Signal, tho I’m not sure it has a web interface, I use their flatpak on Linux, they have apps for other OSes too (and obviously for your phones)

not for Visas but we do use it for several public uses.

bruh what? Italy a lot of towns have a telegram and a whatsapp channel. Everyone uses whatsapp here and it’s similar in Ukraine, Ireland, and several other places.

2FA should always be enabled. Doesn’t mean you always have to log out of a website. It’s a massive important security feature: it saves your ass if your passwords are leaked/cracked/bypassed and it warns you that someone is trying to access your account. Apps like ProtonPass literally make it extremely trivial to fill it in, just push the button that pops up and it will autofill the 6 digit code (or copy it to your clipboard in the worst case), it’s not SMS 2FA, so you’re frankly stupid for not using it if you have that option.

You didn’t address shit, strong passwords will still be vulnerable to certain attacks even if everyone used them. This isn’t a privacy matter either it’s a security one and regardless of what your threat model is 2FA should always be part of your security, there’s a reason more and more websites and apps are pushing it, cause if you don’t force idiots to adopt it they won’t even if it’s extremely important, same reason as why we need rules to make passwords more complicated. It may be an inconvenience (very tragic for the user I know, how dare they make something that autofills and takes a few seconds of my day away from watching useful shit like brainrot and some dumb comments on my favorite social media platform) but it’s an extremely important and necessary measure.

It’s still nowhere near as secure and convenient as using an appropriate tool. You will either have one that is easy to decipher and remember or one that is hard to decipher and remember. And you have to do it every time but at that point you might aswell just remember one password/passphrase and use it for your password manager, defeating the whole point.

Also bare in mind convenience is important in security, if a measure is very inconvenient you will eventually just bypass it on your own cause you can’t be arsed.

Absolutely not. You should always use 2FA. Most decent password managers even make it easy for you.

While cracking a strong password is nigh impossible rn they are still vulnerable to data breaches and pass-the-hash attacks.

I mean I used to say the same but then I did after doing more research in mozilla’s privacy things. Also Ladybird is coming at some point and frankly can’t wait for that

I disagree. Password managers are still target of threat actors, a juicy one at that, but it’s not too often you hear of breaches of good password managers. Chances are the people behind the good password managers are better at security than 99% of users (including more technical ones). Even after a breach exporting all the passwords and moving them to another service, and changing all your passwords again with more secure ones is trivially easy.

If everyone used them sure there’d be more pressure on said password managers but hackers will find it a lot more difficult to hack anything in general and it will still not be worthwhile to hack average users who use a password manager.

Unless the website is handled by complete morons it stores credentials in an hashed format. Usually to crack this we’d use rainbow tables or wordlists of known passwords, and essentially we use every word to generate the hash until it matches.

If your password is strong and hasn’t been compromised (check regularly on haveibeenpwned) it will likely not be in any wordlists and it also won’t be easy to crack. Now, password managers can generate the best passwords because they’re completely random and very long by default so to crack them you’d have to try every possible character combination, this takes time, and specifically a time so long that statistically the andromeda galaxy and milky way will merge into one before the password is cracked (at least until quantum computers become a thing, then it’s mere minutes).

2FA helps because even if they crack the password they then need the 2FA code, which you can’t really guess or brute force and is seen on a third party app you don’t control (unless you use sms, they can spoof SIMs ro view the sms you receive and therefore degeat 2FA). It also doubles as something that alerts you that someone is trying to access your account.

I mean, using password managers is both more convenient and more secure than 99% of things most user do to handle passwords so idk.

And some like Proton Pass also double as 2FA apps and make that trivially easy too by autofilling everything with a click

No. Anyone near you or with access to your place can see it. And most people know of the tricks.

Also you can’t encrypt it and most of all you can’t really generate as strong passwords as those generated by password managers, meaning I don’t even need the paper to try and crack your password

Ultrakill has some bangers, didn’t even play the game Injust stumbled on the OST.

The Witcher 3, I love BANANA TIGER.

Red Dead Redemption 1 and 2.

No Man’s Sky

Lost Ember

Gris

Deep Rock Galactic

Route 96

Cyberpunk 2077

So so so many more

Honestly he is talking out of his ass, torrents are neither dead nor slow nor used by nobody. They’re very much alive.

The second. Cars are in the top 3 causes of death they ain’t keeping us safe at all.

I mean, usually when I need something immediately I just walk 5 minutes to the physical store and buy it.

I don’t even remember a time where I needed to get something I needed immediately from Amazon. In fact, if I am getting anything from amazon it’s probably because it wasn’t possible to find it elsewhere and that’s usually not something so important it needs same/next-day delivery.

Or spotube

Good on them.

I had a similiar experience with Mount and Blade warband, I pirated to try it, bought it after and when it didn’t work the folks at TaleWorlds helped me out fix the issue. Absolute lads.

Why would you need to replace the instrument?

Because the company made it so it only works with its specific software. Sure maybe you could try and find a way to hack another software in it but that is significantly harder than the stop-gap measures or full-replacement. If you mess up you can end up breaking an extremely expensive tool, and, since funding is extremely limited (talking bare-minimum or even less sometimes), that means you won’t risk it.

As opposed to some dude on Lemmy bemoaning that there just can’t be solved without source even though I’ve given actual solutions available now and for little to no material cost?

Yeah well one Lemmy dude actually knows the situation and how things work around a lab and one doesn’t seem to understand. It isn’t “little to no cost” evidently or most of us sure as shit wouldn’t be dealing with stop-gap measures.

You have admitted that you’d still have to rely on someone else’s expertise and motivation in the hopes that they’d solve the problem for the lab

There would easily be a team of software engineers who would take on maintaining a lot of the abandonware software we use in a lab since there’s a lot of folks who still rely on that software that the company abandoned, including people who know about software more. The key difference you don’t understand is that if the source was open it wouldn’t be necessary to have an IT enthusiast in every single lab that needs it, you only need 1 or 2 to maintain a repo.

Even then, as I said, they’ve had decades to figure it out and there exist step-by-step instructions already that are freely available to help them solve the problem or get them almost to the end, assuming, there is some proprietary hardware never mentioned.

First of all, not all abandonware is decades old. Secondly, people are already using the stop-gap solutions that you’d find on the internet, like never connecting the computer to the internet and pray nothing breaks, for example.

who’s going to maintain it?

If it’s open source someone who knows about software can do it so that we don’t have to. Doesn’t even need to be a guy in the lab since he could just maintain a github repo and we’d use his thing.

If this “lab guy” isn’t up to the task, then why are they entrusted with something so critical with nothing done about it in approximately two decades?

Cause the instrument is important and replacing it, aside from being a massive waste of a perfectly functioning instrument, costs hundreds of thousands if not millions of € that we can’t spend just because some company decided to be shit and some dude on Lemmy said we shouldn’t use stop-gap measures for a problem that’s completely artificial.

I study in biotech and currently doing a traineeship in a university lab that likely operates in a similiar way, albeit we are way less expensive to operate and require a bit less precision and safety than medical stuff (so for them the problems here are exacerbated).

Instruments like the ones we use are super expensive (we’re talking in the order of hundreds of thousands of €), funding is not great, salaries are often laughable, the amount of data is huge and sometimes keeping it for many years is very important. On top of that most people here barely understand computer and software beyond whet they’ve used, which makes sense, they went to study biotech and environmental stuff not computer science. There’s an IT team in the university but honestly they barely renew the security certificates for the login pages for the university wifi so that’s laughable, and granted they’re likely underpaid, probably a result of low public funding as well. Sure, none of the problems would be too impacting if we had all the funding in the world and people who know what they’re doing, but that is not the case and that’s why we need regulations.

What you’re suggesting is treating the symptoms but not the disease. Making certain file formats compatible with other programs is not an easy undertaking and certainly not for people without IT experience. Software for tools this expensive should either be open source from the get-go or immediately open-sourced as soon as it’s abandoned or company goes bust because ain’t no way we can afford to just throw out a perfectly functioning and serviceable tool that costed us 100s of thousands of €s just because a company went bust or decided that “no you must buy a whole new instrument we won’t give you old software no more” in order to access the data they made incompatible with other stuff. Even with plenty of funding to workaround the issue that shouldn’t be necessary, it’s a waste of time and money just so a greedy company can make a few extra bucks.