From their docs[0] this doesn't seem to apply if using ACME, but they don't exactly make that clear...
> By using ZeroSSL's ACME feature, you will be able to generate an unlimited amount of 90-day SSL certificates at no charge, also supporting multi-domain certificates and wildcards. Each certificate you create will be stored in your ZeroSSL account.
Yeah, they don't make it that clear, but you get basically the same functionality as with LetsEncrypt for free, including wildcard certs. You basically only need to pay for manually issued certs, or some of their other additional features.
What a brilliant piece of writing. I remember almost every single step—safe for actually getting angry emails. Maybe I ended up being the one writing them.
What a glorious time period.
Interestingly, it would’ve been impossible to share this writing with as many people as the author did by publishing it on mastodon and then it ended up on HN in 1998. The network effects are real.
I travel a lot. By train, plane, and car. I also use passkeys when possible. I have multiple Yubikeys, stored in different locations. I also have a password manager, where I typically keep track of which logins aren’t yet backed up across physical tokens.
It takes a bit of effort, but it’s not impossible.
Yes, it means that in the event of catastrophic failure I might not be able to log in to some services until I get to one of the backups. I haven’t been able to imagine a scenario where that would be truly problematic.
>Yes, it means that in the event of catastrophic failure I might not be able to log in to some services until I get to one of the backups. I haven’t been able to imagine a scenario where that would be truly problematic.
No need to imagine!
Remove all passkeys from your phone and laptop, then go somewhere overseas without any of those Yubikeys.
Have fun enjoy a "not truly problematic" scenario of getting your Yibikeys from "multiple locations" you don't have access to, while being cut off from your messengers, email, bank account, etc.
Bonus points for having your card locked or stolen at the same time.
Or, imagine the backpack with your passkeys devices being stolen on an overseas trip.
I don't have any passkeys on my phone or laptop. They're all on the Yubikeys.
I don't really see a difference with (some) password managers, though. If you use one of the keepasses, and you lose access to the file, you're in the same situation right?
And yeah, you're right, there is a risk of inconvenience. I'm not debating that. I just choose to organise my life in such a way that it is just an inconvenience.
It's literally at https://github.com/Joker-vD/keepassdb/raw/refs/heads/master/... in my case, plus a couple of other free hosting sites that support easy updates/reuploads, so losing access to it requires losing access to Internet — in which case you don't really need any (alright, most) of your passwords because you need Internet to connect to the services that require those passwords.
OK, fair, I never left my keepass file exposed like that when I used keepass.
If I remember correctly, 1Password still requires a "vault key" in addition to your username and password, and it was definitely too long and not used often enough for me to remember.
I didn’t look at the account or provenance, but I’m more wondering about the actual content.
“I was in Europe” -> where? Why would the car be configured in English? I’ve rented cars in Spain, Germany, Denmark and France, and they were all in the country’s language.
“6 lane highway” -> again, where? Or is it meant 3 lanes per side? Because 6 lanes on each side are few and far between in Europe.
My car will get pissy when it’s in semi-self-driving and it can’t detect my hands on the steering wheel. It will start beeping and stuff for a very long time before slowing down and eventually stopping.
I’m also a bit surprised about the statement she couldn’t figure out what was wrong. Do people _not_ look at their dashboard when the car makes a noise to get their attention?
It’s also odd that she didn’t mention the actual car brand and model. This is 100% something that needs to be investigated and checked, and name and shame is the correct approach.
I doubt I see what this has to do with government tracking; it’s about making sure people don’t doze off. I don’t believe there’s any facial recognition involved.
I’m not quite at the point where I want to quit, but some people have turned off their brain, and it frustrates me.
They don’t think critically, let the LLM add random stuff, and then let the LLM argue for them on GitHub. When I talk to the human they have no idea. But 60s later they post a 3 page essay explaining they remembered and why x or y.
The thing is, I can tell why the LLM threw it in. It picked up on a side discussion in the comments, but we agreed in person to do something else in a different PR. Now all of a sudden it added a whole bunch of stuff unrelated to this PR.
My team at work uses Mise for nearly all repos, regardless of stack (Python backends, React frontings, data science repos). I typically prefer to use Make for this kind of stuff, but they were already using Mise when I joined.
It’s been a fairly pleasant experience overall. I think sometimes it tries to do too much, but it works okay-ish.
The only thing I would recommend to stay away from is the encrypted secrets stuff. That’s way too much of a foot gun.
That’s a pretty steep increase. I would almost be more interested in a monthly fee per cert.
reply