I'm glad to see that they not only support, but require the use of multiple keys.
> iOS 16.3, iPadOS 16.3, or macOS Ventura 13.3, or later on all of the devices where you're signed in with your Apple ID.
and
> During set up, you're signed out of inactive devices, which are devices associated with your Apple ID that you haven't used or unlocked in more than 90 days. To sign back into these devices, update to compatible software and use a security key. If your device can't be updated to compatible software, you won't be able to sign back in.
I'm not ready to set this up, since I still use a few Big Sur and Monterey machines.
> I'm not ready to set this up, since I still use a few Big Sur and Monterey machines.
Yeah, unable to use iCloud on Windows is a big show stopper for me right now. I appreciate what Apple software we get on Windows and I've heard the Windows 11-only previews of updated Apple software are getting pretty good now. (I don't have Windows 11 so can't try them for myself.) But I'm very aware they are always going to lag a bit compared to their i-device and macOS versions. Including apparently on security support.
>I'm glad to see that they not only support, but require the use of multiple keys.
Yes, and also that they support up to 6 of them. That's a very solid number enabling a lot of decent (if basic) backup practices. A number of keys for regular use, a few put in a safe deposit box or safe or the like. Or if (as I'd assume) keys can be reused between accounts, then a family could each have a key, with all keys registered to all accounts, and then 1 or 2 in a safe spot as backup. Everyone still is protected by their password, but if they lose keys/devices then any other family member could be their live backup (and having the majority of keys constantly under control and in active use is good in terms of immediately noticing if one is lost or breaks and so on).
While I know it's definitely not Apple to add extra complexity, if anything it'd be cool if they leveraged this a bit farther even. Would be neat for example to support m of n restore, where if key/password are lost (somebody dies in an accident for example) then any 4 of 6 (or 3 of 6 or whatever) remaining keys can be used to get access. That would be a useful hedge, while not needing to offer unlimited trust to any single person (there could also be a few other safety measures like it taking a week and sending the account owner alerts in the mean time).
>During set up, you're signed out of inactive devices, which are devices associated with your Apple ID that you haven't used or unlocked in more than 90 days. To sign back into these devices, update to compatible software and use a security key. If your device can't be updated to compatible software, you won't be able to sign back in.
My only real disappointment with this is that Apple didn't implement some sort of "Purchases Only"/"iCloud Lite" functionality for old devices. I've still got an iPhone 6 and a few others because a lot of cool apps (both productivity and games) I love were dropped by iOS quite a long time ago. The devices are dedicated app runners, no communications, no syncing needed, but not having them attached to the same Apple ID means the old purchases would all be gone which kinda negates the point. And you can't transfer purchases between IDs, nor purchase now gone apps, so there isn't anyway to just setup a new one not even for money. Maybe it's possible to remove them from the iCloud side while they have WiFi disabled and then keep them offline forever? Still, kinda shitty :(. Though perhaps that's more a symptom of continued from-the-start weaknesses in the Apple ID system. Not being able to move and consolidate purchases has been a huge damn stupid thorn in people's sides almost since it became possible to start purchasing stuff with them.
I found a somewhat solution to the latter problem. If you have an Apple One Family Plan, and an empty slot, you can just create a legacy user with a new Apple ID and add it as a family member. This account will inherit all the purchases and subscriptions, but it can have a different security policy.
Can you not just sign into the iTunes Store without signing into iCloud? They’ve always supported that for legacy users that shared a single Apple ID for all their purchases with their family.
Nope. With E2EE, and I believe with Security Keys, you must be running a supported OS on supported hardware or you can’t sign in with your Apple ID for anything.
You could use this in addition to regular macOS machines. You can run tests from un-trusted branches, without worrying that something will expose the signing keys.
Then after merging, you have a second machine / set of machines that only does signing. It increases the difficulty of an accidental or intentional leakage of your sensitive keys.
Based on the below comment, I think you can keep some services like youtube and photos. That said, I strongly recommend every do regular google takeouts https://takeout.google.com/settings/takeout?pli=1
Do you have any source on this? It doesn't sound right to me. I'm talking about the base free services that Google offers to everyone, not about G Suite. Over a billion people are using free Gmail, I think it would have been bigger news if Google had pulled the plug.
I ended up at https://$mydomain.1password.com/integrations/directory and I can only see Fastmail as an option. Clicking there it asks me to Connect with Fastmail rather than that I can provide my own domain. I already have a wildcard domain setup so I'd like to use it as @davzie mentioned.
You need to OAuth to Fastmail (the service) to hook it up, then as was mentioned above, you can go into the settings in your Fastmail account to choose which domain your Masked Email addresses are created in:
Settings -> Domains -> Team Settings -> Masked email domain
It will default to fastmail.com, but easy to change it.
Oh, I completely misunderstood then, I thought I could do this with just 1Password. I already have email setup myself and don't need Fastmail, so then it seems I cannot use this feature. I'll just continue myself to randomly generate my addresses then...
Well, as I understand it you'd have to do this manually. As in, pick a random alias for the site, use that as you email address there and enter the same one in 1password (or any other credential store).
The full "it just works" integration seems to only work between 1password and fastmail directly.
Thanks for the vote of confidence! If you have a custom domain at fastmail you can avoid any lock-in by using it for your masked addresses. Settings -> Domains -> Team Settings -> Masked email domain.
With that it's entirely portable. You can point your mx records at any other provider.
Disclosure - I work at 1Password, though I had only tangential involvement in this effort.
This feature is an integration with Fastmail's masked addresses. You don't need to use their domain, but you do need to use them as your email provider.
Disclosure - I work at 1Password, though I had only tangential involvement in this effort
I don't have a lot of time, but this was an interesting question. If you message me I'll dig up references. There are nuances and exceptions to almost everything I list below.
The radio spectrum is a scarce resource. Two of the main reasons amateur radio users are given access to the spectrum is to help with disaster recovery and to advance the art and science of radio.
Callsigns are public - you can look up anyone's to see who they are.
You're required to give your callsign at the end of your transmission, and every 10 minutes.
There are some limitations on content. No music, no profanity, no commercial uses, and no encryption.
netiquette varies based on what you are doing. In general, shorter range bands have better sound quality and are more casual. Longer range has worse sound quality (or no sound like morse or ft8).
If you're on one of the shorter range bands (e.g. 70cm) you'll often find people who are keeping in touch with friends, or just looking for someone to talk to.
On the longer range, you'll run into stuff like contests - all the other person wants to know is who you are, and where you are. They're trying to see either how many contacts they can make in a period of time or how far away they're able to make contacts.
There are "formal traffic" nets - which pass messages. Local nets will route traffic they can't deliver to regional nets, and then back down to local nets. Usually they just pass practice traffic around - until a disaster occurs and they are needed. More info https://www.arrl.org/nts-manual
Edit: I forgot about you abuse question. Hams tend to police their own or will work with the FCC to report people misusing the airwaves. The practice version of this is called "fox hunting" - where someone places a transmitter and you try to find it.
Most hams care about keeping the hobby alive. If they find someone who's broadcasting with too much power or without a license usually they'll try to work with that person to correct the behavior. If that doesn't work, they'll often work with the FCC.
Were you able to update to 8.0.34? We recently moved the deb and rpm repositories to prepare for this release. Installing the deb or rpm from https://1password.com/downloads/linux/ should setup the correct repo for future updates.
If you have 8.0.34, and still can't log-in you may be experiencing the issue yabones described. support@1password.com can provide you with more hands-on help.
