I stayed with Terminal.app for quite awhile. Until very recently (not when Ghostty was released) it didn't have 24-bit colour support. It also didn't have shell integrations such as triple click to select all output of the last command. The configuration system is arse and is kind of a lock-in as it is in all plist form, so I had a hard time extracting the colours I used for my terminal and using them elsewhere.
Now that they've updated it recently, it is a better terminal, but otherwise Ghostty has a few bells and whistles that make the experience nicer.
Price increases are always annoying, but I will stay the course.
I don't see myself switching to free competitors like Apple Passwords or Google (doesn't do E2EE). While I am pretty much in the Apple Ecosystem, my family members who use 1P are not, you won't get the same support, it doesn't autofill entries with custom fields, you need to use separate apps to store notes and documents/images, etc. It is just a barren password manager that Apple provides for free and doesn't get the same love as 1P does.
As for competitor cloud based password managers, most of them just don't have a tight security model compared to 1P, and I'm including some of the newer entrants like Proton Pass. 1P made a really smart decision of having a separate password and secret key and using a PAKE to authenticate. I don't think anything has come close except maybe Enpass with its notion of a keyfile. For me, the security story is of utmost importance. Also a lot of the status quo can't seem to get the basics of encryption right, a few still supporting non-authenticated encryption, bleh.
As for Keepass or local (FOSS) password managers, I would rather just write in an encrypted plain text file instead and store everything there. I don't need to be forced into using a database for that.
RFC815 [0] for a nice efficient data structure and algorithm to reassemble fragments; shouldn't be much for an LLM to read and construct the data structure if inclined to do so.
It seems to me that if you lie and get the clearance, it is better than being honest and getting NACKed. Maybe morally dubious, but there's financial incentive and motivation for having a clearance.
Hm I feel gypped with the mosh aspect. I was expecting to be able to mosh into a server, context switch, and resume the same session later. It doesn't resume, it just requires you establish a new session. Meh.
They did find a pretty gaping vulnerability for 1Password but Agile Bits (the creator of 1P) already knew about it.
It's called a vault substitution attack, and it allows a malicious server to replace contents of a shared vault but also learn of any new items entered into that shared vault. The fix is pretty trivial from a cryptography perspective but it would require probably significant change in 1P applications and architecture/protocols.
Now that they've updated it recently, it is a better terminal, but otherwise Ghostty has a few bells and whistles that make the experience nicer.
reply