Want to wade into the sandy surf of the abyss? Have a sneer percolating in your system but not enough time/energy to make a whole post about it? Go forth and be mid: Welcome to the Stubsack, your first port of call for learning fresh Awful you’ll near-instantly regret.
Any awful.systems sub may be subsneered in this subthread, techtakes or no.
If your sneer seems higher quality than you thought, feel free to cut’n’paste it into its own post — there’s no quota for posting and the bar really isn’t that high.
The post Xitter web has spawned soo many “esoteric” right wing freaks, but there’s no appropriate sneer-space for them. I’m talking redscare-ish, reality challenged “culture critics” who write about everything but understand nothing. I’m talking about reply-guys who make the same 6 tweets about the same 3 subjects. They’re inescapable at this point, yet I don’t see them mocked (as much as they should be)
Like, there was one dude a while back who insisted that women couldn’t be surgeons because they didn’t believe in the moon or in stars? I think each and every one of these guys is uniquely fucked up and if I can’t escape them, I would love to sneer at them.
(Credit and/or blame to David Gerard for starting this.)
KeepassXC (my password manager of choice) are “experimenting” with ai code assistants
https://www.reddit.com/r/KeePass/comments/1lnvw6q/comment/n0jg8ae/
The trace of petulance in the response… “we could have done it secretly, that’s how most projects do it” is not the kind of attitude I’m happy to see attached to a security critical piece of software.
KeepArseNX
lead dev: Jia Tan
It definitely feels like the first draft said for the longest time we had to use AI in secret because of Woke.
I also learned Bitwarden bought into AI reading this. They don't appear to have let vulnerability extruders ruin their code as of this writing, but any willingness to entertain the fascism machines is enough for me to consider jumping ship.
sigh
anyone got a good replacement?
Kinda, but nothing I’m entirely happy with. We use bitwarden at work, at my suggestion, but I don’t like the tools as much as I do keepassxc, and even though you can self-host the network service that stores the data, you still have to host something whereas keepassxc is standalone and you can sync the password vault over some file sharing service, or carry it on a usb stick, etc. there have been a couple of incidents whereby user license data wasn’t processed correctly and people got locked out of bitwarden vaults, which is pretty serious even if it was only temporary. That can’t happen with easily-backed-up-and-restored local databases.
They’ve also had some “license controversies” which should also give you pause for thought if you were interested in a free and open system: https://www.techradar.com/pro/bitwarden-clarifies-open-source-commitment-amid-user-concerns
The original keepass project is still alive, and maybe I’ll have a look at that. The current maintainer is a bit odd, and the project has had some historical security issues, but I suspect that all password managers (at least on windows) will have the exact same problems. It is unlikely to have the same range of features, but it is written in a memory safe language (C#) rather than in C++, which keepassxc uses (and I’ve never been entirely happy with).
In short, everything is awful, and I will probably stick with xc for my own purposes for now, as there isn’t quite a replacement for me yet. I’d buy a mooltipass (https://www.mymooltipass.com/) except I’d want a backup, and that means an outlay of a good £300 which is a bit painful. And they’re often out of stock 😕
helpful post, ty - I’ve also been halfheartedly looking at bitwarden (possibly with vaultwarden server) and I haven’t pulled the trigger yet because extra yaks. so knowing some of the other happenings there… oof
(including pulling the trigger I’d want to have it hosted on an island instead of directly exposed, which adds other requirements and steps)
the only other option is (gnu) pass, but it sucks pretty majorly ito clients. it really isn’t a good time in password managers :|
There’s an interesting mastodon thead from back in July where someone was unhappy with the state of bitwarden and looked at a bunch of alternatives:
https://transfem.social/notes/aa2w3yuz3tfz0hdp
This also seems to have been around when keepassxc started using coding assistants, so it isn’t quite clear to me why the issue has suddenly surfaced now.
https://github.com/keepassxreboot/keepassxc/pull/12207
thanks, yeah we use bitwarden at work and i really don't like the ux. plus the simplicity of just having a file to sync is very convenient to me.
i might try authpass soon, seems to look nice enough.
sticky note under the keyboard