Stefano
3.1K posts

Stefano
@nerder_
Software Engineer, Founder & Jiu-Jitsu guy. All at once. Technical Founder @ MAAT (https://t.co/JpsdEVwIak)
London, UK Katılım Eylül 2024
715 Takip Edilen304 Takipçiler
Sabitlenmiş Tweet

why does this remind me of our team
Breaking911@Breaking911
INSANE FOOTAGE: Russian troops mounted a YakB-12.7 helicopter machine gun on a fixed stand for training, but the exercise quickly went wrong.
English

@jonathan_gortz Probably we can generalise
“Number of occurrences in which a random ancient greek letter is used to prefix the word male in any written or spoken communication.”
The lesser the better.
English

@ThePrimeagen I think this is good advise, but a tiny bit less true than it was just couple of months ago.
English

these comments really show how few people know good security practises.
luna@ImLunaHey
hot take: using .env files for secrets is wrong and we should move away from this.
English

@Poofarmer69 @ImLunaHey You haven’t answered my question and instead decided to dunk on this imaginary solution which is probably just what you think people who store secrets well are doing.
That would be better that a plain text .env, but is not it.
English

@nerder_ @ImLunaHey certainly not with encrypting them via your user account. anyone who gains access as you can do the same. ie malware in a dev package is executing as your user account, and can read your keychain just like you can, or any other decryption key.
English

@Poofarmer69 @ImLunaHey How do you guarantee me that those plain text secrets never leave your machine and are never read by anyone which is not you?
English

@ImLunaHey What is the security risk of storing dev secrets in a gitignored .env file? If you are using .env to commit secrets to your code base then you are doing it wrong
English

@ImLunaHey I’d argue this more of an example of why security is hard. The sheer fact of having a secure alternative doesn’t fix the issue, you need to change the incentives for which the unsafe solution is the worse option (ie: passkeys vs passwords)
.env will never probably be solved
English

Germany doesn’t deserve the internet.
@levelsio@levelsio
2 hours after a German signs up to your site
English

@rand_longevity This is an extremely stupid quote. For sure top 10 of the stupidest I’ve read today.
English












