More

varjolintu · 2026-05-28T12:48:29 1779972509

Doing ukemi to save himself. This is just the first step of the practice. Uke (receiver) co-operates in a way that tori can practice the thing being taught. Only after that things start to change: uke changes something, tries to evade, resists etc. However, this phase is rarely shown in demonstrations. Even more rare if you see the step(s) after that.

varjolintu · 2026-03-02T04:05:58 1772424358

Yes. This is mandatory for all browser extensions. There's no API behind a separate permission, even if would be the best way to handle this.

varjolintu · 2026-03-02T04:04:11 1772424251

Actually, if you export your vault as JSON, the passkeys are there in plain-text.

varjolintu · 2026-02-09T19:26:49 1770665209

I'm curious to know what this "model" actually means. A real-time AI monitoring for conversations?

wormpilled · 2026-02-10T12:39:15 1770727155

This infrastructure is already implemented

https://support.discord.com/hc/en-us/articles/12926016807575...

varjolintu · 2025-10-29T06:21:11 1761718871

FYI: If you export your Bitwarden vault as plain JSON, passkeys are included in plain-text too. So, it works similar to KeePassXC.

varjolintu · 2025-09-03T03:54:18 1756871658

KeePassX is long dead, and it's not with "key" but with "kee" -> KeePassXC. Thank you :)

varjolintu · 2025-08-25T14:51:09 1756133469

ようこそ日本一のモグラえき土合へ Translates to something like: "Welcome to Doai, Japan's number one mole station (mogura-eki)".

varjolintu · on Oct 17, 2024

The worst thing about passkeys is how browser extensions must handle them: using JavaScript injections to the web page. Of course this means _any_ browser extension could do the same and be the man-in-the-middle inspecting the passkey creation and authentication. I'd be glad to have some kind of standard API behind a proper permission for handling passkeys.

taeric · on Oct 17, 2024

The only thing that they should be able to intercept there, though, would be the specific passkey for the page you are authenticating with. With the specific challenge that was included, even. Such that it is not exportable to somewhere else for them to authenticate as you.

Sure, it sucks that anything is interceptable. But this is still an improvement over the status quo.

varjolintu · on July 20, 2024

According to this list majority of the clients are out of spec: https://passkeys.dev/docs/reference/known-issues/

votepaunchy · on July 20, 2024

The list has been filtered to include only non-compliant clients:

“The following list of passkey providers have not implemented User Verification in a spec-compliant manner.”

varjolintu · on April 7, 2024

A few medical projects (one still being active). And KeePassXC.

AB1908 · on April 7, 2024

Thanks for your work! I use it everyday and recommend it to everyone who has an interest in better password management.