Provide a TPM encrypted credential (made by systemd-cred) and it will be decrypted and placed in a memory backed file within a private namespace mount.
Anecdote: Firefox (124) has become unusable for me on Arch Linux. Highly resource intensive applications (particularly including video streaming, even worse with camera / webrtc) consume way more CPU resources to the point of my laptop lagging out.
I don't remember the exact versions, but I upgraded to 124 earlier this month. Brave works great for video streaming, but breaks applications I use. Firefox development (125) also breaks some applications I use, and has the same performance issues as regular firefox.
The fan on my laptop has been broken for most of this year (replaced due to first fan making noise, but havent had time to figure out why the replacement stopped working). I have been running with all high performance CPU features disabled in the BIOS for years with the purpose of not using the fan anyways, and it has been working great with 1 or 2 intensive applications max running in firefox (and as much other low intensity stuff that basically doesn't consume much resource such as another browser - chromium, vscode, my development environment including a vm).
I don't currently really have any conclusive idea about what's going on. I will have to start using my desktop, fixing issues with my laptop, and do some more testing out of my workloads. Overall I'm just getting the feeling that something is horribly wrong with Firefox.
That's probably a good note though. If you're a FF user these gains probably won't be noticed because your window shifts to keep up (just like it is hard to see improvements in yourself because day to day gains might be small but add up over time). But if you aren't a FF user, this is quite the speedup and might be enticing enough to get you to try it again. Because there's still a general belief that FF is slow.
I had posted my app on Betalist about a week ago and received a vulnerability report about incorrectly configured DMARC from a security researcher. I made the fix but wasn't confident about it. Shortly after, I received a couple more similar emails.
With this tool, my first check failed, citing an invalid SPF record. (I had an extra `.` at the end of my TXT record). Now, the check shows all passing.
I hope all is good now (emails are wild).
From my limited understanding:
SPF <- Should this server be sending emails for this domain?
DKIM <- Was this email tampered with?
DMARC <- What should I, as a recipient, do if SPF or DKIM fails?
There are two factors to consider here, and those are "Will it work?" and "Will the UX be good?".
Will it work?
What we need to look for here is support for Webauthn, we can see here that all of the popular browsers support Webauthn - https://caniuse.com/?search=webauthn across desktop, iOS and Android, covering ~96% of all users.
Will the UX be good?
This is where we start to look at support for things like biometrics and generally, we'd prefer that user's passkeys are secured on their devices using biometrics rather than a PIN. In this area, the support is good across modern mobile devices (fingerprint and/or face id) and many newer desktop devices (e.g touchid). Probably the most obvious limitation here is a desktop device with no support for biometrics, however, Webauthn has a neat solution here where a user can link up this device with their smartphone using either bluetooth or by scanning a QR code - this then allows the user to login using a desktop device with a passkey secured on their mobile device.
Most of the popular password managers now also support passkeys, so that's another workaround that works well in many cases.
I built a sort of meta webapp for online collaboration. Began as a side project to mess around with WebRTC and browser apis. Now, I’ve got something like Zoom but with tools like terminal sharing, a whiteboard, and even GPT inside (everything e2ee).
Now it's my playground for new technologies and ideas.
Reminds me a bit of what I once made: doodledocs. It's offline, but the idea was to built a collaborative space for styluses that were pressure sensitive. I was also using the idea of the web as "remixable" and more as a document. Annotating the web with a stylus :)
It was a show HN at one point but it never really got traction.
For a tool that combines both, meetings like zoom and embedded Excalidraw, check out https://oorja.io ; You create a room, click on "+" button inside to add Excalidraw.
I'm trying to make it convenient to share/stream terminals online; view-only or collaboration-enabled, take your pick.
Show off your vim-skills, help a colleague, teach, or troubleshoot.
Participants can have multiple terminal streams in the private room - comes with chat, notes and end-to-end encrypted voice (this is a privacy-focussed tool, no content data from your session is stored on any server).
My wants:
- Secrets not visible by inspecting process env vars (/proc/PID/environ).
- No secrets on disk (encrypted is fine).