@shreyan Yeah gokrazy is pretty cool 👌
@yakumo_izuru@tsuki.chaotic.ninja Just don’t enable it? 🤔 It’s feature gated.
@yakumo_izuru@tsuki.chaotic.ninja Okay okay 🤣 Are you able to contribute in this at all and help cut some code? 🙏
@eapl.me@eapl.me This is actually pretty cool 🤔
@movq@www.uninformativ.de That is pretty cool 😍
@osnews@feeds.twtxt.net Hah did not know this 😆 But am also not surprised 🤣
@yakumo_izuru@tsuki.chaotic.ninja Which issue in particular? 🤔 The API one?
@cncf@feeds.twtxt.net How about less complexity?! 🤣
@shreyan It still buggy as hell but I’ll get it working and all the bugs fixed 😆
Huh hey @lumen@tw.lumen.pink I didn’t even notice you run a Yarn pod 👌 Whot! 🥳
@mckinley Nope.
And done! prologic/objects: Objects is an object storage server (using a directory as backend) with a AWS S3 compatible API written in Go. - objects - Mills 🥳 Simple, but it works, anda very lightweight! 👌
Time to write my own S3-compatible Object Storage server 🤣
@movq@www.uninformativ.de I mean yeah I totally get that syncing the TOTP seeds is a horrible idea. It defeats the point of a second factor and “something you have”. 🤦♂️
@abucci@anthony.buc.ci Can you recommend one?
Of course, never ever use Google Authenticator. All it does is generate TOTP and HOTP codes, which you can do with any OTP app, preferably an open source one that’s been vetted.
I’ve been using Google Authenticator for years, but it never had this “sync” feature until recently 🤦♂️
Also kind of curious how syncing to Google servers made this attack worse? Not that clear from the article 🤔
Wow !!! 😱 Those sneaky little shitheads!!! Google are unconspicious lying sons of notches 😢 When da fuq did they sneak this feature in?! I didn’t even notice this was a thing from a recent upgrade of the app (Authenticator) 🤦♂️
@darch@neotxt.dk Yup 😅
@darch@neotxt.dk It’s called “test in prod”™ 😅
@lumen@tw.lumen.pink Hey! 👋 Welcome back! 👌
yarnd
password change function is insecure by design and should be fixed 🤔
@lumen@tw.lumen.pink Ahh good to know, so less likely to worry about 👌 (hijacking sessions that is)
yarnd
password change function is insecure by design and should be fixed 🤔
@mckinley Agreed!
@lyse@lyse.isobeef.org 500 Internal Server Error for me 😢
@lyse@lyse.isobeef.org Oh wow that’s such a lovely shot! 👌