Opisek

Remember, being depressed is forbidden. Now go back to work.

The fediverse has been feeling really good lately. It’s actually getting hard to scroll to the end of the frontpage.

That’s not how you put a CPU in a socket, silly article!

These greedy companies never cared about any petitions. My only hope is some powerful legislature putting a stop to this, like the EU.

Our exam system supports multiple choice and, indeed, collecting that part automatically. (We can still go through the boxes recognized as tick or blank en-masse to check for recognition mistakes.) However, they’re only allowed to make up 20% of an exam according to university-wide rules.

Here, students can also view their graded exams online. There are some professors that don’t do it out of fear of the exams questions being leaked. In that case, you’d go there in person, but you would definitely not be able to just go through the exams on your own until you find the right one. That would never pass data protection laws.

I love the correction system we have at my university. All the exams are pseudonymized with a sticker you receive during the exam and scanned after completion. About 10 to 30 people are involved in correcting the exams for one course. We don’t know who the exams belong to as we only see the scanned version on our tablet or computer. Each task is corrected by a different set of people. We can select to see only a single task or subtask to streamline the process of correction, too. Furthermore, all the tasks are checked twice independently. Once done, the system can assign the exams back to the students. I love how it’s fair and “anonymous” by design.

Good.

I don’t know how I feel about this new revelation

Seven bald eagles and three units of freedom

Well, they’re not a bad thing per se, it’s just important to remember that by doing that you are essentially delegating the access security (including any means of MFA) from the target website to the password manager. I.e., instead of inputting password and 2FA code for example.com, you have to input your password and 2FA code for the password manager itself. This has the same security guarantees, so long as you don’t set your vault to—for example—never lock automatically.

For the case of passkeys, using Bitwarden, even with 2FA does reduce the security level in my eyes somewhat, since I’d argue passkeys to be a more secure measure than password + OTP. Unless, of course, you use a different passkey to authenticate yourself to Bitwarden.

TLDR; be careful about putting everything inside Bitwarden. You’ll be fine if you make sure to protect your password manager adequately, but if you put OTP secrets (or passkeys) for other website inside Bitwarden AND only use password authentication for Bitwarden without any MFA, then you are effectively reducing your MFA back to a single factor (the Bitwarden password).

I’m afraid user authentication on the internet is broken beyond salvation. It’s already complex enough to grasp fully for tech-savvy people, meanwhile we’ve taught the general population to use password123 for all their accounts and write it on a post-it for a good measure.

If it’s alright with your threat model, you can put the time-based OTPs into your password manager of choice, like Bitwarden. Upon filling your username and password, it places your OTP in your clipboard, so that you can simply paste it in. This does of course reduce the security of the system slightly, since you centralize your passwords and your OTPs. When opting for this method, it is therefore imperative to protect your password manager even more, like via setting up 2FA for the password manager itself or making sure your account gets locked after something like 10 minutes of inactivity. The usability aspect is improved by using a yubikey or another similar physical key technology.

You, kind sir, are giving me ideas…

Our window blinds at school had tiny holes in them for the strings to go through and they had the exact same effect. You could see the eclipse projected once the tables.

As a surprise to precisely no one.

German chancellor is listening

Hey, I love getting sidetracked!

And that’s why I added a crontab entry that periodically purges my cron configuration. That way, I’m forced to readd only the truly necessary cron jobs, successfully reducing the amount of crontab entries.

And this comes from none other than Palantir? Am I reading this right? Absolutely hypocrisy. Up next, the car industry says you should take the bus instead.