1. 1

    Awesome! Now I can impress anyone even more with my l337h4x0r terminal stuff

    1. 13

      Storing my key on the phone… Isn’t that exactly what we don’t want?

      1. 6

        I wouldn’t trust my phone to store secrets. LG patch it only about twice a year. Even Google only patch their phones once a month. And we have not even started talking about intentional backdoors… So for the same reason I don’t (any more) store GPG keys on my phone, I will not store SSH keys on my phone.

        I was wondering, how does the SSH client talk to the phone?

        1. 5

          Your phone (at least for iOS) actually has pretty good secret storage. There was a great talk at BlackHat a few years ago about what Apple does: https://www.youtube.com/watch?v=BLGFriOKz6U

          1. 7

            Yes, also some Android devices have it too (TEE/SE). The thing is that, if the device has none of these, any app with enough privileges could read your keys… just like on your computer.

            I wouldn’t claim my computer to be saver (okay, okay, I actually would) but this “second factor, put all the trust into a corporate controlled, highly connected, often stolen mobile device” doesn’t make anything better.

            Long story short : Use a Smartcard!

            1. 1

              Smartcard++ It offers the convenience of having the keys on the device, while not having the keys on the device (at least on android - I haven’t found a way to do smartcards on iOS)!

              1. 2

                Could you provide a link?

                1. 1

                  OpenKeychain is what I am using along with k-9 mail and Password Store, the auth api is still wip. I should have specified that I am not doing ssh stuff yet, sorry if I got your hopes up! :D

                  1. 2

                    Ah this is the same setup as mine, but I’m using a yubikey neo (with nfc) to read the keys

        1. 7

          I liked the article because it claims that most of the people wouldn’t know what comes but I knew most of the mentioned paradigms already. Now I feel proud and read about Plaid, because that one is really new to me.

          1. 1

            I missed a tag for AI related stuff :(

            1. 6

              I’m very happy to read about this here. I joined lobsters only a short while ago but read it since a month or two before already.

              I wondered what makes the difference to me and this post and it’s comments nicely condensed my thoughts into some well phrased sentences.

              I still read HN, but more as a feed. I typically only skim through the front page headlines and open links that seem to be interesting. Comments are way to messy there. Sure, there might be something interesting hidden in them but it seems better for studying the social interactions of Silicon Valley entrepreneurs then to get much new out of them.

              On lobsters though, I actively look through comments and they really add value. I hope this stays like this.

              1. 2

                PhantomJS was THE tool for headless testing of Javascript applications. It would be sad to lose it completely. Even if Chrome headless seems to be persuasive it is never good to have only one big player as a choice of dependency. I hope a new maintainer will be found and development can go on.

                1. 1

                  Well, from the point of view of ecosystem variety continued survival of SlimerJS which automates Mozilla’s Gecko is more pressing. It is not actually headless but who cares when Xvfb exists; it has very similar API to PhantomJS.

                  The main question for SlimerJS is what happens with each next Mozilla’s XUL-reliance-reduction step.

                  Maybe eventual convergence of everything towards WebDriver protocol with each engine implementing it as well as they implement all the Web APIs (actually quite well, but far from perfectly) and a few engine-independent clients (like Selenium) will end up being an OK situation, though.

                1. 5

                  So what most probably happened is that FileReader.readAsBinaryString() defaults to FileReader.readAsText() since it’s deprecated. At least that is what I saw in Chromium. As soon as I used readAsArrayBuffer the problem went away.