare outage post mortem 2 months ago:
“Claude said it was fine, ship it.”
- Comment on Microsoft confirms Windows 11 is about to change massively, gets enormous backlash - Neowin 2 months ago:
what if I use ip and netstat?
- Comment on I Wrote Task Manager — 30 Years Later, the Secrets You Never Knew 2 months ago:
He’s the first second-generation Task Manager creator.
- Comment on The Sodium-Ion Battery Revolution Has Started 3 months ago:
This isn’t true any more, and it’s mentioned in the article. Sodium is at least equivalent to - and on pace to surpass - the energy density of Lithium. It’s already being used in passenger cars in the Far East.
- Comment on Another day of AWS outages 3 months ago:
A haiku:
It’s not DNS. It couldn’t be DNS. It was DNS.
- Comment on How would you quickly describe Lemmy to a non-fediverse person? 3 months ago:
I tend to block at the user and community level, my only instance block is feddit.de and that’s only because I don’t speak German and those folks are such prolific posters it felt like I was touring central Europe every time I’d go to the All feed.
Blocking what you’re not interested in is the second best part of Lemmy, IMO.