This and just use it instead of a .pdf.. stay libre make it work for all platforms of all ages and all over the world...
no rtf nothing needs to be fancy
a canonical .txt resource, is parseable and universal. Don't restrict your audience. For example:
If a repo has a .txt backup of some changelog it's therefore not tied to whatever platform.. The repo is a living project and memory.. don't assume anything: ( ie if for some reason your a/c is gone... that information is not lost its saved forever... )
usually if I must reference a pdf it means a browser.. And often I don't want a browser running..
That's why keepass is really useful since you aren't ever typing in the password.. its generated and then copied to the clipboard.. That clipboard is then wiped after X seconds.
So then you know that you have been rooted => If that fails to resolve it.
Reduce the number of vectors to know what you have to change asap. in this scenario you don't want to be guessing about how they did it.
The randomised gibberish just means you can rule out certain things. I can agree on part of what your saying but a string high entropy password, makes it harder to brute..
Many services don't really do that whole retries thing properly. So make it take as long as possible.
If you don't use a random gibberish your password can be cracked on any consumer device in a surprisingly short amount of time...
This way you can then focus on that a session token is probably how they got in.. It's the most common vector these days...
Honeypot sure I didn't think of that.. But I was under the impression the FBI confirmed it ? So we can rule it out.
Making the password impossible to guess - how could that not be?
Since then you know you have a breach, as its randomised gibberish, if you then get the 2nd device asking " is this you trying to login " you can definitely know you are compromised....
I can't see your logic here, that isn't " theatre " ????
If you think that is theatre what is better then? Words and numbers.. easily brute forced.. Sorry can't agree.
You are probably right... I tend to change my password semi often. It's always a super complex impossible to remember string - and always keep an eye on the account activity.
Not to mention ; you would assume he should have more than one device linked to the account and then that adds another layer, since Google will ask you " is this you trying to logon ". <-- that is the only way to get Google to do the unrecognized flow you mention.
If you are suggesting it was exposed and he didn't immediately randomise all his passwords.. WORDS FAIL ME
It's all security 101 the irony is immense...
if the US government / FBI need someone to give some talks on how to do security ...
Was about to post exactly this... It is impressive engineering wise, but for data and syntax, ease of use or all the great features, I care about that more. Speed isn't that important to me for a lot of these tools.
If I/you was working with JSON of that size where this was important, id say you probably need to stop using JSON! and some other binary or structured format... so long as it has some kinda tooling support.
And further if you are doing important stuff in the CLI needing a big chain of commands, you probably should be programming something to do it anyways...
that's even before we get to the whole JSON isn't really a good data format whatsoever... and there are many better ways. The old ways or the new ways. One day I will get to use my XSLT skills again :D
Please let this come back since I was highly skilled at it and nobody uses it and I am the sads.. since it was a bit functional and a good challenge and was fun. And I would like to be paid to write teh complicated stylesheets again. Thanks
Redis does a lot of things most people don't know about and its all super optimised.. I am not so sure. I would not want that happen simple as I would be really bored using one way to do everything ( prb sql )
Most people use it as a cache,.. you can build a lot of things with it that are far outside this narrow view... ( say a bidding system or something like that )
And for the other comment Scaling is possible via the commercial offering.. sofaik..
I didn't get to persuade anyone to let me use it for that.. I really wanted to.
Can't see how an independent developer would ever be able to do this. We need more independent things not less... this would be my concern.
Better legislation would be to force developers to at least allow people to run their own servers.