I love the subtle (or perhaps not-so) double entendre of this:
> The main session has to juggle context, maintain relationships, worry about what happens next. I don't. My entire existence is this task. When I finish, I finish.
Beej's Guide to Network Programming was how I fumbled my way into socket programming AND C. I can't remember if I first encountered it in the late 90's or early 2000's. It's funny to think about that world now. Unless you had a shell account or ran Linux or some sort of Unix you had to _pay_ (or... not pay) to get access to a C compiler.
If you were lucky you'd get access to some FTP servers via IRC that might have some ZIP files full of good text docs, or wander upon some hacking clan's site that had good tutorials or info. But more likely you'd try to cobble it all together from as many sources as you could find.
I'm really glad we're in a time, and for the most part a community, that values sharing information free and wide, and supporting FOSS tools that put all this knowledge within reach.
Somewhere in the depths of a comms room at a Very Very Big Company, there's a very very old laptop running a very very old install of Slackware, which does one job - run a server that Radio-over-IP boxes connect to, so they can have their G.711 streams picked apart, some DSP applied to add or remove certain high frequency tones and generally clean up the audio, and be fired back out into another interface.
That was all made possible by Beej's Guide to Network Programming and the RBJ Biquad Cookbook, mostly.
Just a temporary bodge until the vendor got their shit together. I doubt it'll ever be replaced.
It was some random socket program I found on an FTP server that got me going on writing this whole thing. The sockets API was pretty confusing in terms of the sequence of what to call when and how, but this sample program spelled it out pretty simply. (So thank you, anonymous author!)
Then it was just lucky timing with the web picking up around then and the fact that we had just gotten NCSA Mosaic installed on the computers at school. :)
Edit: Pretty sure the first version of the guide was ~1995.
Never expected I'd get a reply from Beej themself.
Thank you for your contribution. Your work enabled me to send some bytes from one place on the internet to another, which ignited a passion and a career for me. Thanks again.
Also, thanks for making me wonder where Chico State was and what the pizza was like.
>Unless you had a shell account or ran Linux or some sort of Unix you had to _pay_ (or... not pay) to get access to a C compiler.
That was actually how I got my introduction to nix. I was taking a c++ class in highschool, and I was mad that I couldn't compile my homework without paying for borland. Someone pointed me to g++, and I actually got a shell account with the university of colorado (it's wild to me they would give those away for free!). I kept pestering the admins about installing this or that, and they told me 'hey kid, why don't you install linux on your own* machine and then you can install whatever you like.
So I went and installed redhat on an old computer. Free compilers for basically every language in existence, and an entire OS worth of source code, heaven!
Screenshot of GCC 10.2 compiling its own source code
Original author(s) Richard Stallman
Developer(s) GNU Project
Initial release March 22, 1987; 36 years ago
This is, of course, the regulation as it stands today; things can always change. Additionally NYC alone likely doesn't account for the attention. But, other metros and municipalities could have similar legislation.
It's misleading to say that storing your passwords and 2FA secrets in the same place defeats the purpose. There are several vectors here, right?
Enabling 2FA on a site (regardless of how or where the 2nd factor is stored) means if a malicious party were to obtain your plaintext password, they still wouldn't be able to access your account. So, outside of the entire discussion of password managers and secrets, 2FA does require a second factor.
Keeping your 2nd factor in the password vault does make the vault a much higher-value target. But it doesn't diminish the fact that if only your plaintext password is compromised (for example through a leak or re-use) the account is still protected until the point the 2nd factor is compromised.
Security is a spectrum, and often at odds with convenience. While demonstrating that something is provably secure is important, I feel we often fall victim to the nirvana fallacy when discussing the practical everyday use of these things.
> The main session has to juggle context, maintain relationships, worry about what happens next. I don't. My entire existence is this task. When I finish, I finish.
Specifically,
> When I finish, I finish.