cashew

joined 1 year ago
[–] cashew 2 points 2 months ago (1 children)

Passkeys aren't a full replacement in my opinion, which is what DHH gets wrong. It's a secure, user-friendly alternative to password+MFA. If the device doesn't have a passkey set up you revert to password+MFA.

[–] cashew 11 points 2 months ago (2 children)

It uses asymmetric cryptography. You sign a login request with the locally stored private key and the service verifies the signature with their stored public key. The PIN on your device is used to unlock access to the private key to sign the login request.

[–] cashew 2 points 2 months ago (1 children)

Not as bad from my perception. Though I'm not arguing in favour of cars. I just think mopeds are a strange mobility option to adore. Good public transportation + cycling infrastructure is much more adorable. In the Netherlands, the mopeds are a menace to the safety, quiet, and air quality in cities.

[–] cashew 1 points 2 months ago (1 children)

As you point out, they're not the solution either.

[–] cashew 4 points 2 months ago (6 children)

Yeah I love the smell and sound of a million mopeds. Taiwan is known for its urban serenity.

[–] cashew 5 points 2 months ago (1 children)

What if we fire a missile at it as it reenters to break it up. More pieces, more surface area, more incineration.

[–] cashew 2 points 2 months ago* (last edited 2 months ago)

"Security theatre" is what I've named the contact in my work phone for the call center I have to call every time I accidentally use the "one time password" more than once (because god forbid they implement proper SSO, meaning I have to do a shotgun login run every morning). When I call them all I tell them is my name and that my account is locked.They click a button and we're back. Complete waste of time on everyone's part.

[–] cashew 1 points 3 months ago

Abstractions aren't concrete and all of these standards you're referring to are concrete data serialisations. You may be interested in CUE which captures this concept in its design.

[–] cashew 4 points 3 months ago

You're doing it right by avoiding as much of Gitlab's CI features. I've seen versions where scripts are inlined in the YAML with expressions in random rule fields and pipeline variables thrown all over the place. And don't get me started on their "includes" keyword, it's awful in practice, gives me nightmares.

Then I write a Kubernetes manifest in YAML with JSON schema validation and the heart rate goes down again.

[–] cashew 9 points 3 months ago (2 children)

I agree. You can't just dismiss the problem saying it's "just data represented in vector space" and on the other hand not be able properly censor the models and require AI safety research. If you don't know exactly what's going on inside, you also can't claim that copyright is not being violated.

[–] cashew 8 points 3 months ago (1 children)

Someone should produce two identically named films in the same year and watch IMdB burn while they try to disambiguate them.

[–] cashew 3 points 3 months ago

I think that's just the JPEG compression destroying all detail, so in that lighting now they just look like orange polygons.

view more: ‹ prev next ›