-
I started using KeePassX several years ago because I needed cross-platform compatibility. It requires more manual work than other options and I don’t have it sync’d with mobile. However, it is also reliable enough to discourage me from switching.
-
After a few years of using KeePassX I switched to KeePassXC and I’m glad I did. Nearly the same thing but better (eg. TOTP, UI/UX improvements).
It started as a community fork because development on KeePassX was too slow, take a trip to https://github.com/keepassxreboot/keepassxc/issues/43 for the details.
-
-
-
L-P
1 year ago
|
link
| on:
EteSync: End-to-end encrypted and journaled contacts and calendar synchronization for Android
I don’t understand what this does and why I should need it.
I have a Radicale server that only responds to HTTPS, the data rests on an encrypted disk. What am I missing?
-
-
I was sick last week so I only had time for a single Ansible role: ansible-role-syncthing. I’m feeling better but I’m no longer unemployed so I won’t have time to finish my go file browser.
I still need to find an lightweight encrypted remote backup software.
-
Is tarsnap an option? It’s a paid service, but it’s cheap. Very very very cheap.
-
-
-
-
Camlistore? Or is that too heavy?
-
-
-
After finishing ansible-role-acmetool (still a little rough but works fine on Ubuntu amd64/arm now) and throwing in ansible-role-murmur for fun, I will need to find an encrypted incremental backup system that works when the remote runs an ARM port of Ubuntu (fewer packages and I don’t intend to compile anything).
To pass time (yay, unemployment) I’m rewriting my shoddy PHP file browser (woland) in Go to keep learning the language.
Progress is slow but I expect a first working release in a week or two.
According to my usual naming scheme, this one will be called Thanedd.I am also adjusting myself to using Android without gapps. The worst part for now is the broken GPS and that UnifiedNLP won’t work.
-
-
Getting acmetool to work on Ubuntu 16.04 ARM.
Acmetool is nice because it solves the chicken/egg problem with setting up LetsEncrypt and Nginx. Nginx won’t run if it does not have its certificates but it needs to be running to serve the challenges on port 80.
Acmetool can act as a “redirector”, it serves the certificates on :80 and redirects everything else on :443.
When I get the Ansible role working and it’s pretty enough, I’ll release it.
-
- Novels: How to lie with statistics and the Harry Potter Series
- Technical Books: The Swift Programming Language
-
You’ll love HPMOR then. That book made the whole HP series worth reading.
-
-
Among the pieces of evidence that Google suggests the Trust API could use are some obvious biometric indicators, such as your face shape and voice pattern, as well as some less obvious ones: how you move, how you type and how you swipe on the screen. With the service continually running in the background of the phone, it can keep track of whether those indicators match how it knows you use your phone.
No.
I’ll stay with good old passwords and possession-based MFA, thanks.
-
Did anyone tell Google that biometrics remove consent?
-
-
Same. Ever since I heard of this I have had a hard time understanding why anyone thinks this is a good idea.
-
-
Kill it with fire.
-
-
-
That kind of comment is not helpful or productive. This represents a really impressive amount of engineering, and is fascinating in that sense, if nothing else. But behind that, it’s not inherently that different from what Emscripten is doing, and that has already demonstrated some really fascinating use cases. One I can imagine here would be allowing Node to directly consume Java libraries, for example. It might also provide an interesting venue for companies like JetBrains to begin leaving the JVM.
I like Lobsters in part because we’re generally a pretty technically minded community that can appreciate cool projects on their own terms. I’d like not to just start axiomatically responding “kill it with fire” just because it’s a technology we aren’t super enthusiastic about.
-
This represents a really impressive amount of engineering, and is fascinating in that sense, if nothing else.
Yes, I agree completely with that. Definitely a lot of effort went into this. People put a lot of effort into all kinds of misguided projects all the time. So, ‘A+’ for effort.
that can appreciate cool projects on their own terms
And people should be able to not appreciate it on their own terms as well. Behind those four words is almost two decades of software experience. If you think it’s a great idea, that’s great, go ahead and make some software with it. I will not be using it.
Edit: To be clear, kinda like Trump, had I known anyone would take it seriously I probably would have said something other than “Kill it with fire.”
Edit2: An Emscripten for Java might be useful to someone, but given that they show direct loading of Java code and class files, this does not appear to be anything like it.
-
-
Why is a VM in a VM a bad idea? The paper itself shows a slowdown of up to 42x.
Generally speaking, even Emscripten isn’t a super great idea. I can’t think of a single program I use that uses it. The only time I’ve used it is to have 30 seconds of fun toying with Quake in the browser.
Why is it that every time computers get faster and get more resources that suddenly people appear out of the woodworks determined to undermine those hard-won gains? Is it some sort of conspiracy to get people to buy a new machine every year? Go do something useful like targeting WebAssembly instead.
-
-
-
An impressive amount of engineering aimed at destroying humanity.
-
-
-
Welcome to the Internet of Shit.
-
-
The discussion on HN : https://news.ycombinator.com/item?id=9054627
TL;DR : “There is a standard change log format” and http://xkcd.com/927/
-
For me the biggest offender is one of the .ohmyzsh scripts that i’m toying with right now. It supposed to show the git-branch in the prompt but for large repos with lots of history this is unbearably slow (even on ssd). Takes ~1second.
-
You should see what it’s doing. I have the same thing but customized it for speed. It supports hg and git, only executes when in certain subdirectories.
showBranch(){ if [$(pwd | grep "src|work|lib") != ""]; then git branch --no-color 2> /dev/null | sed -e '/^[^*]/d' -e 's/* \(.*\)/±\1/' | tr "\n" ' ' hg branch 2> /dev/null | sed -e 's/\(.*\)/☿\1 /' fi }edit: that’s for bash btw, not sure if zsh requires edits.
-
-
-
Since everyone already posted a ton of shells, editors, and everything else, I’d like to emphasize the utility of git while developing locally. Loads of my co-workers only touch git to push code, but it’s such a fantastic tool while writing code. I continuously check my
git diffto keep perspective on what I’ve written so far, and review myself as I move forward. Usually I write some code, review the diff, andgit addonce I have it the way I like.Every so often I check
git diff --staged, to review all the changes I’ve made, and commit once I’m solid on that work. I try to commit everything I’ve done that’s essentially finished by the end of every day, only leaving the stuff that is definitely not ready uncommitted. Since it’s all local, this doesn’t bother anyone else.git add -pis essential for staging things piece by piece.Reminding myself what I’ve already done, and reviewing my own diffs continuously helps me write better code, and feel like I always know where I am. When mucking around in huge projects it’s easy to forget what you’ve touched, unless you check your diffs often!
A pad of paper is also extremely useful, to map out whatever code you are working with. I like to keep small notes of what classes or methods do, especially interesting or unexpected characteristics, so I can quickly reference those notes while reading other code. Visually mapping out the relationships between modules/classes/functions is also useful to me, so I can easily see where a bit of code fits in to the big picture.
Basically, I really don’t like the feeling that I’m forgetting something.
-
I spend more time reading my diffs than writing code. I even
git showafter commiting just to be sure.
Sometimes, a quick glance at a diff without context and pretty colors help you spot mistakes.git,vimandi3are the three things I need to work efficiently andgitis not the least of them. -
I’m quite fond of using Git to keep things in perspective as well. I found
git stash -kto be a really helpful tool while doing that – it essentially stashes all changes except the ones you’ve staged. This is very useful for testing code that I’d like to partially commit (i.e. things I’ve staged withgit add -p) just to make sure I didn’t forget to stage an important dependency of the soon-to-be-commited code.
-
-
GPG definitely needs a proper CLI. This blog post is way too long for something that needs to be trivial to do.
Is there any good GPG wrapper out there? A simple, easily auditable bash script should do the trick. I wonder why I never came across one…
-
keybase.io is such a thing, or at least that’s the hope. It’s a challenge because they’re trying to do multiple things: simplifying keysigning/web-of-trust, simplifying encryption/decryption commands while making this all web-accessible but still allowing for the command line frontends you’re talking about.
you should take a gander, it’s a novel idea but it loses the subtlety that this article describes. Subkeys are a complicated idea, heck, even per-machine ssh keys are still complicated enough that gitolite devotes an entire part of its manual to ‘ssh basics’. i don’t think it’s any surprise that subkeys in ssh are even more nuanced to the point of seeming opaque.
gpgtools for the mac is a good stab at a frontend, but there’s so many nuances and religious decisions that go into “informed gpg usage” that it’s almost worth thinking about whether a frontend could satisfy them all. that’s sorta a cop-out, but i don’t think the lack of a good frontend (even on the command line) is for lack of trying.
-
-
If a web page executes non free code, how are you able to audit it?
By reading it?
-
-
So nobody is going to minify ease.js? Of course they will, it’d be silly not to. So I’m going to go to a website, click around for the link to the unminified js, download it and minify it myself, and then compare to the minified version they’re serving? At this point it seems a little too late. My browser is already running their code; any unpleasantries in it have already done whatever they’re going to do.
-
-
-
Interesting. 6 years later that’s still a pretty good list. Maybe missing GoLang, today.
-
-
The title:
Which first language is best for learning programming techniques? The argument: […] knowing C on Linux will help you to understand the basic principles of computing architectures.
There’s some kind of a mismatch here.
Unless you work with some low-level language, programming and code design has little to do with the underlying architecture.
-
-
I’m not sure about utilizing someone’s death… Aaron Swartz does not have much to do with all this and if you remove mentions of him from the webpage, there is a clear lack of content.
-
I like weekly threads, they build a semblance of community.
I set up a Dokku / postgres box and migrated all my stuff over from supervisor / SQLite this past weekend. There’s a bunch of miscellaneous cleanup stuff left.
I want to get back to contributing to Rust once I finish up writing the tests for autojump.
-
Yes, please let’s make this a tradition, asking “what are you working on this week”. It’s like a coarse-grained twitter for programmers and open-source projects.
I’m on vacation, but contemplating moving a project from sockets to zeromq (https://github.com/vjoel/tupelo) and writing a talk proposal for MountainWest Ruby Conf (http://mtnwestrubyconf.org).
-
-
Thanks for the tip. A little put off by “WARNING: nanomsg is still in alpha stage!”. Nanomsg has been mentioned twice before on lobste.rs, but without discussion:
https://lobste.rs/s/buukh6/nanomsg_mit-licensed_zeromq_alternative https://lobste.rs/s/9lmnfh/gettings_started_with_nanomsg_examples_in_c
I will start a new thread asking for comments on nanomsg vs zeromq.
-
-
-
-
-
I’m the current lead dev/sysops of a young company in Paris XIXème (profitable, not VC-funded) and we’re looking for people willing to work on Symfony and Vue.js.
If you know your way around a shell and the devops way of life (AWS, Terraform, Ansible) that’d be great.
If you want more info (in French).