PassingThrough

@PassingThrough@lemm.ee

This is a remote user, information on this page may be incomplete. View at Source ↗

⁨Comment⁩ on ⁨Hacker advertises alleged database of 89 million Steam 2FA codes⁩ ⁨⁨5⁩ ⁨hours⁩ ago⁩:
So what are the details of the risk here? Can texted 2FA use old codes to math out new ones? Is it just that they know which phone number goes to an account they can do another kind of attack on to get new codes?

From what I read these are old texted one time codes. Good one time, generally only for a few minutes. Useless now.

Or is this bad only because there’s a breach somewhere, they don’t know where, and who knows what else they have?
⁨Comment⁩ on ⁨Survey for curiosity: How many readers are in a library network that holds video games?⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Mine used to, but they stopped.

I asked why, and they said in the worst case some people would steal them. Maybe they just kept them or “lost” them, or they returned the cases without the game. With something like the Nintendo chips the theft would be obvious, but a couple of disk style ones had labels forged too. A stupid crime, given the last borrower would simply be fined.

On average though, there were a lot of difficulties keeping them in working order. Apparently they were reported non-functional more than DVDs, and despite a contract with a cleaning and restoration company still had a high failure rate requiring frequent replacement. Which is really kinda funny given how 90% of the time the disk is just a DRM token for an online download, shouldn’t be that susceptible to failure from minor damage…

Anyway between these costs and an analysis that physical game media was on the way out the door(probably mostly the costs), the program was discontinued and you can’t borrow games around here anymore.
⁨Comment⁩ on ⁨Reminder if you're leaving Discord for this Revolt server ( Linux + Steam Deck devs / creators)⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
Well, you see IRC and forums went together because they filled two different needs and we understood that back in the day.

IRC was for chatting, short, quick real time communication that would be lost to the ether as soon as you signed off, unless you had a bouncer or log bot.

Forums were for long information, be that long posts or posts that needed to endure for a long time. Sure you’d get some one liner responses to those posts, but forums were not at all instant like IRC. Though the information did stay much longer, and was much more searchable and organized.

Discord has spoiled us, being quick and chatty while also allowing for longer posts and being searchable. At least within the Discord client. Shoot they even added those “forum” channels to replicate the old forum feel. But real time.
⁨Comment⁩ on ⁨Discord's face scanning age checks 'start of a bigger shift'⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
Same thing that’s wrong with Teamspeak and the other old standby, IRC:

A dated look and lack of shinies like inline GIFs scares the youngsters, the lack of history/persistence drops everyone else.

Ah, the many logging bots of IRC.
⁨Comment⁩ on ⁨[deleted]⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
In the video game Wolfenstein, the side character Tekla goes on a wonderful rant about the continuity of consciousness.

youtube.com/watch?v=_4oU7sB_AJ0

If you want a darker aspect, the game SOMA is all about this concept, though it is meant as a horror game, so it explores all the worst outcomes.
⁨Comment⁩ on ⁨Docker Hub limiting unauthenticated users to 10 pulls per hour⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
Gitea and therefore Forgejo also have container registry functionality, I use that for private builds.
⁨Comment⁩ on ⁨Docker Hub limiting unauthenticated users to 10 pulls per hour⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
I’ve only done my “is it even possible” research so far, but these look promising:

medium.com/…/docker-registry-caching-a2dfefecfff5

github.com/obeone/multi-registry-cache
⁨Comment⁩ on ⁨Docker Hub limiting unauthenticated users to 10 pulls per hour⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
Huh. I was just considering establishing a caching registry for other reasons. Ferb, I know what we’re going to do today!
⁨Comment⁩ on ⁨Elon Musk’s X blocks links to Signal, the encrypted messaging service⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
From the looks of it, the variety of ways you can purposefully or accidentally destroy your local database, and the several options to automatically delete messages, really gives me the feeling SimpleX is intended to be extremely disposable and deniable.

After playing with it I just don’t see it being used for anything expected to be convenient or ongoing. Regarding the one device per account thing, I think the whole point is you just protect your one app, nobody is sneaking in your laptop or tablet, no remote leaks possible from a sync engine. On iOS you can link to a desktop app, but your phone must remain not just on, but in the app and on the pair screen. One twitch out, PC disconnects.

Feels like something for journalists, whistleblowers, protesters, and all the bad ones. It’s a burner app for your burner phone.
⁨Comment⁩ on ⁨Elon Musk’s X blocks links to Signal, the encrypted messaging service⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
So what’s the opinion here between Signal and SimpleX?

Signal gets all the attention, and seems more approachable but ties to a phone number which can be a big deal.

SimpleX ties to nothing but I could absolutely see people I know fucking it up and wondering where their “account” went.

So, Signal as an common man’s adoptable compromise and SimpleX to nerd out with full “opsec” and disposability? That about right?