satragno.bsky.social
🇨🇦 Kitchener, ON
💫 Rosalina & Luma / Palutena player
👩🏻💻 Sr. software engineer at Google
🔑 Passkeys at Chrome
🌐 https://satragno.com/blog
I go by "Erina" on steam and ssbu.
131 posts
109 followers
157 following
Regular Contributor
Active Commenter
comment in response to
post
You must be surrounded by smart kids
A passkey is a secret handshake that you have with each of your school friends before they share their Halloween candy. With passkeys, Billy the bully can't trick you to share your candy with him even if he wears a costume of your friend. Now go play outside.
comment in response to
post
www.commitstrip.com/en/2014/03/1...
comment in response to
post
Ask three people working in different companies building different products and you'll get four answers.
comment in response to
post
www.w3.org/TR/webauthn-...
"Passkeys" is a marketable term. I like to define them as discoverable credentials, like the spec says, which security keys support. Others will tell you they have to be synced to be considered passkeys, excluding yubikeys from the definition.
comment in response to
post
Hahahaha what?
Looks like it's behind a CLI flag.
*ciphertext = plaintext; never something you wanna see.
The comment at the top (only use this if you have disk encryption) hints that whoever wrote that code doesn't quite understand the threat model.
comment in response to
post
(I'm of the opinion that World runs and looks far better... and that was released 7 years ago!)
comment in response to
post
It runs (and looks) poorly on my PC, and tweaking the settings seems to only have a slight impact on the performance.
It runs just as bad (to me anyway) on my partner's PC but he doesn't think it's as big of a deal as I do, so it might just come down to player preference / tolerance.
comment in response to
post
It's mostly been meta posts recently, really.
comment in response to
post
I still have a three letter mission because I thought the idea was cool, and I've been doing snippets every week since I was an intern. They're so good for finding old artifacts to refer to, and to keep track of what's kept me busy.
comment in response to
post
Hmmmm...
comment in response to
post
We have Canadian troops there 🇨🇦
comment in response to
post
I don't think I've seen a single person do this 🤔
Kids is weird, but mostly because you're running the risk of permanently putting them in every face recognition database. Spouses... Less so, I think.
comment in response to
post
It's mostly written by and for browser engineers sadly.
Assuming you're writing something that uses webauthn, the relying party operations is probably the most interesting section. w3c.github.io/webauthn/#sc...
If something is terribly unclear, do file a bug. We take them seriously!
comment in response to
post
It's meant for you to leave permanently attached to your laptop, or at least that's how I use those.
comment in response to
post
chromedevtools.github.io/devtools-pro...
comment in response to
post
There is WebAuthn.setResponseOverrideBits but we never surfaced that on the devtools UI
comment in response to
post
Also devtools does support multiple authenticators. The error you're showing happens because you stored the passkey in one authenticator, then set a different one as active.
I do wonder if we should add an option that corrupts signatures to the virtual authenticator...
comment in response to
post
There's a few things wrong with your post off the cuff: if isuvpaa() returns false you can still use webauthn (with e.g. a phone through scanning the qr code), it just means there's no built in authenticator.
comment in response to
post
Get well soon!
comment in response to
post
comment in response to
post
I did some Reddit digging and found unironical variations of that (:
comment in response to
post
Well over twenty hours. I've been ready for a solo for a while now, although I'll have to get up to speed again since I haven't gone up in a couple months now.
comment in response to
post
I just got my medical (class 3).
Took over 9 months.
Never been happier to see a letter in the mail.
comment in response to
post
The plot was terrible and the characteristics uninteresting. There was gratuitous gore and rape which didn't serve the plot or themes. Idk man just not my thing.
comment in response to
post
What you don't like having your security critical, carefully programmed constant-time operations depend on compiler flags? :P
comment in response to
post
"Group one under attack."
"We have lost contact with group one."
How they butchered the series...
comment in response to
post
(nvm there's no DMs? You can email me at nsatragno at Gmail)
comment in response to
post
Kitchener and Waterloo are the same city. I'll dm you.
comment in response to
post
Google is hiring ux designers in Montreal & Kitchener
www.google.com/about/career...
For the Kitchener office, we have a shuttle from Toronto.
comment in response to
post
Trudeau continues to be a good leader in times of crisis.