@nsa@hachyderm.io
@nsa@hachyderm.io avatar

nsa

@nsa@hachyderm.io

🇨🇦 Kitchener, ON
💫 Rosalina & Luma player
👩🏻‍💻 Sr. software engineer at Google
🔑 Passkeys at Chrome
👩🏻 she/they

This profile is from a federated server and may be incomplete. Browse more on the original instance.

nsa, to random
@nsa@hachyderm.io avatar

"Let's name our business in English, it'll sound very professional and cool."

nsa, to random
@nsa@hachyderm.io avatar

メロンパン is officially my favourite word.

sortius, to gaming
@sortius@mastodon.social avatar

My ex is heaps into the idea of "10k hours" becoming mastery.

So I sent her this, with the caption "I'm a double master at "

nsa,
@nsa@hachyderm.io avatar

@sortius but do you have 10k hours in any one game?

I think about the insane number of hours I've logged whenever I think about introducing someone to gaming. Anyone trying to pick up gaming has a mountain to climb in terms of getting used to controls, learning the languages of games, etc.

nsa,
@nsa@hachyderm.io avatar

@jpm @sortius pls tell me your review is

"It's good I guess"

nsa, to random
@nsa@hachyderm.io avatar

We need a YouTube channel that's like those "fixing an old car with $50 and duct tape" and full of hacks, but for software. I think the closest I can think of is https://m.youtube.com/watch?v=CTUMNtKQLl8

(If you want to watch that, do yourself a favour and skip the story bits)

jaffathecake, to random
@jaffathecake@mastodon.social avatar

If the person behind me on this plane pulls my seat any harder, I'll be catapulted into business class. Win fucking win.

nsa,
@nsa@hachyderm.io avatar

@jaffathecake turn around and tell them!!! it's worth the social awkwardness!

dgar, to random
@dgar@aus.social avatar

Racecar backwards is racecar.

Racecar upside-down is expensive.

nsa,
@nsa@hachyderm.io avatar

@dgar on the contrary, a racecar is very expensive until it's upside down

Patricia, to random
@Patricia@vivaldi.net avatar

I need you modern webdev folks to teach me (again) the magic transpiling mechanism that fuels this universe.

nsa,
@nsa@hachyderm.io avatar

@Patricia embrace javascript, let go of the tooling, reject bloat 🧘‍♀️

Seriously tho I have no idea, all webdev I've done in the last 5 years has been static sites.

nsa, to random
@nsa@hachyderm.io avatar

This is a no doomposting zone.

nsa, to passkeys
@nsa@hachyderm.io avatar

New post on choosing the right timeout value in !

tl;dr

  • design your challenge-response protocol to allow for a very long value
  • whatever you do, don't leave it to the default value

https://satragno.com/blog/webauthn-timeout/

nsa, to random
@nsa@hachyderm.io avatar

Always super cool when a feature I've worked on for a while finally shows up on stable Chrome on my home PC (:

nsa,
@nsa@hachyderm.io avatar

@ljrk the android credential management API is part of AOSP. I don't see why say bitwarden wouldn't work on AOSP.

nsa,
@nsa@hachyderm.io avatar

@ljrk ❤️

Play services also reaches older versions of android but yeah your analysis is accurate.

I'm surprised the free software ecosystem hasn't developed a robust drop in replacement. Hopefully it's a matter of time.

nsa, to random
@nsa@hachyderm.io avatar

I should revive satragno.com, put a blog there and post solely about touhou and smash

nsa,
@nsa@hachyderm.io avatar

Speaking of touhou subterranean animism continues to kick my ass. On good days I make it to the final boss on 1cc but I'm soooo far from beating it.

lauren, to random
@lauren@mastodon.laurenweinstein.org avatar

At this stage, I consider LLM AI to be 10% incredibly positive potential and 90% potentially dangerous trash. I realize that not everyone will agree with me that the 10% good stuff actually exists.

nsa,
@nsa@hachyderm.io avatar

@lauren more like 10% positive potential, 90% actual dangerous trash imo

nsa, to random
@nsa@hachyderm.io avatar

Kinda wanna put this up in my office

saraislet, to random

In external meeting, about to request introductions

...then realizing that the person I didn't recognize is one of my reports from a different angle and without their full name

Face blindness is an adventure, to recognize people by the way they blink, shift their head, walk, gesture, or voice

nsa,
@nsa@hachyderm.io avatar

@saraislet gang 🙏

I key everyone by hair, voice and general features ("tall", "dresses in a certain way"). This does not work when most people at a conference are tech white guys who I'm hearing for the first time without a microphone. Fun times!

nsa,
@nsa@hachyderm.io avatar

@avuko @saraislet then you have to potentially carry out a conversation pretending you know who they are until you recognize their voice.

agektmr, to random

Unlock 1Password With a Passkey: Now in Beta | 1Password
https://blog.1password.com/unlock-1password-individual-passkey-beta/

nsa,
@nsa@hachyderm.io avatar

@jyasskin @agektmr @1password they need to shoulder surf you (same as a password) and either steal your device or gain access to your google account to pwn your passkeys. Neither alone is enough.

iamkale, (edited ) to passkeys

Wow, Discord just launched support for passkeys for everyone today!

The app calls them "security keys" everywhere, but I had no issues registering and authenticating with an iCloud Keychain synced passkey.

It's only 2FA for now (I still have to provide a username and password) but they announced their intent to take things all the way:

"Now that our backend supports WebAuthn our next aim is WebAuthn-based passwordless login. Stay tuned!"

Love to see it 🎉

https://discord.com/blog/how-discord-modernized-mfa-with-webauthn

nsa,
@nsa@hachyderm.io avatar

@iamkale really looking forward to seeing how they reconcile the fact they're creating non discoverable credentials on android with a future "passwordless" login.

nsa,
@nsa@hachyderm.io avatar

@iamkale also their post is terrifying, on the downloadable desktop app afaict they're skipping all the implementation built into chromium over the years by writing their own bindings to the native platform.

Someone should fix electron to be able to use webauthn instead.

nsa, to random
@nsa@hachyderm.io avatar

We don't attribute intelligence to humans based on our understanding of our brains. We don't know how they work.

Equally, we should not attribute lack of intelligence to LLMs based on how they work, but base it on the results. And LLMs consistently give confident, wrong answers about anything they cannot readily scrap word-for-word from the web.

I find the amount of people who say they're great for anything other than supporting writing (like a really good, generic auto complete) terrifying

recursive, to random
@recursive@hachyderm.io avatar

I hate it when I see kilograms used as a unit of force.

nsa,
@nsa@hachyderm.io avatar

@recursive

kg

matt, to random

Question for sighted people: With any of the modern mainstream browsers, when a new page loads via actual browser navigation as opposed to client-side JavaScript-based navigation, how obvious is it that a page is loading? It's at least not obvious enough for me to see with my limited vision.

nsa,
@nsa@hachyderm.io avatar

@matt it is usually pretty obvious. There is a loading indicator on the tab that spins. Sometimes, elements render progressively so you can see the page being "built" in front of your eyes, too. Of course the spinner is the browser making an educated guess. Some other websites have a custom loading bar but that's rare.

Modern websites are designed to both render the main content and respond to input fast, so you can interact with the page even while it's still loading.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • JUstTest
  • everett
  • rosin
  • Youngstown
  • ngwrru68w68
  • khanakhh
  • slotface
  • InstantRegret
  • mdbf
  • GTA5RPClips
  • kavyap
  • thenastyranch
  • DreamBathrooms
  • magazineikmin
  • anitta
  • tacticalgear
  • tester
  • Durango
  • cubers
  • ethstaker
  • cisconetworking
  • modclub
  • osvaldo12
  • Leos
  • normalnudes
  • megavids
  • provamag3
  • lostlight
  • All magazines
    •