I will never complain about my IT department again.
(Can’t say that with a straight face 
)
2 Likes
Stupid CEO Magazine strikes again. (It’s the one that spreads all the daft business trends, in between advertisements for lumps of solid gold in the shape of watches…)
1 Like
Anyone letting employees use block storage on removable media is nuts.
An organisation which I know has policies like that. Share files only over corporate OneDrive; no USB sticks except the special Secure™ ones. But corporate OneDrive is down more than it’s up, and someone borrowed the one Secure™ USB stick for that sub-office of ten people six months ago and nobody knows where it is, and management is shouting at them to get on with their work. Guess who gets blamed?
3 Likes
I was so happy the day I looked under the surface of our similarly-painful council site, and found that ultimately it was getting its information in JSON format from an API endpoint URL specific to my postcode which I could trivially bookmark or directly request. The JSON was every bit as easy to read as the web page they were rendering it as, and hugely more convenient.
2 Likes
There is an API call involved somewhere, but I didn’t get anywhere trying to reverse-engineer it. 
1 Like
The software I work on takes a handful of directory and file-path arguments.
When debugging a test case I’m normally happy to construct the argument list by hand, but sometimes I make a mistake and wonder why the software isn’t performing as I expect.
This morning I spent an hour or so writing a Python script that takes a test case ID and spits out the formatted argument list.
Not sure why I didn’t think of that sooner.
5 Likes
Just got my data export from goodreads… on the one hand they hide the function, tell you they might take forever and generally try their best to discourage you to request them… and then it is a zip file filled with zipfiles that most people will have problems using for anything but inside that second layer of zip is something really nice: json formatted data that is perfect for me purposes
Love it!
The BGG csv I also requested looks a bit thin compared to that 
edit: the data export is incomplete… there is a separate library export oO… man why things so complicated?
5 Likes
I use VS Code for work. The go to definition command sometimes fails to find the definition. It used to tell me it couldn’t find it. Now, it’s started to open a new init.py file, as if to say “Well, why don’t you write that, then, you slacker?”
4 Likes
MATLAB does the same. There’ll literally be a file in the project with the same name as the function I’ve asked for the definition of and it’ll go “Nah, not sure what you’re on about mate, here’s an empty file with the same name though!”
3 Likes
I was about to hand-transcribe a whole bunch of printed text then I remembered that Google Lens can do that for you.
Took two photos, extracted the text with Google Lens, emailed it to myself, job done!
5 Likes
It turns out that someone that really doesn’t want to code will not be able to use chatGPT to produce code according to what they want to do.
So I ended up writing the script that does the thing that “needs” to be done. Because I can.
I’ve also continued with my data archeology and written 2 scripts one that converts wordpress.xml exports into markdown files per post and page including comments and with all kinds of metadata as front_matter.
And then I repeated the exercise to do the same for several old blogs (the early 2000s were the time when blogs were hot shit or as we translate “heisser scheiss”) that I never exported to xml and extracted them from a mysql backup via Umweg of importing it back into a database.
So if anyone needs some hacky python code to flatten their old wordpress blogs into gittable more-or-less plaintext files… I can supply.
PS: that is what I spent most of my week-end with.
6 Likes
Because it happens all the time :
I know you most likely know all of these and so do most people here. But if just one person does not. Here are
yashima's rules of passwording
- different site, different password
- longer passwords are better than shorter ones–longish begins around 12 characters, passwords of length 5-6 are a big-nono, I generate passwords with keepass and when away from keepass have a “scheme” that creates lengthy passwords I can remember until I get a chance to put them into keepass
- beware though that some sites limit password length and instead of telling you they just snip off a part and if their login form sucks your password will not match either.
- passwords with not just letters are better than just letter ones (but password length matters more)
- don’t use words or dates or other stuff you can easily remember–long and obscure phrases might work
- use two factor when your finances could be affected severely (aka banking not online shopping) or you value that account very highly (email for password recovery on other sites counts)–guard your 2 factor and the restoration codes! Two factor becomes a problem if you lose the 2nd factor which is absolutely possible and happens.
- much off those hacks are automated, so anything that will fool automation helps. f.e. use different logins to each site
- bonus content: do not store your credit/bank account data permanently at any site (I make an exception for paypal because without it that won’t function). Sites get hacked all the time and most of the time they will not tell you
- more bonus content: one of the more likely ways to lose an account are fishing emails. These are quite sophisticated these days. Any unsoliticited email that wants you to click on a link has an 80:20 chance that it is a fishing mail. My colleague almost fell for one the only thing that saved her was that she had been warned IT were testing every one. If it had been a real one out of context, she would have clicked on it. She’s a software dev!
- one more: clean up after yourself. If you stop using a site for good, take out your content and have your account deleted.
I use a password manager (keepass) mine is offline. There are various versions of storing all those different passwords. My dad uses a paper notebook. Which actually is one of the more secure ways to store passwords. Just not very comfortable to use and also does not protect him from key-loggers.
@ other techies please correct me or add to this list.
Saw this on r/coolguides the other day and I admit even I was shocked how short times are–even if they are not totally accurate, these numbers are shocking but quite believable:
I get interesting knowledge here about languages, history and other things. If this is me stating the obvious stuff, I apologize but if it helps anyone I would love to be able to help.
5 Likes
If length is not an issue with the site: I found passphrases are easier to remember than passwords and are very lengthy. But still follow the above rules: Use numbers and symbols.
Or use one of these password managers. 
3 Likes
A local password manage that you run on your own device and which does not use the Internet. (E.g. an encrypted text file.) 'Cos any password manager site is a prime target for attacks, and they all fall eventually – or pivot to where you are the product and they’re selling you to the data miners.
For this place specifically, be aware that you can also enable TOTP, which is an open standard and has apps etc. available pretty much everywhere. PayPal doesn’t support this. Nor does eBay. Nobody there seems to care.
4 Likes
I actually lost my Discord because of Two Factor authentication…
I changed the password, which logs you out, and then when I tried to log in, it asked for the authentication… which you can only access when you are logged in.
The idea is that you write down the 8 one-time codes, but I didn’t know I even had two factor in the first place.
Poof. -1 Discord.
I made a new profile already, but I can’t figure out how to find most of the servers I was on, and I am way too tired and sad to figure it out today.
1 Like
There are ways around 2F… usually a bit more involved than password recovery but I wouldn’t quite give up on the old account.
edit: sorry Discord seems to be one of the hardcore ones " Note: If you do not have access to your backup codes, we are unable to remove 2FA and you will have to create a new account. Discord cannot remove 2FA or issue you new backup codes."
They do suggest checking if you are logged in, in any other device possibly?
2 Likes
Trying to follow my own advice I removed 2F from an account that I don’t think needs it. Logged out, tried to login and it asks for a code and my old 2F didnt work anymore. I sent an email to support immediately only to discover that I had several “codes” for the website in my inbox because the insist on you verifying every login via email…
edit: OMG… I noticed I still had 2F on for Twitter… I haven’t logged into the site in a long time. I was greeted by an “ONLY TWITTER BLUE SUBSCRIBERS CAN USE 2F YOU NEED TO REMOVE EEEEEET!”
Lol. I clicked “yes, please” and now it is hanging in a forever loop.
edit 2: after cleaning up a little, I have 2F for: banking, paypal, work stuff, every single one of my computer game libraries (steam, nintendo, blizzard), github, mastodon, my server hosting, amazon, kickstarter, dropbox (the least worst cloud option for 2 apps I use: GoodNotes and Scrivener)
2 Likes
Thanks - this wasn’t available or I didn’t find it last time I looked (a while ago), good to see it is now.
My github stuff has been migrated to codeberg.
Do Steam or Kickstarter offer straightforward TOTP, or is it just their proprietary things?
2 Likes
I have separate authenticator apps for:
- Steam
- Blizzard
- Work
- Google does its thing via my phone (forgot that one above)
- Banking
→ I have not recently tried to see if Steam or Blizzard support other than their own apps.
Everything else is in the “Google Authenticator” app (I haven’t found one that is better)
- Paypal
- Dropbox
- Kickstarter
- Amazon
- Hetzner
- Github
- mastodon
- Nintendo
- Gitlab
I know that the following sites also work with the app:
- Discord
- inwx
- evernote
- humble bundle
- (twitter? → only subscribers now. please keep destroying yourself)
Many websites give you QR Codes to scan, these work with the Google Authenticator–there are other such apps out there, I just didn’t like the ones I tried last time better than the one I have and it is difficult and stressful to migrate via apps.
A lot of apps/sites will also send you one time codes via SMS. I use the TOTP things in lieu of those because those tend to sometimes take a long time to arrive.
1 Like