Lesson learnt the hard way: Always store your passwords. Yes, do it securely, use a password manager, hide a piece of paper behind multiple protection mechanisms, but DO KEEP A BACKUP OF YOUR PASSWORDS
Long story short: I decided to store every 2FA revocation code as well as every PGP and SSH key of mine in a strongly (64 Argon2d rounds) encrypted KDBX v4. As you may have guessed, I forgot the password. I do remember it slightly, but to no luck. Have been trying to brute-force it for 6 hours...
*a dirty mailbox
Can't imagine what a sorry mailbox would be like 😂
I am becoming so ignorant of other people being ineffective. I get so aggressive when someone has a sorry mailbox, opens lots of windows, uses a mouse where a shortcut is faster and more logical. At moments like this I really just want to drop everything and start with "um, actually..."
I think I need a therapist 🤪
I have set up SPF with DMARC as well as DKIM. I have never sent suspicious emails. I even add OpenPGP signing to my emails. SpamAssassin and GMail filters seem to not have any problems, when I check it with external tools. Yet still, my emails keep landing in spam folders of people unless they specifically add me to their contacts.
What could be the reason? Do email clients/servers not like email from custom domains? Or is it just because my email server is in Russia? 🙄
Question to everyone using GnuPG: which keyserver do you use?
The most used options now are, apparently, keys[dot]openpgp[dot]org or SKS Keyservers Pool. The former has a problem of being a single failure point, the latter may suffer from certificate spamming.
Do you use any one of this or perhaps a different one (MIT? Ubuntu?). Do you even use one? How do you publish/refresh the keys?
A problem that I have with self-hosting Git — lack of federation.
I can host a Mastodon instance and my posts would be seen elsewhere on the global timeline. But host a Git server — and now you're cut away from the rest of the world. People need to create accounts to contribute, the project will not hard to discover. Even I, a relatively tech-savvy person, hate it, when the development is concentrated on some in-house server — that's why I could never imagine contributing to, say, GNU projects.
When GitHub was acquired by Microsoft, people started to look for a freer alternative. Self-hosting is usually the best choice, but those who can't afford it switched mostly to Sourcehut or Codeberg.
But why was GitLab never really mentioned? It's open-source, has a plethora of great features, is independent, can mirror to GitHub, has an incredible CI/CD infrastructure... I personally find it way better. Is there something I don't know or understand?
Follow up: You don't need to feel guilty for choosing proprietary software.
If you prefer to use Spotify over local music because it better fits your listening style, go for it!
Should you look for more secure and privacy-respecting alternatives? Sure. But you don't need to develop a cognitive dissonance when it comes to what your preferences for software are.
Do what you're comfortable with, keep an open mind, and try things whenever you feel like something new.
I’ve already been sifting through some stuff in March and April this year, and I was able to reduce my entry count from 400+ to “just” 350! It’s insane how many useless accounts one might have. GDPR is certainly a saviour here — even if you don’t live in Europe, many sites are obliged to implement the corresponding mechanisms for those who do!
My checklist includes, but is not limited to:
• do I still need this account?
• does it have a long enough (yet not too long) password with various symbols?
• does the provider support 2FA and if yes, is it enabled?
• does the account use my own (not Google’s) email?
• does the account (for some reason) store too much data on me
• are all the URLs up-to-date?
Many recommend doing a spring cleaning of one’s passwords: make sure they’re not leaked, secure enough, and still relevant.
While generally being a good advice, it might be overwhelming for people like me with 300+ passwords in their vault.
That’s why, starting today, every day is a spring cleaning for me. Set a timer for 10–20 minutes and monitor as many accounts as you can!
Today’s “invention”: a Handler for Python’s `logging` that logs to either stdout or stderr based on the log record’s level
Pretty sure there already exists a solution, but I couldn’t find any 🤷♂️
Why aren't there any open-source antiviruses? There is ClamAV, which is barely used, and isn't that good to begin with.
Is it because the attackers can easily bypass the security of the code is in the open? Or is it because the market is already oversaturated?
Is there even a reason to try and make an open-source antivirus, that can compete with big players like Avira, Kaspersky, and others?
Took me 5 hours or something 🙄
So long actually, that a newer version came out while I was downloading the older one 😂
A web developer.
Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.