Also look at the failure time and make sure you are sleeping correctly when not reading. esphome has this implemented and it is really great, it wakes up 10 seconds early, starts the fan/airflow, then takes the reading, then sleeps (for 50 seconds) in my case where I want to sample every 1 minute. Without this the lifetime of the sensor is around 1 or 1.5 years of continuous use if I recall correctly.
I see, you left this out of your original post and it would have had me reply entirely different. This certainly can work for you and makes sense, expecting everyone to do this instead of using a tool to do this is unrealistic IMO. Everyone thinks about things differently and many people "dont care" about security and just want a password that works.
If one site gets breached/exposed, your memorized username/password combination used all across the internet is now immediately available to the bad actors and you might not even know or remember everywhere it was used. Having a unique password for each site is the main advantage of a password manager to mitigate the damage in this case (to just the 1 site that was breached). Talking about your vault/passwords and "single basket" being obtained is relevant when using a password manager, especially with articles/news like this but just a different attack vector.
I don't think that having a unique password per site is unachievable. I do it and I don't use a PW manager. Even something as simple as prepending the site name in ROT13 to a reused password greatly reduces your exposure to the sort of background infosec threat radiation that's like 99.99% of the threat model for most people
That gets broken as soon as some site requires you rotate your password, or you choose to rotate it (maybe you entered it on a device you become suspicious of). Now how do you remember the password for every website? You could keep some kind of.. list, but then we are getting close to being back to password managers.
Cool, now go explain that to your parents. NOW make sure they go through and change every single password on every single account they currently have and don't just get annoyed like 5 passwords deep and decide not to bother.
The issue isn't you or me, it's what 99% of the world has to use. For the large majority of people, a password manager with one super strong password (and 2FA) makes WAY more sense.
> Even something as simple as prepending the site name in ROT13 to a reused password greatly reduces your exposure to the sort of background infosec threat radiation that's like 99.99% of the threat model for most people
If one goes with the infosec advice that you should calculate the entropy of passwords based on the assumption that the attacker knows the password scheme, then this password scheme provides zero entropy. So if there is zero cost for the cracker to pwn you as well as all the others that don’t have this kind of leetspeak obfuscation then you’re still pwned.
Yes my comment made a lot of assumptions, but the original post invited them I think. Reading the other comments from the original poster changes the tone of the original message a lot. I think for someone who knows the term "infosec" and has a mental algorithm, a password manager isnt necessary per-se. If we are talking about the general public, in a constantly evolving digital world, I think password managers are a good thing. I think this site is a tiny fraction of the potential userbase for a password manager
I use home assistant to create my list of "entities", then I do all logic/automation in nodered, but this could easily be bash if you really wanted. This allows me to leverage the communities work on integrations for stuff (python libraries interfacing with xyz hardware/api/cloud/local device), and then put all of my automations in one place (nodered for me)
If I add new "stuff" I add it to home assistant, if I want to do things with my "stuff" I do it in nodered.
Also, if the "stuff" I want to add is a little sensor or arduino or esp8266, I can just have it send MQTT messages, and then all of a sudden without touching anything in home assistant, I have access all the way in nodered to use these messages to do anything I want.
I approach it like this. As you go through the next week, try and see if you can identify something that you do every day, almost like a habit, and think if automation could remove that task from your life. A few of my favorite examples:
1. Checking front/backdoor is locked every single night, now I have an automation that turns on the front hall light and sends my phone a notification that the door is unlocked.
2. The "did I close the garage thoughts", just being able to check your phone from the airport or wherever you are and see "yep its closed" is "nice" but not necessary of course
3. Everytime I open the garage door, the light turns on with a timer and some logic so that I never touch that light switch
4. auto turn off air purifier in bedroom in the morning (and on at night too)
5. Anytime the doorbell rings and I am not home, I get a phone notification with a picture of who is at the door. Helpful when worried about missing packages, deliveries, etc. Doesn't necessarily "help" solve the problem, but does do something mentally
6. Recently I added one that nudges the volume on the tv up a few clicks and down a few clicks based on the HVAC turning on/off, it was something I found myself doing habitually and now that it works it is extremely seamless and has been great
I have way more complicated scenarios of course, all of which I find compelling, but I really like the automations where you dont know they are doing something necessarily, your brain just forgets they are even automations.
What's kept me from trying this stuff out is a few interrelated factors:
1) There's no possible way setting up and managing this stuff manually is going to be worth it if it only controls a couple things.
2) Doing enough to overcome point 1 seems to begin with "step 1: spend lots of money and time to replace tons of stuff that already works completely OK" and/or a bunch of research (I've used enough AirBnB IoT "actuate the existing deadbolt" add-ons to know that a bunch of them are time-wasting crap that barely works, plus I've never seen one that didn't look bad)
3) Taking a "just do it as you replace things" approach still results in spending more money (IoT will be more expensive than dumb, just about every time), plus lots of things will probably never need to be replaced while I own this house, plus that means potentially years before I hit any kind of reasonable pay-off period.
4) I have a feeling I could solve several of the problems faster and cheaper with a dumb approach of low-voltage LEDs hooked to the right things and run to the right places, or outlet timers, or whatever, if I were so inclined—which I'm clearly not, because I haven't.
Every time I get the urge, I think back to that automation effort/payoff chart from XKCD and then... don't, because I can't see how I'll ever get on the good side of the line. Doubly so if any part of it can't go years without any kind of attention or maintenance related to the IoT aspect of it.
[EDIT] The calculation would change if I enjoyed that kind of thing as a hobby, of course.
Your math checks out. For me I came to different sums for each bullet point primarily starting at the place of "I do/did enjoy setting it up as a hobby". I also really liked maturing my solutions from a this is fun to hack together, to things my partner actually has said "wow this is actually pretty nice I like it".
I have also been very impressed with some of the infrastructure/solutions that the open source community has available, it is a pretty rich infrastructure that is not unbearably-brittle if you know what you are doing, but definitely is not user friendly enough to be easy to recommend to everyone.
Thanks for the ideas - I think that's how I would have to approach it as well in that I would really want to further explore the possibilities of IoT. I've done some in the past for home energy systems but past energy I haven't seen a lot of high value opportunities. Certainly some things that could be smoother (like your projects).
Yeah, I totally get that it works out differently for different people. Maybe I'm just getting old enough that I can smell when I'm looking at something that's gonna become an excuse to spend money, more than anything else ("well now that I have an X, if I just had an Y...") But if I truly enjoyed it as a hobby, different story.
It does also allow for conversion of EPUB -> MOBI without using the calibre standalone application. calibre-web is now my primary interface to my existing calibre database file. I keep calibre ready/installed but haven't needed it in over a year
