I want this but as a Linux distribution.
-
@argv_minus_one @elfin I do not use keepassxc
EDIT: checking google there *is* a "Keepass2Android", one assumes forked from the original keepass
@mcc@mastodon.social @argv_minus_one@mastodon.sdf.org @elfin@mstdn.social I've been using keepass2android for a long time, and have been quite happy with it. I haven't poked deeply at it to check for LLM use, but there's nothing obvious in the contributor's graph (a single unlinked copilot commit of 1+ 1-)
-
@mcc Yeah, KeePassXC going this route really hurt. I'm probably going to migrate back to a text file encrypted with gnupg for basic password management, but I have no idea what I'm going to use for one-time passcodes.
@jcnotwit for one-time passcodes you could use this standalone desktop application: https://apps.gnome.org/Authenticator/
@mcc -
@nina_kali_nina @lunarloony @luana @mcc time to get crackin' on your escape hatch for those not already using the keypass file format: https://gitlab.gnome.org/World/secrets/-/issues/509
-
RE: https://mastodon.scot/@kim_harding/116108957641748718
I want this but as a Linux distribution. I don't think I'm asking for much here. I am just asking for the "open source community" to be to the left of Goldman Sachs
@mcc not sure if anyone mentioned a passkey. For me it's good compromise security and convince wise. My yubikey works ok with laptop and phones too.
-
RE: https://mastodon.scot/@kim_harding/116108957641748718
I want this but as a Linux distribution. I don't think I'm asking for much here. I am just asking for the "open source community" to be to the left of Goldman Sachs
@mcc@mastodon.social
I think #debian has you covered.
Didn't encounter an AI there
Edit: ooh, you meant as tool to create the system, not as part of the system....
Never mind...
-
RE: https://mastodon.scot/@kim_harding/116108957641748718
I want this but as a Linux distribution. I don't think I'm asking for much here. I am just asking for the "open source community" to be to the left of Goldman Sachs
@mcc Taking an undifferentiated position against genAI tech as whole is about the stupidest thing we - as “the left”
️ - could be doing. The same is true for software engineers btw. (1/3) -
I love object oriented C (no not C++) but it is not sustainable to use it for most tasks. I enjoy writing python code, but for simple CLI tools Claude is much faster at it than me and delivers high quality whe steered correctly. Do I have a local setup with devstral running on solar power already? No, but I certainly plan to have that in 1 year from now. (2/3)
Of course there’s way too much bullshit software being created and using genAI to do that l while consuming vast amounts of resources is a problem, but that doesn’t mean Anti-AI is a valid position. (3/3)
-
@mcc Taking an undifferentiated position against genAI tech as whole is about the stupidest thing we - as “the left”
️ - could be doing. The same is true for software engineers btw. (1/3)I love object oriented C (no not C++) but it is not sustainable to use it for most tasks. I enjoy writing python code, but for simple CLI tools Claude is much faster at it than me and delivers high quality whe steered correctly. Do I have a local setup with devstral running on solar power already? No, but I certainly plan to have that in 1 year from now. (2/3)
-
My understanding is that Bitwarden and KeePassXC, the two open source password managers, are *both* using random code generators at this point, which is terrifying as those are the exact tools where a small error could have the largest negative impact, and also tools that once you've committed to using it you can't quickly back out if they enter a code quality decline
@mcc KeepassXC as well? I have a hard time as it is to trust a password manager. It seems I have to write my own?
-
@mary yeah, but if a build and deploy means making and deploying an apk then there's some question why you're using react native at all.
i think it ought to be possible to do all this by just forking expo/expoapp and removing the arbitrary dependency on the web service.
@mcc@mastodon.social @mary@chaos.social
making and deploying an apk then there's some question why you're using react native at all.
usually those frameworks are used for cross-platform development, so you would make both an ios and android app from the same codebase
as far as i know from my vague understanding of the ecosystem, Expo is supposed to be more of a quick and dirty playground rather than something ready to ship -
@nina_kali_nina I was tempted to do Vaultwarden, but the Bitwarden clients are affected so I don't think that'd help much. Might be an okay stop-gap until I have the time to invest in it properly.
@lunarloony @nina_kali_nina what I'm using is old school, open source, self hosted and ai free: https://www.passwordstore.org/
-
RE: https://mastodon.scot/@kim_harding/116108957641748718
I want this but as a Linux distribution. I don't think I'm asking for much here. I am just asking for the "open source community" to be to the left of Goldman Sachs
-
@lunarloony @nina_kali_nina what I'm using is old school, open source, self hosted and ai free: https://www.passwordstore.org/
@lhengstmengel @lunarloony @nina_kali_nina ooh interesting, didn’t know about that, thanks
-
@mcc@mastodon.social
I think #debian has you covered.
Didn't encounter an AI there
Edit: ooh, you meant as tool to create the system, not as part of the system....
Never mind... -
RE: https://mastodon.scot/@kim_harding/116108957641748718
I want this but as a Linux distribution. I don't think I'm asking for much here. I am just asking for the "open source community" to be to the left of Goldman Sachs
-
@nina_kali_nina @luana @mcc oh for fuck's sake
-
@mcc 1Password says "We want team members at all levels to take the approach of actively learning AI best practices, identifying opportunities to apply AI in meaningful ways, and driving innovative solutions in their daily work. Embracing the future of AI isn't just encouraged at 1Password—it's an essential part of how we will be successful at 1Password."
Pretty upset about KeepassXC on a personal level.
@itamarst @mcc hopefully that includes Verification Driven Development tools
https://levon003.github.io/2026/01/07/verification-driven-development.html -
My understanding is that Bitwarden and KeePassXC, the two open source password managers, are *both* using random code generators at this point, which is terrifying as those are the exact tools where a small error could have the largest negative impact, and also tools that once you've committed to using it you can't quickly back out if they enter a code quality decline
@mcc KeePassXC has merged only a little bit of AI-assisted code, not in any critical parts. And there has been no merges of that kind of code since last November. KeePassXC is not preferred to use AI code, but they require people to let them know if they are trying to push code that includes it. It doesn't mean the code will not be reviewed before it's even accessed. Majority of the developers are NOT using AI. Read their blog post.
-
-
My understanding is that Bitwarden and KeePassXC, the two open source password managers, are *both* using random code generators at this point, which is terrifying as those are the exact tools where a small error could have the largest negative impact, and also tools that once you've committed to using it you can't quickly back out if they enter a code quality decline
@mcc Also, the main difference is that KeePassXC at least tracks the pull requests where AI-assisted code is used, and they require it. There's no way to confirm the same with Bitwarden. The pull request may or may not have been using AI. There's no clear track record how long they've been using it.
