PrincipleOfCharity

Whenever my friends or I point to the sky after sitting in a chair in a McDonald’s on the second Saturday of the month while wearing a purple shirt. We just start cracking up until the manager comes out and tells us to leave.

Just wait until you learn that if you are going to use removed finger-tips then they don’t necessarily have to be your own…

I feel like this needs to be pushed back on a little bit. Don’t let perfect be the enemy of the good. Having a password manager that provides good passwords and TOTP as a second factor is way better than only using a password.

Sure, it would be nice if you had two devices. A phone password manager and a usb security key, but for many people it is inconvenient to carry a security key to plug when you need it. I’d rather that person keep a TOTP on their phone in that case rather than not use two factor due to inconvenience.

Your concern is mostly about “what if someone steals your phone or computer” then they have both factors. However, your average person isn’t getting hacked by someone they know, and random local thieves aren’t typically sophisticated enough to do more than re-sell stolen computer equipment. The average person is getting hacked by some dude in a foreign country who dumped a password database or phished a password. That person isn’t stealing your device so the fact that both factors are in the same place doesn’t really mean anything.

Also, most password managers are locked by biometrics these days. In that case, it isn’t really the app that is the second factor. It is your fingerprint or face. Someone may steal your device, but if they can’t get into the password manager that needs a password and biometrics then they don’t have anything.

I have also thought this is a good idea. I think that the ActivityPub standard should have a required field that lists a copyright license. Then a copyleft style copyright should be created that allows storing and indexing for distribution via open-source standards, and disallows using for AI training and data scraping. If every single post has a copyleft license then it would be risky for bigtech to repurpose it because if a whistleblower called them out that could be a huge class action suit.

A good question is if a single post can be copyrighted. I think it could. Perhaps you would consider each post like a collaborative work of art. People keep adding to it, and at the end of the day the whole chain could function as a “work”. Especially since there is a lot of useful value and knowledge in some post threads.

You can do that, but there are a couple of things to keep in mind.

Different apps may only be compatible with certain database products and versions. I could be a real pain if you have to spin up a new version of a database and migrate just for one service that updated their dependencies or have to keep an old database version around for legacy software.

If you stop using a service then it’s data is still in the database. This will get bloated after a while. If the database is only for one service then wiping it out when you are done isn’t a big deal. However, if you use a shared database then you likely have to go in and remove schemas, tables, and users manually; praying you don’t mess something up for another service.

When each service has its own database moving it to another instance is as easy as copying all the files. If the database is shared then you need to make sure the database connection is exposed to all the systems that are trying to connect to it. If it’s all local then that’s pretty safe, but if you have services on different cloud providers then you have to be more careful to not expose your database to the world.

Single use databases don’t typically consume a lot of resources unless the service using it is massive. It typically is easier to allow each service to have its own database.