Yeah I’ve fallen into this trap before as well. When I shop for a desktop, I tend to go as high-end as I can afford and then sit on the same machine for 7-10 years until it becomes unusable/support begins to wain. That desktop sits under my desk and doesn’t move that whole time, it is in a very controlled environment.

You cannot shop that way for a laptop that will be moved and handled and charged and stowed and scratched and bumped and bent and twisted. Even if you take excellent care of it.

You are correct, but the way people reacted is certainly conditioning from the rug-pulling enshittification going on daily in the tech world. (What are we all using instead of redis, again?)

This is a much more level take than your first comment.

They didn’t try anything. Stop inventing. Go read an actual article on the subject instead of feeding the scarebait frenzy.

“I only read the headline and the comments from the threads a week ago, I am truly disappointed in Bitwarden’s stance against FOSS as I’ve misunderstood it.”

I can’t believe Microsoft is doing EEE on malware

I wish instead of complaining to people that they didn’t read the docs or whatever that linux devs would scour the internet for these criticisms (like when specifics are provided) and then develop solutions for them.

Yeah, people are shitting on your product because it’s not obvious. Make it more obvious!

(Thankfully this is starting to happen…)

Wasn’t there multiple password managers that got powned over the years ?

Pretty much only LastPass

That’s weird, it works for me. Is there something you need to click on the mobile site?

Bitwarden just announced a consortium with Apple, Google, 1Password, etc to create a secure import/export format for credentials; spurred by the need for passkeys to be portable between password managers (but also works for passwords/other credential types)

All the major password managers store passkeys now. I have every passkey I’ve been able to make stored in Bitwarden, and they’re accessible on all my devices.

Article is behind the times, and this dude was wrong to “rip out” passkeys as an option.

Read the article, it’s literally about replacing Import/Export CSV plaintext unencrypted files with something more secure.

I.e. moving your passwords/passkeys between password managers. This is not about replacing stuff like OAuth where one service securely authorizes a user for another.

With passkeys you never need to worry about the storage method used by the site. Some sites STILL store passwords in plaintext. When that database gets hacked, it’s game over.

A public passkey, even stored in plaintext, is useless to an attacker.

Maybe that doesn’t matter for you or me, with our 64-character randomly generated passwords unique to each service, but the bigger picture is that most people just use the same password everywhere. This is how identity theft happens.

That’s exactly how passkeys work. The server never has the private key.

When a website gets hacked they only find public keys, which are useless without the private keys.

Private keys stored on a password manager are still more secure, as those services are (hopefully!) designed with security in mind from the beginning.

Because you cannot reverse a hash. Information is lost from the result.

Apple

The return of Claris!

I keep meaning to do the scroll of truth meme but it’s him and the scroll is AI and it says “stop burning fossil fuels”

Nyyeegghh!

So, Prism then? They got into the NSA’s “we gotta spy on everyone in case they end up talking to foreigners and then we can look at everything on them for all time” system?

The one we were assured was “safe” and “wouldn’t/couldn’t be used on Americans” and “shut up commie why do you hate national security”?

You can’t really reliably use consumer SSDs in a server/NAS situation though, unless you more prepared to replace them every 12-24 months and suffer poor read/write speeds under load