Mastodawn

RE: https://social.tchncs.de/@kuketzblog/116034644267703808

Heißer Flamewar und Hot Takes in den Kommentaren

In der Theorie sollten Passkeys so wie SSH-Keys für das Web funktionieren und schneller, bequemer und sicherer als Paßworte sein.

In der Praxis ist das alles komplett fucked, es ist unklar, was wann von wem wo gespeichert wird und wie man es wiederherstellt, und wie man es portiert, wenn man Geräte wechselt. Oder wie der Recovery-Flow aussieht und ob der sicher ist.

Ich habe daher auf allen meinen Geräten Passkeys blockiert und warte noch fünf bis zehn Jahre ab. Bis dahein Bitwarden gegen Vaultwarden und OTP. Und ich archiviere die QR-Codes zur Initialisierung der OTP-Generatoren für jede Site, sodaß ich dem Recovery-Flow der jeweiligen Sites geflissentlich fern bleiben kann – ich lerne einfach ein neues Gerät nacheinander mit den Screenshots der archivierten Codes an.

Mein Rat an jeden der mich fragt ist: Macht halt Passkeys, wenn ihr glaubt, daß ihr wisst ob und wie es funktioniert und ihr das managen könnt.

Für mich lösen sie keine Probleme und schaffen nur neue, funktionieren unzuverlässig und das Management ist unklar.

Marco Pfatschbacher Jan 27

BrianKrebs Jan 26

We knew this was coming, but now the clock is running. From Privacy International:

"Yesterday the Trump Administration announced a proposed change in policy for travellers to the U.S. It applies to the powers of data collection by the Customs and Border Police (CBP)."

"If the proposed changes are adopted after the 60-day consultation, then millions of travellers to the U.S. will be forced to use a U.S. government mobile phone app, submit their social media from the last five years and email addresses used in the last ten years, including of family members. They’re also proposing the collection of DNA."

PI linked to and summarized a Federal Register entry describing the proposed requirements:

-All visitors must submit ‘their social media from the last 5 years’

-ESTA (Electronic System for Travel Authorization) applications will include ‘high value data fields’, ‘when feasible’
‘telephone numbers used in the last five years’
-‘email addresses used in the last ten years’
-‘family number telephone numbers (sic) used in the last five years’
-biometrics – face, fingerprint, DNA, and iris
-business telephone numbers used in the last five years
-business email addresses used in the last ten years.

https://www.privacyinternational.org/news-analysis/5713/trump-administration-wants-your-dna-and-social-media

The Federal Register entry says comments are encouraged and
must be submitted (no later than February 9, 2026) to be assured of consideration.

Federal Register entry: https://www.govinfo.gov/content/pkg/FR-2025-12-10/pdf/2025-22461.pdf

Marco Pfatschbacher Sep 5, 2025

me·ta·phil, der Sep 5, 2025

Whenever you think @mozilla could not get lost any further, Hiob has got news for you:

#Firefox „now lets you access Microsoft #Copilot from the sidebar”

🤡🗑️🔥

https://www.ghacks.net/2025/09/05/firefox-nightly-now-lets-you-access-microsoft-copilot-from-the-sidebar/

#AIslop #AIcraze

Firefox Nightly now lets you access Microsoft Copilot from the sidebar - gHacks Tech News

Mozilla is testing a new feature in Firefox Nightly, which adds Microsoft Copilot to the sidebar. Cue the pitchforks! ADVERTISEMENT That gecko's up to something. Firefox already has 4 chatbots: Anthropic Claude, […]

gHacks Technology News

Marco Pfatschbacher Aug 12, 2025

Robb Knight Aug 8, 2025

"yes officer, for my models"

Marco Pfatschbacher Jul 13, 2025

Talon Jul 11, 2025

Did you know that Microsoft just turns Copilot writing assist on for webpages in Microsoft Edge?
So like, if you type in edit boxes, it just... gets sent to Microsoft? Straight up?
And this is enabled by default?
So first, what the actual hell? Second, why is nobody talking about this? How the hell is right now the first time I find out about this?

Marco Pfatschbacher Jun 27, 2025

Are you interested in working with us on network security, visibility, and automation?
Some networking and Python experience is a big plus, but not a must.
Occasional meetings in Switzerland are a necessity, but otherwise, remote work is possible.

https://www.narrowin.ch

narrowin | digital pragmatism

narrowin GmbH - network & security

Marco Pfatschbacher May 20, 2025

Foxbrush Tailwag May 19, 2025

(Netzfund, nicht von mir)

Marco Pfatschbacher May 1, 2025

bert hubert 🇺🇦🇪🇺🇺🇦May 1, 2025

I just read Microsoft's post on how much they love Europe & that they are not the same as Donald Trump. As far as I can tell there is nothing new in there, no new/useful protections, no guarantees. It rehashes already debunked things like the "Microsoft Lock Box". The story mostly serves as a reminder of how worried we should all be about basing our governments & societies on companies far away under questionable legal regimes: https://blogs.microsoft.com/on-the-issues/2025/04/30/european-digital-commitments/

Microsoft announces new European digital commitments - Microsoft On the Issues

As a multinational company, Microsoft believes in trans-Atlantic ties that promote mutual economic growth and prosperity.

Microsoft On the Issues

Marco Pfatschbacher May 1, 2025

postmarketOS (old account)Apr 30, 2025

@osuosl has been around for 22 years. They kindly host our gitlab for 6 months now, and provide important services for more than 150 other free and open source software communities such as @alpinelinux, @chimera , @debian, @fdroidorg, @gentoo, @gnome, @LineageOS, #ReplicantOS, @torproject. Now their future is in jeopardy 😢

We usually don't ask this, but please boost for reach, this is important infrastructure for so many FLOSS projects!

https://osuosl.org/blog/osl-future/

#osuosl

Data Center Migration Update and Fundraising Campaign | OSU Open Source Lab

A nonprofit organization working for the advancement of open source technologies.

Marco Pfatschbacher Apr 26, 2025

Winter Jo

❄️Apr 26, 2025

The EU is introducing an energy label for phones, together with mandatory requirements for phones sold in the EU;

- 5 years of software updates (AFTER they stop selling the device in the EU)

- providing important hardware parts (during sale and for 7 years after), including free software (if needed), to every repair shop, within 5-10 business days

- batteries have to make 800 charging cycles and still be above 80% original capacity

And on top of that, phones and tablets need this energy label (which also includes a fall damage durability and repairability score), and abide by the above requirements, from 20 June 2025.

(https://energy-efficient-products.ec.europa.eu/product-list/smartphones-and-tablets_en)

Smartphones and Tablets

Product Energy Efficiency - Smartphones and Tablets. The 2023 regulations cover smartphones, feature phones, cordless phones and slate tablets. They do not apply to tablet computers, to products with flexible main display (roll-up), and to smartphones for high security communication. Energy labelling is foreseen only for smartphones and slate tablets.

Energy Efficient Products