Benefit of using OpenSSH FIDO/U2F support over GPG mode?

OpenSSH version 8.2 introduced support for FIDO/U2F hardware authenticators, via the new public key types “ecdsa-sk” and “ed25519-sk”.

I currently have SSH authentication set up in combination with gpg subkeys by using my security key in GPG mode. I am wondering if there is any benefit (especially security related) to the native support over the old GPG solution, but could not find any obvious ones.

Is it practical to use entity-attribute-value (EAV) model to support custom user fields and avoid bloating of tables?

I am currently working on a medium-sized web app project that is already in production using Laravel framework and MySQL 5.6.10. My clients have been asking for the ability to add additional attributes to the orders table to keep track of some additional dates.

At first to avoid bloating up the orders table, i was planning to create a new table called order_custom_fields that will link to the orders table and have a column for each of the custom field. But this will make it not conventional if more custom fields need to be added in the future for different clients or if the custom fields will be attached to different tables.

I have since stumbled upon the EAV model and thought that it seems like it would solve my problem if not for most sources saying that it should be avoided mainly for performance reason and possible difficulty when querying.

Since mysql 5.6 still does not support json, is the EAV model likely my most practical choice as to avoid bloating up the orders table with custom user field?

Does anyone have a similar case and can provide some insight?

More information:

  • The orders table currently already has 9 foreign key, 20 attribute fields, programatically linked to many other tables, and already has close to 50,000 records.
  • The Laravel framework handles all my database queries, and can programatically create polymorphic relation between database tables so only 1 EAV table will be required in my case. Also, the data in the EAV table can simply be a varchar/text and be casted as required in the program.

In laravel style, the table will be something like:

+-------------+-----------+-------------+------------+ | entity_type | entity_id |  attribute  |   value    | +-------------+-----------+-------------+------------+ | Order       |         1 | custom_date | 2020-02-02 | | Order       |         2 | custom_date | 1991-01-01 | | Product     |         1 | custom_name | phone1     | +-------------+-----------+-------------+------------+ 

Looking for Support Skills for a Tattooed Monk in an L5R Game

Our group recently started up a campaign in L5R 3rd edition. I decided to go with a Dragon Clan monk. After a few play sessions, I’m starting to run into issues finding a role for the character. We have enough ranged characters in the party ( two dedicated archers, a shugenga (wizard), and a scout) that it doesn’t make much sense for me to rush into melee. Either the party kills the threat or it was too strong to engage with face-to-face anyway.

My ideal solution would be to tweak the character to be more support oriented. After all, those squishy ranged sorts need someone to watch their backs. Unfortunately, this system doesn’t seem to offer many tools to actually support that playstyle. I have my tattoos, but those are pretty limited. Apparently dragon clan monks don’t get ‘kiho’ abilities like normal monks.

Are there any skills or abilities I can pick up that will let me adapt this character to better fit the party? Is ‘run up and punch hard’ really my only option?

Why would my ISP have SSLv3 enabled and support insecure suites? SSLLAB rates them an F

A few days ago I tried to log in and pay my bill and their HTTPS was disabled. I questioned it and they enabled it and said they were doing upgrades. Curious, I tested the site with SSL LAB and they received an F because they also support insecure suites.

I asked them about disabling SSLv3 to mitigate POODLE and was told I needed to do that on my end.

I am confused because every other ISP and site with SSL I test receives a B or A score, why would my ISP rest at an F and no one seems to care except me.

Why do GoDaddy customer support representatives ask for two-step verification codes?

When contacting GoDaddy customer service, whether over chat or phone, they often ask for both a PIN and a two-step verification code (which they confusingly refer to as “google auth codes”).

Then PIN can be found when you log in to your GoDaddy.com account, but the two-step verification code is something you’d need to get from whichever app, service, or hardware device you use to generate two-step verification codes (compatible options listed here).

Typically two-step verification codes are time-based one-time-use codes I’ve only used when logging in to my own accounts through my own web browser or mobile app on my own devices. I’ve never had any other customer service representatives from other companies ask for these codes. Usually they just ask for PINs (if the service is set up to use those).

Why would GoDaddy customer service require two-step verification codes? Are they actually using it to log in to your account on their end? If so, how could they do that without having your password? Also, is it poor security practice to require customers to share two-step verification codes with someone else in this manner?

I found this related question from someone concerned with customer service reps asking for PIN codes here, and people agreed that even that is poor security practice.

Hostpoco.com – Best Cheapest hosting + great support

Hostpoco provides very Simple, Easy, Trusted, Reliable Web Hosting Service and now Hostpoco deals with cheap high resourced and hugely demanded web hosting services starting from $0.5 per month. All our hosting plans come with CPanel as a control panel included with some smart features like no limit space, unmetered bandwidth, free auto SSL, free site builder, free migration service, free dedicated IP and much more.

Hostpoco.com is a Cheap & BUDGET, yet FAST and RELIABLE web hosting provider. We have staff available TRUELY 24/7 to provide nearly instant support to all of our customers when they need it. You can be certain that your site almost has zero downtime as long as you have an active service with us. We own our web server, which is an advantage for our customers since we immediately react if there is anything unusual with the server, or if any customer needs to install custom software.

Our plan starts from:
*Shared Hosting $0.5/month for Beginner
*Reseller Startup Hosting starting from $3/month.
*VPS Hosting $14.99/month.
*Dedicated Servers as low as $80/month.
*Managed WordPress Hosting from $0.5/month.

Hostpoco.com: Budget Hosting Provider | Cheap Hosting Provider | Cheap cPanel Hosting | $1 Unlimited hosting | Fast SSD Hosting | Money back Hosting | Best Seller hosting | ideal free hosting | free web hosting

https://hostpoco.com/

Thank you.

*Hostpoco.com-SSD Linux Reseller Hosting @ $5 /M + 24×7 Tier 4 Technical Support.

SSD Linux Reseller Hosting should be the perfect choice for the beginners in web hosting field. Linux Reseller Hosting is a famous and well-known option for reseller hosting. Hostpoco provides High Config & Best Featured SSD Linux Reseller Hosting. Just Sign up and be online within 2 minutes with our instant & free setup!

SSD Linux Reseller Web Hosting Plan:
*Startup SSD Reseller plan: $5 /Monthly

– Free Domain Name
– 22GB Web Space
– Unlimited Bandwidth
– Free Let’s Encrypt SSL
– 10 CPanel Accounts

*Pro SSD Reseller plan:$8 /Monthly
– Free Domain Name
– 55GB Web Space
– Unlimited Bandwidth
– Free Let’s Encrypt SSL
– 25 CPanel Accounts

*Premium SSD Reseller plan:$12 /Monthly
– Free Domain Name
– 75GB Web Space
– Unlimited Bandwidth
– Free Let’s Encrypt SSL
– 40 CPanel Accounts

*Elite SSD Reseller plan:$14 /Monthly
– Free Domain Name
– 120GB Web Space
– Unlimited Bandwidth
– Free Let’s Encrypt SSL
– 60 CPanel Accounts

For more information about our Plan, please visit https://hostpoco.com/best-ssd-linux-reseller-web-hosting.php

Thank you.

Audio and video solution with “whisper” support that is not roll20

For our online gaming sessions we use Fantasy Grounds as our virtual table top. We’ve also tried a number of other solutions that work o a certain extent but without fully support all our needs which are as follow:

  1. Voice and video.
  2. Ability to stream my own music from iTunes
  3. Ability to speak (whisper) only to one of the players.
  4. Good audio quality.

So far, we’ve tried:

  1. Discord + Voicemeeter: no whisper, bad music quality. Excellent video and voice.
  2. Ts + Voicemeeter. No whisper, no video. Excellent music and voice quality.
  3. Roll20. Bad experience, only preuploaded music. Normal video and audio and whisper support.
  4. Roll20 + Ts + Voicemeeter. Complicated setup, normal audio and video quality. Meets all requirements.

So far option 4 works but it is far from ideal and I was wondering if there was a better solution.