keepass
it’s technically no password manager but an encrypted file format.
there are dozens of apps that will work on any platform, including soft keyboard with “password” button for smartphone that will just work everywhere and browser extensions, static website, apps that allow you to use your yubikey to unlock and anything else. you can host your vault anywhere including a google drive or your own webdav or ftp server and keep local copies on your devices synchronized…
this is a problem with fediverse in general imho.
the tools admins and users have are blunt (defederate or block). with all sorts of content moderation policies and opinions you will inevitably end up either alienated from everyone or surrounded by people that think and talk just like you.
fediverse does offer many advantages… creating a better online “town square” is just not going to be one of them.
yeah, the moderation there is getting insane. at this point i don’t even believe it is done by humans any more.
i got a permaban after responding to a comment that said bombing a hospital in gaza that killed over 30 children was a legitimate military target. i just politely wrote that maybe bombing hospitals full of kids is not a good idea even if a terrist is hiding inside…
maybe i am naive, maybe you are cynical.
some people do somerimes start business cause they have a good product in mind…
thinking google is about offering you a quality search at this point is like thinking facebook is about improving your social experience. they both started like that and that’s how they hooked people up. but they have their own interests now. those interests revolve around affecting how people act and think. one central thing they need to do to fulfil those interests is controlling what people see and know… and that’s very hard to do when this pesky external content generated by other that is hard to control gets into way…
what exactly is the management cost here?
at my old company they simply ordered a yubikey for you amd forgot about it. nobody kept track of it. i didn’t even need to return mine when i was leaving. the part they manage is the user account. the hardware you get once and use for added security…
thing is lot of that is on purpose. mastodon and fediverse are more of an attempt to come back to the state where there is no algorithm picking for you… but too many people nowdays are simply too lazy to search and actively choose what they want to see.
what we really need is to separate content (keep that in fediverse) and content access and presentation (the interface people use to access the content). if you want a bot feeding you content whole day and for your internet to become a tv you nobody can stop you. but if you want to think amd search nobody should stop you either
what’s the rationale for IT not wanting to pay for the fobs?
yup. how is that not obvious to anyone is beyond me… some of those workers have contracts that would require amazon paying severance in case they would just fire them like so many other companies do. better make them leave on their own.
that is an interesting idea. still… you can create an account (or have a troll farm of such accounts) that will mainly be used to trust bots and when their reputation goes down you throw them away and create new ones. same as you would do with traditional troll accounts… you made it one step more complicated but since the cost of creating bot accounts is essentially zero it doesn’t help much.
you are right - it doesn’t have to be one or the other… I just assume that for social media to work as I expect I don’t know most of the people on the platform. given that assumption and the lowering price of creating bots and ability to onboard them I expect that eventually most of the actors on the platform will end up being bots. people that write them are often insanely motivated (politically or financially) and creating barriers for them is not easy.
I was thinking about something like this but I think it’s ultimately not enough. You have essentially just two possible ends stages for this:
you only trust people that you personally meet and you verified their private key directly and then you will see only posts/interactions from like 15 people. the social media looses its meaning and you can just have a chat group on signal.
you allow some length of chains (you trust people [that are trusted by the people]^n that you know) but if you include enough people for social media to make sense then you will eventually end up with someone poisoning your network by trusting a bot (which can trust other bots…) so that wouldn’t work unless you keep doing moderation similar as now.
i would be willing to buy a wearable physical device (like a yubikey) that could be connected to my computer via a bluetooth interface and act as a fido2 second factor needed for every post but instead of having just a button (like on the yubikey) it would only work if monitoring of my heat rate or brainwaves would check out.
Actually, I do… but do you really want the source or do you just want me to be wrong?
Why do you think lower paid CEO must be shitty? There turns out to be very little link between the CEO and CEO pay and the company performance… they are only paid a lot cause they are in the position of power to directly influence their salary.
I tried both hosting my own mail server and using a paid mail hosting with my own domain and I advise against the former.
The reason not to roll out your own mail server is that your email might go to spam at many many common mail services. Servers and domains that don’t usually send out big amount of email are considered suspicious by spam filters and the process of letting other mail servers know that they are there by sending out emails is called warming them up. It’s hard and it takes time… Also, why would you think you can do hosting better than a professional that is paid for that? Let someone else handle that.
With your own domain you are also not bound to one provider - you can change both domain registrar and your email hosting later without changing your email address.
Also, avoid using something too unusual. I went with [email protected] cause I thought it couldn’t be simpler than that. Bad idea… and I can’t count how many times people send mail to a wrong address because such tld is unfamiliar. I get told by web forms regularly that my email is not a valid address and even people that got my email written on a piece of paper have replaced the .email with .gmail.com cause “that couldn’t be right”…
Unfortunately there are enough websites that are broken and don’t work in Firefox… and some of them I just cannot avoid using (company tools, recruitment platforms etc.) because I am position where they can just tell me to use Chrome or GTFO.
i mean each of the individual programs that can load your keepass keyring is a password manager.
the keyring itself isn’t a password manager and the main reason why i use it is because each of the individual programs that i actually use to open it (keepassxc on windows, keepassdroid on my phone, keeweb hosted on my vps on other devices…) can use the same file with the same specification that is shared everywhere.
i’m not bound to any particular program with a particular set of features. just use anything that can open that file format from a place where i choose to host it.