Yubikey is only really useful for authentication with a trusted party, and not decryption. You can technically use store a secret key on it but then its two biggest advantages are gone, namely that you can't copy the key and that it doesn't use the limited storage on the device.
2xsaiko
joined 1 year ago
Oh, good to know! Can you somehow tell which is which or do they look the same?
In that case, being able to use the more powerful widget should be controlled either by what you said or even just behind a permission check the user has to acknowledge.
Sure, one main key, one backup key, and probably like two years' tax documents worth of paper (if you do print every one on a separate piece of paper which is kind of a waste)
It's crazy that the in-app browser isn't an OS-level overlay that the app can't influence or look at what the user is doing in it. It would be totally feasible to implement, at least in theory.
Exact same as with the photos chooser on iOS which should really work in a way that the app never sees your entire photo library except for the photos you end up selecting, but it still being visible in the overlay, which would also allow them to get rid of that incredibly dumb permissions system it has.
This is why you should have a spare key in case you lose your main one and print out your recovery keys.
Mine is on my keychain so if I lose that, I have bigger problems than getting back into my accounts.
It will as far as I know, it just won't work with the additional features Google have slapped on top but haven't bothered to try to include in the open standard. It makes sense why people would want it since it includes stuff like E2E encryption, but it's better this way, since like this the open standard actually has the chance to get these features in the future.
Yeah, same with GIMP. I would love to use it on my Mac since I already use it and am comfortable with it on Linux, but it's noticeably slow for some reason and you shouldn't even try using it with the touchpad. The windows especially in multi-window mode don't behave as you'd expect, the keybinds don't either, it's very meh all around. I was wondering whether I should get Affinity but I guess with this it's a no.
you cannot sell or transfer your unlocked device (in linked legal agreement)
The fuck? There's no way they can forbid doing that, right? Video game publishers would be all over that with physical discs to make it the same as for digital releases.
I use distro packages. In the rare case something isn’t packaged yet, I package it myself. And for the isolation, systemd services can do most of the things docker can if you need (check systemd-analyze security).
For just hosting services that can be done instead with normal system services, docker makes your setup a lot more complex (especially on the networking side), for little if any gain. Unless I need to spin up something multiple times temporarily on demand or something has a hard dependency on it, I’m not going to bother with it anymore.
"average person has 109 devices" factoid actualy just statistical error. average person has 40 devices. Computers Georg, who lives in cave & has 10,000, is an outlier adn should not have been counted
Right, exactly.
You can absolutely copy the key, because the device has to give it up to the application during decryption. Or does the application send the encrypted file to the yubikey for it to decrypt it? In which case, that's a lot better and I'm wrong.