• 0 Posts
  • 48 Comments
Joined 2 years ago
Cake day: August 17th, 2023
  • asmoranomar@lemmy.worldtoAsk Lemmy@lemmy.worldWhat little things do you do each day that are your small ways of sticking it to the man?English
    21·
    5 days ago

    To be blunt (but not to be mean), RTFM or google it. There are lots of ways to do it, and it all depends on the capabilities of your devices, OS, browsers and whether or not you want to use apps to manage it. And again, I’m not trying to be mean, it’s just that the question has the same effort as “how do I make food?”. I could give you the most gourmet answer and it may not help.

    But to answer as simply as possible: Most browsers can do cookie whitelisting out of the box. Just be aware that it doesn’t prevent cookies outside the browser or outside the device - so if you have (for instance) a smart tv, you’ll need other solutions. And the solutions snowball from there, so I will leave it at that.

  • asmoranomar@lemmy.worldtoTechnology@lemmy.worldPasskeys Explained: The End of PasswordsEnglish
    1·
    27 days ago

    Keep in mind, still discussing the underlying fundamentals and not the user experience.

    MitM attacks are frequently covered in white hat hacking, often after an actual event takes place. It is considered a third party attack, and it does break trust. It is a security threat, and to claim it doesn’t count is absurd. I’ve seen a few reports personally from internal, but I’m not at liberty to speak specifics about them. On the topic of replay attacks, TOTP is vulnerable, but passkeys are not (yet, I’ve seen people try though). This isn’t the only type of MitM attack, and, again, both are somewhat vulnerable.

    TOTP is nothing, nowhere similar to passkeys in any way. You do NOT generate codes with passkeys. Passkeys are a form of public/private keys that are used to create a challenge/response request and used to generate a digital signature. The keys are not passwords (aka “shared secrets”). Digital signatures are also not passwords. The only other thing I can think you mean by “code generation” is that you’re using it as a generic catch-all, but that happens with…well everything (even passwords), depending on context.

    I don’t want to sound too much like a die hard passkey fan - and you are right - passkeys are extremely overkill if you use anything above a plain old password. In some cases, layered security can be just as effective. The problem is that most people do only use plain old passwords. If we can get any kind of extra security, even TOTP, then all the better. There are also some cases passkeys are not feasible, so it’s good to have alternatives.

  • asmoranomar@lemmy.worldtoTechnology@lemmy.worldPasskeys Explained: The End of PasswordsEnglish
    2·
    27 days ago

    That’s false, TOTP can and has been the target of man in the middle attacks, successfully. The implementation of passkeys makes man in middle attacks more difficult, but it could still happen. So both are susceptible to third parties to some degree.

    As far as point of view, I was assuming we were talking about the process, since the goal of passkey UX is to be largely the ‘same as’. Which, to be frank, is way less dedicated since both the implementation of passwords and passkeys can vary widely (2fa, email, id, otp, etc). If we exclude those, the UX is the same - some users might be even using passkeys and not know it.

  • asmoranomar@lemmy.worldtoTechnology@lemmy.worldPasskeys Explained: The End of PasswordsEnglish
    5·
    28 days ago

    Perhaps he means the process of setting it up. Or when it doesn’t work. Or when passkeys are lost. Or using another device. A lot of people’s complaints about passkeys aren’t really about when it works.

    It’s valid I think, but also some people forget passwords can have similar experiences. For one, there seems to be this idea that if you lose your passkey you get locked out of your account forever. The recovery process should be no different than losing your password.

  • asmoranomar@lemmy.worldtoTechnology@lemmy.worldPasskeys Explained: The End of PasswordsEnglish
    9·
    28 days ago

    No. It’s a completely different process. It’s a bad name for what it actually does. (Unless you’re talking about how computers do things, then EVERYTHING is numbers)

    Look up public/private key pair encryption. It’s the process that has changed.

    The problem with all these “what are passkeys” guides is that it’s difficult to convey the differences between password and passkeys if you don’t have a deep understanding of encryption or authentication systems.

  • asmoranomar@lemmy.worldtoAsklemmy@lemmy.mlWhat's a video game that you just don't get the hype about?English
    4·
    1 month ago

    I get what you mean, you’re not the only one. There are generations of games that have explicitly trained you on fast twitch button mashing with graceful dodge frames and intentionally engineered safeguards so rng is in your favor to bring about the best experience. And I’m not mocking you…it’s just how it is and it gets me too. Trying to unlearn that is hard.

    I also hate the ‘difficult for the sake of difficult’. I know some people get a high over doing something incredible, but I don’t get that from banging my head on the same thing over and over. Any souls, souls-like, souls-lite or weighty mechanics games like MH get a hard pass from me.

    However, I really enjoyed Remnant, it’s a mp souls-like - something about witnessing everyone’s shenanigans but still being able to pick each other off the floor is a lot of fun. It feels different and more like what souls should have been (imho).

  • asmoranomar@lemmy.worldtoscience@lemmy.worldSwarm reveals growing weak spot in Earth's magnetic fieldEnglish
    7·
    2 months ago

    Gamblers Fallacy. This only applies if the events are independent. A six sided die will always be six sided.

    You wouldn’t apply Gambler’s Fallacy to a standard game of Blackjack for example. You don’t have to be a card counter to understand that the probability of a card changes as each one is played.

    We don’t know what causes magnetic reversal, and it could be many random or non-random factors that lead up to it or some other external factor. Is it a dice roll, or is there something stacking the deck?

  • asmoranomar@lemmy.worldtoFuck Cars@lemmy.worldInstant shin annihilatorEnglish
    51·
    2 months ago

    Just because your phone hasn’t caught fire doesn’t mean it can’t cause fire. If it’s a lithium battery then, by design, it is more of an incendiary than other types of batteries. Lithium batteries provide their own fuel, oxygen (it makes it) and energy. That’s why all lithium batteries (not just cars) are hard to put out.

    I imagine you have criteria for what constitutes when it can become one, but I don’t think your phone battery will survive a car accident and then the subsequent burning of hundreds of other batteries burning right beside it. AFAIK, there are no protections for lithium batteries that make them fail safe, which is why there are restrictions on where they can be used or transported.

  • asmoranomar@lemmy.worldtoNot The Onion@lemmy.worldWhite House says slavery is being taught wrong, should not be so negativeEnglish
    11·
    4 months ago

    You need to take the bad with the good, otherwise you’ll never understand how far we’ve come. We hold on to slavery to remind us what it took, how efforts were not in vain, and to continue work on pushing for the things we believe in. We are here today because of the hardships we have endured yesterday. It’s not “white guilt”, it’s to remind the world that slavery is bad no matter who does it, to teach us what it looks like, and that we all benefit from eliminating slavery, no matter the form it takes.

    When we forget those things, we have things like the anti-vacc movement. People who have their own beliefs that fly in the face of reality, who’ve never had the experiences first hand, and to bend the notion of what is good. It rewrites the legacy of people’s efforts, obscures the lessons used to fight, and trivializes the problems of the time. It manipulates both people and purpose and turns it against each.

    My own opinion: Nobody feels guilty about slavery. There are only those that feel regret it’s not still around.

  • asmoranomar@lemmy.worldtoPC Master Race@lemmy.worldIssues with Wifi on PC with Windows 11. Out of ideas for the cause.English
    4·
    4 months ago

    Have you tried moving his system closer? Have you tried using your system near his location? It’s not just microwaves that can interfere with wifi, but also some kinds of fluorescent lights, or even infrastructure (pipes, electrical, mesh retaining, etc).

    What is the signal db loss? Ping is a catch-all metric but isn’t reliable for nailing down specific problems. Also the varying ping times is called jitter, and some jitter is perfectly normal - wifi tends to amplify ping and jitter. Don’t get too hung up on high ping unless it is a problem.

    If db loss is acceptable, is his tcp/ip stack compromised? Run a virus check, ensure his network configurations aren’t being hijacked (check dns, proxy, etc). Reset the stack and configs if necessary.

    Has his router been compromised? There is firmware that is going around hijacking routers for botnets - very hard to identify and reverse from what I recall. Try another router if you have one. Aside: Might be a good idea to factory reset the router and start with a clean slate too.

    Is your wireless network congested? too many devices can cause large ping and jitter, even if they aren’t on your network. Removing devices, changing wifi channels, disabling guest connectivity, and enabling game mode on the router can improve the congestion issue to varying degrees.

    TPM has nothing to do with networking, which is good because there are bootable USB OS’s you can run to test your hardware without wiping your current install if you feel like it might be another type of compatibility issue (TPM would make this much harder to do).