Project 3825 - a thing of beauty is a joy forever
For urgent matters, please text the duck project at 936 755 3366 (US only).
Wednesday, January 25, 2017
Saturday, January 7, 2017
Friday, January 6, 2017
My two cents on the 1 password Dropbox issue
Here's a quote:
Your characterizations are incorrect, or as some might say, 'disingenuous'. AgileBits does not claim it's impossible to do so. To quote: "This is not to say it's impossible, but it requires much more careful planning and consideration than changing the permission request in the application." They also note that 'the new secure mode' would break functionality for "many customers", due to a design choice (or flaw) in the Dropbox API: "But even if we were able to work around many of those complications and used the Dropbox API to limit permissions and use a specific app folder, there's still at least one major issue, which (as Khad explained to you a few years ago) is that Dropbox API doesn't allow sharing folders between different Dropbox accounts. That would prevent sharing a 1Password vault with others via Dropbox, which is a feature that many customers love and rely on." Claiming that this 'wouldn't be the case' is a misleading characterization. In actuality, they would have to support two modes - a reduced-functionality 'secure' mode, and a full-functionality 'legacy' mode. While it may be distasteful that users shares password vaults using Dropbox, they have clearly chosen to continue supporting that use case. 1Password offers a paid product that competes with the usually-free Dropbox-based sharing solution. Their paid product is far more secure than the shared-Dropbox method, with both per-vault and per-device encryption keys. It offers no compromises in functionality and offers what some would consider an increase in security for shared-vault users over the 'legacy' Dropbox model discussed herein. It uses a cloud storage service other than Dropbox, but that's no more a dealbreaker than Dropbox itself would be. So with 1Password having already implemented both "the new secure mode" (paid) and "a legacy mode for backwards compatibility" (dropbox), they clearly have already accepted the additional maintenance burden of the increased security requirements of their 'new' method. Please identify the evidence you see supporting your claim that it is impossible, in light of their words and actions to the contrary.
--
Obviously, the reason they don't want to work on this is because it competes with their paid product. Simple as that I think.
Thursday, December 29, 2016
Like Uncle Bob always says...
Friday, December 23, 2016
State of the web
didn't recognize. Where does that put my mental model of the web in
{{current year}}? Thinking back to my own web use, I can see something
disturbing happening: my web browsing has coalesced into a small
number of web sites. I think this is worrisome if more people think
like me. How is a new service supposed to gain traction if everyone is
wary of trying it?
Monday, December 19, 2016
On delusions of grandeur
Image credit: Collin Knopp-Schwyn |
This results in a distorted view of reality. What I do is always right. A more microscopic way of saying “Our Country! In her intercourse with foreign nations may she always be in the right; but right or wrong, our country!”
It is similar to tribalism on a minute scale. In the grand scheme of things, we are so inconsequential that rightness and wrongness doesn't really matter to the universe. However, it matters to us. In our context, what we do and what we think are massively important.
The first thing I need to do is be aware that this happens. Then I can acknowledge it, be on the lookout for it, and take steps to correct it.
Image credit: Collin Knopp-Schwyn from https://en.wikipedia.org/wiki/File:Grandiose_delusions_cat_lion.pdf