• 1 Post
  • 15 Comments
Joined 1 year ago
cake
Cake day: June 29th, 2023

help-circle
  • I think they vastly underestimate how many things Meta tracks besides ad tracking. They’re likely tracking how long you look at a given post in your feed and will use that to rank similar posts higher. They know your location, what wifi network you’re on and will use that to make assumptions based on others on the same network and/or in the same location. They know what times you’re browsing at and can correlate that with what’s trending in the area at those times, etc.

    I have no doubt that their algorithm is biased towards all that crap, but these kinds of investigations need to be more informed in order for them to be useful.









  • Using a password manager I’d have to copy-paste or remember each password. Not all have a web interface.

    Then pick one that has a web interface or a CLI, Bitwarden has both and is free. KeePass databases can be hosted on your NAS and accessed to CLI tools. There are plenty of options. Or use passphrases (which are just as good as—or better than—complex passwords) and just type them? I use Bitwarden for literally each and every password/lock code/PIN that I have, and I have plenty of Pis and other things that don’t let me easily log into Bitwarden, but finding “Excentric4-Waxing-Adopted-Giraffe” on one device, and typing it in another really isn’t much of a hassle. (Also, why not just SSH into your Pis? Then you only need to worry about accessing a password manager on the machine you’re opening the SSH connection from.)

    From the comments on this post it seems that you’re mostly looking for validation of the idea you originally had rather than actual feedback on how secure that idea is. You’re obviously free to manage your passwords exactly as you want, but this idea of a “base password” is objectively less secure than the alternative put forward by many people in these comments, namely to use the Yubikey to log into a good password manager that then handles all the different (completely unique) passwords.

    There are always instances where doing things the best and most secure way is more cumbersome, and it’s up to you to decide if you want all of your passwords to be poor (and difficult to change, in this case) just because you occasionally need to log into something that doesn’t neatly integrate with a password manager.


  • Why not use the Yubikey for the master password on a KeePass DB (or another password manager) and then use actual different passwords—not just prefixed ones—saved in said password manager for your logins?

    It doesn’t matter if your base password is a 255 character high-entropy annoying-to-type-manually-on-a-phone-keyboard or a 16 character string of alphanumeric characters if you reuse it in a slightly predictable manner. For it to be somewhat secure, the prefix would have to be completely random, which kinda defeats the idea of you being able to remember them. A “base password” is, to be frank, only one small step up from using the same password everywhere.

    And as someone else pointed out, it makes it very difficult to change passwords, which also should be a huge red flag.

    Take a look at the leaks on Have I Been Pwned and see how many of them include either clear text passwords or extremely weakly hashed (perhaps even unsalted) passwords. If you show up in just one or two of those, then you’re in a significantly worse position than you would be had you just used different passwords.



  • After reading the article, I’m confused about how it works. Guinea worms are parasites that you get infected with from bad water sources. Unless you eradicate the source (e.g. the worms themselves), can you really say that you’ve eradicated the disease? Even if we go a decade without any human contracting it, it’s no harder for someone to contract it by drinking contaminated water than it is today. It’s not like a viral disease, that simply stops existing if infection numbers drop to 0 for a while.

    That being said, it’s great that numbers are as low as they are. Education and better water infrastructure is helping.


  • Did you read the article? She’s not saying that she didn’t know that measles are dangerous, she’s saying that she thinks people would vaccinate more and sooner if they knew the potential delayed effects of measles. Her son died 4 years after catching it and he wasn’t vaccinated at 2 because he was on a delayed vaccination program (it doesn’t say why). It’s a super tragic story really and it doesn’t seem like she’s anti-vax or anything like it, quite the opposite.