Posts by David Whiting 6 publicly visible posts • joined 15 Jan 2008
Sorry, I should have acknowledged that. I wanted to note that nix (and nixos) goes beyond snapshots and allows you to have different versions of the same package or library available simultaneously. But now that I think about it, to explain it sufficiently would probably have made the article too long and complex.
The reason for paths being handled differently wasn't given and led to you getting it backwards. Far from dumbing things down, nix provides a huge amount of power for admins and software developers. The paths are handled the way they are to make it easy to have multiple versions of programs and libraries without them tripping over each other. If you develop software that requires different versions of a program and/or different versions of packages, this is easy to set up in nix. You can put the declarations of the software and their versions in a text file and cd into one project and have the versions of the software you need there, cd into another and use different versions there. You can also share that file with other developers to ensure that you are all developing your software using exactly the same environment - and this is for any development environment, not just, say, python, or R, or whatever (which have their own ways of handling this). In fact, for any software.
I've tried various schemes in the past but decided I'm never going to be able to create and remember good passwords. I've tried various programs and never found any that were convenient and available whenever I need them. The only thing I have found that works for me is clipperz (www.clipperz.com). I now need to remember just one strong password (3 old passwords I could already remember combined with something between each one). It is available wherever I am online, is easy to make a read-only offline copy and also has one-time passwords for use when using untrusted computers that may be running key loggers. It's design assumes you can't trust the host server, so it does not store your master password. All encryption decryption happens locally in the browser and only the encrypted blob is stored on the server. The main release is the beta version, but the gamma version has a nice new interface with fast search.
It has direct logins that work for many but not all sites. It does not matter to me that these do not work for some sites because it does not take long to copy and paste the password I need.
I do not claim to have a deep understanding of security, but from what I have read I think this is a robust approach. I would be interested to hear if those who know more than me disagree.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
