And now I understand why that weirdo was so hellbent on the corporations of the world supporting this

Yes and no.

You can bet that there would have been 8 years of propaganda against her. And we would have lost even more house/senate seats because people on the left historically decide to not bother to vote in midterms unless there is an active threat on CNN.

And… I am pretty sure we would have lost in 2020 because of COVID. Which would basically put us back to where we were in 2020 in terms of having a deranged fascist who nobody realized was too dumb to accomplish anything (not a problem this time. See Project 2025).

The main difference would be the Supreme Court. Yes, republicans did everythiing they could to protevent Obama from appointing anyone and I would not put it past them to have stretched that out for a full four years. But Scalia (Rest in Piss) would still be dead and so would Ginsburg (fuck her for putting us in this mess). Which would have made the math a lot tighter. 7 justices but the math would have been tight enough that Hilary likely would have gotten to appoint at least one moderate.

I think Hilary would have bought us the better part of a decade because, like her or not, she is an incredibly effective politician… when nobody thinks she is running for POTUS. She is/was even more generally liked by both sides of the aisle than Biden and would never have had to make concessions to sanders and The Squad for the 2020 ticket (Biden is an asshole but his platform is shockingly Left leaning by US standards…)…

And I think trump would have faded into nothing. But there are plenty of other people who were just looking for an excuse to become a magat on the republican side. And people like cruz and romney and even liz cheney would not be complete laughing stocks without trump. So, at best, we were looking at a ticking clock to the next “reagan republican” as it were.

Like, there are a lot of people who consider the day Ginsburg died to be the day the US collapsed. And we are seeing exactly the repercussions of that with shit like today.

I can’t speak to their Password Management as I use Bitwarden for that

But I am slowly but surely migrating myself away from gmail to (my own email at my own domain routed to) Proton. The webmail is very much comparable to gmail and, if you communicate with like minded people, it has decent support for signing and even encrypting email both to other proton mail users as well as to complete randos with just a password that you can send later. My only real complaint is that (… for some really good reasons) there is no easy to use exchange server and I need to run their mail bridge to use a desktop client like Thunderbird to send and maanage and (one day) back up emails.

VPN? I switched over to this around the same time I decided I wanted to “take control” of my email and it works pretty well. Very easy to get some openvpn credentials that I can plug into whatever setup I want. And no extra fee for port forwarding unlike SOME providers. That said, my main complaint is that the port is semi-randomized which doesn’t play the nicest with my totally legit linux iso torrenting setup… But a quick docker ps and docker logs and then updating the config is pretty trivial and I only have to do it maybe once a week?

The big elephant in the room is that, as you rightfully understand, you are still putting a LOT of trust. But that is actually why I like Proton. Because other companies pretend they are going to knife fight the CIA and the US Government on your behalf all while actively not acknowledging anything until we get a post mortem. Proton are VERY open about just how far they are willing to go to protect you (not very) and what YOU can do to mean that Proton can’t provide much useful information once the appropriate paperwork and legal actions have been filed.

I wouldn’t trust a paid account with anything more sensitive than what really innovative stuff a friend did with a bun in the dumpster behind the Wendy’s the other night. But, hypothetically, if I needed to send an anonymous email? Third party VPN/Tor, clean hardware, and a free Protonmail account works great and I do trust Proton to give the absolute bare minimum in that case.

And just for a bit of context. My “grand plan” is to migrate the vast majority of my correspondence and accounts to email addresses tied to one or more of my own domains. Currently I plan to use Protonmail for the mail server because I don’t want that smoke. But the point is that I control the email address so I can get my Heat on and walk away in 30 seconds (actually more like a few hours but…).

Which is why the other aspect of that is that I want to back up the emails I actually want to save (rather than just EVERYTHING like those of us with older gmail accounts do) via a local client that I then archive to an encrypted volume on my NAS and (REDACTED) after that.

Not sure if google is particularly different but the way this works for the other services is basically low energy bluetooth scanning coupled with the phones providing their location*. So basically all the devices on that scanning/spy network periodically ping/listen for nearby devices/trackers. When it finds one, it sends a quick message to the servers with that phone’s location and the ID of the tracker. Get enough of those pings and you can triangulate the position of the tracker pretty precisely.

Which… is why this fundamentally does not work with “hacker” solutions that allegedly emphasize privacy. Because you just don’t have enough devices listening. This was painfully obvious with tile back in the day and is still an issue with Samsung in some countries.

*: Via a combination of gps, cell tower, and wifi network scanning. The less obvious part of that being wifi networks which is the majority of how interior positioning works.

I mean… bluetooth is literally broadcasting your position (sort of/it depends on the implementation). It is not at all a stretch that you should turn that off if you care about privacy. Same with not scanning for what wifi networks are available or even pinging GPS satellites (because that leaves a log). Hell… cell tower logs are a treat for cops/TLAs for a reason.

Aside from that? Good for you. If you actually follow through on that I can respect it. My point is more that this particular solution seems like the worst of all worlds.

Either you are demolishing your battery with regular phone homes to a server you hopefully control or you are relying on a push via SMS and the hope that you lose your phone somewhere you havea reception. And you still only have YOUR phone and YOUR network to track it which has significant drawbacks if you travel.

If people truly change their lives and focus on it, you can do a lot. But it does not take much, at all, to become compromised to one degree or another and people vastly underestimate the amount of redundancy. Or even the impact of a sibling or partner or even friend.

Instead, the common case is people will tweak one small aspect and think that does anything other than inconvenience them. Or, worse, they’ll watch a youtube and decide to put EVERYTHING through their vpn which… defeats the purpose because they are still one easily collated set of profiles/cookies that can trivially reveal that “Fred Smith in Afghanistan” is really “Fred Smith in North Carolina”

Which is why my approach is that there is data I very much want to protect and data I know I can’t. So I focus on understanding the former while doing what I can with the latter.

And something like this? There are probably specific niche use cases for this. But it is a product/service that fundamentally requires aggregated data. And, depending on the implementation, it is going to fuck with your battery hard.

I guess. But it is really going to depend on where you live and just how frequently it does dial home.

My personal use for these networks is luggage tags. But a friend lost her phone on a hike a few years back and the find my phone stuff was more or less useless due to poor reception and ever dwindling battery.

The real benefit is the low energy bluetooth magic and OTHER devices to do the phoning home. Because maybe I have shit reception but someone hiking a hundred feet away has good reception and updates the ping.

Took a bit to figure out what it was even claiming to do

When enabled your phone constantly sends e2e encrypted your location to the server where you can than access it from a webbrowser.

God no. Just take a hatchet to my battery and be done with it.

Also: Until a month or two ago, sure. But google finally got their shit together-ish and set up a tracking network the same as apple and samsung. And that is what you are sacrificing your privacy for. Yes, you give Big Tech tracking information… that they already have. In exchange you can actually have peace of mind of knowing your luggage is in the same airport or even where you parked. And you can’t really self-host a crowd-sourced network.

Please don’t conflate tankies with leftist thought. They are not leftists. They are fascists with strong ties toward fascist regimes that are “known” to actively usurp elections around the globe.

A good metric is: a very hardline Communist might have an argument for why effectively slavery is ethical because social and economic planning requires people to engage in jobs they actively do not want to do. I personally consider that the reason that Communism can never work at scale but that is a discussion that needs to be had.

A tankie will just justify anything that China or Russia do. Usually with an attempt to deflect by pointing out something the US or, increasingly, certain EU countries did.

But, regardless: There is another issue with your “just let everyone taolk it out” nonsense. Because the ml moderation team(s) and admin staff have increasingly been using mass bans and false claims of xenophiobia to shut down anything that is not tankie bullshit. So there is no discussion. Just one sided propaganda in some of the largest communities on lemmy.

To expand on the moderation strategy a bit. A LOT of people who aren’t increasingly of one nationality and ethnicity have a lot of problems with ResetEra’s moderation strategy. The mods and admins are known for using a heavy hand and outright mockery against anyone who they disagree with and the remaining community stumble over each other to be part of the “cool crowd”.

But you can also very easily see why the vast majority of leftists and PC gamers and… Asian people left. Because they have a policy to only edit user posts when they contain actively dangerous/illegal statements. So you can see when someone catches a permaban because they dsiagreed with an admin or joked about the corporate interests behind brexit. And you can see the discussion of the remaining users on why that was so fucked… up until the thread gets permanently locked.

With the model ml (and certain other more "world"ly instances…) use… you don’t. You just see comment branches disappear the moment anyone pushes back on some propaganda. And if a user pisses off the admins, they get banned straight up. Often with some comment about how they are racist or xenophobic in the modlog with all of their comments removed but NOT in the modlog. And that is a problem because, unless you were actively following along with that discussion, you never see anything other than MAYBE “wow, a lot of really racist people disagree with this very smart discussion on why Chinese Taipei was always a part of China and is totally not a sovereign-ish nation called Taiwan”

There is.

2FA. No, not the fucking “we’ll send you an SMS” bullshit that is increasingly used to just highlight an active phone number for spam purposes. Proper TOTP with the code backed up to a proper service (bare minimum, Bitwarden)

Someone can steal your password and even your email account (unless you TOTP that too…). They still can’t get into your account unless you are an idiot who gets tricked into providing the 2FA key.

In a perfect world? Have your TOTP credentials in one encrypted database/Bitwarden account and your passwords in another. In reality? Just use a trusted service. I used to be a big fan of Keepass but protecting that with a yubikey (or similar) is a huge mess.

The recent push for passkeys (?) is a nice-ish middle ground. People don’t need to understand how to paste a TOTP code into Bitwarden but they still need to approve a login. That said, I hate it since so much of it is dependent on a single device that can generally be opened by just applying REDACTED to the screen and doing REDACTED to narrow down the lock code significantly.

I mean… It would be nice if they put a nicer message there. But I mostly agree with that.

Look up how people social engineer their way into apple accounts and so forth. The more you put the burden on a (perpetually) underpaid CSR the easier it is to steal an account, Spin a sob story and then harass the CSR until they just reset your password so you will go away. Except there is no guarantee that is YOUR password and now we have yet another stolen account.

Honestly… yeah.

Hexbear is a no brainer to block but ml was very much “fine” with a high tolerance for tankie idiots. But it feels like the hexbears figure out they are all blocked and are now just moving to ml en masse.

Sucks because there are actually some good users on there. But I just can’t with the swarm of righteous stupidity.

Yeah… anyone who believes that meme has never interacted with a customer.

People who get angry about an emulator not having the right capitalization on a menu twelve layers deep is shitty. So are people who have a single site license but insist you need to add twelve features or they will take their business elsewhere. And they usually interact with Sales who give less than a single fecal particle and just make tickets and start blaming you for all the problems in their life.

Nintendo ERD are no strangers to squeezing every last drop of performance for its target platform

BOTW is actually a horrible (or really good…) example of this.

BOTW’s development officially began in 2011. It came out in 2017 for the following console. I don’t remember how well it ran on the wii u, but it ran pretty horribly on the Switch and took a year or two of patches to get a stable framerate (Digital Foundry did a few great videos on this).

But if it were any other dev studio, it would have been nothing but “ugh, lazy devs” and all that stupidity. When the reality is just that optimization is hard (especially if you don’t get a devkit until fairly late in development) and it takes time to make a game run well.

Which… is the reality of how Nintendo or Naughty Dog or any other first/pseudo-first party studio can “squeeze every inch of performance”. It is less that those devs are fundamentally better than any others. It is that they have early access to the hardware and work in an environment where they can actually sit down and talk to the people writing the underlying graphics libraries/drivers for the platform.

Of course most passer-bys don’t really give a shit. But that is true whether someone is trying to look nonchalant while they mutter “binding on two” or if they are doing a smash and grab. Except the smash and grab says “Don’t fuck with me” whereas someone holding on to a lock is how you get an owner starting to yell.

Which kind of sums up a lot of the, quite frankly nonsense, that LPL’s channel is. Don’t get me wrong, I enjoy watching him pick locks (and wince during his semiannual libertarian dog whistling) but all of the “masterlock is bad, lolz” meming kind of ignores the reality. MAYBE a thief will pick a lock to sneak in the back of your house or your shed. More likely they’ll just smash a window, listen for an alarm, and then steal shit. And I know LPL knows this because of his commentary on really cool shit like the military base locks where it is very much about just having a chain of custody and being a slight deterent.

I dunno. I am always reminded of a Discovery (?) Channel show. “To stop a thief”? or some crap. Premise was former burglars run a security company. They inspect a family’s home, upgrade every lock and install a security system, and come back a few weeks later to rob them as a way to reinforce good practices. The vast majority of episodes boiled down to “Yeah. you didn’t lock the door, you dumbfucks” or “You have a giant tree right outside your daughter’s window and she left the window open”. But one episode that really stuck with me was where the family actually did follow every good practice. All doors and windows were locked, the trees were trimmed, etc. So they just crowbarred a window and got in that way.

Because Felicity and Perry Mason will pick a lock to photocopy some documents without you ever knowing the hot chick who banged you last night is actually a spy. The vast majority of thieves will just smash a window, grab what they can, and be gone long before the cops come to check on your alarm going off. And that is why “just don’t leave shit on the seats of your car” go such a long way to prevent break-ins. Because, no matter the target, it is really about getting in and out before anyone tries to stop you. And you don’t need a Covert Instruments 9000 lockpick set when you can just sparkplug a window.

LPL is not a great resource on this since people aren’t going to be discretely picking locks to not show signs of tampering. They are going to pull out a bigass pair of bolt cutters (and if you cut the pocket out of a pair of jeans you can fit some REALLY chonky bolt cutters in your “pocket”) and cut through the cable.

In terms of protecting your bike from an actual attack? That is going to very much depend on where you live. Growing up, basically every thug had some good bolt cutters so chains and even cables were worthless and you needed the big fucking bar locks. I was visiting my sister on a business trip a few months back and saw someone literally pull out a battery powered angle grinder (ryobi) and slice through a bar like it was butter while I gassed up at a Wawa’s.

Which is why all you can really do is lock your bike on crowded well traveled bike racks and hope that someone brought the road bike out.

Understand the difference between a recreation bike and a utility bike.

Having a really awesome mountain bike with top of the line shocks or a super light road bike that costs more than a car is awesome. But don’t park that outside the mcdonald’s.

Instead, buy a used bike or get a REAL mid-tier bike from target or bikesdirect or whatever. And use that for commuting or going to the store or whatever.

And if this sounds prohibitively expensive because “enthusiasts” would need to won multiple bikes and need a place to store them? You are starting to understand why “just replace your car with a bike” is a very “upper middle class white person” mentality.

Look up how hard it is for humans to remember long strings of numbers. That is WHY ICQ (and eventually phone numbers) were dropped almost immediately in favor of social media and the ability to exchange numbers just by tapping phones.

And in the time it would take to memorize a bar code (12-ish digits, depending on standard) you likely should be rotating that password anyway. And in the time it would take to memorize it you are also very blatantly reading off a sticky note as you “discretely” look at your notebook every time you want to access your password database in public. And if you aren’t in public? Why go through these extra steps when there are much better ways to secure this that are a lot more obvious if they are tampered with.

I get that a youtuber you like talked about this. Youtubers talk about a lot of stupid products in the interest of making Content. But maybe listen to the people who have experience with this kind of hardware and the kind of security theatre policies that make them “a good idea”.

No. That xkcd (not loading but I assume it is the password one?) is not relevant. Because you can’t make a meaningful and easy to remember mnemonic out of a numeric password. That is WHY a purely numeric password is bad for anything that needs security. They are great for 2fa but the unique key should still be the other device.

And all of your good codes are similarly easy to social engineer out, are screwed the moment it is compromised once, or are literally reading off a sticky note.

Which gets back to these kinds of devices largely being security theatre. Because there is no good use case for them that wouldn’t also involve encrypting the data/volume after you pin in. At which point… why waste money on something conspicuous with an easy to crack code?

Didn’t use ironkey specifically but you can totally boot from an apricorn. Basically involved plugging it in, rebooting the machine, and VERY rapidly entering the unlock code before the bios finishes starting up and gets to the “so which drives are bootable?” phase.

It was hellish but it was also corporate policy to not use any USB storage devices that did not have a keypad for encryption. And DVDs were strongly controlled by the IT department (who were about as stupid as you would expect to have signed off on a policy like that).