Some IT guy, IDK.

  • 3 Posts
  • 332 Comments
Joined 1 year ago
Cake day: June 5th, 2023
  • MystikIncarnate@lemmy.catopolitics @lemmy.worldMillions have amnesia about the worst of Trump's presidency. Memory experts explain why.English
    6·
    5 hours ago

    I just assumed that they forget the horrid shit because of some twisted confirmation bias.

    Everyone keeps pointing it out, and they keep telling themselves about the “good” things he’s done. Reinforcing their own confirmation bias.

    I first heard about this phenomenon in “how to win friends and influence people”… It’s a book, crazy, right? It’s about human nature, and how arguing with someone often results in them arguing for their point, further entrenching them in their opinion. While they don’t convince you with their arguments, they convince themselves and that makes arguing with someone a difficult thing to do, and “win” at (by convincing the opposing person of your viewpoint).

    The fact is, the more we argue with them about Trump, the more they have to argue for him being someone that’s going to “make America great again”, and the further they get entrenched into that viewpoint.

    The sooner more people realize that this is a viscous cycle of mental violence and simply decide not to continue, the better. Obviously that’s hard to do when you are faced with the very real possibility of him being reelected, and essentially bringing back the Nazi party with him…

    Idk what’s the right thing to do, but clearly, nobody is going to change the minds of the deranged “MAGA” crowd anytime soon.

  • MystikIncarnate@lemmy.catoParenting@lemmy.worldNet positiveEnglish
    4·
    9 hours ago

    I wish that would happen to me. There’s two big companies that service most of my area, one is cable, the other is DSL. The DSL provider, whenever I’ve checked, only offers 10Mbps download. Big nope from me. Cable has gigabit, but capped at 30mbps upload.

    There’s a third regional provider that operates in my area that does fiber exclusively (plus a bunch of resellers and wireless providers). The fiber company doesn’t serve my address. Just me though… Well, my side of the street. If I put in my neighbors address into their service form, it says they’re capable of getting gigabit up and down for a very reasonable price. I put in mine, and “sorry, we don’t serve your address” or whatever. I think that’s because the utility poles are on the other side of the street, and they’re on the poles, but don’t have a permit to cross the street (generally by aerial lines)… Which is what the cable provider did when I finally purchased their service; they ran a line over the road to my house.

    Upload is important to me, and 10:1 speeds are fine, but 30:1 or more, no thanks. The plan I went for was 300/30, which is the fastest upload they offer with the slowest download (the 200mbps plan was 20mbps upload or something, and the gigabit was 30mbps upload)… I want fiber.

    If that regional fiber company knocked on my door saying that they service my area now, I’d ask where I sign.

    And before anyone asks: I contacted them about it and they said something about the permits and blah, and blah. I’ve tried to contact them several times about how I can help get them the permits to operate in my area more broadly (including my address), but they have not responded. I’m happy to petition my town hall or regional governmental office to push things along or even canvassing for signatures on a petition to give them the required permits to serve the area… Even paying for a portion of the permit cost if necessary… Not a word from them.

    Feels bad.

  • MystikIncarnate@lemmy.catoTechnology@lemmy.worldBe careful.English
    1·
    2 days ago

    I prefer security keys. At work I use a yubikey, and I have Google’s security keys for my personal stuff. I tend to use totp as a backup.

    For everything not banking, it’s great, I agree. I still prefer my security keys to everything. It’s hard to duplicate a digital key when it only exists on protected storage on a physical device, where that key never exists outside of that physical device.

    In case anyone doesn’t know: FIDO works using a pair of asymmetric digital keys, the public key is sent to the remote site, and only the private key can decrypt anything encrypted by the public key. So a challenge (usually some mathematical calculation, not sure), is encrypted by the site/service that is handling the login, it sends over the encrypted request, which is passed, in it’s entirety to the fob. The fob requires a physical activation to process the challenge (usually a touch, but some require a fingerprint). The challenge is then decrypted, processed, the response is encrypted, and sent to the site for login, which decrypts the response with the public key, and compares the result to the result of the challenge that was sent.

    There’s no part of this that can really be compromised. An eavesdropper can obtain the encrypted challenge (unable to be decrypted in any reasonable manner), and the response/public key… The public key isn’t useful, and the response is only valid for that specific login because there are aspects of the challenge that are unique per login.

    All information in flight is unreadable nonsense. The only unique information to the key that is sent anywhere is the public key, which is supposed to be public.

    Totp has the vulnerability of needing to relay the seed, usually by QR code. The only vulnerability there is when you set it up and the seed is shared to you, it can be intercepted. If that seed is stored anywhere that becomes compromised, then it becomes meaningless. It can be mined from an authenticator, or captured in flight.

    Both of these are better than alternatives. Email/sms codes can be intercepted, either by an administrator or by an internet relay, or by sim duplication, etc. You know that already.

    I don’t hate totp, I just recognize the faults in it.

    There’s problems with physical security keys too, mainly in the fact that, if you lose the fob, you’re screwed. So it’s recommended to have a backup. Either in the form of a second fob, which is setup for all the same accounts which is stored securely, or in the form of another authentication method like totp.

    Personally, I use a backup FIDO key for my accounts whenever possible. I also have a password manager that can store my totp so everything is in a single vault. If the vault is compromised then I’m screwed though… 90% of my accounts use a password reset email which is not stored in my vault. Only two things are not in my manager: that recovery email login (secured by my Fido key) and my bank (obviously also the vault login).

    At work, I use the yubikey for everything that supports it, with totp as backup in my work’s duo authenticator account (duo is also setup to use my yubikey). So it’s all Fido/totp.

    The only service I really want to use my security keys with that doesn’t support it, is my bank account… I suppose, also my government stuff, but almost all of that is informational. I can’t really make changes to my government stuff from their webpages. It’s generally just the government telling me things about my tax returns and whatnot (all SMS secured).

    I hate the trend of companies requiring an app for 2FA… Something that’s not totp, but similar. You have a specific authenticator app for a single service on your phone only and it’s not great… Obvious examples include steam and Blizzard. Fuck that. I hate it. Go away. Give me normal MFA options… Dick.

    I’ve ranted enough. Back to work for me.

  • MystikIncarnate@lemmy.catoTechnology@lemmy.worldBe careful.English
    26·
    4 days ago

    Your story reminds me of something that my bank started doing. I got a robocall about something to do with my credit card, and the voice said to verify using x and y using my keypad, I think it was day/month/year of birth or something and I immediately noped out of the call. I hit all the wrong buttons until it got me to a person and I ripped them apart, and their supervisor for basically training their userbase to answer security questions given by an automatic voice on the other end of the line with no way to verify who is calling.

    You can spoof your caller ID, you can get a text to speech robocall bot with DTMF recognition and just spam call a whole area where the bank operates and gather a bunch of personal information because it sounds just like the bank and there’s no way to prove who called.

    What a crock of shit. It’s a security nightmare.

    I did call my bank after at a known valid number, verified them as they verified me, and there was something going on, so the call was legit, and totally unacceptable.

    These clowns want us to trust them completely, and give us no reason to do so, but they want us to bend over backwards to validate ourselves. Fuck that.

  • MystikIncarnate@lemmy.catoTenForward: Where Every Vulcan Knows Your Name@lemmy.worldKlingons make fantastic alliesEnglish
    342·
    6 days ago

    I’ve spent too much time on computers.

    I don’t see people as their age, gender, color, name, whatever. To me, a person is a construct, that construct is immutable. You, as a person, exist, only your variables change. Your name, age, gender, sex, personality, political views, culture, race, skin color, etc, are all properties of the immutable object that represents you.

    In this way, your name, gender, age, political views, etc, can all change, and the human object that is you, never changes.

    Technology does this already. A good example is with user accounts for something like active directory (the windows domain login thing). Your user object isn’t assigned by name, or login ID or whatever. You have, what is referred to as a UUID inside of the system. To that UUID, you have parameters like your name, email, phone number, etc, attached to it. When permissions are given, they’re given to your UUID, not to your name.

    Because of this, the administrators like me, can update your name, phone number, login, email, etc, without changing what you have access to. Your email account is tied to your UUID as well, so your user object has permission to access that mailbox, and it’s listed in the parameters as your primary mailbox (for stuff like auto configure).

    It’s all very basic object oriented stuff.

  • MystikIncarnate@lemmy.catoPC Gaming@lemmy.caSatisfactory: PCGamer's review [90/100]
    2·
    7 days ago

    It gets really good when you get smart splitters. You don’t even need to really progress much in the game to get there, you just need to fill out the caterium tree in the mam. Then you can have one input for all your biomass stuff and smart splitters that take it to the constructors that will convert it to biomass, then into the constructors that will convert it to solid biomass, then into the burners. 👍

    I used to build such lines in update 8 that output to a bin and I’d grab it for the burners… Just collect whatever biomass I can while I’m out getting things done and dump it every time I get back to the hub area where it was setup with the burners. It was a little ritual I had. The input on biomass burners will really cut down on how much time I have to think about it.

    :)

    I’m playing 1.0 now, I just unlocked smart splitters, and I have to rebuild my biomass processing as a result.

    There’s also the dimensional depot which I rushed to, and that’s a complete game changer. Finally got enough materials to just set it up on my production lines, and I’m planning to add one for biomass, so I always have a little biomass in the depot for when I’m out and about and a drop pod needs power.