• 0 Posts
  • 174 Comments
Joined 2 years ago
cake
Cake day: June 20th, 2023

help-circle

  • I’m worried about anything that can be controlled through a third-party online service. The amazon doorbell thing is a prime example of what can go wrong, but it can be more subtle, too. And I’m not even talking about obsolescence. Frankly, I’d still be worried if it was a self-hosted, properly configured system where I’m the only one with a legit access.

    I understand the convenience of all this. I also have to deal with the risk balance of security vs convenience, which causes me to not tolerate that “too tired to go across the room” justifies “a third party have full control over my doors, lights, heating, ovens, etc.” (not shooting fire at you, see this as a generic example).

    The bare minimum would be a fully self-hosted solution, which is possible, although difficult because hardware manufacturers don’t always play nice. And even then, proper, secure setup and maintenance is not for everyone. In the meantime, yeah, I’ll have to move myself when I want to turn on my dishwasher.

    Though I’ll admit, I have some lights that are controlled wirelessly… my old phone have an IR port, and they have IR remotes… Technically, an attacker could probably turn them on/off/change colors from behind a window :D


  • I’m warry of electronic, wireless, and sometimes third-party cloud dependent services, having a say in how I lock my doors or control heating.

    I’m a bit old fashioned, but also have to work with solutions where considering the consequences of a compromised entry point is vital. I’d be ok with a way to check that the door is locked, but something that can lock (and, so, unlock) my door remotely? Not a chance. At least, not for a place a value.










  • The label for the language picker is an issue, but the choices themselves? In the target language. You want French? You pick “Français”. You want Japanese? You pick “日本語”. You want english? You pick “English”.

    Supposedly, if you’d rather have a website in a given language, you must have some level of understanding of that language, and picking its name should not be a challenge in any case. If you somehow change a site/app to a language you don’t know, as long as you can identify the language picker, you’ll be able to change to something you understand.

    It does leave out the case of a user wanting to change to a language they do not understand, but I do not care for those.


  • Flash was a security nightmare all round, not counting the security flaws. It was just designed without any security features. It was also terribly inefficient at its core job, that was supposedly vector animation. It filled a gap in a time where browser and standards where not that advanced.

    Over time, Flash issues where never resolved, but the bloatness of the software kept increasing. Along the way, HTML got better specs, JavaScript got vast improvement, especially in everyone adhering to roughly the same standard (thanks microsoft for finally caving in…), and so the flash interpreter was highly redundant with the browser itself.

    For a while flash editors could export in HTML5 and you’d get roughly the same result, but with a fraction of the resources requirements, so naturally there was little incentive to keep the flash player around.

    I’m not sure if “killing flash” could be attributed to their author, or to the loss of interest.

    Also note that alternative flash players exists to still play older swf files, and some sites uses them alongside with plain video conversion for flash animations that weren’t dynamic.