BakedCatboy

@BakedCatboy@lemmy.ml

This is a remote user, information on this page may be incomplete. View at Source ↗

⁨Comment⁩ on ⁨Here are the patents Nintendo and The Pokémon Company are suing Palworld over⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
It would be funny if a legal defense would have been using an n-sided 3d polygon that definitely isn’t a sphere. Is a tetrahedron legally distinct enough? How about a truncated isocohedron? Seems silly for the shape to matter.
⁨Comment⁩ on ⁨[deleted]⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
My retirement account has roughly doubled between Dec 2021 and now, I basically only invest in mutual funds and ETFs with a medium risk, low fees, and high return according to Morningstar ratings (I’m not sure how reliable those metrics are but it’s what shows up when browsing funds on fidelity and it seems to be picking good options so far)
⁨Comment⁩ on ⁨What is a passkey, in practice? Is it a file? A token? Can I keep it in an USB drive? How can I save it in case of device loss?⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:
Oh nice, I completely forgot about the vault export since I’ve never used it. I was expecting to be able to “view” the passkey data when editing an entry like how you can view the password. It’s kind of inscrutable when viewing a single entry currently.
⁨Comment⁩ on ⁨What is a passkey, in practice? Is it a file? A token? Can I keep it in an USB drive? How can I save it in case of device loss?⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:
The key difference is that during normal use, the private key of the passkey doesn’t leave the device (or password manager). The passkey basically comes in 2 parts, the public and private (secret) part. In order to log in, the website presents a cryptographic challenge that is only solvable using your private key - and crucially you can solve the challenge without revealing your private key. An attacker could get your answer to the challenge and still be unable to solve additional challenges without the private part of your passkey.

This of course makes it basically impossible to manually log in using a passkey and a keyboard, without any password manager to do the cryptographic calculations (unless you have a LOT of paper and time), but the security advantage of making it near impossible to be phished is generally regarded as a net positive. In order to steal a passkey there would need to be a vulnerability in the software, since passkeys make it much harder to trick a user into giving it away (since tricking the user into logging in on a fake website doesn’t work due to the aforementioned cryptography, the main way to steal a passkey would be to trick the user into exporting it - which is a much higher bar).
⁨Comment⁩ on ⁨What is a passkey, in practice? Is it a file? A token? Can I keep it in an USB drive? How can I save it in case of device loss?⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:
If you mean the “passkeys” that are becoming popular as a “password replacement”, it’s basically speaking a public private keypair. What makes it more secure is that, under normal conditions (aside from backing up the passkey), the private “secret” part of the keypair never leaves the app or device it’s stored on. It’s only used temporarily to sign messages and prove that you have the secret key, unlike a password which needs to be sent securely to a server to validate.

You could in theory store a backup on a USB drive but since passkeys are new, it highly depends on the password manager you use to store the passkey. Since passkeys are more complex than something you can memorize/type, it has to be stored in a password manager of some sort to be useful, so you would need to check that password manager allows backing up passkeys. There is currently work being done to standardize the formats/protocols to transfer passkeys so it seems this is very much up in the air. For example, I use BitWarden which stores passkeys, but it seems like I can only add or delete passkeys to an entry, not export them. BitWarden does sync your vault to every logged in device though so you could see that as a form of backup. Going one step further, even though BitWarden doesn’t have a passkey export/backup feature yet, the self-hosted server stores all your passwords including passkeys in regular files which can be backed up - although it would probably be hard to use that backup in any other way besides restoring it onto a BitWarden server instance.
⁨Comment⁩ on ⁨Could Linux save my laptop?⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
First I’ll say, if you aren’t able to boot a windows installer off of a flash drive (and nothing’s wrong with your flash drive and you created it without errors and there isn’t a setting in bios preventing you from booting it like disabled USB boot) then it could be a hardware issue that Linux won’t fix (it’s not clear how you tried to reinstall windows). But if you’re able to get to the windows logo or the menu for safe mode then it sounds like it “POSTs” (gets past showing the bios screen) and windows should be reinstallable. In short, I think it’s unlikely to be a problem that only Linux can fix if you want to stick with windows.

That said, if you are otherwise interested in trying Linux and create a USB installer, most will allow you to exit the installer or choose to go into a temporary “live desktop” where nothing is saved, so it’s a good opportunity to try out how that distro feels to use - just don’t save anything important. And if you do end up installing either OS, you can use that “live mode” to use programs to back up any files from your main hard drive to another plugged in drive.
⁨Comment⁩ on ⁨Had to read it 3 times to make sure⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
They seem to just keep getting better and better. When I scratched the lens on my index due to my own carelessness they replaced the headset for free. It’s been 5 years since I bought it and the controller strap broke last week and they sent me a free replacement. Any other company and I would have expected my only option to be buying a new controller.
⁨Comment⁩ on ⁨This Google Photos popup⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
I can’t wait until the immich photo editor gets enabled and hopefully it eventually duplicates all the google photos editor features because that’s the only reason I keep around the google photos app.
⁨Comment⁩ on ⁨We're coming for you⁩ ⁨⁨4⁩ ⁨months⁩ ago⁩:
I’m no expert but what I’ve heard is that there are lots of mosquitoes that don’t bite which are more important for the food chain, but the ones that do bite make up a super small part so if we only eliminated the biting species there would still be plenty of other non-malaria-carrying mosquitoes for the food chain.

At least that’s the theory.
⁨Comment⁩ on ⁨Windows 11 is now automatically enabling OneDrive folder backup without asking permission⁩ ⁨⁨4⁩ ⁨months⁩ ago⁩:
Brb uploading a 5GiB file from /dev/urandom to make sure there isn’t a byte of space left in OneDrive for them to do this to me.
⁨Comment⁩ on ⁨You can’t leave your Steam backlog to someone else in your will⁩ ⁨⁨5⁩ ⁨months⁩ ago⁩:
Not unless the game has an offline mode and you download the depot files and bundle it with a nosteam launcher then leave that to your next of kin.
⁨Comment⁩ on ⁨Those were the days⁩ ⁨⁨6⁩ ⁨months⁩ ago⁩:
I still have some 3gp/3gpp videos recorded on my old slide. What a pain. And I think depending on whether your phone was gsm/CDMA would affect whether it recorded to .3gp or .3g2.
⁨Comment⁩ on ⁨TwitchAdSolutions – Blocking Twitch Ads⁩ ⁨⁨6⁩ ⁨months⁩ ago⁩:
Blocking ads on twitch is rough, but somehow I have never gotten ads when watching on Chromecast (Chromecast ultra without Google TV, no android launcher). Am I the only one? I’ve never seen anyone else mention this but it’s been almost a decade and I’ve lived in multiple states and casting to my Chromecast ultra somehow gets rid of all the ads and it’s never been fixed.
⁨Comment⁩ on ⁨YouTube needs more potato⁩ ⁨⁨7⁩ ⁨months⁩ ago⁩:
Thank goodness it’s in HDR
⁨Comment⁩ on ⁨car insurance⁩ ⁨⁨7⁩ ⁨months⁩ ago⁩:
Damn. I managed to get basic insurance for like $75/mo but it’s one where they require you to install a tracking app on your phone for the first month that gives you a higher rate if you accelerate or brake hard. I just drove like a grandma for a month and uninstalled it after.
⁨Comment⁩ on ⁨car insurance⁩ ⁨⁨7⁩ ⁨months⁩ ago⁩:
I imagine they’re one of those people who just have piles of trash in their car sliding around the floor and probably dashboard too.
⁨Comment⁩ on ⁨New Discord TOS binds you to forced arbitration - Opt-Out Now⁩ ⁨⁨7⁩ ⁨months⁩ ago⁩:
Has anybody made a matrix app that looks like a discord clone? Than sounds easier since the federated rich text chat is already made, the current clients don’t really appeal to the discord crowd.
⁨Comment⁩ on ⁨meow_irl⁩ ⁨⁨7⁩ ⁨months⁩ ago⁩:
This was our cat until we started collecting all the toys and putting them in a box every evening and taking them back out in the morning. She gets bored without toys so she just finds a spot to sleep, as a result she now sleeps throughout the entire night.
⁨Comment⁩ on ⁨The Previous Update Broke Our Bot And I Don't Know Why⁩ ⁨⁨8⁩ ⁨months⁩ ago⁩:
I think that’s part of the solution, I skimmed some of the forks and found one that updated the lemmy-js-client to 0.19.2-alpha.3 but they made some code changes too to the authentication code. So maybe trying that fork is worth a shot: github.com/thepaperpilot/BotIt

Last changes were last month on that fork
⁨Comment⁩ on ⁨The Previous Update Broke Our Bot And I Don't Know Why⁩ ⁨⁨8⁩ ⁨months⁩ ago⁩:
Hmm maybe it’s not that simple then. It doesn’t look like the JWT is stored so it’s probably trying to get a new one when started. The other possible culprit would be if you need to use lemmy-js-library with a major version matching the Lemmy server version.

Assuming the server updated to 0.19.0, the version used by the bot is 0.18.0. You would just need to edit package.json so that the lemmy-js-client line reads:

“lemmy-js-client”: “^0.19.0”,

Then running npm install or yarn install (or whatever command you used to install dependencies previously)
⁨Comment⁩ on ⁨The Previous Update Broke Our Bot And I Don't Know Why⁩ ⁨⁨8⁩ ⁨months⁩ ago⁩:
Just a shot in the dark but I’ve seen some people say something about one of the updates logging out accounts as a security measure. Assuming the recent updates didn’t change auth stuff, maybe it’s possible that it just needs to refresh the token? A glance at the code looks like it will keep trying to use the same JWT as long as it’s still valid, and fall back to getting a new JWT using username/password. So deleting the JWT would make it get a new one. (Iirc JWTs have an embedded expiration, but the server can invalidate it so the bot code could in theory not know that the server can invalidate it)

Assuming you’re getting the incorrect login error from Lemmy. Idk maybe I’m way off base with my guess.
⁨Comment⁩ on ⁨Amazon "search through reviews" is blindly just running an AI model now⁩ ⁨⁨8⁩ ⁨months⁩ ago⁩:
For me (android, US) I had to change the search a couple times for it to start giving AI answers. I assume that’s to save queries by only using AI when someone isn’t happy with the search results.
⁨Comment⁩ on ⁨Amazon "search through reviews" is blindly just running an AI model now⁩ ⁨⁨8⁩ ⁨months⁩ ago⁩:
For me (in the app) it only starts generating AI answers if I change the question a couple times. Presumably that’s to save costs on the AI by just trying a dumb search first and resorting to AI if the user keeps searching.
⁨Comment⁩ on ⁨Amazon pricing makes no sense.⁩ ⁨⁨9⁩ ⁨months⁩ ago⁩:
I think they do this to game people who use the “rebuy” button without shopping around again. Several times I’ve bought a consumable and when I go back, the exact listing j bought from has doubled in price while many other listings are normal. That’s why I never use the “buy again” section, and if I can afford to wait I’ll find a lower or comparable price on eBay, and hope they aren’t just drop shipping me from a cheaper listing that I didn’t find on Amazon.
⁨Comment⁩ on ⁨Mbin is a fork of kbin: a decentralized content aggregator running on the Fediverse network⁩ ⁨⁨10⁩ ⁨months⁩ ago⁩:
I think that text is from melroy, so according to him. From seeing his interactions in the kbin issue tracker I get somewhat of an egotistical impression of him, because he would often take an issue that has just been opened and not triaged or discussed what the best fix is, and he would open a PR with how he thinks it should be fixed, and it sounds like his frustration is that his hasty PRs weren’t getting merged quickly because people wanted to come to a consensus.

Maybe I’m just reading into it but it felt like he just wanted his name on something and it wasn’t happening with kbin.