• 0 Posts
  • 7 Comments
Joined 1 year ago
cake
Cake day: June 29th, 2023

help-circle
  • To me 16 is long haha.

    I usually end up running with 16 characters since a lot of services reject longer than 20 and as a programmer I just like it when things are a power of two. Back in the Dark Times of remembering passwords my longest was 13 characters so when I started using a password manager setting them that long felt wild to me.

    I do have my bank accounts under a 64 character password purely because monkey brain like seeing big security rating in keepass. Entropy go brrrrrrrrrrrr


  • I’ve used cloud based services for password managers for work and “self host” my personal stuff. I barely consider it self hosting since I use Keepass and on every machine it’s configured to keep a local cached copy of the database but primarily to pull from the database file on my in-home NAS.

    Two issues I’ve had:

    Logging into an account on a device currently not on my home network is brutal. I often resort to simply viewing the needed password and painstakingly type it in (and I run with loooooong passwords)

    If I add or change a password on a desktop and don’t sync my phone before I leave, I get locked out of accounts. Two years rocking this setup it’s happened three times, twice I just said meh I don’t really need to do this now, a third time I went through account recovery and set a new password from my phone.

    Minor complaint:

    Sometimes Keepass2Android gets stuck trying to open the remote database and I have to let it sit and timeout (5 minutes!!!) which gets really annoying but happens very infrequently which is why I say just minor complaint

    All in all, I find the inconvenience of doing the personal setup so low that to me even a $10 annual subscription is not worth it


  • MajorasMaskForever@lemmy.worldtoProgramming@programming.dev...
    link
    fedilink
    English
    arrow-up
    14
    arrow-down
    2
    ·
    6 months ago

    Ada

    It has a lot of really nice features for creating data types and has amazing static analysis during compile time.

    But all the tooling around it is absolute crap making using the language unbearable and truly awful. If it had better tooling I could see that it would have taken a decent chunk of development away from C and C++


  • As someone who is in the aerospace industry and has dealt with safety critical code with NASA oversight, it’s a little disingenuous to pin NASA’s coding standards entirely on attempting to make things memory safe. It’s part of it, yeah, but it’s a very small part. There are a ton of other things that NASA is trying to protect for.

    Plus, Rust doesn’t solve the underlying problem that NASA is looking to prevent in banning the C++ standard library. Part of it is DO-178 compliance (or lack thereof) the other part is that dynamic memory has the potential to cause all sorts of problems on resource constrained embedded systems. Statically analyzing dynamic memory usage is virtually impossible, testing for it gets cost prohibitive real quick, it’s just easier to blanket statement ban the STL.

    Also, writing memory safe code honestly isn’t that hard. It just requires a different approach to problem solving, that just like any other design pattern, once you learn and get used to it, is easy.



  • The issue is that with ongoing service across time, the longer the service is being used the more it costs Kia. The larger the time boxes Kia uses the bigger the number is and the more you’re going to scare off customers.

    Using Kias online build and price, looks like the most expensive Telluride you can get right now is $60k MSRP, cheapest at 30k

    Let’s assume Kia estimates average lifetime of a Telluride to be 20 years so they create an option to purchase this service one time for the “lifetime” of the vehicle. Taking in good faith the pricing Kia has listed, using that $150 annual package, and assuming that price goes up every year at a rate of 10% (what Netflix, YouTube, etc have been doing) across those twenty years you’re looking at around $8.5k option. At the top trim thats still 14% extra that is going to make some buyers hesitant, at the base model that’s 28% more expensive.

    Enough buyers will scoff at that so Kia can either ditch the idea entirely as they’ll lose money on having to pay for the initial development and never make their money back, or they find some way to repackage that cost and make it look like something that buyers are willing to deal with.

    To me the bigger issue is the cost of the service vs what you’re getting. Server time + dev team + mobile data link cannot be costing Kia more than a few million annually, mid to upper hundred K is more likely so they must not be expecting that many people to actually be paying for any of this


  • It’s IEEE misinterpreting the guys original paper.

    https://liuyang12.github.io/proj/privacy_dual_imaging/ (can’t find the full paper, but here’s the abstract at least)

    The paper author straight up says the light sensor is impractical to use as an attack vector, but when you use it in conjunction with other sensors you might be able to gleam more information than most might think. It leaves me with question of what other sensors can you combine to start getting behavioral information that is a security threat?

    I’ll say it worked for me. I read the IEEE headline, called bullshit, dug into it and yeah you can only get a tiny bit of information that you have to stretch pretty far to get useful conclusions from… But it’s more than the zero I initially thought. So props to the paper author, he met his goal. IEEE wanted sensationalized clicks, which they too unfortunately got.