Hacker News new | ask | show | jobs
by quadrifoliate 2135 days ago
> If the author hasn't figured out you can assign a PIN to the keys you store on the Yubi, then I don't see why I should waste my time reading their rambling blog post.

Try being a little nicer. If you feel that the blog post is a waste of your time, here's a revolutionary idea – don't say anything? There are 29 other posts on the front page, maybe one of those other ones will be worth your time.

As it is, the UX of the poster's solution is totally different from yours; it enables a one-time, contactless authentication during login. Yours requires a ton of manual input every time the Yubikey is used for SSH. There is some different in the security models here, but the author's solution is broadly different from yours, and to me, much more convenient (I use a Yubikey with a PIN for work and it's kind of a pain).
2 comments
andreilys 2135 days ago
I’m someone that often reads the comments before reading the article, so it’s helpful to know what people think is blog spam and what is actually worth reading.
link
quadrifoliate 2135 days ago
Understood.

I'm making the claim that the OP's comment is both derogatory ("rambling", "waste of my time") and not relevant to the solution described in the article. Therefore, if anything, the comment is more deserving of being labeled spam than the article itself.

link
wrkronmiller 2135 days ago
Seconded. I think one of Hackernews’ biggest value-adds versus say Oreilly is the eagerness with which the commenters on this site will rip apart bad ideas/articles.
link
war1025 2135 days ago
I agree, but also you can be critical without being an asshat.

It's better to comment from a perspective of "I bet you didn't know this" than "Ha, you're an idiot"

link
traceroute66 2135 days ago
The point is the author of the blog is spreading FUD by saying "you can't leave your Yubikey unattended because anybody can take it and use it to SSH without your consent".

That is a falsehood and deserves to be called out.

I don't mind "revolutionary ideas", but don't use your platform to spread FUD.

link
dang 2135 days ago
It's great to correct falsehoods, but please do so without "calling out". The online callout/shaming culture has toxic effects and we're on a different trip here, or trying to be.

https://hn.algolia.com/?query=online%20shaming%20by%3Adang&s...

https://news.ycombinator.com/newsguidelines.html

p.s. https://news.ycombinator.com/item?id=24190704 was much nicer - that's the spirit ;)

link