Mama told me not to come.
She said, that ain’t the way to have fun.
My SO is reasonably technically inclined, and still keeps forgetting they have the SMB share on there. It’s literally a folder like any other on their PC.
They do remember both the IP/port (our TV sucks and loses WiFi periodically, and Jellyfin forgets the info) and the URL (can’t use TLS on the TV apparently…). And that inconvenience is way less of an issue than dealing with an already mounted SMB share.
So yeah, MPV is a nonstarter.
Yeah, I’m not connecting my computer to my TV to watch something. Jellyfin streams to it without that nonsense, why would I go back to essentially sneakernet?
It misses the primary use case for me: streaming to TV. I used to use minidlna, but the UX on my TV sucked, and Jellyfin was a pure upgrade. I can count the times I’ve watched more than 30a of my media (to test something) on anything other than my TV on one hand, and all of those are on a tablet using cached files.
If I did watch media on my laptop or desktop, I’d mount a network share and use VLC or something.
Yeah, I don’t see how this is better than mounting the drive and using whatever I normally use.
My primary use for Jellyfin is:
For YouTube, I just use NewPipe or Grayjay on mobile, and YouTube directly on web (uBlock blocks YT ads perfectly).
This looks cool, just not something I’d ever consider.
The company I work for forces everyone to do a training every year that goes over all of that and a few others. I assume most larger companies do the same.
None of this has anything to do with password managers, but knowing how to install stuff properly.
If you think you’ve only been in one breach, you’re probably mistaken or very young. I don’t know how many breaches I’ve been involved in, but it’s at least double digits.
I’m American, and my Social Security number has been leaked multiple times. Each time I’ve done everything possible to secure my accounts (random passwords, TOTP 2FA where possible, randomized usernames, etc), yet there’s always a new breach that impacts me.
I’m not too worried though. My important accounts are pretty secure. I use one of the few banks (brokerage actually) that provides proper 2FA. My email and password manager use 2FA. My credit is frozen. Breaches happen, the important thing is to limit the impact of a breach.
There are two major threats to a password manager:
The second is much harder to mitigate, but also much harder for an attacker to pull off since they need to compromise the update delivery chain.
Whatever client you use, make sure you trust the update mechanism.
Make sure whatever password manager you use doesn’t store the key on their servers. Bitwarden does this correctly (if you lose your PW, Bitwarden can’t recover it), and I’m sure some competitors do as well. LastPass apparently didn’t.
Bitwarden has no secondary key, and the master key is never sent to the server. All they get is an email address and encrypted data. If you forget your key, your passwords cannot be accessed, which means an attacker is screwed too.
There are tons of ways to give yourself ways to “recover” your password that don’t compromise you in a breach scenario:
Maybe that’s how 1password works, idk, but I do recommend verifying that there’s no password recovery option on whatever password manager service you use.
your email (to be able to recover your password for the password manager)
If your password manager has a password recovery mechanism, that means your key is stored on the server and would be compromised in a breach. If that’s the case, I highly recommend changing password managers.
The ideal way a password manager works is by having all encryption done client-side and never sending the password to the server. If the server cannot decrypt your password data, neither can an attacker. That’s how my password manager works (Bitwarden), and I highly recommend restricting your options only to password managers with that property.
If you need a backup, write it in a notebook and keep it in a safe. If your house gets broken into, change your password immediately before the thief has a chance to rifle through the stuff they stole. My SO and I have shared passwords to all important credentials, so that’s out backup mechanism.
I don’t know your rule, but when I hear this, usually it includes the name of the service or something, so a script kiddie armed with a levenstein distance algo could probably detect it.
That said, the “safer than the person next to you” rule applies here. You’re probably far enough down that list to not matter.
As for password manager breaches, the impact really depends on what data the password manager stores. If all decryption is done client-side and the server never gets the password, an attacker would need to break your password regardless. That’s how Bitwarden works, so the only things a breach could reveal are my email, encrypted data, and any extra info I provided, like payment info. The most likely attack would need to compromise one of the clients. That’s possible, but requires a bit more effort than a database dump.
If there’s a leak with multiple services, it’s possible some script kiddie will flag it as having a pattern. I’m guessing the rule is simple enough that an unsophisticated attacker could figure it out with several examples.
It’s way better than reusing passwords, but I don’t think it’s better than a password manager, and it takes way more effort esp given all the various password rules companies have (no special characters, must have special character, special character must be one of…). If you’re paranoid, use something like keypassxc that’s just a file.
Yes, it is better. The likelihood that someone will physically access your device is incredibly low, the likelihood that one of the services in your bucket gets leaked and jeopardizes your other accounts is way higher.
I set mine to require my password after a period of time on certain devices (the ones I’m likely to lose), and all of them require it when restarting the browser.
it just unlocks with a fingerprint, and I think law enforcement are allowed to force you to biometrically unlock stuff
True, but it’s also highly unlikely that LE will steal your passwords.
My phone requires a PIN after X hours or after a few failed fingerprint attempts, and it’s easy to fail without being sus. In my country, I cannot be forced to reveal a PIN. If I travel to a sketchy country or something, i switch it to a password unlock.
Yeah, hurricanes aren’t really a thing in that region, they have monsoons instead.
I disagree that anything you describe could actually be both commercially viable and deployable without authoritarian involvement
You haven’t heard of Ring cameras? Commercial security systems? They do basically what I’m describing, just not as well because they don’t have as much of an incentive. Are end users willing to pay for these more advanced models? No, so consumer grade cameras stick to object detection like deer vs racoon instead of specific individual detection (e.g. scanning eyes).
Governments, however, are willing to pay that amount. Why? Because they think it’ll help them detect criminals, and they think that helps keep people safe. It’s an extension of the HOA idea, just with government-scale funds backed up with law enforcement to go after threats. That, in itself, isn’t authoritarian, but setting up such a system opens the door for authoritarians to take control and misuse it.
I’d go so far as to say that the people in your theoretical HOA are analogous to supporters of a authoritarian regime.
Analogous, sure, but the HOA has no enforcement arm for non-residents, so all they can do is ask the police to intervene. That’s the difference with a city, it has a police force it can order to intervene using information from that system. It’s the mixing of enforcement and surveillance that makes it authoritarian.
So a surveillance system is not itself authoritarian, it’s only authoritarian of there’s some enforcement arm to enforce obedience or punish disobedience.
If it is nearly impossible to meaningfully use apolitically, then it is not apolitical.
Again, I disagree. Something is only political when used for political ends.
What’s crazy is I agree with some of what he says, but disagree entirely with his company.
Basically, he says the Antichrist promises security in exchange for giving up your freedom. However, his company does exactly that, it promises security in exchange for taking away freedom from the people. So at best he’s a hypocrite and at worst an accelerationist.
I agree that people are willing to trade freedom for security, but I disagree that’s what governments should do. Governments need to protect freedoms first, and security second.
Similarly, even if HOAs could deploy a system like that, that’d make them authoritarian.
That really depends how the system is used. If it explicitly doesn’t record regular residents and people who have signed up officially as visitors (and homeowners can review footage), I don’t think the camera system itself would really be authoritarian. Yeah, the system would be capable of violating privacy, but as long as the system is transparent and reviewable by the residents, I think it can be privacy-respecting. Basically, it would be like a home security system, but across a neighborhood, and it can even be self-hosted to not let third parties access the data (and police requests would go through the HOA board, which consists of residents).
That’s my point. If the system itself can be used in a privacy-respecting way (and the vast majority can), even if it’s typically not used that way, the system itself cannot be authoritarian. If an institution uses it in an authoritarian way, then the institution is authoritarian.
In short:
I have friends that use home cameras to do object classification as a hobby, mostly to identify and fee record wildlife. I’ve also heard of people doing this to identify package deliveries and catch package thiefs. Sharing those models with others on the internet is largely the same idea as what flock is doing, and with enough data, similar solutions to what Palantir is doing could be done entirely by hobbyists.
The products Flock and Palantir aren’t authoritarian in and of themselves, it becomes authoritarian when those products are used to enforce policy.
Some solutions here are technically illegal to make laws about. The government cannot force a company to give away its copyrighted server code, not even in compiled form. Since there are alternatives that don’t require giving away copyrighted material, it’s better to keep it vague.
So it’s both the friendliest to companies and the easiest to pass as a law.
I would argue that such a product would be by its nature political, because it’s only practical use case was the furtherance of a political goal.
Again, I disagree. Surveillance has a lot of use cases outside of government, and a huge use case is keeping the government in check. Palantir could have sold its services to non-profits like the ACLU as a check on local, state, and law enforcement agencies. They could have sold it to HOAs and neighborhood watch associations as an early warning system for repeat offenders.
The government skirting the 4th amendment (and a few others) doesn’t automatically make its sub-contractor’s products “authoritarian,” it makes its use of those products authoritarian.
So a system that does so (like the ones sold to the govt) is a political software product.
I disagree with that conclusion. The use by the government is authoritarian, but that doesn’t make the product authoritarian.
To me where it gets tricky is when private entities grow to government-sized proportions, and begin to use these same tools for similar purposes
A private entity can do authoritarian things, like spying on its employees or customers. Authoritarianism isn’t strictly tied to governments, but anything that acts like a government. Here’s the first definition I found:
Characterized by or favoring absolute obedience to authority, as against individual freedom.
Software can’t really favor obedience to authority, it can’t really deny you your freedoms, it’s just software. Likewise for a camera system. The only way those things can be authoritarian is if paired with some form of enforcement arm, like corporate security or law enforcement. So that combined system is authoritarian, the cameras or software on their own cannot be authoritarian.
That’s my point.
Yup, I use the terminal every day at work, my workflow is VIM + tmux, and I self hosted a Minecraft server using systemd (and a bunch of other stuff), so CLIs are kinda my thing.
I don’t use MPV. Why? I watch my content on my TV. If I’m on my computer where MPV could be used, I’ll play video games or work on personal projects, not watch content. Jellyfin is easy enough that I had to block the app on my TV since my 3yo was watching it before I got up. It works really well, it’s easy to set up, and even a child who can’t read can use it.
What does MPV provide?