I have two recreational programming projects active now.
The first is a deterministic password generator [1] which is designed to be easy to use and manage. I've been using it myself for a couple months and have a couple UX improvements in my head that need to be done before I'd recommend it to anyone else.
[1] https://bitbucket.org/nealtucker/whose/
The second is an infrastructure project which my brother and I are building as an opportunity for him to learn about automated infrastructure and security. Terraform starts by instantiating an automated private CA for the purpose of securely issuing certificates to all instances, and then all other instances come up with an agent that generates keys and calls the CA (along with a signed auth blob provided by the terraform run) to obtain certs. Nomad server also comes up, using the same certs, and controls all the other nodes. All communication is MTLS from the start and I'm in the process of adding ssh hostkey signing to the CA so at the same time the instances get certs, they get their hostkeys signed so we don't have to TOFU the ssh hostkeys. We have no idea what we'll do with it, but it's fun to build and teaching both of us a lot.
I love this kind of stuff. The fact that we (people in our field; not me specifically) had to and could do stuff like this must seem crazy ancient to the younger folks here. I did boot my first computer from a cassette tape, and I can still remember what it sounded like and it's so, so very nostalgic. And many of us did get our first internet access via these crazy noises as well. I'm sure I could also listen to a modem connecting and tell you what speed it had negotiated from 1200baud all the way up to 56k, since each new sound was, at one point, the pinnacle of excitement since I'd just upgraded to something new (and then I heard it thousands of times).
This is a great observation about the home inspector being more likely to give you an impartial diagnosis. There's an old guy who's a semi-retired home inspector down the block from me and it makes me think I should hire him for consultation when thinking about big projects.
The original goal of PDF was to create documents that could "view and print anywhere" (literally the original tagline of the Acrobat project), substantially the same as how the document creator intended them. What Adobe was trying to solve was the problem of sending someone a document that looked a particular way and when they rendered it on their printer or display, it looked different, e.g. having a different number of pages because subtle font differences caused word-wrapping to change the number of lines and thus the page flow. It wasn't about it being "pretty," it was about having functional differences due to local rendering and font availability. In this regard, the format is an emphatic success.
I do wish they had focused a bit more on non-visual aspects such as screen-reader data, but to say the whole point is "because it's pretty" is a bit uncharitable. The format doesn't solve the problem you wish it solved, but it does solve a problem other than making things "pretty."
> I do trust the team of 1Password to be competent and not evil, but there are many things that can go wrong anyway.
Very much this. I don't benefit in any way from having a copy of my sensitive data in their cloud, so as a very basic security principle, I don't want them to have it.
And that's just for my personal use. If they drop support for local vaults, I have to stop using it for work, too, because my employer prohibits password managers that store passwords in the cloud. My understanding is that these policies are specifically designed to keep us in compliance for government contracts, so I don't think they're changing.
Please tell me local support is coming. I'm a longtime 1Password user who only uses local vaults and I feel like 1Password is increasingly showing me they aren't interested in me as a customer.
I wouldn't go so far as to say "the real crime," but I wholeheartedly agree that zoom should share some responsibility here. If we're going to routinely put children in a virtual space, that virtual space should be able to be secured for them. If an after-school children's program put children in a position where, say, sexual predators easily had access to them, we'd not only blame the sexual predators, but also the system that put the kids within reach to them.
I've always been very surprised zoom has an easily-guessable meeting ID namespace. It's a user experience tradeoff, but in my opinion, either the meeting IDs should be sparse and hard to guess, or there should be passwords (or possibly both).
For what it's worth, I knew immediately what this was for but read your entire page looking for some kind of explicit confirmation and/or clear description of the use cases. The info given almost seems intentionally coy, as if you're even trying to maintain plausible deniability on the website.