My pleasure. I regularly put notes in my password manager about stuff like this.

Have a good day.

I prefer security keys. At work I use a yubikey, and I have Google’s security keys for my personal stuff. I tend to use totp as a backup.

For everything not banking, it’s great, I agree. I still prefer my security keys to everything. It’s hard to duplicate a digital key when it only exists on protected storage on a physical device, where that key never exists outside of that physical device.

In case anyone doesn’t know: FIDO works using a pair of asymmetric digital keys, the public key is sent to the remote site, and only the private key can decrypt anything encrypted by the public key. So a challenge (usually some mathematical calculation, not sure), is encrypted by the site/service that is handling the login, it sends over the encrypted request, which is passed, in it’s entirety to the fob. The fob requires a physical activation to process the challenge (usually a touch, but some require a fingerprint). The challenge is then decrypted, processed, the response is encrypted, and sent to the site for login, which decrypts the response with the public key, and compares the result to the result of the challenge that was sent.

There’s no part of this that can really be compromised. An eavesdropper can obtain the encrypted challenge (unable to be decrypted in any reasonable manner), and the response/public key… The public key isn’t useful, and the response is only valid for that specific login because there are aspects of the challenge that are unique per login.

All information in flight is unreadable nonsense. The only unique information to the key that is sent anywhere is the public key, which is supposed to be public.

Totp has the vulnerability of needing to relay the seed, usually by QR code. The only vulnerability there is when you set it up and the seed is shared to you, it can be intercepted. If that seed is stored anywhere that becomes compromised, then it becomes meaningless. It can be mined from an authenticator, or captured in flight.

Both of these are better than alternatives. Email/sms codes can be intercepted, either by an administrator or by an internet relay, or by sim duplication, etc. You know that already.

I don’t hate totp, I just recognize the faults in it.

There’s problems with physical security keys too, mainly in the fact that, if you lose the fob, you’re screwed. So it’s recommended to have a backup. Either in the form of a second fob, which is setup for all the same accounts which is stored securely, or in the form of another authentication method like totp.

Personally, I use a backup FIDO key for my accounts whenever possible. I also have a password manager that can store my totp so everything is in a single vault. If the vault is compromised then I’m screwed though… 90% of my accounts use a password reset email which is not stored in my vault. Only two things are not in my manager: that recovery email login (secured by my Fido key) and my bank (obviously also the vault login).

At work, I use the yubikey for everything that supports it, with totp as backup in my work’s duo authenticator account (duo is also setup to use my yubikey). So it’s all Fido/totp.

The only service I really want to use my security keys with that doesn’t support it, is my bank account… I suppose, also my government stuff, but almost all of that is informational. I can’t really make changes to my government stuff from their webpages. It’s generally just the government telling me things about my tax returns and whatnot (all SMS secured).

I hate the trend of companies requiring an app for 2FA… Something that’s not totp, but similar. You have a specific authenticator app for a single service on your phone only and it’s not great… Obvious examples include steam and Blizzard. Fuck that. I hate it. Go away. Give me normal MFA options… Dick.

I’ve ranted enough. Back to work for me.

Can you maybe add a note to the account in your password manager to remind yourself of the limitation? I dunno, I’m just some guy

Well, I have no arguments with what you’ve said. I think security keys/FIDO tokens should be more prevalent too. Otherwise this is 100% correct and I feel the exact same way.

I dunno about this analogy. I think the doctor proved that with enough time, anything can become a door.

Your story reminds me of something that my bank started doing. I got a robocall about something to do with my credit card, and the voice said to verify using x and y using my keypad, I think it was day/month/year of birth or something and I immediately noped out of the call. I hit all the wrong buttons until it got me to a person and I ripped them apart, and their supervisor for basically training their userbase to answer security questions given by an automatic voice on the other end of the line with no way to verify who is calling.

You can spoof your caller ID, you can get a text to speech robocall bot with DTMF recognition and just spam call a whole area where the bank operates and gather a bunch of personal information because it sounds just like the bank and there’s no way to prove who called.

What a crock of shit. It’s a security nightmare.

I did call my bank after at a known valid number, verified them as they verified me, and there was something going on, so the call was legit, and totally unacceptable.

These clowns want us to trust them completely, and give us no reason to do so, but they want us to bend over backwards to validate ourselves. Fuck that.

That was two hours ago. How did it go?

As a long time player since update 6? Or so…

I took time off work because I knew I wouldn’t be able to get anything done at work, because I’d be thinking about my factory all day long.

I have all day today, tomorrow, and all weekend to get the initial hype out of my system before I go back to work.

It gets really good when you get smart splitters. You don’t even need to really progress much in the game to get there, you just need to fill out the caterium tree in the mam. Then you can have one input for all your biomass stuff and smart splitters that take it to the constructors that will convert it to biomass, then into the constructors that will convert it to solid biomass, then into the burners. 👍

I used to build such lines in update 8 that output to a bin and I’d grab it for the burners… Just collect whatever biomass I can while I’m out getting things done and dump it every time I get back to the hub area where it was setup with the burners. It was a little ritual I had. The input on biomass burners will really cut down on how much time I have to think about it.

:)

I’m playing 1.0 now, I just unlocked smart splitters, and I have to rebuild my biomass processing as a result.

There’s also the dimensional depot which I rushed to, and that’s a complete game changer. Finally got enough materials to just set it up on my production lines, and I’m planning to add one for biomass, so I always have a little biomass in the depot for when I’m out and about and a drop pod needs power.

Only 500? Noob.

… I’m kidding. Wanna play on my self hosted dedicated server?

For me, the first thousand seemed to fly by.

I would agree with that.

You’re right. I should try harder to be stupid if I’m going to impersonate the Don.

Hey, stop trying to be logical. These people don’t understand it, and that’s mean.

/s

Ironic. Amirite?

There’s a whole subset of idiots that believe that you need to expose yourself to harmful shit to have a strong immune system. (See: all the people licking toilets and crap during lockdown)

There’s some credible science to it, in the way that, an immunization is literally putting “harmful” stuff in you to train your immune system. This is known science that I should be able to mostly hand wave around since most people already know this. Immunizations are usually focusing on a key indicator, eg, for COVID, it’s the protein on the outside of the vital cell wall (all the spiky bits in the illustrations) or whatever… I’m no scientist. For other viruses and bacteria, it’s a deactivated version of the virus… It’s essentially “dead” for all intents and purposes. It just resembles the virus so closely that it effectively trains your immune system to recognize it.

With all that being said, not all bacteria and viruses are something we can develop a natural immunity to, partly because some of them just kill us, partly because there’s something that is preventing it. Again I’m not a scientist.

Regardless, these idiots think that by exposing yourself to “natural” viruses and bacteria, you can strengthen your immune system. Bluntly, it’s possible to do that, and why the fuck would you want to do it that way? It’s literally a randomized version of a science we already have that’s tried, tested, and proven effective, called immunizations. With immunizations, you get all the benefits of surviving the horrors of some of the most nasty viruses and bacteria out there, without suffering through what those viruses and bacteria are going to do to you.

The whole thing is stupid.

If anyone argues about “good” bacteria, tell them to eat yogurt. FFS.

You know, there’s good people on both sides. People with a lot of value and good ideas. It reminds me of my businesses, so many good people. There’s a lot of good people in this world. You know what else is good? Watermelon. It’s a melon… Made… From water. How incredible. It’s delicious. How do they do that?

• Trump, probably.

My pleasure. My dad had his flaws, but he tried to do right whenever he could.

He survived polio, and after he was told by doctors that he would be lucky to walk again, he not only was walking right up until he was admitted into the nursing home (and for nearly a year after too), but he also was able to drive, both a car and a motorcycle, and he learned to fly a plane, stuff that the doctors would have said would be impossible for him.

He was a teacher in a local highschool and taught computers in the 80s and 90s, into the 2000s, when he retired from teaching. Because of this, we always had a computer at home, which is how I learned, and I work in IT support now, in no small part because there was always a computer at home. Even back in the days of DOS…

No, but it would arguably make someone aware that a DNR exists. Not sure it would hold up in court, but it’s more than nothing.

DNR is more for unexpected death. Planned death, such as suicide (whether medically assisted or not), still requires a DNR.

The only way a DNR is applicable is if the party who is performing the life saving is aware of the order (generally medical professionals). Unless you have it tattooed on you or something, how could a random person know not to try to save your life.

If the green text in the OP is true, I have no idea what their lawyer was thinking. There’s no way to win that argument.

By the time paramedics arrived, the patient was alive by way of this passerby resuscitating them already. Even if the paramedics were aware of the DNR, it no longer applies because the patient is alive. So reasonable measures to keep them alive are appropriate. As long as they don’t flatline again, the paramedics are in the clear.

I’m any case, DNR has a place. Including for those that don’t want to die, but understand the aftermath of CPR is pretty unpleasant (broken ribs, for a start). So rather than suffer through the recovery from CPR, they have a DNR, so that if they go, that’s it.

They’re not in pain, nor seeking death, they just don’t want to suffer through the trauma and recovery of CPR and related procedures.

This is very separate from palliative care, though most of the time they overlap. Palliative care is basically comfort care for people near death. Often palliative patients have a DNR, but not always.

Additionally, on the subject of palliative care, anyone who is not of sound mind, cannot consent to medically assisted suicide, and nobody can consent for them. So in any case where there is a mental aspect, such as dimentia, Alzheimer’s, etc, such procedures are impossible. Even a power of attorney cannot consent on their behalf, one of few things that a POA cannot do on the patients behalf.

Beyond that, medically assisted suicide isn’t legal everywhere.

We don’t know where the poster is.

Palliative care, DNR, and medically assisted suicide are all parts of the equation, all with different purposes, frequently related, and often are administered together.

Source: my father died in January of 2022. He long started his desire to not become a burden like his mother was (Alzheimer’s). His most frequent statement on this was that if he were to go “that way” to simply “hand him a gun and he would take care of the rest”. By the time my brother and I realized he had “gone that way”, he was too far gone to be able to do that, and too far gone to pass the required psychiatric exam to be eligible for medical assistance in the matter. He had to be put in a care home and we quickly got him a DNR. He was in there for… I think 5+ years? Before passing away “naturally”. For us, he died a long time prior to his body giving out, and we would visit his corpse in the nursing home from time to time.