Mentally computable verification codes for email aliases implemented as a postfix tcp table or milter; uses asyncio. (by m3047)

Trualias Alternatives

Similar projects and alternatives to trualias

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a better trualias alternative or higher similarity.

trualias reviews and mentions

Posts with mentions or reviews of trualias. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2023-01-16.
  • The IAB loves tracking users. But it hates users tracking them
    5 projects | | 16 Jan 2023
    They've settled on a set of features and non-features, similar to how we do it with threat indicators. If it's error prone for threat indicators it's error prone for user tracking and vice versa.

    There are reasons not to care. For instance in the threat indicator space false negatives (a threat which is not caught) doesn't cause nearly the pucker as a false positive (something which is not a threat which is flagged as one). Their calculus and minimum may be driven by somewhat different objectives, because their audience is advertisers not security practitioners.

    You can still 1:1 addresses to purposes and if you see crosstalk you can draw conclusions. Their normalization is lossy; that's the point.

    The cynic in me notes that given the absolute lack of originality in password choice, similar lack of entropy could be seen in 1:1 mappings and perhaps they can infer that if you're hansolo@ and they're, that the email address you'd use is han.solo+example@. The cynic also says: that's on you.

    But damn, I'm looking better all the time:

  • Ask HN: Publish old projects even though the source code embarrasses you by now?
    7 projects | | 20 Nov 2022
    If it has "artistic" or other redeeming value, go for it. Write a README or blog (or three) covering what's unique or important, or how it fits into some historical narrative. Just be clear with yourself on what you expect to get out of it, and how much work you're willing to put into feeding your pet.

    I published something once which was three lines of code. It was useful; anyone could do it, but nobody did (a modem dialing script, of all things). The (often multipage) requests for releases to publish were an unexpected annoyance; I always tried to respond politely that I didn't feel it manifested the requisite originality to be a protected work, and that if they printed the email out and sent it to me with a self-addressed stamped envelope I'd sign it and send it back.

    I publish (checksummed on-the-fly email aliases) even though I consider the code far from perfect: it works, it defines a grammar (which I'm happy with), and it has (pretty comprehensive) tests for that grammar. The most important aspect in my opinion is the grammar and a working proof of concept. (To my bemusement it also has the most stars of any of my projects on GitHub, go figure.)

  • Using a catch-all domain is a mistake
    4 projects | | 1 Jun 2022
    The phone thing has veered into outright fraud. Twitter just paid a $150,000,000 fine to the (US) FTC for letting advertisers match on telephone numbers provided for 2FA.

    I am really tired of people selling my burner phone to the credit people; and no, I don't own that phone number. Prove I do.

    Take my local credit union. Please. Jackasses let someone have access to my checking account. I don't bank online with them either, or I didn't, but last summer was trying to talk to them about a refi and I had to register online and they wanted a phone for 2FA. So of course instead of calling the land line, which is clearly and incontrovertibly mine, they called the burner. Several times.

    Eventually I answered it with "fuck you you frauds" and they were "oooh sir, call me back on my direct line" so I tried... from my land line in the same area code, you get the idea... and their system won't route the call to their fraud department. So I ignored them for a couple of weeks.

    Seriously they were so incompetent that when the actual fraudsters were probing, the first transaction was a /deposit/. When they were finally trying to clean their mess up, they /credited/ me the same amount. I'm the one who figured it out and told them well you gave me 2x their original deposit, when you really should have debited the amount in the first place.

    People like that are not going to safeguard your information.

    Ob relevance: I have my own reasons for not wildcarding domains and use this instead:

  • A note from our sponsor - Mergify | 25 Sep 2023
    Solutions like Dependabot or Renovate update but don't merge dependencies. You need to do it manually while it could be fully automated! Add a Merge Queue to your workflow and stop caring about PR management & merging. Try Mergify for free. Learn more →


Basic trualias repo stats
17 days ago

m3047/trualias is an open source project licensed under Apache License 2.0 which is an OSI approved license.

The primary programming language of trualias is Python.

Popular Comparisons

Updating dependencies is time-consuming.
Solutions like Dependabot or Renovate update but don't merge dependencies. You need to do it manually while it could be fully automated! Add a Merge Queue to your workflow and stop caring about PR management & merging. Try Mergify for free.