> What part of individual freedom and limited government as written in the US Constitution is morally wrong?

You are putting words in his mouth. I live here in the US and I certainly don't look at our country and say "paragons of freedom and limited government", not by a long shot.

If anything, the betrayal of those principles is why I would agree, there is no reason to love the US. We are liberties pretenders. We have made an entire industries out of imprisoning people for what they would choose to put in their own body, then used it to justify more and more surviellance and restrictions on liberty.

That is before even getting to the murderous terrorism we call foreign policy.

Not going to lie, I miss keepass and its autotype function. I tried to mock something up with xdotool but never really worked right.

That is mostly what I did, though instead of a thumb drive I just used git to keep some copies around...though, on windows I just used scp because I had trouble with git-annex. I never trusted thumb drives that much. I have lost data from them and if a backup procedure is too manual, I know I wont follow it.

Then I bought a yubikey, and the more I looked at it, the more attractive the password-store model was. Worst case scenario, the only tools I really need are ssh, git, and opengpg. The only backup data, aside from my multiply-replicated repo is my restoration keyring, which can be copied to several USB sticks and is valid for potentially a decade or more. I can toss one in a bank safe deposit box (and some day I will get around to doing that!)

You CAN setup a yubikey in OTP mode with keepass via a plugin, but, OTP mode is suboptimal and could be very problematic if you have sync/backup issues.

1. Yes but, you can have many git servers. Each repo is a full copy so central repos are basically throwaway. Lose one, make a new one, push to it.

2. The amount of available resources is amazing but, still, nobody cracks gpg encrypted files, nobody is dumb enough to try. Keeping up with the tool chain and updating keys every few years as the recomendations and capabilities change should do you fine.

generally the weak point anyone would assault a gpg based setup is either key storage or end point usage.

Nothing will stop a malware you don't know about from scraping the decrypted passwords as you decrypt them. If you store keys locally in an exportable form and type the decryption passphrase, then it can all be stolen by maleware as well.

However, if you store subkeys on hardware that can't export them, and requires a touch, so it can't be used as an oracle easily.... then the best they can do is that.

In this scheme each password has its own decryption session key, and that key is the only sensitive data that the hardware key works with. At best they get one message at a time, as you use them; and that requires that they own your endpoint in some way.

In a twisted way it makes sense. File loss is more common a problem than actual compromise. This absolves them of needing to offer a solution.

Personally I ditched even keepass for password store because it solves this by supporting git for sync.

Its cross platform, uses gnupg in the back end, meaning no custom encryption code and a well known, trusted code base. Plus, because it is gpg based, all but a couple of special snowflake implementations natively get the benefit of hardware keys that gpg supports.

Since the gpg keys can be used as ssh keys, the whole process becomes seamless.

Sure they do, society often is is piss poor at determining who should be classified as a criminal. I shudder to think how terrible it would be if law were perfectly enforcable; especially since its creation remains so imperfect.

Society loses a ton when bad laws are enforced and criminality is used as a weapon to subjugate it.

> It amazes me in this day and time that there are still rogue accounts in large enterprises

I would like to be shocked but, I got over that years ago. I actually got called to a desktop support case once that turned out to be "someone broke in". Did some random damage to equipment that didn't make sense (looked like they had a go at the floppy drive of an old laptop with a screwdriver, in a rather rude way)

Before I updated my ticket and left it up to security to deal with though.... I did think to check who the last logon was on the PC. My jaw hit the floor when I saw the name was clearly a test account. In a slight rage I typed the name of the test account in as the password and it logged me in.

Right there from the users desk I looked up the name of someone in the domain admin group and called them up to confirm.... the new production domain.... the new one that was going to banish all the shared accounts with bad passwords.... had well known test accounts with obvious names and passwords.

no but I was also running a fever over 100 at the time so I am going to blame that for why I couldn't compare numbers properly.

Point um....taken :)

So if the United States took this up alone and paid for it; it is a better use of money than:

- the F35.
- paying other countries to buy military equipment from us to prop up jobs.
- Mass Surviellance: this is 1/3rd the cost of JUST the Utah Datacenter

Right, I don't actually DO any of the things I was claiming, I just lie to him. Its so much easier than actually going through with it. I put him on speakerphone and go about my business while I fuck with him.

No videos, but one dude totally caught on and started singing to me before he hung up.

> The scammers have become wise to this. They refuse to deal with Windows 98 and Windows XP on grounds that Microsoft has announced their end of support.

So much effort anyway....its easier to not setup a VM and...get this.... Lie to them.

Its fun. Treat it like a video game. Its role playing practice. Your just rolled a new character "stupid user". Just pretend to be the dumbest user you ever tried to help, and imagine what issues they might encounter. Feel free to be "too smart for your own good".

My favorite was when one guy asked me to open a link "in chrome", I agree. 3 mins later he is asking "whats going on now?" "oh I am installing chrome" "oh so you have a web....ok" He waited another 5 minutes before checking in again.

Hint: I wasn't installing chrome

I love Dr Who but I had to come to terms with the fact that it is not really science fiction so much as science fiction themed fantasy. It is well written fantasy and it plays at being science fiction but, they really just do whatever.

In fact, we are not alone, I recently found a rant that sums it up well; I still watch the show but, its a good steady fuck buddy, not really relationship material: https://www.youtube.com/watch?...

However a US vessel may do whatever it wants, anywhere, anytime because the US doesn't applogize. Laws are for other countries, they only have to respect laws when dealing with us. That is most certainly not a two way street.

Good thing the Pentagon has an unblemished record of never claiming anything to not have military purpose that wasn't a lie. That record of honesty will give their word a lot of weight when they are in the right like this.

> I like the idea of running tor an a separate VM from the one you do your browsing on.

It is a proxy and most of the attack vectors attack the end client, not the network itself.... the tor client needs internet access, the client behind it can only harm itself with direct acces.... so don't give it...not even dns, nothing. Just port 9050 alone and only one responding IP.

Maybe drop another interface on there and log all the non-port 9050 traffic as well :)

They have an AI so advanced it is capable of being offended? That is amazing.

Now if only they could develop one mature enough to be offended and yet remain objective enough to realize that it own opinion wasn't anything anyone asked for or cared about.