Readit News logoReadit News
chias commented on Data centers in space makes no sense   civai.org/blog/space-data... · Posted by u/ajyoon
chias · 6 days ago
Data centers in space make perfect sense, in exactly the same way as a jetpack made perfect sense. It is an excellent vehicle to ride out some juicy government contracts for as long as you can keep the grift going.

https://pluralistic.net/2024/05/17/fake-it-until-you-dont-ma...

chias commented on The TSA's New $45 Fee to Fly Without ID Is Illegal   frommers.com/tips/airfare... · Posted by u/donohoe
caseysoftware · 7 days ago
I did that for a long time. My favorite part is when they say "Do you have any sore or sensitive areas?"

I always say "my penis" and they say "uh.. well.. I'm not going to touch that"

Me: "When you slide your hand up until you meet resistance? That resistance is my penis. You're going to touch my penis and it's a sensitive area."

chias · 7 days ago
oh my GOD I'm wheezing here :D

I fly next week, I will have to decide whether having this conversation is worth not trying to get out of the opt-out procedure. The difficulty will be keeping a straight face.

chias commented on The TSA's New $45 Fee to Fly Without ID Is Illegal   frommers.com/tips/airfare... · Posted by u/donohoe
figassis · 7 days ago
It is mostly security, but not to residents of the country. Those can enforce their rights. In my country, I can argue with airport security, and win. Foreigners can’t, so they follow whatever rules. A few times when landing in the US, security was extremely rude, I think just looking for an excuse (things like throwing your laptop a few feet away, while staring at you, etc). You take it bc you’re not home, and the cost of ruining your vacation is not worth it.

What I’m trying to say is that , while a lot of it is theater, TSA may be more effective security against foreigners but you as a resident don’t notice because you can opt out. Try going to the UK and telling them you can’t raise your arms while being a US citizen.

chias · 7 days ago
I tried to opt out in the UK last time I was there a few years ago. The agent looked at me, confused, and said "so... you don't want to get on the plane?". She told me the the UK didn't allow opt-outs.

This was the only time I've gone through the machine since they were introduced.

chias commented on The TSA's New $45 Fee to Fly Without ID Is Illegal   frommers.com/tips/airfare... · Posted by u/donohoe
caseysoftware · 8 days ago
> So it was never about security at all then, was it?

Never was.

I flew every other week prior to covid and haven't once been through the scanners. For the first ~6 years, I opted out and got pat down over and over again.

Then I realized I could even skip that.

Now at the checkpoint, I stand at the metal detector. When they wave me to the scanner, I say "I can't raise my arms over my head." They wave me through the metal detector, swab my hands, and I'm done. I usually make it through before my bags.

Sometimes, a TSA moron asks "why not?" and I simply say "are you asking me to share my personal healthcare information out loud in front of a bunch of strangers? Are you a medical professional?" and they back down.

Other times, they've asked "can you raise them at least this high?" and kind of motion. I ask "are you asking me to potentially injure myself for your curiosity? are you going to pay for any injuries or pain I suffer?"

The TSA was NEVER about security. It was designed as a jobs program and make it look like we were doing something for security.

chias · 7 days ago
This is brilliant. I continue to opt out and get the pat down every single time. Which is annoying because they deliberately make it slow and anxiety inducing with your bags are out of sight for quite a while.

I used to "punish" the rude or particularly slow ones by insisting on a private screening (since that involves two officers, and Is A Whole Thing) but I haven't gotten a rude one in a few years. But that also just makes it take even longer.

chias commented on Guix System First Impressions as a Nix User   nemin.hu/guix.html... · Posted by u/todsacerdoti
kkfx · 10 days ago
I don't consider myself a "believer" in anything, but as a sysadmin, if I see a deploy with ext4, I classify it as a newbie's choice or someone stuck in the 80s. It's not a matter of conviction; it's simply about managing your data:

- Transferable snapshots (zfs send) mean very low-cost backups and restores, and serious desktop users don't want to be down for half a day because a disk failed.

- A pool means effective low-cost RAID, and anyone in 2026 who isn't looking for at least a mirror for their desktop either doesn't care about their data or lacks the expertise to understand its purpose.

ZFS is the first real progress in storage since the 80s. It's the most natural choice for anyone who wants to manage their digital information. Unfortunately, many in the GNU/Linux world are stuck in another era and don't understand it. They are mostly developers whose data is on someone else's cloud, not on their own hardware. If they do personal backups, they do them halfway, without a proven restore strategy. They are average users, even if more skilled than average, who don't believe in disk failures or bit rot because they haven't experienced it personally, or if they have, they haven't stopped to think about the incident.

If you want to try out services and keep your desktop clean, you need a small, backup-able volume that can be sent to other machines eg. a home server, to be discarded once testing is done. If you want to efficiently manage storage because when something breaks, you don't want to spend a day manually reinstalling the OS and copying files by hand, you'll want ZFS with appropriate snapshots, whether managed with ZnapZend or something else doesn't really matter.

Unfortunately, those without operations experience don't care, don't understand. The possibility of their computer breaking isn't something they consider because in their experience it hasn't happened yet, or it's an exceptional event as exceptional that doesn't need automation. The idea of having an OS installed for 10 years, always clean, because every rebuild is a fresh-install and storage is managed complementarily, is alien to them. But the reality is that it's possible, and those who still understand operations really value it.

Those who don't understand it will hardly choose Guix or NixOS; they are people who play with Docker, sticking to "mainstream" distros like Fedora, Ubuntu, Mint, Arch. Those who choose declarative distros truly want to configure their infrastructure in text, IaC built-in into the OS, and truly have resilience, so their infrastructure must be able to resurrect from its configuration plus backups quickly and with minimal effort, because when something goes wrong, I have other things to think about than playing with the FLOSS toy of the moment.

chias · 10 days ago
I would certainly feel that way about an ext2 system. But ext4 was released in 2006
chias commented on Bye Bye Gmail   m24tom.com/bye-bye-gmail/... · Posted by u/tklenke
realaaa · 16 days ago
this is the way ! thanks for that, still on my list also, even though I know all the steps, it's just .. daunting
chias · 16 days ago
Yeah, I feel that. But I promise you, within one week I had one single regret: that I had not done this years ago.

Also, I very much recommend using your own domain. It greatly eases the feeling of having to commit, because your email address is not tied to your provider. That is, if you ever decide fastmail is not for you, next time the switch will be invisible to everyone else.

chias commented on Bye Bye Gmail   m24tom.com/bye-bye-gmail/... · Posted by u/tklenke
puttycat · 17 days ago
I have more than 20 years of email in my gmail account. How do I even start migrating?

And even if I migrate, I will need to keep my address alive and forwarding to my new address at least for a few years. So no privacy gains there either.

Does anyone have concrete advice as to how to make the transition?

chias · 17 days ago
My gmail address was also almost exactly 20 years old when I migrated two years ago. Here's how I did it:

--

1. Register your domain (if you're doing that) and get fastmail set up -- I remember feeling a physical discomfort clicking "register" on fastmail, it felt like such an insanely impossible thing to do.

2. Set up the IMAP link so that anything sent to your gmail gets delivered to fastmail. Doing so also allows you to send email from your gmail address (with valid spf/dkim) if you want to.

3. Import all your old mail using fastmail's import tool, which Just Works.

4. Set up a vacation autoresponder in gmail that responds only to people in your contacts with a note telling them your new address.

5. Set up a label and filter in fastmail for anything that was addressed to your gmail, so you can easily see what is still sending you email on your old address to assist with migrating services.

--

It worked a charm. I was completely convinced of it within a week, long before the 30 day free trial ran out. I have been an immensely happy customer since then. Could not imagine going back.

chias commented on MTOTP: Wouldn't it be nice if you were the 2FA device?   github.com/VBranimir/mTOT... · Posted by u/brna-2
theamk · 21 days ago
What if your computer, which runs your password manager, is compromised? If the malware has system access, it can often export all the passwords. Depending on level of protection and OS, this could require kernel access, root access, a regular user access or maybe just a hijacked browser extension.

This leaks every single password in the vault, including any TOTP keys - so if you were storing your TOTP password here, you are now screwed, and attacker has a full access. On the other hand, if your TOTP was a separate device, your TOTP-protected accounts are fine. And even if it's just an app on your phone, you are likely still fine, as phones have much stronger isolation, and people don't usually "npm install" random stuff on them.

(And that's Google Authenticator adding cloud backup functionality is such a bad idea.. If you enable it, then all your 2FAs are leaked once Google password is leaked)

(You could argue that your password manager stores TOTP secrets in secure enclave and it's impossible to extract from there... but those same secrets have to be stored in your account as well, and they could be extracted from there)

chias · 18 days ago
Isn't this the same chicken-and-egg problem?

> If you enable it, then all your 2FAs are leaked once Google password is leaked

Nope, you'd also need my Google 2fa.

chias commented on MTOTP: Wouldn't it be nice if you were the 2FA device?   github.com/VBranimir/mTOT... · Posted by u/brna-2
crote · 22 days ago
What makes this 2FA? It's "something you know, plus mental labor", which makes it a password.

2FA is "something you have" (or ".. you are", for biometrics): it is supposed to prove that you currently physically posses the single copy of a token. The textbook example is a TOTP stored in a Yubikey.

Granted, this has been watered down a lot by the way-too-common practice of storing TOTP secrets in password managers, but that's how it is supposed to work.

Does your mTOTP prove you own the single copy? No, you could trivially tell someone else the secret key. Does it prove that you currently own it? No, you can pre-calculate a verification token for future use.

I still think it is a very neat idea on paper, but I'm not quite seeing the added value. The obvious next step is to do all the math in client-side code and just have the user enter the secret - doing this kind of mental math every time you log in is something only the most hardcore nerds get excited about.

chias · 22 days ago
> this has been watered down a lot by the way-too-common practice of storing TOTP secrets in password managers

I'm open to discovering I'm wrong here, but I have never understood this line of thinking. Assuming you 2fa into your password manager when you first sign in on your device, it's still 2 factors all the way down.

As you sign into your password manager, the "something you have" is your 2fa device that you use to sign into your password manager (which is obviously not being filled in by your password manager). Subsequent password manager unlocks which don't prompt for your token are still 2fa because the "something you have" is your computer with which you signed into your password manager.

Why is this a problem?

chias commented on Why some clothes shrink in the wash and how to unshrink them   swinburne.edu.au/news/202... · Posted by u/OptionOfT
taeric · a month ago
It has been ages since I had clothes shrink on me. To the point that I had assumed something must have gotten better in modern dryers. Is that not the case?

Edit: Quickly searching, this appears to be the case? Specifically modern moisture sensing dryers that stop appropriately goes a long way to never having something shrink on you.

chias · a month ago
I wish I lived in your world. It is very rare I find a long-sleeved garment whose sleeves are long enough, and it usually only takes a wash or two for them to become too short :(
c

u/chias

KarmaCake day3502November 24, 2013
About
I like cheese.

ojensen.net

View Original