I tried out Superpowered and while it's more polished than its competitors, it has a few downsides other commenters have already touched upon (pricing, memory use, and personally, the name hits too close to home to Superhuman.)
I've found that the best alternative is Slapdash. [0] Connect your calendar and then just hit cmd + J and boom -- Zoom is running. Many more connections are amazing as well, eg. deep Dropbox and Drive integration.
This is neat. In a similar fashion I'm a big fan of diff-highlight, [0] which post-processes the git diff and highlights with color the differing segments. It's super lightweight and part of the official git repo; I've saved it as a standalone #!/bin/perl in my $PATH and then included it in my .gitconfig:
[pager]
log = /Users/user/.bin/diff-highlight | less
show = /Users/user/.bin/diff-highlight | less
diff = /Users/user/.bin/diff-highlight | less
Congrats on shipping, OP--looks interesting. FWIW, if someone's interested in a macOS app instead of a web one, I built Pomodoro a little less than a year ago. [0] It's minimal, sits in the menu bar, looks ok, and doesn't have ads.
FWIW, @modestproposal pulled out some interesting nuggets from the S-1 filing and wrote a very interesting thread about some good stuff and some things that raise questions. Worth reading. [1]
Installed it and played around for a bit. Nice work overall. Amp's jump mode (press `f` and elements in the buffer will be prefixed with a two character jump token) is pretty cool. Would love to see this in Vim.
It's funny isn't it. I guess I don't try hard enough to find productivity-enhancing Vim plugins. I've tried various "Vim enhancement suites" intended to bring a number of useful plugins and had some success, but since I can't rely on them on new servers I find myself more often than not just using plain Vim.
Some other commenters in the thread have raised the point that having more supported functionality out of the box is a good selling feature. To me it seems that having it built it can (possibly) benefit from a more intentional effort to make it cohesive, whereas with many disparate plugins you have to encourage, force, or otherwise guide developers to build something that fits and behaves with the rest of the platform.
You've touched on an important point: taking inspiration from workflows and incorporating them into the core editor itself.
For editing text, there's already a lot of flexibility in Amp's keymap system[0]. As users compose more sophisticated/useful macros, we can promote them to the default keymap, and if they're really useful, we can build them as discrete commands in Amp itself. That way, the core editor evolves to encourage a particular workflow. It's opinionated, and it may not appeal to everyone, but that's kind of the point.
This sounds fun but honestly reminds me of all these emacs folks who've turned a text editor into a byzantine operating system with email, RSS, microwave cooking, and laundry folding.
Why yes, thank you for the excellent segue. Pomodoro [1] is a no-frills minimal macOS app I wrote in Swift. It does its job, looks ok, and doesn't have ads.
Can someone ELI5 why Yubikeys are better for 2FA than using, say, 1Password, which simplifies the process with cmd + \ and automatically pasting the 2F code? (Even better than Google Authenticator; no need to reach for anything.)
Using 1Password to store your 2fA seed makes it single factor because your password and second factor are stored in the same place. This is not a good idea.
Yubikeys in U2F mode are better than any OTP because they protect you against phishing attacks. 1Password auto-filling arguably has this property too, but you should disable that sort of password manager behavior:
Yubikeys in U2F mode are better than any OTP because they protect you against phishing attacks. 1Password auto-filling arguably has this property too,
Not really. The TOTP RFC recommends accepting TOTP tokens from before and after the current time step to make TOTP work with clock drift. Since most implementations use time steps of 30 seconds an allow TOTP codes of at least one past and one future time step, the window in which an TOTP code can be used is typically 90 seconds.
Consequently, TOTP only works against 'offline phishing' where a phisher collects data first and tries to take over the accounts later. For any kind of immediate phising, there is typically no problem to forward re-use the token, even with a small delay.
As you say, U2F protects against this, by using challenge-reponse and using the origin selecting the key handle.
I don't understand the start-off of "not really". Is that in reference to the first sentence or the 2nd? I think the "1Password-autofill" protects you against phishing because if you go to a legit site, the domain will match and 1Password will autofill. If you go to a phishing site that just looks right (Unicode domain, whatever), but doesn't match exactly then the auto-fill won't happen and you'll be tipped off.
> Using 1Password to store your 2fA seed makes it single factor
Thanks. I certainly understand that but the convenience trumps the risk imo. Further, I don't want to reach for and insert a USB drive every time I want to log in somewhere. And what if there's no available USB port?
I think it's better than having to deal with checking one's email or checking one's phone for a SMS and then having to manually copy the code into a form and submitting it.
The only thing that would be more convenient would be if the browser authenticated itself using a client side TLS certificate as one factor in the authentication process.
I've found that the best alternative is Slapdash. [0] Connect your calendar and then just hit cmd + J and boom -- Zoom is running. Many more connections are amazing as well, eg. deep Dropbox and Drive integration.
[0] https://slapdash.com