• 1 Post
  • 208 Comments
Joined 1 year ago
cake
Cake day: July 14th, 2023

help-circle
  • Giphy has a documented API that you could use. There have been bulk downloaders, but I didn’t see any that had recent activity. However you still might be able to use one to model your own script after, like https://github.com/jcpsimmons/giphy-stacks

    There were downloaders for Gfycat - gallery-dl supported it at one point - but it’s down now. However you might be able to find collections that other people downloaded and are now hosting. You could also use the Internet Archive - they have tools and APIs documented

    There’s a Tenor mass downloader that uses the Tenor API and an API key that you provide.

    Imgur has GIFs is supported by gallery-dl, so that’s an option.

    Also, read over https://github.com/simon987/awesome-datahoarding - there may be something useful for you there.

    In terms of hosting, it would depend on my user base and if I want users to be able to upload GIFs, too. If it was just my close friends, then Immich would probably be fine, but if we had people I didn’t know directly using it, I’d want a more refined solution.

    There’s Gifable, which is pretty focused, but looks like it has a pretty small following. I haven’t used it myself to see how suitable it is. If you self-host it (or something else that uses S3), note that you can use MinIO or LocalStack for the S3 container rather than using AWS directly. I’m using MinIO as part of my stack now, though for a completely different app.

    MediaCMS is another option. Less focused on GIFs but more actively developed, and intended to be used for this sort of purpose.








  • Understandably frustrating, especially if you’re new to investing. But it’s expected that the market will have both ups and downs.

    The best advice I can give is to choose a good investment allocation and then stick to it. Contribute as much as you can each pay period or month and avoid looking at your balance as much as possible. You should figure out a rebalancing strategy, and you’ll probably need to look at your account to do that. Also, see The Best Order of Operations For Saving For Retirement.

    Right now you have unrealized losses, but you haven’t actually lost any money (i.e., you have no “realized losses”) until you withdraw it. As it’s a retirement account and you just started it, I assume you aren’t planning to retire in the next decade, much less the next three years.

    Is this your only retirement account? If so, why have you not been continuing to add money to it? If you wait to do that until the market recovers, you’ll lose out on all the gains between now and then.

    I know you haven’t said you’re considering selling, but I recommend you check out the “Maintain Discipline” section of the Bogleheads investment philosophy, just in case that’s on your mind. I also recommend that you read up on dollar cost averaging (if you’re investing in a retirement plan every pay period, you’re already doing this).

    You pointed out that the entire market has been impacted. I haven’t personally been paying attention in enough detail to confirm that (and my accounts that I just checked have gone up about 10% over the past three years, not down), but if so, that means you could change your asset allocation without selling low and buying high. I’m not saying you should change it, but if you take the time to learn about different investment strategies and decide a different one works for you, it’s nice to not have to sell your current investments while they’re underperforming relative to your new investments. (On the other hand, you can always change the allocation for your future investments without worrying about that.)




  • https://www.apple.com/airpods-pro/hearing-health/ says it has received FDA authorization, but doesn’t mention receiving approval from any other country’s regulatory body. It doesn’t say it’s US exclusive, though:

    The Hearing Test and Hearing Aid features are expected to be available fall 2024. The Hearing Aid feature has received FDA authorization. Both features will be supported on AirPods Pro 2 with the latest firmware paired with a compatible iPhone or iPad with iOS 18 or iPadOS 18 and later and are intended for people 18 years old or older. The Hearing Aid feature will also be supported on a compatible Mac with macOS Sequoia and later. It is intended for people with perceived mild to moderate hearing loss.

    The Hearing Protection feature, on the other hand, is explicitly listed as being exclusive to the US and Canada.





  • Do you memorize all of your passwords? If so, I take that to mean that you don’t use a password manager. Password managers - really, any app with 2FA - have this problem, too. But if you use a password manager and store your 2FA methods in it, then you only need to be able to regain access to your password manager.

    If you use a cross-platform password manager with Passkey support, like Bitwarden, you can use it on any of your devices. In the event that you lose all of your devices, if you don’t have an Emergency Contact set up, you will need your password and one of the following to gain access to your account:

    • Access to your 2FA method
    • Access to your Recovery Code
    • If you’re in an enterprise using Duo 2FA, access to a Duo bypass code (contact your Duo admin to request this)

    If you use security keys for 2FA, then you should have at least two - one that you keep with you and a backup that you keep in a safe place, like at home in a lockbox.

    If you use a TOTP app to log in, or if you use security keys and want another backup, then making sure you’ll have access to the Recovery Code should be your priority. You can write it down and keep it in a few different places - at home, in your car, in your locker at work, etc… You can share it with someone you trust in person or over an encrypted channel (like Signal). You can store it on a flash drive, encrypted by a second password (which can be much easier than your primary password) or even unencrypted, if you generally keep the drive somewhere safe, disconnected from your computer. As long as you remember your password and can access your recovery code, you’ll also be able to regain access to your account, including all of your passkeys.

    Emergency Access requires someone else to have access to their Bitwarden account, but assuming you don’t both lose access, it’s a pretty solid solution. When they request access, Bitwarden will send you an email allowing you to accept or reject their request. If you accept or don’t respond within the allotted “Wait Time” (which you configure: 1 day minimum, 90 days maximum) then they’ll be granted access. You also get a choice (when setting this up) to let them takeover the account (resetting your master password) or to just get read-only access.

    Maybe you don’t like Bitwarden and want to use some other app, like 1Password, Dashlane, Roboforms, etc… Whatever your choice, familiarize yourself with how to restore access to your account in an emergency. Then you only need to worry about that and not about how to get access to your passkeys that are on your Windows laptop or only synced to your Apple devices.


  • But that is exactly what he recommends, using a password manager - with one time email authentication for the first login as an extra step, right?

    Nope.

    Using a cross-platform password manager with synced passkeys is different and much more secure than using a password manager with email TOTPs or sign-in links with emails that aren’t end-to-end encrypted.

    And password manager adoption is much higher than PGP keyserver adoption, and if you can’t discover someone’s public key you can’t use it to encrypt a message to them, so sending end-to-end encrypted emails with TOTPs/sign-on links isn’t a practical option.

    According to Statista, 34% of Americans used password managers in 2023 (a huge increase from 21% in 2022), so it’s not even like the best case scenario is rare.


  • The author mentions it: the QR code approach for cross device sign in. I don’t think it’s cumbersome, i think it’s actually a great and foolproof way to sign in. I have yet to find a website which implements it though.

    The site doesn’t need to implement this; the browser handles that part.

    I confirmed this works and logged into Github using Google Chrome on my work computer using a passkey stored in Bitwarden earlier today. I had to enable Bluetooth for Chrome, since I’d had it disabled, but then everything else was seamless.



  • If I were talking about Passkeys and comparing them to client certificates, even though I don’t know much about client certificates in practice, I would say:

    • Passkeys can be installed in your password manager, which handles securely syncing it to all of your devices
    • Websites can make it very easy to create or log in with a passkey
    • Far more websites support passkeys
    • Websites can support multiple passkeys per user
    • The user experience is far better with passkeys
    • Even if your password manager isn’t installed on a given machine, you can still log in with a passkey via your phone, so long as both devices have bluetooth enabled. This allows you to log in on an untrusted device, like a library computer, without exposing your password (though unfortunately that would still result in that computer having access to the session and being able to modify account settings - best practice would be to log out when you’re done and then, from a trusted device, confirm that you were logged out / log out of all devices.)

  • Can I store a passkey in a platform agnostic way?

    If by “platform” you mean OS, then yes - and the best way to do that is to use a dedicated password manager instead of something that’s tightly integrated with an OS.

    That said, iCloud keychain is available on Windows, but not Android. Likewise with Google Password Manager - it supports Macs, but not yet support iPhones or iPads.

    However you can also use a password manager like one of these and use it across every platform:

    Based on my experience (with Bitwarden) or research, all support passkeys in browser extensions for Firefox and Chromium browsers and/or desktop apps on Linux, Mac, and Windows, as well as in apps for iOS and Android.

    Keepass also might be an option, as KeePassXC supports passkeys and is available on Mac, Windows, and Linux, but I didn’t see any mobile clients that advertise support for passkeys.

    Even with the more open password managers, there isn’t a built-in way to transfer passkeys from one password manager to another. However, the FIDO Alliance is working on a spec for securely transferring passkeys so hopefully that’ll change soon and you’ll be able to transfer passkeys from one ecosystem to another.

    Also, you can generally still log in on a device that your passkey service doesn’t support by scanning a QR code displayed on the target device on your phone, so long as both devices have Bluetooth (used for confirming physical proximity). I’ve only done that once and it wasn’t super streamlined, but it also wasn’t terrible. You can also save passkeys to your phone or security key (like a Yubikey) though be aware that a YubiKey 5 can only store 100 passkeys. And you can have multiple passkeys to a given service, so if you use a Mac but use an Android phone, you can save a passkey to iCloud Keychain on your Mac and to Google Password Manager on your phone.

    EDIT: Looked up and added the correct limit for YubiKey passkeys