i’ve never understood why there’s not a good option for using one of the plethora of server management tools with prebuilt helpers for workstations to mimic group policy
like the tools we have on linux to handle this are far, far more powerful
but like… there’s literally no market for apple parts because you can’t really use them for repairs or anything at all - it’s ewaste unless it’s in the original device, and the whole phone is ewaste unless it’s logged into the registered apple account - you can’t just wipe it or anything because of all the serial numbers etc
swings and round abouts… tbh i love this feature of apple hardware because it pretty much means there’s no point to stealing an iphone: you can’t even part it out and sell it in bits… i’ve left my phone in random places all the time and i’ve never been worried it’s going to get stolen
totally understand that people have the opposite POV though: that it’s your device and you should be able to do whatever you want with it, and that locking down parts is a method to ensure apple status in the loop with repairs and overpriced parts
i think both points of view are valid
which endpoint are you referring to?
there are passwords exchanged when using the vault management API, but AFAIK that’s for local access (eg CLI talking to the app)
i’m no expert on the specifics of the API; just in the description they give: https://bitwarden.com/help/what-encryption-is-used/
Bitwarden always encrypts and/or hashes your data on your local device before anything is sent to cloud servers for storage. Bitwarden servers are only used for storing encrypted data.
…
PBKDF2 SHA-256 is used to derive the encryption key from your master password
this is exactly the way this should be done. any deviation from this formula by a password manager with a server component should be viewed with extreme scepticism
When you login to the Vaultwarden web application it’s going to exchange your passphrase for a private key.
bitwarden is end to end encrypted: your decryption keys never leave your device, and the server certainly never sees them
you must always be able to trust your network
this would be a horrible password manager. this is also not how bitwarden works
you do still need to trust your server if you use the web interface, because any web interface can serve malicious components to exfiltrate whatever they like but native apps, assuming they’re verified appropriately, could communicate over HTTP and still not allow anyone actively monitoring your network to see any data that would be particularly useful
“check the link before you click” and these man in the middle forwarding systems make that impossible.
generally not true… the link href (the thing the browser shows to the user) would be the original link… bsky hijacks the link with an onclick (or similar) handler so you can see where you’ll be taken before clicking
but that’s what indexes are for
i doubt it’d be for that: if it’s a malicious link, they can just remove the post/link from their platform and the same effect is achieved
best case scenario it’s planning for when atproto has more PDSes, front-ends, etc: in that case, a central place where all platform links go so that you can set your “home” server so that all links into atproto redirect to your home server
worst case it’s for tracking click through for advertising
that’s also for accessibility, etc so i wouldn’t pin it all on being malicious
you’re right that this is likely to be used for tracking crap, but i wouldn’t write off the concept as only for that
for example, home assistant has https://my.home-assistant.io/ where you can set your home assistant URL and doc links (etc) link there, and then that site in turn automatically redirects to the correct place on your local home assistant
this could be used similarly by the fediverse: imagine my.join-lemmy.org where lemmy instances you’re not logged into redirected you to, which then in turn redirects to your home instance… that way, links across the web to lemmy would automatically redirect to your home instance
perhaps it’s not something that’s worth the trade off - centralising in some ways - but in federated platforms on the web it’s far from a write-off
wow yes how was my spelling that wrong and can i blame auto correct?
it does not have that on apple tv, thus it does not have that on all platforms that i care about - in fact, that’s the main, if not only platform that i really care about
heck, it doesn’t have skip buttons on any platform: it places chapter markers, which is a great implementation!… if they also added metadata that showed a button overlay for “special” chapters like this as well updated and checked again - they do add buttons now, but still not on tvos
all of this is fine, and i’m sure they’ll get there but it’s disingenuous to say that everything is at feature parity with plex
that’s fine… but it’s not necessarily what it says. it’s ambiguous at best, but if they’d meant they need you to pay them for resources then theyd probably say it more outright
bad take, people are allows to have opinions that aren’t yours
that is the most basic list of features… if something implemented only that list id consider it an alpha
the thing im waiting on to switch is skip buttons on intro/outro/etc across all platforms i care about
you can do a thing called UDP hole punching for NAT traversal, buuuuuut afaik these days a lot of consumer routers consider it a security risk and attempt to block it
they never said they needed resources for the remote playback… they said that they needed more resources - ie money to develop the software in general, and this are feature gating a useful feature to try and convince people to pay
I’m sure Fedora is full of binary blobs and not-so-free software
fedora is staunchly opposed to non-free software in their default distro … that spat a few weeks ago with OBS was related to that AFAIK
unsure about like signed blobs for “security” services but i imagine they’d be very limited, and optional
rather than sticking a white label on Fedora and call it something else
but for what benefit? no matter what’s trying to be achieved, starting with a very full-featured, robust OS that’s widely used is going to serve you very well… not just technically (less work for the same outcome), but for human reasons
there are loads of guides out there for how to fix fedora issues, few for guix… loads of RPMs that are compatible with fedora, and i can only imagine fewer packages for guix
and then if you’re talking about server OSes - and actually workstations too - managing them with tools like ansible etc… fedora is going to have off the shelf solutions
just Fedora with different theme
well, the actual software and configuration i’d argue aren’t the important part - owning the infrastructure is the important part… package mirrors, distribution methods (eg a website), being able to veto or replace certain packages, and the branding (or regulation) that draws people to it… being able to roll out a security patch to every installation without a 3rd party okaying it, for example
i’d say if it happens it should start with focusing on:
though there is the argument that workstation and user desktop are close enough to each other that user desktop should be above server, but i’d imagine it’d be more of a “home user” than gamer situation. i could imagine some regulations around refurbishing old tech with this kind of OS too, and this would be more about low spec machines (that’d help workstations too)
over canals is a good idea too: covering up waterways means less evaporation