felbane

joined 2 years ago
[–] felbane@lemmy.world 2 points 15 hours ago

Imagine recommending Stremio when Jellyfin exists (you can use torrentio with Jellyfin as well).

[–] felbane@lemmy.world 2 points 1 day ago* (last edited 1 day ago)

"Properly implemented" is doing the heavy lifting in that sentence.

Four paragraphs down from your quote is this:

Their attacks ranged from integrity violations affecting specific, targeted user vaults to the complete compromise of all vaults within an organisation using the service. In most cases, the researchers were able to gain access to the passwords – and even make changes to them. 

If E2EE were properly implemented, the above would be impossible.

[–] felbane@lemmy.world 1 points 1 day ago (1 children)

This is what Bitwarden claims to do, and yet we have a paper showing that with a compromised server there exists a vulnerability.

[–] felbane@lemmy.world 12 points 1 day ago (1 children)

Natura's research reactor is designed to first prove the LFMSR concept at megawatt scale, then be converted to prove that MSR reactors can reprocess existing nuclear waste as a percentage of its fuel. Which means we could take all of the current stockpile of nuclear waste and re-burn it to the point that it's 90% consumed (instead of 5% consumed today) and leave a waste product that decays to safe levels extremely quickly (tens of years).

[–] felbane@lemmy.world 7 points 2 days ago (1 children)

Sure, but at the end of the day even if you don't update your vaultwarden server or you rely on an insecure storage sync system like dropbox, your actual vault is encrypted with a key that only you know. Even if your server is hacked or the kdbx is leaked, your passwords are safe until someone breaks AES.

Contrast that with hosted services, who could very easily attach their own keys to your encryption key (whether now or in the future at the behest of the state) and you'd be none the wiser. E2EE doesn't matter much when the other end is controlled by someone else.

I'm not disagreeing that most people just want something to work without thinking about, and for that reason I'm glad that services like bitwarden and lastpass and protonpass exist. My intent was not FUD, just shining a light on the fact that keeping your passwords secure does not require trusting a company.

[–] felbane@lemmy.world 90 points 2 days ago (15 children)

tl;dr:

  1. If the password manager server is hacked and compromised, then syncing your passwords with the compromised server will lead to compromised passwords (duh)
  2. None of the providers tested have (or have had in the past) compromised servers.

and an observation or two:

  • Vaultwarden is free, self-hostable, and doesn't rely on trust in a third party.
  • Keepass (and its client variants, like KeepassXC which is pretty great) is even more secure because there is no server, just an encrypted file you can store anywhere.
[–] felbane@lemmy.world 16 points 6 days ago (4 children)

What would the book version read like?

[–] felbane@lemmy.world 2 points 1 week ago (1 children)

Speaking of, does anyone know of a Lemmy android client that allows hiding posts from new accounts? Boost doesn't do it and it's also a bit buggy. Bonus points if available on F-Droid

[–] felbane@lemmy.world 1 points 1 week ago (1 children)

Okay well have you tried the BLAMMO GFY-AYM2? Half the price and now with 50% less spyware!

[–] felbane@lemmy.world 5 points 2 weeks ago

That rabbit's dynamite!

[–] felbane@lemmy.world 2 points 2 weeks ago (1 children)

Sure, and to be clear I mean a liberty and peace that includes everyone that has historically been marginalized and abused by this nation's governments and by people who think they're superior to everyone else.

The problem with a melting pot (particularly one that was started by murdering and stealing land from a continent's worth of indigenous people) is that it puts bigots right next to the people they hate.

The benefit of a melting pot is that if the incoming generation can avoid being programmed into hatred by their parents, society trends toward true equality and equity.

I'm trying to maintain optimism that this current extreme escalation is the flailing death throes of a generation raised into bigotry and self-aggrandization, and that we'll come out the other side of this being a better society (the younger generations today are so much more openly altruistic and progressive on the whole).

[–] felbane@lemmy.world 12 points 2 weeks ago (4 children)

In a sane world, any one of the atrocities would be enough to put a stop to these people.

In a realistic world, shining a light on all these different atrocities would be sufficient to convince enough people to protest/threaten the power of the spineless patricians who refuse to convict and remove the fascists from power. For example if Billy Bob the redneck says "I'm fine with kidnapping brown people but fiddling kids is too far!" then Epstein might convince him to support impeachment/removal.

In the current clown world we live in, nothing that the fascists say or do will un-brainwash their base, and somehow that's enough to prevent everyone else from making a cohesive stand against the evil.

So to answer your question: no, it's not worse. It's a desperate attempt to make something start tipping the scale back toward liberty and peace.

view more: next ›