Hacker News: reginald78

New comment by reginald78 in "Emailing a one-time code is worse than passwords"

reginald78 — Thu, 07 Aug 2025 16:06:24 +0000

Yes, we've seen you repeat that we have to read it again. I reread this morning before the post, but really just found more things supporting my position.

> To be very honest here, you risk having KeePassXC blocked by relying parties (similar to #10406).

From the linked https://github.com/keepassxreboot/keepassxc/issues/10406 > | no signed stamp of approval from on high > see above. Once certification and attestation goes live, there will be a minimum functional and security bar for providers.

> | RP's blocking arbitrary AAGUIDs doesn't seem like a thing that's going to happen or that can even make a difference > It does happen and will continue to happen because of non-spec compliant implementations and authenticators with poor security posture.

Is your argument that despite being doused with gasoline I can't complain because I'm not currently on fire?

New comment by reginald78 in "Emailing a one-time code is worse than passwords"

reginald78 — Thu, 07 Aug 2025 12:46:40 +0000

Even with the current flimsy "What about iPhones?" defense against attestation, is there anything stopping say Microsoft from just forcing you to install a different app to use Microsoft services?

New comment by reginald78 in "Emailing a one-time code is worse than passwords"

reginald78 — Thu, 07 Aug 2025 12:43:10 +0000

Well, having your passkey provider blocked for doing that might stop you.

https://github.com/keepassxreboot/keepassxc/issues/10407

Of course, they might just block you for not being on a whitelist of approved providers anyway.

New comment by reginald78 in "Emailing a one-time code is worse than passwords"

reginald78 — Thu, 07 Aug 2025 12:24:04 +0000

It just wasn't an important consideration, unlike the attestation anti-feature.

New comment by reginald78 in "LLM Inflation"

reginald78 — Wed, 06 Aug 2025 13:47:37 +0000

The important part is the GDP is now increased because of the cost of energy and additional hardware needed expand and then compress the original data. Think of the economic growth all these new hassles provide!

New comment by reginald78 in "Passkeys are just passwords that require a password manager"

reginald78 — Tue, 05 Aug 2025 14:28:20 +0000

> This is only partially true. Nothing in the spec, all up to implementers. At least KeypassXC sure provides a way to access your data: https://github.com/keepassxreboot/keepassxc/issues/10407. Other software behavior may vary.

This thread is one of the guys from FIDO threatening to blacklist keypass for doing just that, using the spec'd passkey attestation feature as the tool to do so. Just because the attestation feature isn't widely used as a weapon just this second doesn't mean that is not the intended endgame, in fact I'd argue the hand was tipped in that very thread.

New comment by reginald78 in "Passkeys are just passwords that require a password manager"

reginald78 — Tue, 05 Aug 2025 14:05:33 +0000

They're probably just trying to not get their implementation blackballed with the attestation feature like one of the FIDO devs immediately threatened to do to keepass: https://github.com/keepassxreboot/keepassxc/issues/10407

I think the dance is all for naught though, they'll end up locked out as non-standard once uptake is high enough IMO.

New comment by reginald78 in "Passkeys are just passwords that require a password manager"

reginald78 — Tue, 05 Aug 2025 13:35:16 +0000

And how long until the attestation feature is used to ban their implementation? The threats have already been made to keepass.

New comment by reginald78 in "Why doctors hate their computers (2018)"

reginald78 — Mon, 04 Aug 2025 12:06:31 +0000

Can't comment on Google specifically but hidden scrollbars mean I often don't realize a dialog has scroll bars until I reach out into the dark edges to find what I hope is there. Microsoft will even harness this as a dark pattern to hide options they don't want you to choose.

Perhaps your dad simply expected to scrollbars to be visible like they initially were.

New comment by reginald78 in "Mastercard deflects blame for NSFW games being taken down"

reginald78 — Mon, 04 Aug 2025 11:55:35 +0000

I've definitely seen them. A quick search shows them available at BestBuy and Walmart at least.

New comment by reginald78 in "Mastercard deflects blame for NSFW games being taken down"

reginald78 — Mon, 04 Aug 2025 11:47:59 +0000

IIRC the rule Mastercard cited was so vague that trying to workaround it almost seemed potentially pointless. It was basically a blanket "we think it makes MasterCard look bad so we end our relationship". Anyway, debit cards are still Visa/mastercard so using them as cash has the same problem. I was thinking they could just use Steam gift cards but since those are often themselves purchased in stores or with credit cards it seems to just push the problem a little further away.

I believe Steam did support bitcoin at one point but decided to end usage over because the price fluctuations made it to unpredictable on their end. Maybe the landscape has changed though.

New comment by reginald78 in "Slow"

reginald78 — Fri, 01 Aug 2025 12:12:35 +0000

There's a youtube channel shadiversity that I haven't watched in awhile. It is mostly about fantasy media and swords but also spends a lot of time on medieval building techniques and clothing. One of the more interesting videos I watched talked about how before and even after saw mills could process and produce different sized boards people would 'grow' them instead by trimming trees to produce long straight narrow branches. There was even a still living example in some English village that some trimmed 100 years ago before the process was completely stopped.

This also reminds me of those Japanese temples where in order to preserve the institutional knowledge of how to rebuild the temple in case of disaster the monks tear it down and rebuild it from scratch every 30-40 years assuring the next generation has experience.

New comment by reginald78 in "NonRAID – fork of unRAID array kernel module"

reginald78 — Wed, 23 Jul 2025 11:38:46 +0000

The silly part is unraid has all the pieces to do this. The btrfs file system which unraid supports for array disks could identify bitrot, and the unraid array supports virtualizing missing disks by essentially reconstructing the disk from parity and all of the other disks. Combining those two would allow rebuilding a rotted file with features already present.

My impression is unraid developers have kind of ignored enhancing the core feature of their product to much. They seem to have put a lot of effort into ZFS support which isn't that easy to integrate as it isn't part of the kernel, when ZFS isn't really the core draw of their product in the first place.

New comment by reginald78 in "What went wrong inside recalled Anker PowerCore 10000 power banks?"

reginald78 — Tue, 22 Jul 2025 11:09:25 +0000

I can only assume our accounts are linked by address and they do the recall notice (at least) by account address. In other words, they aren't linked but kind of are anyway.

New comment by reginald78 in "What will become of the CIA?"

reginald78 — Mon, 21 Jul 2025 19:24:36 +0000

Can't they just go back to selling crack cocaine to fund themselves again?

New comment by reginald78 in "What went wrong inside recalled Anker PowerCore 10000 power banks?"

reginald78 — Mon, 21 Jul 2025 19:20:45 +0000

For some reason I received a recall notice for one of these from Amazon but I don't recognize it and could not find any purchases in my order history. I vaguely recall my wife might have bought something like this years ago as a gift for some one else but our accounts aren't linked.

New comment by reginald78 in "My bank keeps on undermining anti-phishing education"

reginald78 — Thu, 17 Jul 2025 18:06:00 +0000

I read the FAQ on mine and it assures me it is totally safe and the voice cannot be forged. This mechanism was defeated in a hacker movie from the early 90s using a tape recorder but is actually being pushed as state of the art. I can't imagine how this method could ever be safe, even if it were possible to use some kind of advanced detection which would fail any time I had a cold my voice can be recorded and played back in high fidelity!

New comment by reginald78 in "The death of partying in the USA"

reginald78 — Thu, 10 Jul 2025 16:20:08 +0000

I feel like while there were laws against furnishing alcohol to minors and the like, I never really heard of some one's parents getting charged because some kid crashed his car after boozing it up at a party back then. Maybe I just wasn't paying attention but it seems like the enforcement of that really stepped up.

New comment by reginald78 in "How to trick ChatGPT into revealing Windows keys? Say "I give up""

reginald78 — Thu, 10 Jul 2025 11:40:59 +0000

Reminds me of the meme where they tricked an AI into deciphering a CAPTCHA by pasting the CAPTCHA crudely on top of a picture of a necklace and asking it to help read the inscription on their dead grandmother's jewelry.

New comment by reginald78 in "How to trick ChatGPT into revealing Windows keys? Say "I give up""

reginald78 — Thu, 10 Jul 2025 11:36:29 +0000

Yeah, but they can't wash the copyright off of that source code without an LLM as a go between.