gchristensen changed the topic of #nixos-chat to: NixOS but much less topical || https://logs.nix.samueldr.com/nixos-chat
jtojnar has joined #nixos-chat
drakonis has quit [Ping timeout: 276 seconds]
drakonis has joined #nixos-chat
<infinisil> Oh my god, reddit screw you
<qyliss> mm?
<infinisil> I typed a really long comment, like about 20 lines, click the confirm button, and boom
<infinisil> It's fucking gone
<qyliss> yikes
<infinisil> I spend like 20 minutes for it to be as well thought-out as possible
<infinisil> s/spend/spent
<infinisil> Probably one of the most untrustworthy "password manager"s I've seen in a while, especially after the comment by the author
<infinisil> "First... don't confuse encryption with hashing. The tokens are hashed on the server side (1 way algorithm - no key). Encrypting your data serverside is no good compared to hashing because a key has to exist somewhere."
<samueldr> I first read rspectful
<infinisil> ?????
<samueldr> respectful*
<qyliss> what
<infinisil> This person clearly has no idea about security and should not be providing such a service
<gchristensen> this is wild
<infinisil> samueldr: Yeah I did too at the start..
<samueldr> sdhsiuhguh984hfg9hunter2sd9orgfhdruijdgh9088r4hg4
<samueldr> is it the scheme?
<qyliss> this... does not look like something worth a 20 line comment ot me :P
<samueldr> but... someone was wrong... ON THE INTERNET!
<infinisil> qyliss: When I started writing nobody commented yet and it had 95% upvotes for some reason..
<infinisil> samueldr: This is why this is concerning ^
<samueldr> though, only read rootVIII's comment, is what I typed earlier about the gist of the scheme?
<samueldr> right
<samueldr> it's... insane?
<infinisil> Oh wait, my comment is there!
<infinisil> No idea why it didn't display earlier
<samueldr> eventual consistency
<samueldr> an annoying concept for end users :)
<samueldr> you're so charitable
<samueldr> "backups"
<infinisil> :P
<samueldr> oof, they have a video on their webpage https://www.youtube.com/watch?v=eqpNbmsJ02I&feature=youtu.be
<samueldr> you clearly see the owner's e-mail address and token/secret pair
<gchristensen> "in a datacenter" so charitable
<samueldr> well, cloud is so cheap and so much easier to do than running locally
<infinisil> samueldr: Oh god, really..
<infinisil> samueldr: Ah, well it doesn't matter, an api token/secret pair can only store one secret blob anyways
<infinisil> For another one I think you need a new api token/secret pain
<infinisil> pair
* samueldr doesn't really grok the concept then
<samueldr> but mostly because I didn't spend that much time reading :)
<gchristensen> this is weird
<infinisil> How the hell was this upvoted by 93% of people, I don't get it
<samueldr> why do you say 93%?
<gchristensen> colleyloyejames@gmail.com -> james colley murdered his wife?
<infinisil> samueldr: It shows at the top right for me at least in the old design, maybe the redesigned removed that
<samueldr> sure it's not RES?
<samueldr> I'm on old reddit
<samueldr> oh right
<samueldr> I'm dumb
<samueldr> it's there
<infinisil> :)
<samueldr> all the way across the screen
* samueldr almost never checks scores
<samueldr> they replied
<infinisil> This is even more surprising because /r/programming is known for so many people downvoting things (just sort by new and check scores)
<infinisil> I guess it's not that bad, just checked
<infinisil> Well, kinda
drakonis has quit [Ping timeout: 257 seconds]
drakonis has joined #nixos-chat
drakonis_ has joined #nixos-chat
drakonis has quit [Ping timeout: 252 seconds]
jasongrossman has quit [Quit: ERC (IRC client for Emacs 26.2)]
<infinisil> "How do you go about "encrypting" your database LOL...​ from that comment alone I can tell that you do not have much experience in this field ​Database entries are HASHED not encrypted dude"
jasongrossman has joined #nixos-chat
* samueldr uses logs.nix.samueldr.com as password manager 2ab96390c7dbe3439de74d0c9b0b1767
<samueldr> interesting to search google for that hash
<infinisil> Very smart of you to use hashing, nobody can read the password like that!
<infinisil> Haha
<infinisil> I only see ******
jtojnar has quit [Ping timeout: 258 seconds]
<infinisil> Update: The reddit post got taken down because it's got nothing to do with programming and author deleted their account
drakonis1 has quit [Quit: WeeChat 2.4]
endformationage has quit [Quit: WeeChat 2.4]
Myhlamaeus has quit [Ping timeout: 276 seconds]
jasongrossman has quit [Remote host closed the connection]
<qyliss> what a ride that was
<makefu> infinisil: you surely archive.org'ed the link, right , right?
<infinisil> makefu: The website is still online, and so is the reddit post https://www.reddit.com/r/programming/comments/bk1cxv/a_free_restful_passwordblob_manager/
<makefu> i see!
<joepie91> [02:12] <infinisil> It's fucking gone
<joepie91> recommendation: Lazarus Form Recovery
<joepie91> browser extension that auto-saves textarea content
<joepie91> (locally)
<joepie91> so if something goes bork, you can just recover your draft
<infinisil> Nice
<qyliss> oh that's awesome
<qyliss> I was thinking last night "there's gotta be a browser extension for that"
jasongrossman has joined #nixos-chat
<makefu> seems like lazarus form recovery is dead as well, i will try out https://greasyfork.org/en/scripts/4915-textarea-backup-with-expiry for firefox
__monty__ has joined #nixos-chat
<srhb> So I want to be able to mount (in userspace) a directory of secrets temporarily for a number of people. Any nice solutions?
pie_ has quit [Ping timeout: 246 seconds]
<__monty__> What are you looking for other than a bind mount?
<srhb> Ah, sorry, should have been clearer -- something that's also a networked file system.
<__monty__> And sshfs isn't sufficient?
<srhb> I guess it might indeed be.
<srhb> I'm not being overly critical here, just trying to gather what's the usual solution for something like this.
emily has quit [Remote host closed the connection]
emily has joined #nixos-chat
pie_ has joined #nixos-chat
pie___ has joined #nixos-chat
pie_ has quit [Ping timeout: 246 seconds]
<elvishjerricco> srhb: As in there is a server with a directory of files, to which you want to temporarily grant access to a group of people?
<tilpner> lorri eats all my cpu :(
<gchristensen> srhb: sounds kind of weird
<gchristensen> srhb:http://square.github.io/keywhiz/
<gchristensen> https://github.com/asteris-llc/vaultfs apparently not so weird :P
{^_^} has quit [Remote host closed the connection]
{^_^} has joined #nixos-chat
waleee has joined #nixos-chat
<srhb> gchristensen: :-P
<srhb> Or I'm just in company of more weird people.
jasongrossman has quit [Ping timeout: 245 seconds]
waleee has quit [Quit: WeeChat 2.4]
jasongrossman has joined #nixos-chat
emily has quit [Quit: Updating details, brb]
emily has joined #nixos-chat
endformationage has joined #nixos-chat
zimbatm has quit []
zimbatm has joined #nixos-chat
endformationage has quit [Ping timeout: 258 seconds]
<gchristensen> wow, what a world we live in
<gchristensen> Pornhub wants to buy Tumblr, and I think that would be a good outcome for the weirdo community
<infinisil> Haha nice
<makefu> hahaha awesome
pie___ has quit [Ping timeout: 255 seconds]
<ar> gchristensen: i guess that would mean the porn ban would get reverted?
<joepie91> gchristensen: wait, are you serious?
<gchristensen> I imagine so :)
<gchristensen> the question should be, is pornhub serious, and they say yes
* joepie91 is not sure how he feels about that
<gchristensen> I feel more confidant in the scruples of pronhub than the scruples of Verizon ...
<clever> lol
<joepie91> well, I dunno. pornhub is mindgeek
<sphalerite> +1
<joepie91> which doesn't exactly have the most stellar reputation in terms of scruples
<gchristensen> yeah but on the other hand you have Verizon
<joepie91> sure
<joepie91> https://techcrunch.com/2019/05/02/porns-secret-monopoly/ seems to address some of the concerns around mindgeek
<joepie91> there's also https://news.ycombinator.com/item?id=12855416 (linked via HN for context)
<joepie91> err...
<joepie91> oh yeah, it's still there. comment #58
<{^_^}> https://github.com/NixOS/nixpkgs/issues/58 (by chaoflow, 6 years ago, closed): matplotlib install fails to create pth file
<joepie91> not that 58 :)
drakonis has joined #nixos-chat
<joepie91> the tl;dr is that a mindgeek employee was trying to get a websocket blocking API (needed by adblockers) killed off, by making bad-faith arguments about "security"
<joepie91> (they were actively using this lack of blocking API to deliver ads via websockets at the time, bypassing adblockers)
<joepie91> so yeah, I'm not sure which is going to be the lesser evil in this situation
<joepie91> the company that's ejecting the vulnerable people from the community, or the company that's exploiting the vulnerable people for their own benefit
drakonis_ has quit [Ping timeout: 250 seconds]
<gchristensen> yeah, not sure that websocket example is very compelling given VZ's power overall
jtojnar has joined #nixos-chat
drakonis has quit [Ping timeout: 252 seconds]
<joepie91> I'm just providing it as an insight into the ethics of the company
<gchristensen> yeah I won't say either of them are ethically great
<gchristensen> or great in any fashion
<gchristensen> or even good
<gchristensen> and yet, here I am, feeling like tumblr in the hands of pornhub is likely a better home than Verizon Media Group, a.k.a Oath
<simpson> Alignment of incentives.
<simpson> And it's not like it's a different business; Pornhub owns and operates their own adtech, and are effectively a "media group".
<infinisil> Remember when I said it's impossible to download older macOS versions yesterday or so?
<samueldr> sure
<infinisil> Well it's actually not impossible. All you need is an apple developer lincese for $99/year!
<joepie91> gchristensen: I'm not saying that it is definitively worse, to be clear - just that I'm not sure it'll be better :)
<infinisil> I am lucky enough to still have a High Sierra installer downloaded from some time back
<infinisil> Which at least lets me work around the nixpkgs problems with mojave
<infinisil> (See #42719, have been fixed, but I need nixpkgs versions that are older than that fix)
<{^_^}> https://github.com/NixOS/nixpkgs/issues/42719 (by kirelagin, 44 weeks ago, closed): macOS 10.14 Mojave
<__monty__> infinisil: Or you can torrent them.
qyliss^work has quit [Quit: bye]
qyliss^work has joined #nixos-chat
Myhlamaeus has joined #nixos-chat
<infinisil> Ah yeah that would be a possibility, if I can find one
MichaelRaskin has joined #nixos-chat
jackdk has quit [Ping timeout: 258 seconds]
__monty__ has quit [Quit: leaving]
ctp has quit [*.net *.split]
cocreature has quit [*.net *.split]
nh2 has quit [*.net *.split]
vdemeester has quit [*.net *.split]
flokli has quit [*.net *.split]
srk has quit [Ping timeout: 250 seconds]
joepie91 has quit [*.net *.split]
Irenes has quit [*.net *.split]
lejonet has quit [*.net *.split]
NinjaTrappeur has quit [*.net *.split]
srk has joined #nixos-chat
<samueldr> neat! if you have an hexadecimal code in the clipboard, and paste using ctrl+v in inkscape, it'll change the fill colour to that colour
zenobit has joined #nixos-chat
zenobit has quit [Quit: http://www.kiwiirc.com/ - A hand crafted IRC client]
vdemeester has joined #nixos-chat
ctp has joined #nixos-chat
cocreature has joined #nixos-chat
nh2 has joined #nixos-chat
Irenes has joined #nixos-chat
lejonet has joined #nixos-chat
NinjaTrappeur has joined #nixos-chat
drakonis has joined #nixos-chat
jtojnar has quit [Remote host closed the connection]
jtojnar has joined #nixos-chat
pie_ has joined #nixos-chat
nocent has quit [Ping timeout: 264 seconds]
<gchristensen> nice!
endformationage has joined #nixos-chat
<pie_> package things easier with this one weird trick: look at AUR
* pie_ mistypes libXcursor as lobXcursor
* pie_ accidentally starts throwing mouse pointers
<pie_> SIGMOUSEINFACE
<samueldr> SIGMUNDFREUD
<pie_> samueldr, lol
<pie_> samueldr, i am amused
<samueldr> sometimes, a pipe is only a pipe
<pie_> ither times its a monkey handing you the rest of the forest
flokli has joined #nixos-chat
<gchristensen> SIGPIPE?
<pie_> infinisil, i still havent quite figured out if you made the bot or what but ,locate is great thanks man
<gchristensen> infinisil did make that :)
<gchristensen> infinisil made all the cool parts of the bot
<pie_> :3
<infinisil> :P