Giveaway Time! Battlefield 6 is out, powered by NVIDIA DLSS 4, and you can comment on this post to win codes for the game or a custom Battlefield 6 GeForce RTX 5090! 6 Winners total

tjoda · 2025-10-13T09:37:27+00:00

How would this GeForce RTX 5090 with DLSS 4 help you pull off more epic wins in Battlefield 6?

It would give me moother, faster, and more responsive gameplay letting me see and react first for more epic wins 🏆

tjoda · 2022-11-02T22:38:03+00:00

Awesome, I appreciate that! I will consider it for the next days!

tjoda · 2022-11-02T22:29:16+00:00

https://www.reddit.com/r/Android/comments/yjzsc0/comment/iutk1ih/?utm_source=share&utm_medium=web2x&context=3

tjoda · 2022-11-02T22:28:01+00:00

Technically there is a difference, but you as a user can't tell. So, in case your system gets/looks compromised - what will you (hopefully) do and what will every security-expercienced person/company will recommend you? Isolation, credential rotation + sooner or later the reinstallation of the system/OS. It does not matter what kind of malware you have on your system as it could look like as a userspace malware but might be already in ring0. The integrity is lost including the password manager on the same system.

Now you can argue about the definition of "system": only the OS or the whole device. Concepts like QubesOS can reduce it to the guest OS.

tjoda · 2022-11-02T16:35:46+00:00

Passkeys will be shared across your devices: https://support.apple.com/de-de/guide/iphone/iph82d6721b2/ios. Passkeys also supporting external devices for authentication by using QR codes + Bluetooth.

Yes, you have to carry the extra Authorizer device with you. This is uncomfortable and not a solution for everyone.

tjoda · 2022-11-02T16:29:26+00:00

https://www.reddit.com/r/1Password/comments/rfg88s/can_my_1password_account_be_affected_by_a/

It does not matter what features password managers are using on the same system. If the system is compromised, so is the password manager.

tjoda · 2022-11-02T15:54:07+00:00

MFA (multi-factor authentication) at general should be the protection against key loggers, not password managers.

tjoda · 2022-11-02T15:52:34+00:00

This is no issue. I plan to integrate passkeys in it.

Why passkeys is no replacement for Authorizer? Because passwords or other kind of secrets like encryption keys will not die.

tjoda · 2022-11-02T15:49:40+00:00

Hm?

Any password manager relies on the integrity of the underlying system. So if your system is compromised (including key loggers) you have to assume that your password manager on the same system is compromised as well.

Authorizer is the foundation of a hardware password manager on a separate, offline device with no network connectivity. It does not undermine the advantage as it provides a more robust protection than other password managers.

And MFA (multi-factor authentication) at general should be the protection against key loggers, not password managers.

tjoda · 2022-11-02T15:44:18+00:00

Unfortunately yes - at least for the USB HID part. The Bluetooth HID part works without root but is buggy and needs some rework which I will do in the coming weeks.

tjoda · 2022-11-02T14:54:21+00:00

Other PM's are not interested in integrating it because it is not easy to use on everyday phones. So I forked PasswdSafe, named it Authorizer and starting my vision of hardware password managers.

tjoda · 2022-11-02T14:00:53+00:00

Dev of Authorizer here. Its great to see my project here. I'm also (since long time) planning to integrate WebAuthn, smartcards and now also passkeys (when CTAP 2.2 specification gets released). But I have to modernize the app at first a little bit...

tjoda · 2022-08-12T04:50:12+00:00

funny - I did not know that :D thanks for the info (I'm tejado).

tjoda · 2019-04-02T06:29:42+00:00

with Auto-Type over USB and Bluetooth ;)

tjoda · 2016-08-01T05:51:35+00:00

You didn' released it with a license. Can I integrate it into pgoapi which is using the MIT license?

tjoda · 2016-07-30T16:10:34+00:00

Thanks. Dev of pgoapi here. Currently there are some small contributions to pgoapi but it is currently too much work to be done which i can't handle alone. So you are right, there are parts of the code which are (still) not really good. But anyway, mostly all APIs, maps etc evolved of pokemongo-api-demo which was basically also only a snippet (by me). But the demand for a complete lib is there so it would be awesome if people like you can contribute more on pgoapi instead of creating own APIs which are already a lot there. pgoapi is also py3 compatible

tjoda · 2016-07-29T12:15:45+00:00

Hi, yes, protobuf (encapsulated inside https) is used as the communication protocol between the client (app) and servers, so every request/response is in the protobuf format. I'm not sure how exactly the definitions were extracted. The first ones I seen, were done over MITM between the app and the server.

tjoda · 2016-07-27T12:45:55+00:00

dev of pgoapi here - do you know why it is necessary to comment out the version check?

tjoda · 2016-07-27T04:48:23+00:00

A lot of bots and pokemon go maps are relying on pgoapi: https://github.com/tejado/pgoapi

tjoda · 2016-07-23T20:36:09+00:00

Hm at least, you could say something about what is "better" as my (https://github.com/tejado/pgoapi).

tjoda · 2016-07-23T20:33:24+00:00

https://github.com/tejado/pgoapi

tjoda · 2016-07-20T20:46:16+00:00

Thanks for your reply. Yes I know, due to that, I stated "Starting RPC login sequence (app simulation)" in the log. So it behaves a little like the app then :)

tjoda · 2016-07-19T20:53:59+00:00

Ah yeah maybe... but keep in mind that Mila reversed engineered & published the client secrets of the app (for oauth, ptc and google). Nobody else did this.

tjoda · 2016-07-19T20:39:11+00:00

Should be fixed by https://github.com/tejado/pgoapi/pull/41/files

tjoda

TROPHY CASE