Korthrun

Seems like an appropriate place to share https://github.com/agarrharr/awesome-cli-apps

I’m a fan of ripgrep and lsd in particular.

Check out the fzf docs. It ships with helpers that offer better shell integration than you’re getting here.

Tiling WM that you are not sure you want to get into: Sway. It’s a great alternative to i3 IMO.

What I use when I care to put in the effort of setting something up in great detail: Enlightenment. Some may argue that it’s not “lightweight”, but you can readily include only the bits you want, and avoid things like network config guis and system tray apps or whatever it is that you don’t want. Even when you’re using “all the things” which is not technically “lightweight” what it IS is performant. Oh, it’s also very pretty.

In addition to many of the fine points made in other comments I think it’s silly to overlook the power of celebrity worship and weird-ass parasocial relationships with famous people.

There exists a large number of people who aren’t really interested in discussing <topic_x>, they just want to know what <favourite celebrity whos life I have deluded myself into thinking is attainable by me> thinks about the topic so that they can regurgitate it and feel like they’re “the same”.

I’m sure if Chappell Roan or whatever “the kids” think is cool these days had jumped to Mastodon we’d be seeing something very different. TBH I’m mildly surprised that we didn’t see more record labels standing up instances. It’s always boggled me that people have just trusted the service desperately trying to be known as “X” as an authority on identity.

Well of course not, they want as many of the sequel dollars as they can possibly get. What, they’re to share the hype with filthy animators?!

I saw the lack of arm and facepalmed but I was half asleep poo posting so got over it :p (fixed now!)

I’ve been using this device for ~5 years now, so my memory is a little hazy on it, but I’m pretty sure for the particular device I prefer (which is to say, I have nfc what the setup is for other vendors, which could be greatly superior) the AES-256 key used for encryption isn’t generated until you setup your first card.

How would any company, regardless of geography have the secret I generated? This is a stand alone hardware device. They seller is not involved at all once I’ve received my package.

Could a sophisticated/well resourced actor clone the smart card they stole or you lost? Sure, brute force attacks are brute force attacks. At least you’d know your device and card are stolen. Now you’re in a race to reset your passwords before they finish making 500 clones of the smart card they stole.

Hypothetically I could blackmail someone at LastPass and have a backdoor is installed for me.

Someone could bust down my door while I have it connected and unlocked and just login to all my things. ¯\_(ツ)_/¯

That will vary from vendor to vendor. In the case of the one I like there are a few relevant things.

The password db is stored encrypted on the device. Accessing the passwords requires all of:

• the device
• a smartcard with a particular secret on it
• the 4 digit hex pin to unlock the secret on said smartcard, which is what is used to decrypt the db

Three PIN failures and the smart card is invalidated.

That sort of covers “stolen” and “lost + recovered by a baddie”. Your bad actor would need to have their hands on both physical pieces and guessed the 4 digit hex code in 3 tries.

As far as a user recovering from a lost or failed device or smart card goes, you can export the encrypted version of the db for backups, which I do to a thumb drive I keep in my document safe. I do the same with a backup smart card. So that and a backup device or purchasing a new one if yours fails or is lost/stolen.

In the super “just in case” move, I also keep a keepassdb on said thumb drive. In case my device fails and it’s just not possible to get a new one. Kind of like keeping two cloud providers in case LastPass goes bankrupt or something.

I’m a pretty big fan of the mooltipass. They’re sold out and between iterations right now, but a new one is expected soon. One of my coworkers is pretty into their OnlyKey.

So many folks talking about which software they use, and how they sync it between devices etc.

You all know there are hardware password keepers right? They present to your devices as a usb and/or bluetooth keyboard and just type out the user/password that you select. They have browser plugins to ease the experience. Now your password is not even stored on the device you’re using to perform your login and it will work on any modern device even without internet access.

Oh and no subscription fee to cover the costs of cloud infrastructure.

E

Hot metal + arm = Smiley Face

Configuration management and build automation are definitely worth the time and effort of learning. It doesn’t have to be ansible, find which tool suits your needs.

Same here. Reference, particularly sheet music and cooking recipes work fine for me digitally.

I can sit at the computer and read social/news media for hours with no problem, but the way ebooks are displayed tires my eyes very quickly for some reason.

While I don’t have this issue with the e-ink/e-paper stuff, I’ve never owned one. I also appreciate that physical books are often much harder to damage and will work without electricity.

I also have a small domain that is relatively low traffic. A lot of the “all in one” software on the list you linked looks pretty cool, I can’t deny.

What I found is that I make very few changes. I used to add mailbox aliases fairly often, but the fact is there are only two users and enabling the “+” syntax in addresses put a stop to me needing to make new aliases when I wanted a new address.

I just don’t feel like I need a management interface. Because of this I’ve just sort of frankensteined my own setup together and I love it. It operates how I expect it to, and enforces the standards I care about to the extent that I desire (e.g. which SPF result codes am I ok accepting?).

• Postfix as SMTP/Submission server. I chose to go w/PAM based for outbound SMTP auth.
• Courier for IMAPS
• Dovecot for LDA (sieve is delightful)
• Snappymail for webmail (served by apache httpd)

There is literally an image of it happening in the linked article. Followed by more pictures that help make this make sense. That’s how.

you can set the “FROM” address to literally anything.

Hey all, “that guy” chiming in.

You can set the “FROM” address to any string that meets the specifications of the “Address Specification” section of the relevant RFCs (5322 and 6854, maybe others). Which is SUPER FAR from “literally anything”.

I know this seems like some neck-beard bullshit, but we’re here answering the question for someone who clearly has little understanding of email internals. Hyperbole is bad in this context IMO.

An absolute lack of consideration in regards to chat etiquette. Man now that I think about it, it’s chat threads/notification in particular.

People who carry on side conversations in threads. You’re giving everyone else who has participated in the thread the choice of “disable notifications for this thread and risk missing something relevant come back around, or get a notification for every single side message they’re sending”. Especially when someone is chiming in like 4 hours later. “Glad you guys got this sorted out”. Yes, all 12 of us on-call people in this thread needed to get that message direct to our phones at 3a.m. 4 hours after the outage has been resolved. Thanks for that. Very fucking helpful. High value communication.

People who will not use threads. I don’t need a new fucking notification every 20 seconds because you guys are deciding to have a chat about e-bikes. Make a goddamn thread or use a room made for chit chat, we’re all on the same team, we’re all in on-call positions. I’m paid to respond when this thing makes a noise. I am NOT comfortable muting the team channel.

It’s addressed elsewhere in these comments, but +1 to folks who just message you “hi”. Go get stabbed.

On the topic of notification fatigue:

People who will just not finish a thought.

Before hitting their enter button.

So they end up like doing this thing.

Where you get a notification every 15 seconds, because they are just absolutely addicted.

To their enter key I mean.

They are addicted to thier enter key.

their*

Oh.

I guess I could have just edited that message instead of sending the correction with the thing.

Asterisk? Asterisx? I forget what it's called.

LOL.

Anyway, that thing.

Also, when I’m helping you I am 100% going to stop what I am doing every time I get a message and read the message. There’s no way for me to know whether or not you’re messaging me “Oh never mind, I had a typo” or “here is more relevant info to make your work easier”. That message may very well have immediate impact on what I’m doing, and affect the course I take. Of course I’m going to stop what I’m doing to read it. So maybe don’t wait 5 minutes to send me the message “k” after I kindly, thoughtfully provide you with the status update “I think it’s the fizzibob, let me verify in the logs real quick” of my own volition so that you are not only aware of what’s going on, but don’t have any question as to whether or not your question is still being looked at.

It’s not “apart” at all. One person saying “yes” in a sea of "no"s still answers the question “Does anyone else”.

Anyone who has answered “No” is either wrong or is not answering the question “Does anyone else find street performers particularly annoying?”. They’re answering a question they imagine they were asked which is “Do YOU dear %USERNAME%, in particular, also find street performers particularly annoying?”

If 10,000 people respond to a super broad “Does anyone else” question and 9,999 of them are “no” and 1 is “yes” then you have 9,999 people who have provided an incorrect answer. More likely they’re just answering the question they wished they were asked though.

Pretty sure that’s what goforliftoff@lemm.ee is on about and why I felt your response to their comment warranted my unsolicited explanation.

There are plenty of good shows I’ve seen from street performers. Just stay out of the thoroughfare and don’t harass people and we’ll be fine. There are certainly a lot of talent-less fuck wit archetypes I could come up with though. Here are a few off the top of my head:

• Teenager who just discovered contact juggling
• Hipster on a unicycle who makes his own mustache wax. No juggling, no nothing, just a dude with a very groomed mustache
• Burn out who thinks if you replace metal riffs with minor chords they’re excellent soulful ballads
• Concerningly skinny geek doing geek shit. Like actual geeks, not mislabeled nerds
• College age stoner who thinks that people want to watch him play hacky sack
• Raver trying to justify their light up hula hoop purchases by performing for sober people while no music is playing

I hate most of the musicians too. I think that there is a pretty wide variety of reasons that the world would benefit from greater education in music. It won’t be for everybody, but neither is trigonometry and that’s pretty common in education curriculums.

The bar is extremely fucking low here. People are just way too easily impressed by someone being able to play an instrument at ALL. They can’t tell when a multi-stringed instrument is out of tune (and neither can the fucking busker), and they certainly can’t pick out the good from the bad.

Then you get these goddamn mediocre as shit buskers all chuffed up on their Dunning-Kruger high. I imagine the thought is something like: “People clapped and cheered, there’s money in my hat. I must be amazing at this!”. I am completely fucking unimpressed by your ability to play three simple chords on your dollar store toy piano while absolutely disrespecting a Johnny Cash cover of a NiN song.