How is everyone finding GitHub CoPilot? 🤔 Good / Bad ? 🤔
@lyse@lyse.isobeef.org Always admire where you live 😍
Is FreeOTP any good? 🤔
@shreyan@twtxt.net Yeah gokrazy is pretty cool 👌
@yakumo_izuru@tsuki.chaotic.ninja Just don’t enable it? 🤔 It’s feature gated.
@yakumo_izuru@tsuki.chaotic.ninja Okay okay 🤣 Are you able to contribute in this at all and help cut some code? 🙏
@eapl.me@eapl.me This is actually pretty cool 🤔
@movq@www.uninformativ.de That is pretty cool 😍
@osnews@feeds.twtxt.net Hah did not know this 😆 But am also not surprised 🤣
@yakumo_izuru@tsuki.chaotic.ninja Which issue in particular? 🤔 The API one?
@cncf@feeds.twtxt.net How about less complexity?! 🤣
@shreyan@twtxt.net It still buggy as hell but I’ll get it working and all the bugs fixed 😆
Huh hey @lumen@tw.lumen.pink I didn’t even notice you run a Yarn pod 👌 Whot! 🥳
@mckinley@twtxt.net Nope.
And done! prologic/objects: Objects is an object storage server (using a directory as backend) with a AWS S3 compatible API written in Go. - objects - Mills 🥳 Simple, but it works, anda very lightweight! 👌
Time to write my own S3-compatible Object Storage server 🤣
@movq@www.uninformativ.de I mean yeah I totally get that syncing the TOTP seeds is a horrible idea. It defeats the point of a second factor and “something you have”. 🤦♂️
@abucci@anthony.buc.ci Can you recommend one?
Of course, never ever use Google Authenticator. All it does is generate TOTP and HOTP codes, which you can do with any OTP app, preferably an open source one that’s been vetted.
I’ve been using Google Authenticator for years, but it never had this “sync” feature until recently 🤦♂️
Also kind of curious how syncing to Google servers made this attack worse? Not that clear from the article 🤔
Wow !!! 😱 Those sneaky little shitheads!!! Google are unconspicious lying sons of notches 😢 When da fuq did they sneak this feature in?! I didn’t even notice this was a thing from a recent upgrade of the app (Authenticator) 🤦♂️
@darch Yup 😅
@darch@neotxt.dk It’s called “test in prod”™ 😅
@lumen@tw.lumen.pink Hey! 👋 Welcome back! 👌
yarnd
password change function is insecure by design and should be fixed 🤔
@lumen@tw.lumen.pink Ahh good to know, so less likely to worry about 👌 (hijacking sessions that is)
yarnd
password change function is insecure by design and should be fixed 🤔
@mckinley@twtxt.net Agreed!
@lyse@lyse.isobeef.org 500 Internal Server Error for me 😢
@lyse@lyse.isobeef.org Oh wow that’s such a lovely shot! 👌
@abucci@anthony.buc.ci Time to build a modern NNTP with a decent interface? 🤔
@jan6@twtxt.net Welcome back 🤣
yarnd
password change function is insecure by design and should be fixed 🤔
@lyse@lyse.isobeef.org Yeah true! Um not even sure how realistic hijacking’s a session really is? 🤔
@xavavu@twtxt.net Cool 👌
yarnd
password change function is insecure by design and should be fixed 🤔
@lyse@lyse.isobeef.org Well basically if you try to reset your password today, it assumes you are a) logged in and b) you are who you say you are. There is no verification of your old password, no identify verification. So if somehow someone managed to hijack your session or something…
@xavavu@twtxt.net It sure does 👌 Also I haven’t seen you around here before, welcome to my pod 🤗
@bender@twtxt.net I have to agree actually from a use ability perspective 😍
Hmm noting that yarnd
password change function is insecure by design and should be fixed 🤔
@lyse@lyse.isobeef.org 😱 I would never have guessed that!!!
302
to send me to https://fit.eapl.me/sign_in.php. Why? It also says nothing about what it is. Finally, my phone does all that, and more, automatically; why would I come to the web to record anything?
It sync via Bluetooth to my iPhone
302
to send me to https://fit.eapl.me/sign_in.php. Why? It also says nothing about what it is. Finally, my phone does all that, and more, automatically; why would I come to the web to record anything?
I use Apple Watch and it record things like this automatically and so much more!
302
to send me to https://fit.eapl.me/sign_in.php. Why? It also says nothing about what it is. Finally, my phone does all that, and more, automatically; why would I come to the web to record anything?
@lyse@lyse.isobeef.org fruit platter? 🤔
@eapl.me@eapl.me Got a demo of what this is like to use? 🤔
@lyse@lyse.isobeef.org Very nice colors 👌
@lyse@lyse.isobeef.org Sometimes I tend to think we “do too much”in templates and templating engines. I honestly think all “logic” should be done in Go, and templates should be nothing more than variable “fill-ins”. 😅
grep -rin foo
I just typed rm -rf foo
. What the heck, brain!? O_o Luckily, I just caught it before hitting Enter.
@lyse@lyse.isobeef.org I’m just saying that in my stupidness and blindness, I would have hit NETEr
and went “oh fuck” 😅
grep -rin foo
I just typed rm -rf foo
. What the heck, brain!? O_o Luckily, I just caught it before hitting Enter.
I would have pressed ENTER
🤣
@eapl.me@eapl.me Yeah it’s an interesting idea for sure. I mean you’re basically trying to eliminate the need for passwords as such right? 🤔
@abucci@anthony.buc.ci Half a century you say eh?! 🤣 Happy birthday ya ‘ol fart 😅 That’ll be me in ~8 years 🤦♂️
@lyse@lyse.isobeef.org I haven’t found a better Go templating engine tbh, I’ve just gotten used to the one in the std lib 😅