Shameless plug time! Instead of remembering different passwords or using a password manager (and thus storing all your passwords somewhere) you can use https://salty.pw/
Problem with this is when you need a password with a capital letter, or with no symbols, or only 8 characters long.
Additionally, how do you determine the service name? e.g. I have a wordpress.com account; do I call that 'WordPress' or 'wordpress' or 'wordpress.com'? I guess using the domain name is fairly robust, but then you get stuff like Stack Exchange, or the service changes its domain name, or international variants - google.com vs. google.co.uk.
Yup, arbitrary restrictions on passwords are a bane. I've thought about adding various modes but then you need to remember the mode you used. So far the most sensible option seems to be falling back to a password manager for those sites.
As for the service name I've had no issues with that in my use. Just come up with whatever rule is easy for you to remember. Worst case you'll have to make a few tries.
now a site has been breached and your username/password was leaked... yay, you'll have to either start using a traditional password manager for this special case or change every.single.password.you.have.
Or you could change the algorithm and make it unique to you. A bit more technical but the point isn't to be ultimately secure, just more secure than your 'neighbors'.
An interesting idea. Any thoughts on how to use this on websites that force a password change periodically? Using a versioned salt maybe, although that could get tricky after a few iterations.
It's simple concatenation. The exact algorithm is described at the bottom of the page so that one could reproduce it (and their passwords) independently.
I vaguely remember giving it some consideration. But the bigger point is that my judgement on these things is not to be trusted since I'm just an application developer and not a crypto expert.
Yeah thats the thing, I'm not a crypto expert either but I'd love to use it. But if it gets popular, and there is an accidental mistake that actually makes it easy to guess passwords, I don't want to risk that happening.
Good news. Did a bit of investigation, it seems like this could be vulnerable to a length extension attack [1] (though the attack its still pretty useless in this particular case) but it appears that truncating is both safe and takes care of length extension attacks! [2]
How did this become about taxes when it's actually about corruption? New evidence is uncovered of people at the top systematically abusing their power and disregarding the very laws they instill upon everyone else. Yet HN commenters are telling me the problem is that I am not giving these bastards a large enough share of my income.
it's about corruption where the laws are being bent backward to allow seemingly legal tax evasion on a grand scale. It's isn't about you personally, unless you are one of those individual whose moral tells them to evade the tax office at all cost.
The skewing of opinion can be done by biasing the results of a web search. As discussed on HN before, a search engine has a strong influence over the decision making of its users: https://news.ycombinator.com/item?id=11255633
The wording in that article is pretty telling, but why do you imply they can no longer be trusted? A business that was profitable before became unprofitable due to legal pressure, so they exited it. It doesn't look like they've betrayed anybody's trust in the process.
They actively marketed their product up until recently as being able to circumvent geo-restrictions, and actively helped users who had problems. That for me was the big sell.
Whilst I understand that it's a cat and mouse game now between content providers and VPN providers, they have built up a large customer base - based upon this premise.
How is it betrayal when I am certain they would prefer to not be your geo circumvent VPN. Betrayal would be they actively made the bait and switch when they certainly know their business model is falling all around them for legal reasons beyond their control?
Except they sold it as this. They did make the bait, I have been a customer for two years, and at least twice that I remember they have circumvented services that have blocked their IP ranges.
And now they switch that they have customers and don't want to play this expensive game anymore.
Just to be clear here. It's bait-and-switch because they sold you a subscription product 2 years ago, and they are now changing the terms of the product (and presumably are not going to penalize you for discontinuing your subscription)?
Do you feel that they are obligated to never change the terms or discontinue certain policies once implemented for the lifetime of the company? What company would ever want to operate in such an environment where they had to make all decisions up-front and those decisions were set in stone until the end of time? Is the price also set in stone until the end of time?
Most PIA users pay yearly, so it's completely understandable to feel ripped off I think. However, this is really just a matter of a few big providers implementing stricter geofiltering, blocking datacenter IPs, etc. Nothing PIA could do about it though, it's a risk you take if you understand how these things work.
Many of these same providers have just blocked VPN IPs and you can still use a cheap VPS to circumvent though. Some nice docker openvpn containers around...
> it's a cat and mouse game now between content providers and VPN providers
It's not the content providers but the movie studios, music labels and rights holders and so forth. Netflix doesn't really care about users circumventing geo restrictions, otherwise it wouldn't be so easy
True, but the point is that this is almost certainly due to contractual obligations with and/or pressure from studios and other rightsholders. Netflix has negative interest in limiting their catalog on a regional basis -- it's against their customers' interests and harmful to Netflix's business.
First of all, there's no such thing as own server. The trust you are putting into the ISP your "own server" is connected to is exactly the same as the trust you are putting into a VPN provider.
Second, for a lot of people in this world it's a given that their ISP/government is monitoring their traffic. It's vastly better to be potentially spied on by someone abroad then to be certainly spied on by someone who has direct authority over you.
To answer your first question, the most popular use cases for VPN are:
1. Circumventing censorship
2. Circumventing regional content restrictions
3. Hiding your IP while torrenting (note that this is relevant only in the US)
4. Avoiding government surveillance (again, note that US is not the only country in the world, but likely the only one with any meaningful reach outside its borders)
6. Hiding your IP while engaging in illegal online activities (#3 is a special case of this but it's a vastly larger group so I made it separate)
Note that "weird jurisdictions" can be a significant advantage for cases #3 and #6 (because they are harder to subpoena) as well as #3 (because they don't have retention laws).
> 3. Hiding your IP while torrenting (note that this is relevant only in the US)
It's not, actually. The same BS is happening in at least Finland too these days.
Legal companies get the rights to some media (in the Nordics or whatever) and monitor some torrents and take screenshots(!) of the IP's in the torrent swarm and can then petition the market court for the subscriber details of the IP addresses in the swarm then send a threatening letter asking for a 500€ settlement. Some idiots are even caving in and paying. I don't think anyone has actually been sued yet for establishing some precedent (though the Finnish legal system isn't based on precedents).
They threaten to take it to court and that would cost much more. You'll also have to deal with a lot of bureaucratic crap along the way that has very short deadlines and can cause a lot of trouble if you don't meet them, so they kindly allow you to pay to make it all go away...
It's remarkable that you had to preface your argument with "Just playing the devil's advocate here". It appears that the fear of AI taking life and death decisions is so great that merely making an argument in favor of it is seen as immoral. Doubly fascinating is the fact that this attitude has taken roots on HN of all places.
Oh, come on, let's not pretend this is somehow different from the traditional money. I am not particularly ignorant nor reluctant to learn as far as an average person on the street goes and I have no friggin idea how the mechanisms that govern it really work and cannot appreciate the risks. (Nor really can the experts it seems.)
It's the basic reality of human existence that we have to get by without having pretty much any control of the complex world around us. Bitcoin may fail any time and as a casual user you cannot help it and cannot predict it. But you can go buy some drugs with it right now without having to roam shady streets and it's all that really matters.
Risk arising from technical implementation details are very different than risks arising from aspects of human nature. One could look at the housing market in 2006/2007 and know that something was very wrong without understanding all of the underlying details: home appreciation, the kinds of loans offered and who was getting them, etc. ... all without understanding details of credit default swaps and the like. One can also have a sense, without specialized knowledge, of how human nature may influence policies and financial decisions. That doesn't mean everyone has access, but a reasonably astute observer without specialized knowledge can at least see that "something is wrong" even if they can't tell you why or how exactly. This is not true with crypto-currencies. Why the transaction processing scaling problems? The decisions are much more abstract and the impacts can be removed in time and have to do with the way math works rather than a human decision.
You're right that the author (unless I missed it) didn't say what proportion of variance in IQ is explained by additive genetic effects (narrow sense heritability) . I think a quick search would likely answer that.
