ilmagico

joined 1 year ago
[–] ilmagico@lemmy.world 6 points 4 days ago

It's the video games makers really, not video games as a whole. There are ways to make video games without getting kids to spend their parents' money.

[–] ilmagico@lemmy.world 2 points 4 days ago (1 children)

I think the big deal is if they support wayland, which I think was supposed to come in 4.20

[–] ilmagico@lemmy.world 48 points 2 weeks ago (1 children)

I could be wrong, but I think Qualcomm designs its own chips and only licenses the "API", so it would be no difference for them.

[–] ilmagico@lemmy.world 1 points 2 weeks ago

I was finally able to find some technical detail on passkeys on FIDO website, and yeah, it actually looks like it's a real improvement over passwords: it's simple, uses proven technology (public/private keys), and should be much more secure than passwords.

Also, nothing in the "specs" says I need to entrust my private key with the OS or a third party, which is good.

That said, it seems some OS support is required nonetheless, to show the pin / biometrics prompt (or is it?), and on android at least, I'd need to buy a new device with Android 14 to use a non-Google passkey provider...

[–] ilmagico@lemmy.world 1 points 2 weeks ago

I use KeePassXC on desktop and Keepass2Android on, well, android, and sync via nextcloud. They all seem to handle syncing correctly, merging changes made on one side, or showing a notification about a conflict, and KeePassXC can definitely merge the two "conflicted copies" together reliably with a couple of clicks (yes, a no-click solution would be better, I know, but it's not "manual"). Keepass2Android integrates directly with nextcloud and seems to handle it fine.

The situation can definitely be improved but it's not so bad for me. Also, two different people should probably use two different database files and not share passwords ;)

Not sure how syncthing handles conflicts, it's been many years since I tried it.

[–] ilmagico@lemmy.world 2 points 2 weeks ago

I use KeePassXC's browser integration daily and it works pretty well with Firefox (linux), well enough that I'm not complaining, but I cannot compare it with Bitwarden cause I never used it. On Android I use Keepass2Android and works well with autofill, but again, I can't really compare it.

Something tells me Bitwarden works better, just by virtue of being a commercially supported product, but I have no complaints with KeePassXC & Keepass2Android (KeePassDX works well on android too). Original KeePass desktop client was never great though.

[–] ilmagico@lemmy.world 1 points 2 weeks ago (1 children)

I see, that makes sense and should be more secure, in theory. Thanks for the explanation.

The issue I have is, whether I need to trust a third party with my private key, e.g. Google with Android, Microsoft with Windows, etc. (yes on linux it's different, but that's not my only OS).

Also if the private key does get compromised (e.g. local malware steals it), hopefully there's an easy way to revoke it.

[–] ilmagico@lemmy.world -1 points 2 weeks ago* (last edited 2 weeks ago) (4 children)

Ok, from a quick search, it seems passkeys rely on some trusted entity (your browser, OS, ...) to authenticate you, so, yeah, I'm not sure if I like that. The FIDO alliance website is all about how easy, convenient and secure passkeys are, and nothing about how they actually work under the hood, which is another red flag for me.

I'll stick to old-fashioned, long, secure, randomly generated passwords, thanks.

[–] ilmagico@lemmy.world 5 points 2 weeks ago* (last edited 2 weeks ago)

From a quick search, Keepass2Android doesn't have it, not clear if they're working on it: https://github.com/PhilippC/keepass2android/issues/2099

KeePassDX similarly has an open issue, not clear when/if it will be implemented: https://github.com/Kunzisoft/KeePassDX/issues/1421

Good to know about Strongbox on iOS, though I'm on android so no bueno for me.

[–] ilmagico@lemmy.world 2 points 2 weeks ago* (last edited 2 weeks ago) (6 children)

I don't use passkeys so I don't know. Maybe I should research into passkeys, what's the benefit over plain old (long, randomly generated) passwords?

[–] ilmagico@lemmy.world 23 points 2 weeks ago (5 children)

+1 For KeePassXC and the KeePass ecosystem. Yes, you need to sync the database yourself, but you can use any file sharing service you like, e.g. google drive, dropbox... or selfhost something like nextcloud (like I do), which for me is actually a point in its favor.

Based on this news, I think I made the right choice back then when I decided to go with KeePass.

[–] ilmagico@lemmy.world 17 points 2 weeks ago (10 children)

What do you mean "no cross device support"? KeePassXC supports Win, Mac, Linux and there are iOS and Android apps available...

As for the lack of cloud and requirement to provide your own synchronization, for some (like me) that's a feature, not a limitation :)

view more: next ›