Archives

Let this be a lesson to anyone who dares try to violently overthrow the elected government of the United States of America:

You will have to wait nearly two and a half years before CNN will produce a giant primetime commercial for you!

—@lolgop

To no one’s surprise, the “encrypted” direct messages at Twitter are hopelessly insecure, and it doesn’t seem there’s even a plan to develop real end-to-end encryption.

https://help.twitter.com/en/using-twitter/encrypted-direct-messages

—@maxkennerly

Gotosocial officially stating they’re prioritizing safety features and accessibility over any concept of scalable deployment or parallelization is real nice.

I’m a huge fan of any project that aims to scale down and not up and if there’s anything that would not suffer from the concept of a theoretical max size, it’d be fedi software.

—@trysdyn

It has been proven repeatedly that platforms prioritizing growth over safety are toxic to everyone else who doesn’t present as white, straight, and a man.

No, I’m not going to debate it anymore. No, I don’t care if people think I’m wrong to center safety in my dev efforts because I can live with it going sideways if that happens.

But in my experience as a dev and a citizen of the web for more than two decades, the missing link to rehumanizing social media spaces is safety for the most marginalized people that have historically been ignored.

And I’m going to create around that ethos.

—@Are0h

Just a heads up for anyone looking to get #WCUS tickets. Looks like the next round will go live on Monday (May 15) at 10 a.m. Eastern.

(Shout out to Michelle Frechette for the heads up in the Post Status Slack!)

#WordPress

—@viewfromthebox

@Homebrewandhacking @bitwarden @1password

You’re right – you have no control over the password policies for third-party services. So with that in mind, let me introduce you to a concept I debuted last summer called #PasswordNihilism .

Password nihilism is understanding that sites have shit complexity requirements and shit password storage, and then not giving a shit because you recognize that none of it matters. Max 8 characters? Doesn’t matter, don’t care. Plaintext storage? Doesn’t matter, don’t care.

Why doesn’t it matter, and why should you not care? Because out of all the attributes a password can have (length, complexity, uniqueness, randomness, etc.), the only one that actually matters is uniqueness. And by “matters”, I mean “actually defends against threats in the overall threat model for password security.”

So, as long as you’re using a password manager to generate and store unique passwords for each site, you too can be a password nihilist!

If you’d like to learn more about password nihilism, check out:

This interview with @thorsheim:
https://www.youtube.com/watch?v=mJkGom-bngs

And this interview with @todb:
https://open.spotify.com/episode/62kyiCbX8vsx74n94dAT1C

—@epixoip

Us: Make better products!
Phone Companies: Sure.
Computer Companies: Ok.
Printer Companies: Hey, I have an idea. How about you go fuck yourself?

—@unclepj