I want this but as a Linux distribution.

RE: https://mastodon.scot/@kim_harding/116108957641748718

I want this but as a Linux distribution. I don't think I'm asking for much here. I am just asking for the "open source community" to be to the left of Goldman Sachs

@luana @mcc nothing says "super safe password manager" more than "161 files changed, 776 lines added, 541 line removed, some files are hidden from PR by default, authored by Claude Sonnet, merged with some tests failing"

@nina_kali_nina @luana @mcc Great. Password manager migration was really not what I needed on my to do list right now

One thing for sure, I’ve got a fire under my butt to get out of 1password pretty quick.

RE: https://mastodon.scot/@kim_harding/116108957641748718

I want this but as a Linux distribution. I don't think I'm asking for much here. I am just asking for the "open source community" to be to the left of Goldman Sachs

@lunarloony @luana @mcc but it's like: where to?

My understanding is that Bitwarden and KeePassXC, the two open source password managers, are *both* using random code generators at this point, which is terrifying as those are the exact tools where a small error could have the largest negative impact, and also tools that once you've committed to using it you can't quickly back out if they enter a code quality decline

https://github.com/bitwarden/clients/tree/main/.claude

@itamarst Well, there is no universe where I would consider using 1password, but I guess that's still good to know

@Lingmops @mcc I’m beginning to feel as if I’m gonna need to head back to just saving my pswds in a text file on my computer again. 🫤

My understanding is that Bitwarden and KeePassXC, the two open source password managers, are *both* using random code generators at this point, which is terrifying as those are the exact tools where a small error could have the largest negative impact, and also tools that once you've committed to using it you can't quickly back out if they enter a code quality decline

https://github.com/bitwarden/clients/tree/main/.claude

@mcc @ariadne hmmm there’s probably some really awful way to hack this into NixOS if you want to compile your whole system

@mcc KeePass 2 is clean.

@mcc Excuse an undereducated question from a long term 1password user who is going to move from it now: is the issue with “random code generators” that random passwords generated by these apps are easy to crack?

I’m looking at moving to Keepassium and as I understand it each of these apps in this family have different code to do password generating and are thus all different.

@mcc Yeah, KeePassXC going this route really hurt. I'm probably going to migrate back to a text file encrypted with gnupg for basic password management, but I have no idea what I'm going to use for one-time passcodes.

@elfin @mcc

If you're looking for an alternative to KeePassXC, GNOME Secrets is pretty much a drop-in replacement.

@mcc @itamarst I thought KeePassXC required human reviews / unit tests in order to mitigate any llm harms. Did that change?

More broadly, I don't really see how you can prove no LLMs were involved in code contributions if they are actually contributed by a human. Prove you used emacs or vi and didn't compile it ever on a cloud service? (I'm not happy about that state of affairs, mind you)

I suppose we can start adding some sort of watermark on code?

@luana@wetdry.world @mcc@mastodon.social @ariadne@social.treehouse.systems wouldn't you have to have a database of packages that don't contain LLM-written code? i don't think it's readily available

@argv_minus_one @elfin that's great, but can it interop with a phone?

@mcc @elfin

Can you be more specific? I wasn't under the impression that KeePassXC runs on phones.