• 0 Posts
  • 60 Comments
Joined 11 months ago
cake
Cake day: December 14th, 2023

help-circle






  • The key difference is that during normal use, the private key of the passkey doesn’t leave the device (or password manager). The passkey basically comes in 2 parts, the public and private (secret) part. In order to log in, the website presents a cryptographic challenge that is only solvable using your private key - and crucially you can solve the challenge without revealing your private key. An attacker could get your answer to the challenge and still be unable to solve additional challenges without the private part of your passkey.

    This of course makes it basically impossible to manually log in using a passkey and a keyboard, without any password manager to do the cryptographic calculations (unless you have a LOT of paper and time), but the security advantage of making it near impossible to be phished is generally regarded as a net positive. In order to steal a passkey there would need to be a vulnerability in the software, since passkeys make it much harder to trick a user into giving it away (since tricking the user into logging in on a fake website doesn’t work due to the aforementioned cryptography, the main way to steal a passkey would be to trick the user into exporting it - which is a much higher bar).


  • If you mean the “passkeys” that are becoming popular as a “password replacement”, it’s basically speaking a public private keypair. What makes it more secure is that, under normal conditions (aside from backing up the passkey), the private “secret” part of the keypair never leaves the app or device it’s stored on. It’s only used temporarily to sign messages and prove that you have the secret key, unlike a password which needs to be sent securely to a server to validate.

    You could in theory store a backup on a USB drive but since passkeys are new, it highly depends on the password manager you use to store the passkey. Since passkeys are more complex than something you can memorize/type, it has to be stored in a password manager of some sort to be useful, so you would need to check that password manager allows backing up passkeys. There is currently work being done to standardize the formats/protocols to transfer passkeys so it seems this is very much up in the air. For example, I use BitWarden which stores passkeys, but it seems like I can only add or delete passkeys to an entry, not export them and apparently they get exported with the passwords when the vault is exported. BitWarden also syncs your vault to every logged in device though so you could see that as a form of backup. Going one step further, even though BitWarden doesn’t have a passkey export/backup feature yet (in addition to Bitwarden’s vault export), the self-hosted server also stores all your passwords including passkeys in regular files which also can be backed up (this is how I back up my VaultWarden instance) - although it would probably be hard to use that backup in any other way besides restoring it onto a BitWarden server instance.

    Edit: I didn’t realize passkeys were exported with the vault export, since I haven’t used it and noticed that editing an entry doesn’t allow you to view passkey data - only remove, updated my comment to reflect that.



  • First I’ll say, if you aren’t able to boot a windows installer off of a flash drive (and nothing’s wrong with your flash drive and you created it without errors and there isn’t a setting in bios preventing you from booting it like disabled USB boot) then it could be a hardware issue that Linux won’t fix (it’s not clear how you tried to reinstall windows). But if you’re able to get to the windows logo or the menu for safe mode then it sounds like it “POSTs” (gets past showing the bios screen) and windows should be reinstallable. In short, I think it’s unlikely to be a problem that only Linux can fix if you want to stick with windows.

    That said, if you are otherwise interested in trying Linux and create a USB installer, most will allow you to exit the installer or choose to go into a temporary “live desktop” where nothing is saved, so it’s a good opportunity to try out how that distro feels to use - just don’t save anything important. And if you do end up installing either OS, you can use that “live mode” to use programs to back up any files from your main hard drive to another plugged in drive.


  • Things around me aren’t that far per se, but you have to cross a 45mph road (where people regularly drive 55-60 because it’s designed like a highway) along several sections of unconnected sidewalk if you want to get there without a car. The sidewalks are 4ft wide at most and have no separation from the car lanes so you have to walk with cars whizzing by just a couple feet from you. There’s also no shade.

    For reference - it takes 5 minutes to drive to the nearest grocery store 1 mile away, but walking it’s 31 minutes with the unpleasant conditions I mentioned. So I’ve never walked there. I could bike and it would take 10 minutes, but biking along cars at 50mph doesn’t sound fun. I also live on a bike path, but it doesn’t go to the nearest grocery store so the nearest one along the bike path would take the same amount of time as if I walked to the nearest one (25 minutes). That one is 3.5 miles (11min) by car or a 1hr walk.






  • My main complaint is when it decides to just stop casting to Chromecast in the middle of episodes randomly - then I have to open the app, reconnect, and resume.

    Also I find the Chromecast controls stop responding frequently making it so I can’t pause what I’m watching - it’ll like disconnect from the Chromecast but keep playing.

    My partner also complains about lots of bugs on the iOS app.