bit0fun @bit0fun@qoto.org

“Our abandonment of simple and effective variant-proof protection measures has left our older adults and marginalized communities isolated and at risk.”

#CovidIsNotOver #COVIDisAirborne #BringBackMasks

@wr_record

Congrats to @kicad on the 7.0.0 release!

https://www.kicad.org/blog/2023/02/Version-7.0.0-Released/

The Smithsonian has made over 4 MILLION images open source! You can create, copy, distribute, etc. This is amazing!

https://www.si.edu/openaccess

I have a box of RAM too. Guess what? Those sockets are no longer work. Hah!

In 2023 I resolve...
- to not spontaneously combust
- to not knowingly eat plutonium
- to continue to inhale and exhale in an orderly fashion

Today in 1983, 40 years ago: The ARPANET officially changes to using TCP/IP, the Internet Protocol, effectively creating the Internet.

#OnThisDay

What projects are you excited to dive into in 2023?

WORST.
TOILET.
EVER.

New year's resolution. credit https://www.gocomics.com/brevity/2017/01/07 #goodbye2022

Wherever I go, I take a little Hackaday with me! ☕ :wrencher: We had a nice little Christmas picnic at the park. It was a wonderfully sunny and warm day, enjoyed just in time before the rains.

Mathstodon, what are your favorite math books?

#Math #Mathematics #Books

The worst thing every #mastodon client does is poor content discovery.

Content discovery is a hard topic, since your seasoned users of a platform consider it a nuisance, but your new users require it as a lifeline.

There’s no time to explain, get in the pea

So much confusion on Linux machine ;) LOL

So, I'm finding out the hard way that if you start a new Mastodon server, nobody can find you.

This is a shameless request for some boosts so some of the bigger instances see me.

#mastodon #twittermigration #mastodonserver #findme #helpimtrappedinawell #imlonely

LASTPASS NEWS ALERT AND COMMENTARY:
LastPass attackers know your name and billing address and all websites you have saved passwords for, and if your master password isn't sufficiently strong may be possible to brute-force open everything on attacker's machines.

PLEASE READ BEFORE PROCEEDING: https://blog.lastpass.com/2022/12/notice-of-recent-security-incident/

The fact LastPass doesn't encrypt website URLs is a known flaw it appears they never fixed on purpose, going back almost 6 years:
https://hackernoon.com/psa-lastpass-does-not-encrypt-everything-in-your-vault-8722d69b2032

This eventual possible security breach was planned-for as part of LastPass' design for username and password protection. This doesn't break the core offering.
But it has stripped away multiple layers of protection and will hasten my looking at @bitwarden

It's impossible to be completely secure in a massive offering. However I have always disagreed with their decision to not 100% encrypt all metadata, and this event shows that was a foolish choice when seen against the inevitable of the entropy our complex electronic systems.

In the end, a password manager is still right choice in comparison to alternative. And a cloud-native offering like LastPass strongly hedges against data loss by normal users trying to manage their own vault. That is an undersold primary risk, not hackers. Still, very disappointed.

Current password setup:
- Primary vault is LastPass with 2FA
- Core fallback "key" accounts like email that allow pw reset are only in a KeyPass db file with 20char password, synced via OneDrive+2FA.
- This is then further backed-up with BackBlaze, using 40char encryption key