What stupidly easy tech solution do people gloss over all of the time?

Frozyre@kbin.melroy.org to Asklemmy@lemmy.ml – 191 points –

For me it's the paranoia surrounding webcams. People outright refuse to own one and I understand, until they go on and on about how they're being spied. Here's the secret - unplug the damn thing when you think you won't use it or haven't used it in a while.

They, whoever it is, can't really spy on you on something that's already off and unplugged!

222

Password managers. People will use anything but that: paper, notes app (without any security), using the same password everywhere...

Came to say this exact thing.

FFS I have 100's of passwords saved in my keepass DB, they are all different.

Passwords will only autofill on the correct site, so look alike sites are captured by that simple bit of security.

I keep trying to convince my parents. Then they say but what if I forget the master password? I say they won't with a passphrase but they don't believe me.

Also I don't have experience with PW managers other than 1Password, Bitwarden and Roboform. I personally didn't like Bitwarden. I think it's UI is janky and oldschool. Roboform is so bad I don't even know where to start complaining. So I keep using 1Password even though the UI has been getting worse but it still works for me because of the good integration into the Apple ecosystem. But it's rather expensive for managing the 20 something passwords my parents have. I read about breaches on other PWMs sometimes so I don't really know what to trust and recommend.

Set my family up with Bitwarden. Had them think up good passwords, told them not to tell me, etc. etc. they went and promptly forgot it.

One of these days I'm going to set them up again but this time I'm going to have to save their master passwords on my account.

Show them you can export the passwords and print them. It will help them to make the switch to know they cannot lose everything because it is on paper. It is what helped my parents

Keepassxc works fairly well for me, with a few quirks. Don't know how it is on apple though.

I keep telling myself I need to start using a password manager but I'm worried I won't be able to log into things on my phone or other devices like my work computer when I need to because I don't know the password. Is that a legitimate worry or is there a solution for this? How do you sync passwords between computer and phone?

I hse keepassxc and store my password database in onedrive. My phone has an app keepass2android which can read the database in onedrive.

Eh, I don't trust any 3rd party enough to give them all my passwords and I don't trust myself enough to secure a server for self hosting a password manager.

I know all my passwords, can't forget em, no paper or notes, no repeat passwords.

If you know all your passwords and can’t forget them, I’m assuming your using some sort of pattern to remember them in which case you have a major issue in case of data breaches as your other passwords can be guessed.

Just as a heads up, sometimes the pattern is not that easy for computer to brute force. As an example, my old password contains a birth date but with an alternating shift making them a combination of digit and symbol.

The issue is if you are a) targeted, and b)involved in multiple breaches. If they can get the pattern, they potentially get everything.

Is it worth it? That depends. Are you willing to risk it NOT being worth it to a random guy in Africa earning a few $ a day?

Keepass. Password database is a local file.

Technically you could use PGP to encrypt a .txt file with all your passwords in it. Which would be more or less the same thing with a lot less polish to it.

Sorry, what is PGP?

PGP is 'pretty good privacy'; it's an encryption standard. It's not the best, but it's fairly easy to use, and it going to resist decryption pretty well, for most use-cases. The idea is that you have a public key, and a private key. The public key allows messages to be encrypted, while your private key allows decryption.

Sorry stupid question, but how do I import my passwords from Proton Pass to KeepassDX?

I looked it up for you; you can export your Proton Pass database as a .csv file and then import it into KeePass. Not sure about KeePassDX but on XC, there's a csv import option. There's also a json import option but it says BitWarden for that so I'm not sure if the json Proton Pass exports is in the same structure as KeePassXC expects.

Keepassdx is an android app for keepassdx databases with a nice ui. I use it too.

Thanks for the answer! Another question: does saving the data on KeepassDX keep all the passwords and such for me to import to other apps if needed? Or what does the file include?

You can export as csv, html, xml from KeePassXC. Dunno about DX but you can just try it on your desktop if it's not an option on mobile.

You know I'm looking up all these answers right? I don't mean to be rude but you can and should just look these up yourself. You can check import and export options by opening keepassxc/keepassdx and checking for yourself

Yeah, you're right. Sorry, I definitely have a tendency to treat Lemmy as a search engine sometimes. Nonetheless I appreciate you answering me!

1 more...

Fucking THANK YOU.

A very good friend of mine doesn't use any password manager. I've often in the past told them why don't they? They argue that then all their passwords would be gone if they forget that one master password. Okay, I say, how the fuck is having to remember 1 password harder than having to remember 20 passwords?

Any good password manager nowadays also has an account takeover feature if you opt in. Basically your spouse / child / parent can take over your account to recover it for you if you can’t get in.

I had to save my wife's account before on 1password family. It worked nicely!

1 more...
1 more...

Rebooting your PC really does fix a lot of issues.

But in Windows, you have to go to a sub-sub-sub-menu of the old control panel, click on a button called "choose what closing the lid does", then on "change settings that are currently unavailable" and then disable "fast startup (recommended)", just to get your pc to reboot properly.

Hold shift while you click start and shutdown (or reboot) when necessary. This will have windows do a full shutdown instead of a hybrid shutdown.

Thank you, this will save my monday morning restart after a weekend of off 'hibernation'

Press windows D to go to desktop and press alt F4 until you get the shutdown menu.

Here's an even easier hack than all of that :effort:

Just hold the power button down for about 10 seconds, ez-pz

I like to call that the "putting a pillow over its face" method of rebooting. Reserved for when even a shutdown /r /t 0 doesn't work

I prefer yanking the cord out while furmark, prime95 and a full delete 0 write on the spinning disks is going.

I call this one forbidden knowledge because I see it so little in public, but I'm sure it's well known in privacy communities: A password like "I have this really secure password that I type into computers sometimes" is a much stronger and easier to memorize password than "aB69$@m". It seems more often than not I find networks where the SSID is a better password than the WPA key.

I agree but I think the problem is that some apps/sites have strict password requirements, which usually includes adding upper-case, symbols, numbers, and then limits the length even sometimes...

At my previous bank the password had to be a 5 digit PIN code...

At one point, Charles Schwab allowed a password of infinite length, but SILENTLY TRUNCATED ALL PASSWORDS TO 8 DIGITS.

This is something I sent a few angry emails about wherever I could find an opportunity.

Sketchy indeed. I've seen this as well, and the redeeming thing about it is that you're locked out after 3 unsuccessful login attempts - so no matter how easy bruteforcing would be, there's a safety catch dealing with it.

Which is funny because those strict rules reduce the number of combinations an attacker has to guess from, thereby reducing security.

Provably false. That's only true if the rules specify some really wacky requirements which I haven't seen anywhere except in that one game about making a password.

Think about it this way. If you have a password of maximum length two which only accepts lowercase letters, you have 26 choices for the first character & 26 for the next. Each of the 26 characters in the first spot can be combined with any of the 26 characters in the second spot, so 26 * 26 = 676 possible passwords.

By adding uppercase letters (for a total of 52 characters to choose from), you get 52 * 52 = 2704 possible passwords. It increases significantly if you increase the length beyond two or can have more than just upper & lowercase letters.

Computers have gotten so efficient at generating & validating passwords that you can try tens of thousands of passwords in a minute, exhausting every possible two-letter password in seconds starting with aa and ending with ZZ.

The only way you would decrease the number of possible passwords is if you specified that the character in a particular spot had to be uppercase, but I've never seen a password picker say "your fourth character must be a lowercase letter".

By adding uppercase letters (for a total of 52 characters to choose from), you get 52 * 52 = 2704 possible passwords.

You don't add them, you enforce at least one. That eliminates all combinations without upper case letters.

So, without this rule you would indeed have the 52x52 possible passwords, but with it you have (52x52)-(26x26) possible passwords (the second bracket is all combinations of 2 lowercase letters), which is obviously less.

The only way you would decrease the number of possible passwords is if you specified that the character in a particular spot had to be uppercase

Wrong. In your example, for any given try, if you have put a lowercase letter in spot 1, you don't need to try any lowercase in spot 2.

Any information you give the attacker eliminates possible combinations.

I think I'm confused on your point.

I interpreted your statement to mean "adding a requirement for certain types of characters will decrease the number of possible passwords compared to no requirements at all", which is false. Even in your example above, with only two letters, no numbers / special characters allowed, requiring a capital letter decreases the possibilities back to the original 676 possible passwords - not less.

Perhaps you're trying to say that passwords should all require certain complexity, but without broadcasting the password requirements publicly? I suppose that's a valid point, but I don't think the tradeoff of time required to make that secure is worth the literal .000001% (I think I did the math right) improvement in security.

Even in your example above, with only two letters, no numbers / special characters allowed, requiring a capital letter decreases the possibilities back to the original 676 possible passwords - not less.

No it doesn't. It reduces the possibilities to less than the 52x52 possibilities that would exist if you allowed all possible combinations of upper and lower case letters.

You are confused because you only see the two options of enforcing or not allowing certain characters. All characters need to be allowed but none should be enforced. That maximizes the number of possible combinations.

that passwords should all require certain complexity, but without broadcasting the password requirements publicly?

No, because that's still the same. An attacker can find out the rules by creating accounts and testing.

1 more...

the SSID is a better password than the WPA key

This is an insult I am definitely saving for later

I agree - I do use passphrases in some critical cases which I don't want to store in a password manager.

However, I believe passphrases are theoretically more susceptible to sophisticated dictionary type attacks, but you can easily mitigate it by using some less-common 1337speak character replacements.

Highly recommend a password manager though - it's much easier to remember one or two complex master keyring passwords & the random generated passwords will easily satisfy any application's complexity requirements.

Yeah that's basically what I do, I know the passphrase to decrypt my drive, and the one to open Bitwarden and then I basically let that just handle everything else.

Oh and the sudo one I guess.

1 more...

If you don't have your files on another physical location you can show me, you don't have a backup, you don't own your files, you basically give your "digital life" to someone else.

Likewise, as the old rule goes, if you don't have a secondary backup, then you don't have a backup.

The other day, I was chatting on a Discord server about how people manage their photos, which keep piling up each year. I asked which cloud service they use, and one person replied, 'Save them offline.' That really struck me because I haven't invested in offline storage devices in years, and I realized I wasn't storing anything offline.

But that extremely expensive NFT I bought has my name on it, not yours. Therefore it is owned by me and nobody else.

No I won't show it to you.

People who complain about ads on YouTube. I tell them about ads blockers and they always go "Huh, you sure it works? Sounds good, I might try that" and then proceed to forget about it and complain about ads in a few months time...

I'm pretty positive by this point that people love to bitch about ads for the sake of bitching about ads. They bring this onto themselves.

Same goes for them going onto sites without ad blockers. Then when you tell them, it's either "OHHH THANKS!" or "Uhhhh, I cAn't" for no reason.

Or people, like my mom, who are were relatively educated about technology and don't want to learn new technologies/tools under the pretense of security (even if the software is foss, like again most adblockers.

Edit: Whenever I use a browser without an adblocker, I remember how shitty the web is without them.

My mom built computers in the '90s and '00s, she taught me how to use the command prompt to play my dos games. now she can barely use one. I don't know what the hell happened.

Well, my mom is a computer engieneer, who had me reflash a phone from work and install libreoffice on her windows laptop (to be fair none of her coworkers could reflash the phone and the second one was probably just lazyness).

I think this happens because people believe that ad blockers are "too good to be true". That was what I first thought when first getting an ad blocker, that there was going to be some kind of "catch" like slowing down websites, making them less functional or being malicious. But it turns out they actually improve performance, rarely affect functionality and are even recommended by the FBI because they protect against malicious advertising.

I just install it for them or tell them to use Brave (don't down vote me, these people aren't going out of their way to use firefox and download all the needed extensions)

I hate the ad blocker argument for youtube. How am i supposed to do that on my tv or my phone?

  • invidious
  • piped
  • some TVs have 3rd party specialized versions of the official webapp

The first two have web pages and phone apps. You can find the phone apps on F-droid.

Fun fact: did you know that the youtube app on your TV is just a no-effort web browser with a URL fixed to a web page, which you could even use on your PC?

Can I do any of these on FireTV?

I expect that all smart TVs have a web browser, so the first two should always work. Be aware though that while piped is more usable (imho), it currently does not work anywhere, because it did not yet implement a fix for google's blocking that invidious did a week or so ago.

If FireTVs are android TVs, you should be able to install the android apps too, in a way or another.

I literally just use normal Firefox with normal ublock origin on my phone

There is no catchall solution that's simple, take what you can get

Honestly, just Googling (or DuckDuckGo-ing) things. I tend to be the "tech person" that people ask about their computer problems quite often, and 9/10 times I just copy-paste the error code into the search bar and it tells me what to do. I'm not secret about it either, I'm like you can literally just Google it and it'll usually work. But people still seem to think it's magic lol.

There's a hidden skill in there that allows you to filter out the bullshit/scam/unhelpful solutions and zero in on the helpful, legitimate stuff.

My colleague (we work in web dev) will literally sit there staring at an error message but apparently not reading it, and then he'll open ChatGPT and start asking it what to do. The fucker never even Googles error messages, it's an absolute nightmare.

ChatGPT can be super useful, but I'm kind of worried about people learning to use it exclusively.

I tried helping a PhD student assemble a set up for measuring transistors. He used ChatGPT to do all the code for the software control (python), which is fine, even if he relied on it to fix every single part of his code when a quick trip to the reference manuals of the equipments would solve the problem instantly.

At a certain point I realized I maybe had misunderstood his set up design and asked him "wait, which device do you want to connect to your gate? Which terminal even is the gate?"

And I kid you not, the dude asked ChatGPT which terminal in his device was the gate

(he also reeked of weed so there's that)

Unless it's Windows giving you some long hexadecimal number. Those never return any results.

And the solutions to Windows problems are almost always ludicrously esoteric and stupid anyway lol. It always turns out to be something like "the CPU usage went up because the clock in the taskbar on this specific version of Windows syncs to a different server that closed down so it tries to ping it 400 times a second for some unknown reason and that's why you get a 78-character hexadecimal error code and all your USB devices disconnect whenever you render a video."

If it's not a crash it's probably an ntstatus and if it shows during a bsod then it's a bughcheck code. That said the most common ntstatus I see is the very unhelpful 0xC0000001 - status unsuccessful.

The one I came across had something to do with...you remember Intel Optane? How there was a brief window there where they'd sell you a PC with a spinning rust hard disk and like a 16GB special NVMe drive that acted as a kind of cache for the hard disk? I was replacing that with just a normal NVMe drive, and there's some settings in the BIOS you have to tinker with. And BIOS settings are bullshit. TMP. XMPP. FLP. TLQ. DKR or LXD. Which combination of these settings means "no more optane, just normal bulk storage on the NVMe socket?" There's nothing that says anything like that.

I apparently didn't get this quite right and Windows would get a ways through the install process before failing with an 0x2ac4d7f9f2 code or something. Windows' installer doesn't give you a functioning desktop, it's in its own useless environment, so you have to manually type this into your phone to look it up, which returns no results. Like it doesn't link to a page on Microsoft's website because of course it doesn't.

I then tried to install Linux Mint. Boots to the live environment, I get a full desktop. I run the installer, which fails partway through. The error message spells out the issue in plain English, contains a clickable hyperlink to a relevant wiki page which launches in Firefox because we're in a live environment, and it has a QR code you can scan with your phone to go to the same page on a smart phone. Armed with this knowledge I got the setting right in the BIOS and successfully installed Linux.

But Windows is just so much more user friendly you guys.

I had a chat with someone that is a Senior Staff Engineer at a huge company a while ago, on what I'd say is a pretty big service that millions use.

They don't write much code any more, but they debug a lot of issues. The way they described the workflow to mastery is:

  • If you know nothing, ask someone that knows something
  • If you know something, Google, and there will be answer from an expert
  • If you're an expert and Google doesn't work, read the docs and specs from the masters
  • If you're a master, start writing the specs, and offer addendums for when the spec needs to change.

IMO, Googling gets you 99% of the way there in many situations, but if you know nothing the answer might be in front of you and you wouldn't know it.

It's not a question of googling, it's about recognising bullshit answers and skipping them

Nah. People are using you and too lazy to care. They pretend it’s magic cause it’ll get you to continue being their gateway to laziness.

I think you're underestimating peoples' ability to filter out the massive amount of garbage results/astroturfed reviews/posts/websites out there.

As a similar “tech person,” me googling tech problems is exactly as lazy as the person asking me.

Their solution is “ask someone” and our solution is also “ask someone.”

An ad blocker, on desktop and phone.

It blocks annoying ads and also protects you against malware (malvertisement).

And please just enable blocking cookies and annoyances in unlock origin. It has filters that can be enabled, and you'll never see a cookie banner again.

I set up my Pi-Hole years ago and haven’t touched it since. Maybe I should update it.

Wires:

  • Ethernet over preferred over WiFi for non portable desktops
  • Audio gear : wired will sound better. Bluetooth headphones have batteries that almost certainly aren't repairable.
  • Peripherals, in the sane vein. I just don't get having to charge a keyboard or mouse that sits on my desk all day.

I agree with everything except a wireless mouse. I have a magnetic usb “nub” that plugs into the mouse so when I need to charge it every couple of weeks it’s as simple as moving the mouse near enough the magnetic cable and it pops into place.

For me, the benefits of a wireless mouse far outweigh the imperceptible-to-me lag from the 2.4ghz dongle 10cm away in clear view. The only downside I can see is the weight of the battery, but I’m not a competitive FPS player so I’m good.

I like wireless for my laptop, but I've never understood the point on my desktop. It's never going beyond the cable's length, and the cable has never gotten in the way unless I'm doing extreme motions with a very low sensitivity. And in that case, I am playing competitive fps.

I just hate the dragging of the wire on anything that might be in the way. I go wireless for keyboard and mouse whenever possible.

But what are the benefits of a wireless mouse? You don't have to string the cable from the back of your PC to the mousepad, sure, but that's something you do once a blue moon (unless you often go to LAN partys (which, in itself, are probably not a thing anymore)). At work, okay, I sometimes get up off my chair and have my company-provided wireless mouse on my leg to keep scrolling while I read through legal documents, but that's a rare use case, too, no?

I don’t like the feeling of the cable dragging on the desk. Or the cable snagging on the monitor stand, or anything else on the desk.

I also prefer the aesthetics of a wireless mouse. One less cable to manage. The charge cable is tucked away and only comes out every week or so to charge overnight.

Yeah, my keyboard has a cable but my keyboard doesn’t move, and it’s a pretty sexy (and heavy) cable so it’s different than a mouse cable.

As for latency, from what I understand in many cases a wireless mouse can have less latency than some wired mice. So that’s nice too.

I guess the main downside is weight but that has never bothered me. That said, I’m not a competitive fps player, but even so some wireless mice are quite light.

Fair points you're making there!

I guess it never bothered me enough to have even crossed my mind.

I need to look into the latency thing. From my limited knowledge it makes no sense that a wireless mouse could have better latency than a wired one. Unless the wire is made of something barely conductive to electricity and the wireless works with stupidly fast transmission tech, I guess o.o

https://youtu.be/yy0xmcBg_IY

Great review of several high end mice, wired and wireless. He found no correlation between wires and latency. Ultimately, he concludes that the most important properties of the mouse are weight and feel.

Ethernet over WiFi for non portable desktops

Wi-Fi basically is wireless Ethernet, so I don’t know what “Ethernet over WiFi” is supposed to mean, and I don’t know what problem is being solved nor what solution is being proposed.

Ethernet (hard wire connection) is preferable to WI-FI. Ethernet > WI-FI. It has significantly higher speed and stability.

I see. In networking, X over Y has a specific meaning regarding layers.

Power over ethernet + ethernet over wifi

== Wireless power transmission!

As easy as hooking your access point’s external antenna connector to your microwave oven’s magnetron.

Electricity police, this fella right here...

They're saying "prefer hardwired Ethernet cables rather than wifi"

I have Bluetooth earbuds that crack open when they hit a hard surface (have surviveed so far) and the battery is a little Li-Ion pouch on soldered wires. They probably don't last as long as sealed ones of the same size but it's very easy to find and install a replacement battery. Just check disassembly guides before buying.

I second all of your statements. I don’t care if my Apple TV is on WiFi, but my gaming desktop is most definitely hooked to an Ethernet cable. I also use a wired keyboard and mouse on it, but I’ll admit I have a cheap wireless keyboard and mouse for my work laptop because I didn’t want to deal with another set of cables on the same desk, and I can’t think of a good solution for both machines to share the same keyboard and mouse without having to switch the cables between them all the time.

A USB switch or the more expensive KVM could work.

KVM switch looks like it could work, since I don’t want to switch a USB switch and then still have to switch monitor input. Just need to find one with both an HDMI input and a DP input.

Some monitors have inbuilt KVM switches, have an MSI ultrawide (model escapes me sorry) I bought a few years ago that I use to flip between usbc and dp. Configurable though, could set it up to flip between HDMI and DP and assign usb to whatever one I prefer. It's way nicer than the switch + swapping inputs manually I had been using.

Windows? Mouse without borders

Linux/Mac/mix of that and windows? Barrier.

If, of course, you can install things on your work laptop.

While I’ve only used one or two types of bluetooth headphones, i’ve never hand any trouble replacing the battery with them. The cups just snap out and then you unplug the lithium cell and plug a new one it, at least in my experience, so that may just have been a thing with the model you got.

While not at ALL repairable, I’ve been using my AirBudz for over five years, for 50+ hours every week and the batteries still last for hours. I have my cans for FLACs, but no complaints for the price wirh AirBudz.

The fuck is "Ethernet over WiFi". Isn't ethernet by definition wired? If it's x over WiFi, isn't that just WiFi with extra steps?

 

Edit: I see from other comments they mean "preferable compared to", not "used atop of".

I think they meant it like "I prefer ethernet more than wifi"

Yeah, I saw that after seeing the other comments. I just didn't refresh the page to see your comment until after I typed up my edit. Lol, sorry.

Ethernet over WiFi is WiFi. Ethernet is a protocol not the cables and its used with wired networks and WiFi.

Source?

I've never heard anything like this.

It appears I either misunderstood or misremembered what I read.

It probably referred to MAC addresses being reused on WiFi. However the frames used are not Ethernet frames.

Ethernet however is not restricted to twisted pair cat cables it's on fiber and originally was on co-axial.

What annoys me about webcams is that they could have easily used the power line to the camera to light the LED. Then if the camera was on the light would be on.

But for some reason the LED is enabled separately from the camera, so it can be hacked through software that the camera is on but LED is off. Leading to a lot of paranoia. It’s just a non sensical design choice.

It's simple enough to just cover a camera. I'd be far more worried about the always listening microphones.

Reboot fixes a ton of issues.

And if that doesn't work check the physical connection by unplugging it and plugging it back in.

That assumes you can unplug it. Most devices I own have the camera built right into the device, and it can sometimes be hard to find an option that doesn't include it. I have a Webcam cover on my desktop and laptop.

I haven't seen one that would work for my phone, but if someone has hacked my phone, I probably have bigger issues.

That, and most people don't know how to disable the device from their device manager.

If we're being paranoid about hackers gaining access to your webcam, why would you assume they couldn't also reenable your drivers

Is it a monitor provided by your workplace? If not, well, it's not that hard to find a monitor without a built-in camera. I found one easily enough for my gaming desktop... Unless the monitor market has dramatically changed since 2019-ish...

Awk, sed, and grep.

You might have a different type of person in mind than other commenters. Most commenters had such people in mind who won't install a password manager or an ad-blocker, or won't hard reboot their Windows unless supervised. Having said that, I don't think that even if you had technical people in mind this fits the question. They tend to take substantial more effort to learn and use effectively than the scope set by the original question. I thought this question was for little things that have a quick, lasting, and substantial effect. Learning awk and sed is a different thing entirely, I think of those more as productivity tools you can invest in mastering, and pay off in the long run.

mind expanding on what these solve?

Awk is a helps you do any kind of processing of semi structured text data.

Sed is a stream editor which lets you edit a file using commands. Which is tedious until you need to replace something in a bunch if files or make very specific edits across a large number of files.

Grep is just find pattern in text file.

Even if you don't use it as a password manager, bitwarden has an excellent pass phrase generator. The only annoyance is when I run into maximum password lengths at times.

The generated password lenghts can be set in the UI at least. It's worse when the password form accepts only SOME special symbols (looking at you bank)

I'm surprised by how many people use Overleaf for writing LaTeX instead of installing something locally. It's not that hard, guys. And the experience can be infinitely better as you can actually customize it however you want.

Well yes but overleaf makes it possible to work on it with a mate, on any device without having to install anything, and it also saves your progress online so you don't lose it or forget you document at home.

If your not seeing were i'm going it's perfect for school project. Through high school and college i've done all my projects with it... I think that's where it shines.

I understand using it for collaboration. But I see people write their homework in it. They're not collaborating with anyone.

Also, these people use it all the time. I understand using Overleaf if you only use LaTeX rarely, since you don't need to set anything up.

I personally edit offline, and copy to Overleaf if I need to collaborate.

Yeah to be fair if you do all the homework with LaTeX there's no reason not to set up your machine.

I've even heard of someone who even used it to take notes in class... Honestly I wouldn't dare to try and learn that!

But yes, that's when the macros and possibilities you don't have on overleaf becomes really good to have.

My recommendation is using typst instead. It's basically the modern version of latex. And it has a good online collab platform too.

Hmmm... I must say, I tried to get back into LaTeX and I got broken packages after broken packages.

Really pushing for Typst adoption now. Works perfectly. Fast as hell. Bye technical debt.

I've heard about Typst, never really tried it. I don't think I'll completely be able to switch anytime soon since no journal accepts it afaik. But maybe I can try it out for personal stuff.

I'll try out Typst. If it works well, I'll definitely switch from LaTeX.

You don't need a fancy computer. There's endless amazing games and they run on a potato. I was just starting Bayonetta and my machine doesn't even spin up. But it does when I open Firefox or my note taking program 🤷🏻‍♀️

Just keep it away from unsafe networks cuz it'll have vulnerabilities.

Yeah but I wanted a fancy computer so I put in the dough to make it happen lol

4/10
It's missing a cat.

10/10

I feel the same way about webcams. I'm paranoid about them too, but you know what's an easy solution? Buy a desktop monitor without one and then buy a USB webcam.

If you're on a laptop, then for the camera just tape a piece of paper over it. As for the internal mic, you might be fucked lol cause I got nothing.

It's a bit late to worry about internal mics when everyone has their phone on them at all times.

You can take care of privacy on your personal hardware, but with work issued devices, you can't.

Majority of "webcam" use is in laptops, tablets and phones, grandpa... No "unplug the damn thing" to be found?

They often come equipped with a privacy slider to cover the lens. Or you can just put a sticker on them.

They don't "often come with" I'd say it's fairly rare, and especially in the last generation of computers that most have now.

Also, what you mention are all steps above and beyond OP's direction to "just unplug it" and they come with compromises - I.e. A shutter cover isn't a HW disconnect, two very different things. And, a sticker isn't really removable temporarily when you actually do need the camera deliberately. Certain high end laptops have a purported physical HW disconnect toggle or even some "flip around" cameras that are only deployed when needed, but again, few and far between.

Sorry if I was wrong about the prevalence of such protections. My perception may be biased because the notebooks used by our company are all equipped with a switch or shutter of some sort. (HP brand, IIRC) Regarding your second point, however: surely a shutter physically obscuring the camera lens is just as effective as disconnecting the camera when it comes to protecting the user's privacy?

Yes, common that folks in more privileged positions can have these skewed views on products, like, "Uber is a pretty good service and a good value..." but you only pay on your corporate expense account... When normal people need a ride now, it's $80 for a 14 minute ride that used to cost 25-30 bucks. Someone's we can just live fully different realities from most people.

You often forget to close camera shutters (they are often tone on tone and designed to be more invisible, or they can fall open/off. The microphones are also often located near/in camera modules, so a slide shutter can give a false sense of security, but you can still be heard even if not seen sometimes. I do hope it gets to a point where HW disconnect is the norm

Always get the version of the gadget with replaceable batteries unless you want a brick in 3-10 years. Additionally, prefer 18650, AA, AAA batteries, and keep some rechargeable ones around.

Eneloop batteries (the white ones, not the black ones) are the best AA and AAA batteries out there for sure. Panasonic sells a package of Eneloops with a charging device that accepts both AA and AAA batteries, it's very good. Can be charged via USB and can also charge other devices, it's the kind of device I dreamed about in the 90s.

Why not the black ones?

They don't last as long and have less charge cycles, but IIRC they have a larger charge capacity. Eneloop white batteries have 4x more recharge cycles than the Eneloop black batteries. Hard to justify larger capacity (2550 mAh for black, 2100 for white) at 1/4 of the lifespan/charge cycles.

Some people use them for specific things like gamepad controllers (i.e. X-Box/Playstation controllers) because you're less likely to have interruptions but personally, I just change batteries when I dip below 30%. I keep 4 spare AAs in a charging cradle (La Crosse Technology, apparently they don't make chargers anymore which came as a huge surprise because they were THE battery charger back in the day 🤓). I use a program on my PC for keyboard macros that has an additional feature displaying gamepad battery percentage and I find it far more accurate than the native app or alternatives.

To me it's like having a 16 gal gas tank and some guy tries to tell you he can swap it out for a 20 gal gas tank, but then you find out the "upgrade" has 1/4 of the lifespan because it's far more likely to corrode. Not worth the tradeoff for the vast majority of drivers who can simply fill up a little more often.

It's a gimmick to basically upsell people an additional battery type that in fairness to Panasonic is literally right on the packaging (2100 vs 500 charge cycles) but unless you're actively comparing charge cycles between battery types, which the vast majority of people buying batteries aren't paying attention to because they (reasonably, IMO) assume all AA batteries have a similar life cycle/capacity these days, it's hard to notice the above differences that I pointed out. So a lot of people buy the white, then the black thinking "ooOoOO Pro edition = better", only to find out 2+ years later that their black batteries are dead while their white batteries keep chugging along.

I know that's a super long winded explanation but I think it's good to explain all this. I mostly recommend Eneloop whites because I'm not a big fan of waste, battery waste in particular, so I think that if someone has to use batteries then it makes sense for them to use the ones that are reasonably priced and will last far longer than any other battery. That said, the price of them definitely has gone up over the years, though that applies to most things.

Ok, I hear you. But here's the secret: I don't want to use a webcam at all. If you want to see me, agree to a physical meetup. Obviously that's not the only reason.

I work in a remote first company. We are spread across the whole country. To manage things we do daily meetings. Every single time my camera is covered and nobody has any issues with that. However, when I'm interviewing a potential employee I turn on my camera.

It's good to hear that there are companies that are accepting this. Interviewing is a little different, yeah, that's probably understandable when done remotely

SFTP file transfers, I'm guilty of forgetting about it myself sometimes.

Whether it's Syncthing for keeping device data synced and backed up, or just wanting to get a file from point A to point B and using your preferred SFTP client like FileZilla, it can be really easy to forget just how easy these are.

I'm currently trying sync thing. It gets the job done but it confuses me a lot. Like you say sftp is just so much more straight forward.

And you can probably hook that up into your file system, making it super convenient.

I can try and help a bit with Syncthing, it's got a couple idiosyncrasies that I feel like I've come to understand.

Which aspect of it is troubling?

Well, one device says it's syncing, but the other doesn't. Or it just doesn't detect changes even after restarting it. In the end it somehow works but the UI feels finicky.

If I use USB, scp or sftp or something it just feels straight forward. I say x and it does x or I get an error. With syncthing all that is hidden and it's confusing.

I also once had an error on a specific folder. I tried deleting and adding it again, but it was still broken. I searched online and it might be because I deleted a hidden folder. I occasionally delete stuff I don't know. And it wasn't able to recover from that or provide a proper error message.

All in all I think I'll keep using it and banging my head against the wall until it works for me. It could definitely use some UI/UX touchups.

That sounds similar to the issue I ran into, Syncthing will create a .st-ignore text file (can't remember the actual name) that links the device folders together. When I've deleted that I've encountered similar confusion and problems trying to get new folders running.

If you have Android clients, I've found Syncthing-Fork to be slightly better for the initial setup.

What I'll tend to do when I have problems is remove each folder I've set up in Syncthing from both devices, then I'll usually create a new folder path for my purposes. If I've already set up when I'm trying to accomplish then I will either rename it (sometimes it helps) or just try from the beginning again.

For example, I want my tablet to get videos from my phone and my PC, and I want these files backed up in general. So on my phone I create /Send-to-PC and on my tablet I create /Receive-from-PC. Either the host or the client can initiate the synced connection for the first time setup, so it's just a matter of naming the Syncthing Label (such as a comment descriptor about the folder, like Media), setting the folder path within the client device (on android this might be /storage/SD-Card-ID/MediaFolder) and then choosing which devices will be connected to this label (usually via a tick-box with the Host or Client name). This is usually it, but you do have the option to set Folder Type for whether you only want to send, only receive, or send and receive, as well as Watch for Changes.

These last two may also be part of what you are noticing too. For example, if you have Watch for Changes disables, you'd have to wait for the scheduled upload, which can save phone battery by not having it sync constantly, but can also prevent syncing quickly when you want it. Or, more likely what you may run into, Send & Receive being the default can result in some odd quirks when you the Host removes an uploaded file to the client. All of the sudden your project file is vanished! This happens to me from time to time, as I'll upload a video I want to edit on my tablet, then I'll move/delete it since I'm in the process of editing, only to remember that Send & Receive makes it so that the client also moves it from the shared folder.

Anyway this probably isn't very helpful, but hopefully seeing a tired rundown of how someone else uses it gives you an idea of what may be happening on your end!

😵‍💫

I'll probably end up configuring a virtual file system instead

Saving a picture and posting it somewhere.

I see people making screenshots of their whole phone's screen and posting them just to show a picture. In reality, maybe 90% of the time, if you see a picture on the screen of your phone, you can save that picture, with no pointless information around it, no black bars and so on. Even if that's not possible, Android for example has been doing something from the recent apps screen that lets you extract a picture from an app's screen - and that's arguably even easier than doing a screenshot.

To the people who insist on me adding a sticky note to my webcam, I can only say

sudo modprobe -r uvcvideo

Anyone with root (or equivalent) access to your pc could easily undo that though.

If they have root access to my PC, webcam access is arguably not my biggest concern

It's not the biggest, but it still is a concern, and is exceedingly easily mitigated.

For the non-devs out there, he means unplugging it

I have a webcam that we use when we're not home for longish periods. It's unplugged when we're here. Also, it is connected to my own server, not some corporate cloud crap.

What about laptop webcams on work/school issued hardware?

That's what tape is for

Which does not solve the webcam's mic, which (to me) is a bigger issue because it does not only record who's in the from of the machine, but also the whole surrounding area.

Have you tried turning it off and on again?

Unplug your inbuilt webcam?

Some laptops now have physical privacy shutters for that - and for those that don't, you can get one that you can stick on top.

That still leaves the microphone.

The actual simple and sane solution would just be to require indicator leds hardwired to the literal power supply lines of the camera chip/microphone, so they're physically impossible top turn off while recording.

But that would require US or EU legislation.

This is exactly what I do with my tobii eye tracker. I'm a bit paranoid about what it can see so I have it plugged into a USB hub with power buttons that I just disable when I'm not using it.