Hacker Newsnew | past | comments | ask | show | jobs | submit | f3d46600-b66e's commentslogin

1) new Evs are still more expensive than new gas cars 2) in some states, the registration fees are higher (+$225 in Washington State) 3) if it's your only car it may be a bit limiting, unless you are willing to rent a gas car on occasion.


I suspect it won't help. If your key is compromised, the previous sessions are compromised as well. I.e. the attacker now knows the password.


There is no indication or mention that key exchange was compromised. SSH has forward secrecy, so compromising the authentication keys does not compromise the encryption keys.


If it's encrypted, it's not deduplicable and not compressable


from my understanding of the tarsnap client, it performs the deduplication then encryption locally to achieve high compression. still the cost is too high for my exact use case.


1.5k per month is more than 23tb of hard drives for 10 years ....


I read that microphone in Bluetooth stops working (on Chevy bolt)


I have 5TB with a few hundred thousand pics in immich, and unfortunately opening the mobile app is slow (it loads some state from the server and that takes forever...)


Perhaps you have not noticed release notes. There were bunch of releases where you had to change the docker compose file, and you can't just apply updates automatically to immich.


How does it compare to immich?


Yubikey supports this already, but without the phone part.


I should do this for ssh password entry. Running ssh-agent is still 90% of the story, but it comes up often enough that I'm on a terminal in a remote machine or inside a screen session or something that it would still be awfully useful to be able to just autotype it.


Does it require installing 3rd party software on the host machine? This might not work great for this kind of "shadow IT" application in all environments, whereas one that acts as a USB keyboard might be more versatile.


Does it require installing 3rd party software on the host machine?

No, it identifies as a keyboard. It also defaults to generating a password that will use the same scancodes on (most?) western keyboard layouts so that computers configured to default to e.g. QWERTZ or AZERTY will still result in the same password.


How do you tell it which password to type?


IIRC there is a maximum of two; one on short-press and one on long-press.


Only to configure it. It presents as a USB keyboard (among other device types).


How do you tell it which password to type? I haven't seen yubikeys with physical interfaces to select a particular password.


I will point out that finding and root causing a bug (and perhaps writing a test) is THE contribution. Very often fixing the bug, once all unknowns have been resolved, is trivial.

Many times a one line fix takes days off debugging and analysis. Seems like this was the case here, since the original bug was open for 6 years.


And indeed, they received the proper accreditation for that. As well as the mailing list entries which are there for all to see.


"Reported-by" reads like: "this person mentioned the problem to us". In this case he did all the heavy lifting which is like 95% of the work. How is reported-by a proper accreditation? I feel like many commenters here never had to debug any complex or subtle, hard-to reproduce bugs. Either that or there are many assholes on this site.


Well, maybe there should be a 'contributed an improperly signed patch with issues' tag that would cover the situation. But in the case of mailing to a security list your general expectations should be to hope that it will be included, and hopefully speedily.


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: