Opisek

Oh no, it’s almost like we shouldn’t trust a magic eight ball.

Yeah but that’s awfully anglo-centric. Saving life has nothing to do with saving a file in other languages.

Just download more RAM.

And in all seriousness, poorly written programs hoarding all the RAM amidst a huge RAM shortage is selfish and vile.

If it’s trains or planes on the other hand…

Our exam system supports multiple choice and, indeed, collecting that part automatically. (We can still go through the boxes recognized as tick or blank en-masse to check for recognition mistakes.) However, they’re only allowed to make up 20% of an exam according to university-wide rules.

Here, students can also view their graded exams online. There are some professors that don’t do it out of fear of the exams questions being leaked. In that case, you’d go there in person, but you would definitely not be able to just go through the exams on your own until you find the right one. That would never pass data protection laws.

I love the correction system we have at my university. All the exams are pseudonymized with a sticker you receive during the exam and scanned after completion. About 10 to 30 people are involved in correcting the exams for one course. We don’t know who the exams belong to as we only see the scanned version on our tablet or computer. Each task is corrected by a different set of people. We can select to see only a single task or subtask to streamline the process of correction, too. Furthermore, all the tasks are checked twice independently. Once done, the system can assign the exams back to the students. I love how it’s fair and “anonymous” by design.

What’s wrong with beinhalten?

Why yes I always dreamed of writing code like a full on novel.

Quellcodeanglizismussubstastivbeispielersatzgroßschreibungsregel

Well, they’re not a bad thing per se, it’s just important to remember that by doing that you are essentially delegating the access security (including any means of MFA) from the target website to the password manager. I.e., instead of inputting password and 2FA code for example.com, you have to input your password and 2FA code for the password manager itself. This has the same security guarantees, so long as you don’t set your vault to—for example—never lock automatically.

For the case of passkeys, using Bitwarden, even with 2FA does reduce the security level in my eyes somewhat, since I’d argue passkeys to be a more secure measure than password + OTP. Unless, of course, you use a different passkey to authenticate yourself to Bitwarden.

TLDR; be careful about putting everything inside Bitwarden. You’ll be fine if you make sure to protect your password manager adequately, but if you put OTP secrets (or passkeys) for other website inside Bitwarden AND only use password authentication for Bitwarden without any MFA, then you are effectively reducing your MFA back to a single factor (the Bitwarden password).

I’m afraid user authentication on the internet is broken beyond salvation. It’s already complex enough to grasp fully for tech-savvy people, meanwhile we’ve taught the general population to use password123 for all their accounts and write it on a post-it for a good measure.

If it’s alright with your threat model, you can put the time-based OTPs into your password manager of choice, like Bitwarden. Upon filling your username and password, it places your OTP in your clipboard, so that you can simply paste it in. This does of course reduce the security of the system slightly, since you centralize your passwords and your OTPs. When opting for this method, it is therefore imperative to protect your password manager even more, like via setting up 2FA for the password manager itself or making sure your account gets locked after something like 10 minutes of inactivity. The usability aspect is improved by using a yubikey or another similar physical key technology.

You, kind sir, are giving me ideas…

This crucification is sponsored by Nord VPN

Heck, by the looks of it, companies are just making the newer models worse and worse without actually adding anything. They’ll have to tear my current phone out of my cold dead hands.

Give away, repurpose, or resell. This is the right way. I myself only purchase used phones. No need for perfectly usable devices to become electronical waste.

And that’s why I added a crontab entry that periodically purges my cron configuration. That way, I’m forced to readd only the truly necessary cron jobs, successfully reducing the amount of crontab entries.

And this comes from none other than Palantir? Am I reading this right? Absolutely hypocrisy. Up next, the car industry says you should take the bus instead.