Interesting. I’m in the process of making a node based image editor myself so I’ll see what this does right and what points of friction still remain. The main reason I want to do is to make automating tasks easier, batch processing in photoshop is ok, but it could be so much better.
Maybe I’m an outlier but I don’t want my drives encrypted at all. I rather have all my data be accessible if things go catastrophic, I.E. having to pull the drive out of a broken computer and put it in another computer to access the files. I just want it to be plug and play.
Cool. Everyone's threat model is different. As long as we're not writing passwords on sticky notes attached to the monitor, I don't think there's any need to be throwing stones.
Sensitive data written down on a sticky note is arguably more secure than that same data sitting on an unencrypted hard drive, at least in a home setting.
Secure rot* variants require UTF-8 and mappings that shift characters between {1,2,3,4}-byte encoded-character-sizes. That varies the message length, which prevents any message-length or traffic analysis.
The Snowden leaks revealed that the NSA is flummoxed on how to tackle variable character lengths. However, they've cracked rot26 using custom ASIC supercomputers, so it should be considered insecure even though it's twice as good as rot13.
Are you saying you bring your desktop on a train ride as well? Laptops with encryption make sense; if you need to encrypt your desktop, I have questions.
I would. It doesn't even require theft. The naive burglary mitigation is just a happy accident.
I want the crypto-shredding retirement of each storage device. I don't assume I can delete/scrub/overwrite at the time a device goes out of service. I have a box of older HDDs that I still have to get around to destroying properly, because they exist from before the days of practical FDE.
I encrypt my desktop. What if someone breaks in and steals it? My tax returns are on there, banking and investment info, etc. And what if I'm careless about disposing of an internal drive in an old machine that's in the closet, etc. I usually drill or sledge drives, but what if I forget? Encrypting all drives makes sense.
My inference machine is the only drive I leave unencrypted, but that's because it has the models on it, llama.cpp, and nothing else, and I want it back up and running services after a power-failure. My other desktops are encrypted to make hard drive disposal easy.
Simple hypothetical: "A disaster hits and the workstation owner is unable to return to the location the workstation is stored. During that time period the workstation is stolen by a gang of looters."
Also a reason to have off-site backups. Many people have done backups to local servers, only to discover that they have no way to recover their data because thieves stole everything.
My data is mundane and mostly my art projects and photography. I don’t believe I am important or interesting enough for someone to do anything with my data if they somehow managed to get it also I don’t have emails, saved passwords, banking info or that kind of sensitive info on my computers so meh I guess.
If "things go catastrophic" your hard drive is not usable at all anymore. At the very least some files can't be recovered at all. So you need backups in any case. Once you have backups, you might as well encrypt your hard drives, especially if you store these in different locations (which you should).
An advantage of encryption is that it makes it easier to give away or resell devices. With recent encryption schemes (well the ones on Linux, given this article), I feel confident that overwriting the encryption keys gets me close enough to not leaking my data once I get rid of an old hard drive.
That’s not true. I’ve had many computers that refuse to turn on and I was able to recover the files by removing the drive and loading it into a USB hard drive reader and recover the files.
Additional problem is if physical access is obtained, illegal material could be covertly added to the drive then picked up by the built in scanners in your OS. Depends on how important you are.
What's not plug and play if using some sensible fde like idk, dm-crypt? You are only a passphrase away from mounting that drive in any other system you plug it into.
That's my question, because my root is encrypted, I move encrypted disks all the time, and have a couple of encrypted external drives. It's trivial.
But I'm sure that some of the millions of things that I've missed as windows has become what it has become makes this simplicity seem like a scifi absurdity. I don't think that they can even log into their own computers without asking Microsoft for permission over the network. I'm sure the idea of encryption must have been overcomplicated to the point of absurdity in order to trap customers too, I just don't know about it.
I suppose you should just count your blessings (of ignorance) and be available to help your friends with cryptsetup if they decide to flee windows.
* Split the recovery key in two, store each half with a different friend. (If you're feeling fancy, XOR the halves and store that with a third friend, then any two out of three will work.)
* Sneak the key into something you know friends/family won't throw away while you're still alive, like stuck to the back of a sentimental photo in a frame.
____
That said, I think I'm wandering from the original "accumulating dusty old drives in a box" scenario, which has a simpler solution: Keep a growing old_drives_keys.txt file on your current (encrypted) main device.
Yep, this is the way. It survives human memory and doesn't depend on software.
If you keep it in a dark environment that's not super humid the ink should last a really long time. Even in non-optimal conditions (NY summers with high humidity, etc.) I've had regular pen ink last for decades with no signs of fading away.
Same here. If anything happens I want a decent chance to be able to recover my data. The most I may do is create encrypted files, and some of them I've forgotten the passwords for, which makes me even more wary.
I was happy to give up my side-hobby of drilling drives after FDE became standard everywhere. Plug and play is great, but you don't want it to be plug and play for whoever pulls your drive out of the trash.
I mean... you can use an encryption scheme compatible with this (if you know the password).
I suppose this makes some sense for home computers (burglars and police raids are rare) but for a laptop, you really don't want thieves getting all your details.
Ironically -- this probably was paranoid a few years ago, but now -- "ChatGPT, use this prepared prompt to extract all useful info from this hard drive"
To be fair Blender’s UI is very unintuitive and not as good as other 3D modeling software. Between 3Ds max, Maya, Houdini, XSI, Modo, Milkshape and others only Blender has felt painful to use.
Yeah actually I haven't been dissapointed with the quality of the new videos so far, I will hold my breath though as venture capitals priorities aren't always aligned long-term.
The problem I have encountered is that some of the physics explanations are of dubious quality. A good example is the debate between Veratasium, Steve Mould, and ElectroBOOM about “whether electricity travels at the speed of light.” The Veratasium video comes across as pretty clickbait-y. That said, the combined narrative across these three channels was pretty interesting.
Yet they have no problem flagging legit stuff. Back in 2019 I remember a pair of shorts (part of procedurally generated street ware fashion project) got flagged as offensive for some reason and my campaign got suspended. I reached out to Facebook and actually got a human and they unsuspended my account but the experience also made me stop buying ads from them.
Dude, back off the buzzkill on my vibe code, man. I told Claude what I wanted, and it works fine on my machine.
What kind of Karen are you that you expect me to check if it works for other people? I mean you have Claude, too, so fix it yourself. I've got more code to vibe and vibe to code. Later for you.
Note: this is dark sarcasm just in case somebody thinks I'm serious. The problem is that I'm not really laughing because I have heard very similar to this and had to be the one harshing both their vibes very much.
I used Claude to help me with a function once and it added a memory leak, it wouldn’t have been noticeable to most people but I saw. I still write my own code and find LLMs frustrating because they almost get it right and it’s just more efficient for me to just write the code correctly instead of having an LLM write something that’s almost correct and me fixing it after the fact.
I can’t wait for all the future vibe coded projects to be exploited by the black hats waiting in the shadows for things to reach a critical state. I don’t believe in anthropic because they love to lie.
I’ve been using PHP for over a decade and have never used FPM.
“Using a single language for both frontend and backend with (largely) the same availability of tooling and the ability to share code”
Is a negative I went backend world and front end world to be different because they do very very different things.
“But more than that... it's just less used? The PHP ecosystem is noticeably smaller and has way less happening.”
That’s not true, PHP is less resume driven development and actually about productivity. I’m really happy narcissist hate PHP and don’t burden it with their garbage and slopworks.
reply