zerosleeps

Since 2010

Reading log for 2024

The downward trend continues: I completed 19 books in 2024 and abandoned a further 3. I wasted a lot of time with two of the ones that I eventually abandoned - maybe this year I’ll try to be more assertive when it comes to aborting books that aren’t doing it for me.

Excluding those 3 my average rating was 3.4, which is pretty consistent with 2023. I did discover a new 5-starrer though.

Default apps

I stumbled upon this (via this) and thought it was an interesting excerise, so here are mine:

  • Mail Server: Fastmail
  • Mail Client: Fastmail’s web interface, believe it or not. It’s very good. Or their own iOS app for mobile.
  • Notes: Usually just Markdown files
  • To-Do: Things
  • iPhone Photo Shooting: Built-in Camera app
  • Photo Management: Apple Photos
  • Calendar: Fastmail
  • Cloud File Storage: None. It’s just not a need I have.
  • RSS: Feedbin
  • Contacts: Fastmail, with CardDAV sync to my iPhone
  • Browser: Firefox at home, usually Edge at work because of this
  • Chat: iMessage, but everyone else wants to use WhatsApp. Gross.
  • Bookmarks: Firefox
  • Read It Later: Feedbin for things found via RSS, Things for everything else
  • Word Processing: Nope
  • Spreadsheets: Excel, very rarely at work
  • Presentations: Absolutely nope
  • Shopping Lists: Things
  • Meal Planning: Nope
  • Budgeting and Personal Finance: Banktivity
  • News: Just feeds in Feedbin
  • Music: Spotify
  • Podcasts: Overcast
  • Password Management: 1Password

Special shout out to Pastebot for clipboard management, and Sublime Text for almost everything else!

Passwords have problems, but passkeys have more

David Heinemeier Hansson on hey.com.

Yeah I think he’s spot on with this. Passkeys solve a problem, but I’m not sure they solve the correct problem. The technology is bulletproof - we’ve been using public/private keys for decades - and when implemented properly is unquestionably more secure at the bits-and-bytes layer. But the problem with passwords is almost always human, and passkeys don’t really solve that.

As pointed out by John Gruber at Daring Fireball, passkeys only work if you use some kind of password manager. In my case that means I can only use passkeys when I’m using my own Mac or my own iPhone, which is a pretty big hurdle in some cases. And if you’re the kind of person who already uses a password manager then there’s a good chance that - like me - all your accounts already have long, unique, high-entropy passwords.

I suspect this explains why most services I’ve enabled passkeys for leave the traditional username/password login path enabled, meaning my accounts are still vulnerable to that kind of attack, so… what’s the point of the passkey?