I'm attempting to convert a small Python-2 script to Python-3. Google appears to think that the best approach is something called 2to3, but I can't get it to work. I'm far from being a Python expert, but am at least using a virtual environment:
poc@Bree:~$ cd venv poc@Bree:~/venv$ source bin/activate (venv) poc@Bree:~/venv$ type 2to3 2to3 is /home/poc/venv/bin/2to3 (venv) poc@Bree:~/venv$ 2to3 Traceback (most recent call last): File "/home/poc/venv/bin/2to3", line 5, in <module> from cmd_2to3.__main__ import main File "/home/poc/venv/lib64/python3.13/site-packages/cmd_2to3/__main__.py", line 2, in <module> from lib2to3.main import main as l2to3_main ModuleNotFoundError: No module named 'lib2to3' (venv) poc@Bree:~/venv$ pip install lib2to3 ERROR: Could not find a version that satisfies the requirement lib2to3 (from versions: none) ERROR: No matching distribution found for lib2to3
Any thoughts? I find the online documentation on 2to3 (such as it is) remarkably obtuse.
poc
On Tue, 19 Nov 2024 at 13:45, Patrick O'Callaghan pocallaghan@gmail.com wrote:
I'm attempting to convert a small Python-2 script to Python-3. Google appears to think that the best approach is something called 2to3, but I can't get it to work. I'm far from being a Python expert, but am at least using a virtual environment:
poc@Bree:~$ cd venv poc@Bree:~/venv$ source bin/activate (venv) poc@Bree:~/venv$ type 2to3 2to3 is /home/poc/venv/bin/2to3 (venv) poc@Bree:~/venv$ 2to3 Traceback (most recent call last): File "/home/poc/venv/bin/2to3", line 5, in <module> from cmd_2to3.__main__ import main File "/home/poc/venv/lib64/python3.13/site-packages/cmd_2to3/__main__.py", line 2, in <module> from lib2to3.main import main as l2to3_main ModuleNotFoundError: No module named 'lib2to3' (venv) poc@Bree:~/venv$ pip install lib2to3 ERROR: Could not find a version that satisfies the requirement lib2to3 (from versions: none) ERROR: No matching distribution found for lib2to3
I've never used 2to3 but the pip library is called '2to3' not lib2to3, although some Stack Overflow posts[1] do suggest that the packaged version is sometimes called python3-lib2to3?
wmcdonald@fedora ~ → poetry search 2to3 | head
2to3 (1.0) Adds the 2to3 command directly to entry_points.
wmcdonald@fedora ~ → mkdir -p ~/scratch/python/migrate wmcdonald@fedora ~ → cd $_ 13:54:42 wmcdonald@fedora migrate → python -m venv .migrate wmcdonald@fedora migrate → . .migrate/bin/activate (.migrate) wmcdonald@fedora migrate → pip list Package Version ------- ------- pip 23.3.2
(.migrate) wmcdonald@fedora migrate → pip install 2to3 Collecting 2to3 Downloading 2to3-1.0-py3-none-any.whl.metadata (225 bytes) Downloading 2to3-1.0-py3-none-any.whl (1.7 kB) Installing collected packages: 2to3 Successfully installed 2to3-1.0
13:56:08 (.migrate) wmcdonald@fedora migrate → python Python 3.12.7 (main, Oct 1 2024, 00:00:00) [GCC 14.2.1 20240912 (Red Hat 14.2.1-3)] on linux Type "help", "copyright", "credits" or "license" for more information.
import 2to3
File "<stdin>", line 1 import 2to3 ^ SyntaxError: invalid decimal literal
import lib2to3
<stdin>:1: DeprecationWarning: lib2to3 package is deprecated and may not be able to parse Python 3.10+
dir(lib2to3)
['__builtins__', '__cached__', '__doc__', '__file__', '__loader__', '__name__', '__package__', '__path__', '__spec__', 'warnings']
[1] https://stackoverflow.com/questions/20458011/how-to-use-2to3-properly-for-py...
On Tue, 19 Nov 2024 at 14:00, Will McDonald wmcdonald@gmail.com wrote:
On Tue, 19 Nov 2024 at 13:45, Patrick O'Callaghan pocallaghan@gmail.com wrote:
I'm attempting to convert a small Python-2 script to Python-3.
By the way, is this script something you can stick in a pastebin/gist or similar and share?
If it's genuinely small, it might be trivial to rewrite?
On Tue, 2024-11-19 at 14:01 +0000, Will McDonald wrote:
On Tue, 19 Nov 2024 at 14:00, Will McDonald wmcdonald@gmail.com wrote:
On Tue, 19 Nov 2024 at 13:45, Patrick O'Callaghan pocallaghan@gmail.com wrote:
I'm attempting to convert a small Python-2 script to Python-3.
By the way, is this script something you can stick in a pastebin/gist or similar and share?
If it's genuinely small, it might be trivial to rewrite?
You can find the script at:
https://github.com/zepalmer/script-vdr
It's quite old but I found it useful with X11. I'm interested in trying it under Wayland as a workaround for the broken session restore in Plasma. Hopefully it will work with XWayland.
poc
Patrick O'Callaghan wrote:
On Tue, 2024-11-19 at 14:01 +0000, Will McDonald wrote:
On Tue, 19 Nov 2024 at 14:00, Will McDonald wmcdonald@gmail.com wrote:
On Tue, 19 Nov 2024 at 13:45, Patrick O'Callaghan pocallaghan@gmail.com wrote:
I'm attempting to convert a small Python-2 script to Python-3.
By the way, is this script something you can stick in a pastebin/gist or similar and share?
If it's genuinely small, it might be trivial to rewrite?
You can find the script at:
https://github.com/zepalmer/script-vdr
It's quite old but I found it useful with X11. I'm interested in trying it under Wayland as a workaround for the broken session restore in Plasma. Hopefully it will work with XWayland.
A quick git clone and run of `2to3-3.12 -w vdr` made only 3 minor changes, after which `./vdr --help` ran without error. That's not a great test, but it does mean python3 can parse the script okay. There might be other issues to work out to run it for real, but it's short enough that it should be relatively easy to do, if you're mildly familiar with python (or programming lanugages in general).
$ git diff diff --git a/vdr b/vdr index dd4c2c8..9763b9a 100755 --- a/vdr +++ b/vdr @@ -43,7 +43,7 @@ def parse_args(): display_help_and_exit("Only one of --load or --save may be specified.")
if not os.path.exists("/proc/%d" % args.pid): - print("Invalid PID: %d" % args.pid) + print(("Invalid PID: %d" % args.pid)) sys.exit(2)
name = args.name if args.name else os.path.realpath("/proc/%d/exe" % args.pid) @@ -109,7 +109,7 @@ def save_action(pid, name): application_data = load_data() new_windows_for_pid = get_window_data(pid) windows_for_pid = application_data.get(name, {}) - for value in new_windows_for_pid.values(): + for value in list(new_windows_for_pid.values()): del value["window_id"] windows_for_pid.update(new_windows_for_pid) application_data[name] = windows_for_pid @@ -122,7 +122,7 @@ def load_action(pid, name): application_data = load_data() windows_for_pid = get_window_data(pid) window_data = application_data.get(name, {}) - for window_title in windows_for_pid.keys(): + for window_title in list(windows_for_pid.keys()): try: desktop_id = window_data[window_title]["desktop"] except KeyError:
On Tue, 2024-11-19 at 12:19 -0500, Todd Zullinger wrote:
You can find the script at:
https://github.com/zepalmer/script-vdr
It's quite old but I found it useful with X11. I'm interested in trying it under Wayland as a workaround for the broken session restore in Plasma. Hopefully it will work with XWayland.
A quick git clone and run of `2to3-3.12 -w vdr` made only 3 minor changes, after which `./vdr --help` ran without error. That's not a great test, but it does mean python3 can parse the script okay. There might be other issues to work out to run it for real, but it's short enough that it should be relatively easy to do, if you're mildly familiar with python (or programming lanugages in general).
The script is now running. As you say, the mods were fairly trivial. It only remains to see if I can make use of it.
poc
On Tue, Nov 19, 2024 at 11:57 AM Patrick O'Callaghan pocallaghan@gmail.com wrote:
If it's genuinely small, it might be trivial to rewrite?
You can find the script at:
On line 88 put "r" in front of "'\s" -> "r'\s".
That will at least get it as far as showing the help message.
On Tue, Nov 19, 2024 at 12:43 PM Go Canes letsgonhlcanes0@gmail.com wrote:
On Tue, Nov 19, 2024 at 11:57 AM Patrick O'Callaghan pocallaghan@gmail.com wrote:
If it's genuinely small, it might be trivial to rewrite?
You can find the script at:
*** vdr.og 2024-11-19 12:39:44.413184228 -0500 --- vdr 2024-11-19 12:59:08.937069435 -0500 *************** *** 77,78 **** --- 77,79 ---- p = subprocess.Popen(["wmctrl","-G","-l","-p"], + text=True, stdin=None,stdout=subprocess.PIPE, *************** *** 87,89 **** if not line: continue ! cols = re.split('\s+', line, maxsplit=8) window_id = cols[0] --- 88,90 ---- if not line: continue ! cols = re.split(r'\s+', line, maxsplit=8) window_id = cols[0] *************** *** 91,93 **** window_pid = int(cols[2]) ! title = cols[8].decode('utf-8') if window_pid != pid: --- 92,94 ---- window_pid = int(cols[2]) ! title = cols[8] if window_pid != pid:
The above changes will allow --save to run without error.
On Tue, Nov 19, 2024 at 11:57 AM Patrick O'Callaghan pocallaghan@gmail.com wrote:
You can find the script at:
https://github.com/zepalmer/script-vdr
It's quite old but I found it useful with X11. I'm interested in trying it under Wayland as a workaround for the broken session restore in Plasma. Hopefully it will work with XWayland.
The python script is a wrapper for wmctrl commands. Unless wmctrl works with Wayland, it won't help. My personal experience with such things is that you should not get your hopes up, at least not until/unless the Wayland compositor for your desktop implements an "extension" to allow controlling windows in a manner similar to X11. Issues like this are why - for me - Wayland is not fit-for-purpose.
On Tue, 2024-11-19 at 12:50 -0500, Go Canes wrote:
On Tue, Nov 19, 2024 at 11:57 AM Patrick O'Callaghan pocallaghan@gmail.com wrote:
You can find the script at:
https://github.com/zepalmer/script-vdr
It's quite old but I found it useful with X11. I'm interested in trying it under Wayland as a workaround for the broken session restore in Plasma. Hopefully it will work with XWayland.
The python script is a wrapper for wmctrl commands. Unless wmctrl works with Wayland, it won't help. My personal experience with such things is that you should not get your hopes up, at least not until/unless the Wayland compositor for your desktop implements an "extension" to allow controlling windows in a manner similar to X11. Issues like this are why - for me - Wayland is not fit-for-purpose.
I've already tried a brief test of wmctrl and it does appear to work woth XWayland. I'll need to do more tests of course.
poc
On Tue, Nov 19, 2024 at 8:45 AM Patrick O'Callaghan pocallaghan@gmail.com wrote:
I'm attempting to convert a small Python-2 script to Python-3.
How small? It might be easy to do by-hand. I.e., if it is aborting on things like "print 'something'", that just needs to be changed to "print('something')"
Go Canes wrote:
On Tue, Nov 19, 2024 at 8:45 AM Patrick O'Callaghan pocallaghan@gmail.com wrote:
I'm attempting to convert a small Python-2 script to Python-3.
How small? It might be easy to do by-hand. I.e., if it is aborting on things like "print 'something'", that just needs to be changed to "print('something')"
Indeed, manual conversion may be trivial.
Additionally, you can install python3.12-devel to get 2to3-3.12 rather than risk fouling up your system with pip install¹.
Then you can run it as `2to3-3.12 -w /path/to//script.py` and it should fix many of the issues -- but not necessarily all of them. It makes a backup of the files it modifies, by default. For basic usage, `2to3-3.12 --help` is useful.
The 2to3 tool and library were removed in python 3.13, after being deprecated since python 3.11.
¹ I'm sure many people swear by pip, but I think it's barely better than running `curl ... | bash` to install things, which I consider to be a bad practice.
On Tue, Nov 19, 2024 at 10:16 AM Todd Zullinger tmz@pobox.com wrote:
Go Canes wrote:
On Tue, Nov 19, 2024 at 8:45 AM Patrick O'Callaghan pocallaghan@gmail.com wrote:
I'm attempting to convert a small Python-2 script to Python-3.
How small? It might be easy to do by-hand. I.e., if it is aborting on things like "print 'something'", that just needs to be changed to "print('something')"
Indeed, manual conversion may be trivial.
Additionally, you can install python3.12-devel to get 2to3-3.12 rather than risk fouling up your system with pip install¹.
++
Then you can run it as `2to3-3.12 -w /path/to//script.py` and it should fix many of the issues -- but not necessarily all of them. It makes a backup of the files it modifies, by default. For basic usage, `2to3-3.12 --help` is useful.
Also see https://docs.python.org/3.12/library/2to3.html.
The 2to3 tool and library were removed in python 3.13, after being deprecated since python 3.11.
I thought all those 2to3 conversions happened like 10 or 15 years ago :)
¹ I'm sure many people swear by pip, but I think it's barely better than running `curl ... | bash` to install things, which I consider to be a bad practice.
cURL never broke a system of mine, unlike pip... pip is banned from my networks. It stands proudly in distinction, like the junk software from Adobe.
Jeff
Jeffrey Walton wrote:
On Tue, Nov 19, 2024 at 10:16 AM Todd Zullinger tmz@pobox.com wrote:
¹ I'm sure many people swear by pip, but I think it's barely better than running `curl ... | bash` to install things, which I consider to be a bad practice.
cURL never broke a system of mine, unlike pip... pip is banned from my networks. It stands proudly in distinction, like the junk software from Adobe.
Heh. Just so the archives don't look like I'm saying a bad word about curl, I should clarify that curl is fantastic, as a tool and an upstream project.
It's the hideous random scripts (usually shell) which other projects expect folks to download and feed directly to bash (or even sudo bash) that I thoroughly despise. :)
Le mar. 19 nov. 2024, 16:16, Todd Zullinger tmz@pobox.com a écrit :
[...]
¹ I'm sure many people swear by pip, but I think it's barely better than running `curl ... | bash` to install things, which I consider to be a bad practice.
I agree, but is there a better way when something is not packaged for Fedora (other than packaging it, and all its dependencies for Fedora)? Maybe a script that would check which dependencies of a random Python package are dnf installable would help to some extent; then one could use --system-site-packages when creating a virtual environment in which pip is used to minimize the number of pip installations. Of course, one can do this by hand, too.
Andras Simon wrote:
Le mar. 19 nov. 2024, 16:16, Todd Zullinger tmz@pobox.com a écrit :
[...]
¹ I'm sure many people swear by pip, but I think it's barely better than running `curl ... | bash` to install things, which I consider to be a bad practice.
I agree, but is there a better way when something is not packaged for Fedora (other than packaging it, and all its dependencies for Fedora)?
Short of packaging things, running it in a container is a mild improvement. It's still a hideous thing to do and if you're going to run the software more than once or twice, packaging it properly is worth the effort. But for a quick one-off, I could stomach running pip inside a container.
My bias comes from looking at things as a sysadmin rather than a developer. So I place more importance on having a solid, auditable, reproducible system than on getting library X, Y, and Z installed quickly so I can prototype some new feature for a product manager.
I'm the one who will be paged late at night if things break, so I do everything I can to block folks from using quick and dirty methods to push code to systems I must then maintain.
I also think the security of pip (or any of the other language-specific install tools) leaves a lot to be desired, compared to installations from a trusted distro repository where things are signed and build logs are available. Short of directly auditing and building all code yourself, the distro repos are so much better than pip install will ever be.
Maybe a script that would check which dependencies of a random Python package are dnf installable would help to some extent; then one could use --system-site-packages when creating a virtual environment in which pip is used to minimize the number of pip installations. Of course, one can do this by hand, too.
I _think_ that pip from Fedora may do this already (though it might only pick up dependency which are already installed at the system level)?
I'm not sure and have never looked into it, because I start from the premise that if it's worth installing on my system, it's going to have to be packaged properly (as an rpm or deb or whatever system I'm using).
On Tue, 19 Nov 2024 12:12:46 -0500 "Todd Zullinger" tmz@pobox.com wrote:
Andras Simon wrote:
Le mar. 19 nov. 2024, 16:16, Todd Zullinger tmz@pobox.com a écrit :
[...]
¹ I'm sure many people swear by pip, but I think it's barely better than running `curl ... | bash` to install things, which I consider to be a bad practice.
I agree, but is there a better way when something is not packaged for Fedora (other than packaging it, and all its dependencies for Fedora)?
Short of packaging things, running it in a container is a mild improvement. It's still a hideous thing to do and if you're going to run the software more than once or twice, packaging it properly is worth the effort. But for a quick one-off, I could stomach running pip inside a container.
My bias comes from looking at things as a sysadmin rather than a developer. So I place more importance on having a solid, auditable, reproducible system than on getting library X, Y, and Z installed quickly so I can prototype some new feature for a product manager.
I am a retired Sysadmin who fully understands all the frustrations brought about by the SW installation without real control. Although only for my system, I regularly build a SW package (RPM) for SW, which is not in distribution. Which is actually quite easy. So I always have a clean system and can be very easy to update or delete. However, this is less and less necessary as more SW is available.
BR
On Tue, 19 Nov 2024, Bob Mar?an via users wrote:
I am a retired Sysadmin who fully understands all the frustrations brought about by the SW installation without real control. Although only for my system, I regularly build a SW package (RPM) for SW, which is not in distribution. Which is actually quite easy. So I always have a clean system and can be very easy to update or delete. However, this is less and less necessary as more SW is available.
My guess is that it's only easy after you have done it a few times. I have experience with being told things are easy. One time a linux guru told me something was easy and then proceeded to do it for me. It took him several hours.
On Wed, 20 Nov 2024 10:48:24 -0600 "Michael Hennebry" hennebry@web.cs.ndsu.nodak.edu wrote:
On Tue, 19 Nov 2024, Bob Mar?an via users wrote:
I am a retired Sysadmin who fully understands all the frustrations brought about by the SW installation without real control. Although only for my system, I regularly build a SW package (RPM) for SW, which is not in distribution. Which is actually quite easy. So I always have a clean system and can be very easy to update or delete. However, this is less and less necessary as more SW is available.
My guess is that it's only easy after you have done it a few times. I have experience with being told things are easy. One time a linux guru told me something was easy and then proceeded to do it for me. It took him several hours.
Yes, sometimes it can take several hours. But it still pays off compared to simple "make install" into /usr/local or even worse into /usr. BR
On Wed, 20 Nov 2024, Bob Mar?an wrote:
On Wed, 20 Nov 2024 10:48:24 -0600 "Michael Hennebry" hennebry@web.cs.ndsu.nodak.edu wrote:
On Tue, 19 Nov 2024, Bob Mar?an via users wrote:
I am a retired Sysadmin who fully understands all the frustrations brought about by the SW installation without real control. Although only for my system, I regularly build a SW package (RPM) for SW, which is not in distribution. Which is actually quite easy. So I always have a clean system and can be very easy to update or delete. However, this is less and less necessary as more SW is available.
My guess is that it's only easy after you have done it a few times. I have experience with being told things are easy. One time a linux guru told me something was easy and then proceeded to do it for me. It took him several hours.
Yes, sometimes it can take several hours. But it still pays off compared to simple "make install" into /usr/local or even worse into /usr.
I should have been more clear: The several hours was a lot more than the several minutes he was expecting.
On Wed, 2024-11-20 at 19:52 -0600, Michael Hennebry wrote:
I should have been more clear: The several hours was a lot more than the several minutes he was expecting.
I get that whenever I'm fixing something for someone, even though it's nothing like that level (reprogramming) of repair.
Person comes along with my THIS won't do THAT. You spend some time diagnosing, then downloading a few months worth of updates that they never did (which is always a slow thing, no matter how fast your internet is). Reboot. More downloads... Reboot. It's often all that was needed doing. It's regularly 1-2 hours.
Worse was with Windows. You'd have to research how to un-install half a dozen browser add-ons that are designed not to be removed, that were included with some free software. Never mind trojans, I think softwere as in werewolf describes them.
Now I get asked to un-munge people's mobile phones (which always feel like they've been dipped in sewage). Do you use THIS odd looking app? No, I don't know what it's for, better leave it on... Argh!
On Thu, 21 Nov 2024, Tim via users wrote:
Person comes along with my THIS won't do THAT. You spend some time diagnosing, then downloading a few months worth of updates that they never did (which is always a slow thing, no matter how fast your internet is). Reboot. More downloads... Reboot. It's often all that was needed doing. It's regularly 1-2 hours.
Just out of curiosity, how often did you discover that the THIS was not supposed to do THAT?
Tim:
Person comes along with my THIS won't do THAT. You spend some time diagnosing, then downloading a few months worth of updates that they never did (which is always a slow thing, no matter how fast your internet is). Reboot. More downloads... Reboot. It's often all that was needed doing. It's regularly 1-2 hours.
Michael Hennebry:
Just out of curiosity, how often did you discover that the THIS was not supposed to do THAT?
With hardware, a lot. I know someone who continually buys things without any sanity checking. He thinks it looks like it might do what he wants, but finds out can't actually connect with the other things he wants it to. Occasionally it's just that he's not doing it right, but it's nearly always a "what made you think it could do THAT?"
With software, I've just about always dealt with the "THIS did THAT for the last several months, now it doesn't" and there's often been some security update that fixed the other half of what they're working with. Occasionally it's been a new procedure, but it's nearly always just doing the software updates that they never do.
I do understand the "don't update" mentality. More by luck than expertise they've gotten something to work, and they don't want to risk changing anything. But the decision gets taken away from them when they're interacting with other things over the net.
Next biggest issue is logons. Which password for which service? No, don't use the same one everywhere. You've suffered the consequences of doing that before, why haven't you learnt? Choose something that you can actually type correct, but nobody else will guess. Don't give XYZ your Gmail password when it asks you to log-on with an email address and password. Argh.....
On Fri, 2024-11-22 at 19:12 +1030, Tim via users wrote:
Don't give XYZ your Gmail password when it asks you to log-on with an email address and password. Argh.....
Very easy to misunderstand. The site should be clear that they want *their* password, not your Gmail (or MS, or Facebook, or Apple, ...) password. Unfortunately, almost none of them explain that properly.
poc
Tim:
Don't give XYZ your Gmail password when it asks you to log-on with an email address and password. Argh.....
Patrick O'Callaghan:
Very easy to misunderstand. The site should be clear that they want *their* password, not your Gmail (or MS, or Facebook, or Apple, ...) password. Unfortunately, almost none of them explain that properly.
There's a mix of crapily done websites that do that, which will probably get hacked and your credentials stolen, and sites which deliberately set out to capture them.
Whenever I hear about friend's having their Facebook account taken over (and I do mean actually taken over, rather than the clones), I make three assumptions which are probably *all* correct:
They've logged into something else using their Facebook credentials. They use the same credentials in multiple places. They have a really dumb password.
People may think "so what, it's only Facebook" (or whatever else), but it can do you harm. They can commit fraud, or worse, in your name.
On Fri, Nov 22, 2024 at 11:53 PM Tim via users users@lists.fedoraproject.org wrote:
Tim:
Don't give XYZ your Gmail password when it asks you to log-on with an email address and password. Argh.....
Patrick O'Callaghan:
Very easy to misunderstand. The site should be clear that they want *their* password, not your Gmail (or MS, or Facebook, or Apple, ...) password. Unfortunately, almost none of them explain that properly.
There's a mix of crapily done websites that do that, which will probably get hacked and your credentials stolen, and sites which deliberately set out to capture them.
Whenever I hear about friend's having their Facebook account taken over (and I do mean actually taken over, rather than the clones), I make three assumptions which are probably *all* correct:
They've logged into something else using their Facebook credentials. They use the same credentials in multiple places. They have a really dumb password.
People may think "so what, it's only Facebook" (or whatever else), but it can do you harm. They can commit fraud, or worse, in your name.
Folks should be using YubiKeys or other FIDO compliant gadgets nowadays. They provide the following security properties:
* high entropy * phishing resistant * replay resistant
Each origin (domain) uses a different authenticator, so cross-origin attacks (like reusing passwords) is difficult.
If someone is willing to buy a $1000 phone and pay $75 a month for service, they should be able to afford a $50 YubiKey.
It looks like Facebook supports them: https://www.yubico.com/works-with-yubikey/catalog/facebook/.
Jeff
On Sat, 2024-11-23 at 01:39 -0500, Jeffrey Walton wrote:
Folks should be using YubiKeys or other FIDO compliant gadgets nowadays. They provide the following security properties:
- high entropy
- phishing resistant
- replay resistant
Each origin (domain) uses a different authenticator, so cross-origin attacks (like reusing passwords) is difficult.
If someone is willing to buy a $1000 phone and pay $75 a month for service, they should be able to afford a $50 YubiKey.
I have a few concerns with an extra gadget.
There's the obvious: Being widely supported, or you have to have a plethora of different key gadgets for all your services, and continuing support for the thing.
My bank and phone service provider had (different) ones with rolling code numbers that you were supposed to type in. It could be a pain if the login process (load page, type in details, etc), took too long. It was certainly a pain if the thing didn't work (flat batteries, dead buttons), or you didn't have it on you. And the dopiness of having a verification app on the same device as you're using.
The fall back was either an old-fashioned login with username and password, taking you back to square one with bad security. Or, you had to phone their telephone support for a reset, which they were all too easily convinced to do with minimum verification. In fact, that's one of the banking hacks, the thief getting the bank to do a reset.
And then there's the gadget that you plug in, or otherwise connect. There's going to be limitations to how you can connect to your thing without WiFi, without USB sockets. And do you really want to connect it to someone else's device if you had to authenticate? Your work PC, for instance? Or does your work want you to connect their device to your home PC?
Good security is always a pain, and often incompatible with technically illiterate people.
In a lot of ways I wish things could intelligently recognise me, as me, and I am the authentication. But they don't really have an person is doing it under-duress detection. Fingerprint scanners are easily fooled, and easily fail on people who do rough work with their hands. They've discovered retina scans can scan you at a distance without you knowing, so someone's is going to be able to do replay hack with that data. And if someone can somehow clone whatever bio data you're using, you can't change your bio data.
On Fri, 22 Nov 2024, Tim via users wrote:
I do understand the "don't update" mentality. More by luck than expertise they've gotten something to work, and they don't want to risk changing anything. But the decision gets taken away from them when they're interacting with other things over the net.
A business I worked for tried that. Three cloned laptops that were not updated. It almost worked. On of the compilers was leased. The leases were tied to mac addresses.
If I get sufficient need for a stable system, I'll install it to an SD card or possibly a DVD. Connecting it to the internet might not be a good idea.
Next biggest issue is logons. Which password for which service? No, don't use the same one everywhere. You've suffered the consequences of doing that before, why haven't you learnt? Choose something that you can actually type correct, but nobody else will guess. Don't give XYZ your Gmail password when it asks you to log-on with an email address and password. Argh.....
Write them down and put them in your pocket. A copy elsewhere is also a good idea.
Tim:
Next biggest issue is logons. Which password for which service? No, don't use the same one everywhere. You've suffered the consequences of doing that before, why haven't you learnt? Choose something that you can actually type correct, but nobody else will guess. Don't give XYZ your Gmail password when it asks you to log-on with an email address and password. Argh.....
Michael Hennebry:
Write them down and put them in your pocket. A copy elsewhere is also a good idea.
I've spent years trying to get one person to do that sanely. I finally convinced them to use a notebook. Then I saw how they filled it out.
Page after page of email addresses, and passwords, no clues what service they're associated with. They'll just try one after another until something works.
There's just no helping some people.
He didn't even try copying the method I used whenever I set something up for him, I'd write out an index card for it and give it to him.
Name of service: (e.g. Gmail) Logon: (name or email address) Password: cookmyeggswithwine (and the date this was set) Email: (if the logon is not the email address) Phone number: (if they have help lines, or if you gave them yours) Include other details (if they ask secondary security questions)
Any time you change passwords write the new one with its date. It helps you keep track, especially if you've made duplicate notes for the service's log-on. Dates may also help if you have to ring up a service for help and they ask you when you last changed your password. It can also help determine if you've been hacked or something is just messed up (if your password was changed last week, but you set it six weeks ago).
You keep your little black book where you can always find it, and not where someone else expects it to be (right next to your PC). Guard such things like your keys and wallet.
You're also batting your head against a brick wall trying to get them to create good passwords. Password123 is stupid, so is Gmail2024! and 3432DxQO0DSf4352x#^@ is damn near impossible to type correctly, especially on smartphones. It doesn't help that services create really stupid rules, either. Some of which feel like they used software from the 1970s (6 to 8 characters, must have a capital letter, number, and a symbol).
And there's no point trying to convince him to use a password manager, it'd be just as chaotically unorganised, and he'd lose the password for it... Another friend did that, hundreds of passwords lost because the password manager only allows three attempts to log-in before self- destructing.
On Sat, 2024-11-23 at 15:43 +1030, Tim via users wrote:
And there's no point trying to convince him to use a password manager, it'd be just as chaotically unorganised, and he'd lose the password for it... Another friend did that, hundreds of passwords lost because the password manager only allows three attempts to log-in before self- destructing.
Decent PMs (Bitwarden in my case) have a fallback with a list of authentication codes I keep on paper at home. I also have a FIDO- compliant key (though that's a paid option for a princely $10 per annum).
poc
On Thu, Nov 21, 2024 at 1:02 AM Michael Hennebry < hennebry@web.cs.ndsu.nodak.edu> wrote:
On Thu, 21 Nov 2024, Tim via users wrote:
Person comes along with my THIS won't do THAT. You spend some time diagnosing, then downloading a few months worth of updates that they never did (which is always a slow thing, no matter how fast your internet is). Reboot. More downloads... Reboot. It's often all that was needed doing. It's regularly 1-2 hours.
Just out of curiosity, how often did you discover that the THIS was not supposed to do THAT?
For me, it was usually that THIS claimed to do THAT, but failed due to a resource constraint, violation of a policy (SELINUX), or was given bad input data. Many of the programs I wrote had more code checking arguments than the actual calculations required, but they were used in batch pipelines where it was much easier to sort out an error due to a bad argument than to sort out the resulting mess when incorrect output was fed to the pipeline.
On Wed, 20 Nov 2024, Michael Hennebry wrote:
On Tue, 19 Nov 2024, Bob Mar?an via users wrote:
I am a retired Sysadmin who fully understands all the frustrations brought about by the SW installation without real control. Although only for my system, I regularly build a SW package (RPM) for SW, which is not in distribution. Which is actually quite easy. So I always have a clean system and can be very easy to update or delete. However, this is less and less necessary as more SW is available.
My guess is that it's only easy after you have done it a few times.
This is a matter on which I would really like to be wrong. Could you point me at directions?
Le mar. 19 nov. 2024, 14:45, Patrick O'Callaghan pocallaghan@gmail.com a écrit :
I'm attempting to convert a small Python-2 script to Python-3.
If you recognize the good conversion (for example by reading or testing it), then ChatGPT and its ilk can do the job for you.
-
Andras Simon -
Bob Marčan -
George N. White III -
Go Canes -
Jeffrey Walton -
Michael Hennebry -
Patrick O'Callaghan -
Tim -
Todd Zullinger -
Will McDonald