![](/static/66c60d9f/assets/icons/icon-96x96.png)
![](https://lemdro.id/pictrs/image/6d56629c-a7b1-465d-8b58-ad77926e3a41.png)
I don’t know. I’m typing this in a razr 40 ultra with a shattered outer screen. on one hand, it sucks that it’s shattered. on the other hand, I’m happy it has a second screen as a point of redundancy?
I don’t know. I’m typing this in a razr 40 ultra with a shattered outer screen. on one hand, it sucks that it’s shattered. on the other hand, I’m happy it has a second screen as a point of redundancy?
… but there is a way, and it has been proven.
One of the more memorable physics classes I’ve had went into the history of discoveries that led to our understanding of relativity. The relevant story here, starts with how sound travels though air.
Let’s say you’re standing at the bottom of a building shouting to your friend peeking out a window on the 5th floor. On a calm day, that friend will hear you at pretty much the same time as someone standing the same distance away, but on the street. However, if it’s windy, the wind pushes around the air through which the sound of your voice is traveling, the friend up in the window will have a slight delay in receiving that sound. This can of course be verified with more scientific rigor, like a sound sent in two perpendicular directions activating a light.
Scientist at the time thought that light, like sound, must travel though some medium, and they called this theoretical medium the Aether. Since this medium is not locked to Earth, they figured they must be capable of detecting movement of this medium, an Aether wind, if you will. If somehow the movement of this medium caused the speed of light in one direction to be faster than another due to the movement of this medium, measuring the speed in two directions perpendicular to each other would reveal that difference. After a series of experiments of increasing distances and measurement sensitivities (think mirrors on mountain tops to measure the time for a laser beam to reflect), no change in the speed of light based on direction was found.
Please enjoy this wikipedia hole: https://en.m.wikipedia.org/wiki/Michelson–Morley_experiment , and please consider a bit of caution before you refer to things as facts in the future!
Not even Chrome is blocking some of the add-ons…
is that something you know for sure? or has Google quietly complied with similar requests, without making a statement like Mozilla has here?
I do this with my xreal glasses sometimes when washing dishes or whatever. Connected to phone in my pocket with a desktop mode, set a black wallpaper, and drag the video into a corner.
It’s nice for situations like that, where you’re doing something with your hands and can’t reasonably place a screen in a way where you wouldn’t have to constantly strain your neck to look at it.
Right. So why does my phone also need to be a part of surveiling others?
I personally disabled the feature on my phone when it popped up as available. I don’t have much of an interest in contributing to a weird surveillance network.
it could explicitly be a reasonable deterrent. if you double your price, but lose half your customers, you’ve made the same amount of money for half the work.
"Hi, I just sent the ransom payment to the Bitcoin address you provided.
"Now you’ll unlock my data, right?
“… right?”
The two factors at an ATM are possession of your bank card + knowledge of your pin. (it also takes your photo, for good measure)
GitHub will happily accept a smart card or whatever, if an extra plastic rectangle jives with you more than an OTP generator.
Your two factors shift to possession of your password vault + knowledge of the password to it. You’re okay IMO.
You also still get the anti-replay benefits of the OTPs, though that might be a bit moot with TLS everywhere.
Not a security scientist, but in my interpretation, it’s the “categories” of the factors that matter. Ideally, you use some two of three of:
the goal then is maintaining the "only"s.
if you tell someone your password, or they see you type it in, or they beat it out of you with a wrench, it’s no longer something “only” you know, and it is compromised.
if you use the same password on two websites, and one website is compromised, the password is compromised.
OTPs from a key fob or yubikey or something are similarly compromised if the device that provides them is left out in public/lost/stolen/beaten out of you with a wrench.
biometrics are again, are compromised if it’s not “only” you with access to them - someone scans you face while you’re asleep, or smashes your finger off with their wrench.
having multiple factors in the same category, like having two passwords, or two otp tokens, or two finger prints, doesn’t significantly improve security. if you give up one thing you remember, it’s likely you’ll give up more. if one fob from your keychain is stolen, the second fob on that keychain is of no additional help.
you can start shifting what categories these things represent though.
if you write down your password in a notebook or a spreadsheet, they become thing you have.
OTPs can become something you know if you remember the secret used to generate them.
knowing many different things is hard, so you can put them in a password vault. the password vault is then something you have, which can be protected by something you know. so although your OTPs and passwords are in one place, you still require two factors to get access to them.
you still need to protect your "only"s though. and don’t put yourself in situations where people with wrenches want your secrets.
I use passwordstore.org/ as my password manager, including for my otp codes. It’s backed by a git repo. I get a backup of it on every device it is cloned to.
Be careful, if you get a .pizza
, you are only legally allowed to spend the donations on pizza.
Further, in terms of safety, having a large display built into your dash showing you navigation is much better than a small device you jerryrig onto a vent or something. It’s easier to see via your peripheral vision, and won’t put you in a situation where you need to go find it off of the floor when it falls off.
just to give you the term to search for, these types of applications are called snippet managers. for example, https://snibox.github.io/
there’s a ton of them around. I don’t have a particular one that I recommend, since it’s not something I use in my workflow.
I can’t believe they didn’t with go with BatShIt. it’s right there! they were SO close!
grep -r
exists and is even more faster and doesn’t require passing around file names.
grep -r --include='*.txt' 'somename' .
I just started using this at $jorb. Check out their “ui-mode” is all I’m going to say about that.
Better than that, git config supports conditional includes, based on a repo URL or path on disk. So you can have a gitconfig per organization or whatever, which specifies an sshCommand and thus an ssh key.
Macy’s now has a Toys Я Us branded toy department.