flohmarkti: a specimen that is willing to install and test a pre-alpha software to run a small ad server that talks to the #fediverse via #activitypub.
Some flohmarktis are able to read #python and/or #javascript and some of those even can adjust existing code or even create new meaningful functions.
Some of them hang out on #flohmarkt* channel on #LiberaChat* where they exchange ideas, discuss code and just have a nice chat.
Most of them try already selling stuff on one of the running deployments.
All of them follow with great pleasure the fast development of #flohmarkt* towards its first release.
If a service wants you to download #GoogleAuthenticator for #Android or #iOS to activate mandatory 2nd authentication factor:
- It's the same as using
<space> nitropy nk3 secrets add-otp --protect-with-pin --touch-button --digits-str 6 --kind totp paloalto <seed>with your #Nitrokey 3 - don't forget to check the command history to delete the key from there in case the leading space of thenitropy-command didn't stop your shell from saving the command to history. - If they then show you a QR you're supposed to scan with your always online, known to be unsecure, sending everything to the cloud device there's ususally a button for
can't scanthat'll show you the seed - If #javascript on the page then makes it impossible to copy that seed at least in firefox there's
right click/inspect (q)which you can use to have a quick look at the source of the element to copy the seed from the source (think about how secure your clipboard is and whether you need to delete the seed afterwards from it. Big mess: clipboard history writing to disk possibly without full disk encryption). - Otherwise - if there's no way to get a text view of the seed - take a screenshot of the qr, save it, and use
zbarimg <screenshot-file>to get the text reading from the qr
How do I prevent commands from showing up in Bash history?
Stack Overflow