Stubsack: weekly thread for sneers not worth an entire post, week ending 2nd November 2025 - awful.systems
awful.systems
Want to wade into the spooky surf of the abyss? Have a sneer percolating in your system but not enough time/energy to make a whole post about it? Go forth and be mid: Welcome to the Stubsack, your first port of call for learning fresh Awful you’ll near-instantly regret. Any awful.systems sub may be subsneered in this subthread, techtakes or no. If your sneer seems higher quality than you thought, feel free to cut’n’paste it into its own post — there’s no quota for posting and the bar really isn’t that high. > The post Xitter web has spawned soo many “esoteric” right wing freaks, but there’s no appropriate sneer-space for them. I’m talking redscare-ish, reality challenged “culture critics” who write about everything but understand nothing. I’m talking about reply-guys who make the same 6 tweets about the same 3 subjects. They’re inescapable at this point, yet I don’t see them mocked (as much as they should be) > > Like, there was one dude a while back who insisted that women couldn’t be surgeons because they didn’t believe in the moon or in stars? I think each and every one of these guys is uniquely fucked up and if I can’t escape them, I would love to sneer at them. (Credit and/or blame to David Gerard for starting this. Happy Halloween, everyone!)

Want to wade into the sandy surf of the abyss? Have a sneer percolating in your system but not enough time/energy to make a whole post about it? Go forth and be mid: Welcome to the Stubsack, your first port of call for learning fresh Awful you’ll near-instantly regret.

Any awful.systems sub may be subsneered in this subthread, techtakes or no.

If your sneer seems higher quality than you thought, feel free to cut’n’paste it into its own post — there’s no quota for posting and the bar really isn’t that high.

The post Xitter web has spawned soo many “esoteric” right wing freaks, but there’s no appropriate sneer-space for them. I’m talking redscare-ish, reality challenged “culture critics” who write about everything but understand nothing. I’m talking about reply-guys who make the same 6 tweets about the same 3 subjects. They’re inescapable at this point, yet I don’t see them mocked (as much as they should be)

Like, there was one dude a while back who insisted that women couldn’t be surgeons because they didn’t believe in the moon or in stars? I think each and every one of these guys is uniquely fucked up and if I can’t escape them, I would love to sneer at them.

(Credit and/or blame to David Gerard for starting this.)

  • rook@awful.systemsEnglish
    17·
    3 days ago

    KeepassXC (my password manager of choice) are “experimenting” with ai code assistants 🫩

    https://www.reddit.com/r/KeePass/comments/1lnvw6q/comment/n0jg8ae/

    I’m a KeePassXC maintainer. The Copilot PRs are a test drive to speed up the development process. For now, it’s just a playground and most of the PRs are simple fixes for existing issues with very limited reach. None of the PRs are merged without being reviewed, tested, and, if necessary, amended by a human developer. This is how it is now and how it will continue to be should we choose to go on with this. We prefer to be transparent about the use of AI, so we chose to go the PR route. We could have also done it locally and nobody would ever know. That’s probably how most projects work these days. We might publish a blog article soon with some more details.

    The trace of petulance in the response… “we could have done it secretly, that’s how most projects do it” is not the kind of attitude I’m happy to see attached to a security critical piece of software.

      • rook@awful.systemsEnglish
        5·
        1 day ago

        Kinda, but nothing I’m entirely happy with. We use bitwarden at work, at my suggestion, but I don’t like the tools as much as I do keepassxc, and even though you can self-host the network service that stores the data, you still have to host something whereas keepassxc is standalone and you can sync the password vault over some file sharing service, or carry it on a usb stick, etc. there have been a couple of incidents whereby user license data wasn’t processed correctly and people got locked out of bitwarden vaults, which is pretty serious even if it was only temporary. That can’t happen with easily-backed-up-and-restored local databases.

        They’ve also had some “license controversies” which should also give you pause for thought if you were interested in a free and open system: https://www.techradar.com/pro/bitwarden-clarifies-open-source-commitment-amid-user-concerns

        The original keepass project is still alive, and maybe I’ll have a look at that. The current maintainer is a bit odd, and the project has had some historical security issues, but I suspect that all password managers (at least on windows) will have the exact same problems. It is unlikely to have the same range of features, but it is written in a memory safe language (C#) rather than in C++, which keepassxc uses (and I’ve never been entirely happy with).

        In short, everything is awful, and I will probably stick with xc for my own purposes for now, as there isn’t quite a replacement for me yet. I’d buy a mooltipass (https://www.mymooltipass.com/) except I’d want a backup, and that means an outlay of a good £300 which is a bit painful. And they’re often out of stock 😕

        • veganes_hack@feddit.orgEnglish
          3·
          18 hours ago

          thanks, yeah we use bitwarden at work and i really don’t like the ux. plus the simplicity of just having a file to sync is very convenient to me.

          i might try authpass soon, seems to look nice enough.

        • froztbyte@awful.systemsEnglish
          3·
          21 hours ago

          helpful post, ty - I’ve also been halfheartedly looking at bitwarden (possibly with vaultwarden server) and I haven’t pulled the trigger yet because extra yaks. so knowing some of the other happenings there… oof

          (including pulling the trigger I’d want to have it hosted on an island instead of directly exposed, which adds other requirements and steps)

          the only other option is (gnu) pass, but it sucks pretty majorly ito clients. it really isn’t a good time in password managers :|

    • BlueMonday1984@awful.systemsBannedOPEnglish
      3·
      2 days ago

      I also learned Bitwarden bought into AI reading this. They don’t appear to have let vulnerability extruders ruin their code as of this writing, but any willingness to entertain the fascism machines is enough for me to consider jumping ship.