I'm self-hosting Vaultwarden on my LAN, a Bitwarden-compatible backend written in Rust. I have it running inside a jail on TrueNAS Core (which, alas, is now end-of-life). It hosts its own Web interface, but also is compatible with Bitwarden's Android app and browser plugins.

So far, it's worked out pretty well for me.

The other thing I don't get is using apps for everything.

I mean, I get it from the manufacturer's point of view. It means they can update things as they please retrospectively and possibly add new charges for functionality or services and/or implement spyware after the sale.

But from a user's point of view, why would I ever want my new home solar power and battery installation that has an expected working life of at least 20-30 years to be dependent on some random phone app to configure it? How many people had smartphones 20-30 years ago? How many people will still have them in 20-30 years? Exactly.

Nothing wrong with providing an app as well for the convenience of those who want it. But anything that is a permanent appliance or fixture in my home and doesn't fundamentally require external connectivity to do its job still needs to have 100% of its functionality available locally as well, without relying on external connectivity or any separate hardware or software platform for the UI.

When there is functionality that really does need remote connectivity, like say a power system that integrates with my electricity provider that offers flexible, demand-based pricing, there should be open standards for how these remote interactions work and it should still be possible to see and do everything else locally.

The world would be a much better place if governments and regulators promoted this kind of future-proof approach but sadly the public sector tends to lag so far behind in its awareness and understand of tech issues that it's not very effective at dealing with them.

...Because no one uses Edge.

Clearly you have never worked in a large corporate environment that has shackled itself to the entire Micros~1 ecosystem -- Office, Outlook, Exchange, OneDrive, Teams, Engage, SharePoint... The whole ball of earwax.

I thought that's what the front page was. It keeps wasting space with things I'm not interested in, or actively dislike.

New Video from The Primagen!
<block channel>

NotAIHonestly Gets Rare Interview with The Primagen!
<block channel>

FrierenFan04 Reacts to !AIH's Interview with Primagen!
<smashes keyboard>

Companies like Amazon seem to be betting on the AI taking over theory. It's probably the only explanation that makes sense now, because their reputation among skilled technical people will be permanently damaged by moves like this. It won't suddenly repair itself whenever the pendulum swings back to being an employee's market, if the great AI revolution turns out to be just another hype cycle after all.

Working at a FAANG used to be attractive to a lot of highly skilled technical people and having employment history inside that bubble used to be a positive thing on your resume. I'm not sure how true either of those things is any more. Maybe those who are still there and making premium TC in a big US city are still getting a decent deal out of it. For others, most of those big brands seem to be increasingly unattractive, and having history there seems to be increasingly regarded as neutral or even negative when employers outside that bubble are hiring.

FWIW, I'm a little more optimistic. In the UK, we don't have the kind of pork barrel politics that is endemic to some other western democracies. The ICO are, like many government regulators, under-resourced, but they are basically trying to do a decent job and I think moves like the one we're discussing here today are going in the right direction.

Which is exactly why it's vital for governments and their regulatory bodies to step in and protect the ordinary citizen who isn't an expert on these things from the abuse that the big companies who are will otherwise commit in the name of profit, just as they already do with financial services, caterers, healthcare providers, and so on.

Fantastic. Then we can go back to having dumb devices that just do their jobs and don't have all the other junk attached competing for the market instead. That worked for a few generations before all the 1984 stuff. I'm betting it will work just fine for generations after it too.

And please spare us the rhetoric about how nothing could possibly be affordable if it doesn't violate our privacy to help pay for itself. The difference in pricing in a competitive market is likely to be pretty small. The only reason they can get away with intruding as much as they do right now is that market competition has failed because everyone is lapping up the free money. I, for one, am glad the ICO has other ideas about how things should be .

This is how I've come to understand it. I welcome any and all corrections.

Passkeys are a cryptographic key stored in a Secure Element. This is usually a private key inside a small cryptographic engine. You feed it some plaintext along with the key ID, and it encrypts it using that key. The outer software then decrypts the ciphertext using the public key. If the decrypted text matches the original plaintext, then that proves you're holding a valid private key, and authentication proceeds.

The private key can be written to and erased from the Secure Element, but never read back out. All it can do is perform operations using the secret key to prove that it is indeed holding the correct secret key.

On phones, the Secure Element is in the hardware of your handset. On PCs, this is most often the TPM (Trusted Platform Module) chip. In both cases, the platform will ask for your PC's/phone's password/fingerprint/whatever before forwarding the request to the Secure Element.

Yubikeys can also serve as a Secure Element for Passkeys; the private key is stored in the Yubikey itself. Further, the Yubikey's stored credentials may be further protected with a PIN, so even if someone steals your Yubikey, they'll still need to know the PIN before it will accept and perform authentication checks. You get eight tries with the PIN; after that, it bricks itself.

The latest series 5 Yubikeys can store up to 100 Passkeys, and Passkeys may be individually deleted when no longer needed. Older series 5 Yubikeys can store only 25 Passkeys, and can only be deleted by erasing all of them.

Theoretically, you can have multiple Passkeys for a given account (one for everyday access; others as emergency backups). Not all sites support creating these, however.

AIUI, your costs can't (or couldn't) generally be passed on when using the small claims system. Has that changed? It's been a while since I went through the process, so it's possible that my information here is out of date.

There is obviously a personal data angle here. There might also be a defamation angle if the system works as implied by TFS, since it appears that someone's reputation has been affected because someone else lied about them and this has demonstrably caused harm? If there was more than one relevant incident then there might also be a harassment angle.

Please be careful with that advice about requesting compensation in a Letter Before Action, though. There are fairly specific rules for what you can and can't claim under our system and just going in with claiming some arbitrary figure of a few thousand pounds in "compensation" for vague damages is far from guaranteed to get the result you're hoping for. If someone were serious about challenging this kind of behaviour, they might do better to consult with a real lawyer initially to understand what they might realistically achieve and what kinds of costs and risks would be involved.

Congratulations, you feckless imbeciles. You've "innovated" general software package management a mere three $(GOD)-damned decades after Redhat and Debian did it.

While you're at it, why don't you "invent" a tiling window manager that can be driven entirely from the keyboard... Oh, wait...

Honestly... Why is anyone still voluntarily giving money to these chowderheads?

Some are. I work more with smaller businesses than Big Tech and I don't think we've ever had more interest in our software development services.

There is a rational concern that technical people will understand the benefits and limitations of generative AI but management and executive leadership will fall for the hype because it was in the right Gartner quad or something and that will lead to restructuring and job losses. Businesses that get that wrong will probably be making a very expensive mistake and personally I'm quite looking forward to bumping our rates very significantly when they come crying to people who actually know what they're doing to clean up the mess later. It's not nice for anyone whose livelihood is being toyed with in the meantime, obviously, but I don't buy the arguments that this isn't fundamentally an economic inevitability as the comment I replied to was implying.