Comment by kid64
3 days ago
This is just the first detected and reported instance, in all likelyhood such attacks have been happening for some time. When will the fanatic userbsse finally admit that using Obsidian in any enterprise setting is just plain malpractice?
It takes 5 minutes in their Discord channel to see the founders are D&D nerds, not competent engineers. It was never meant for serious work.
> It takes 5 minutes in their Discord channel to see the founders are D&D nerds, not competent engineers.
I know absolutely nothing about Obsidian but I'd expect quite a few competent engineers to also be D&D nerds no!?
Are you saying the two are mutually exclusive?
No I'm not. But I'd encourage you to visit and see for yourself why these outcomes are completely predictable.
For uninitiated, why?
> the founders are D&D nerds, not competent engineers
The two are not mutually exclusive. What would you trust more than a nerd? A jock? A spod? An MBA?
Any evidence of other examples if bad engineering you can point to, or are your thoughts on the pluggin system and throwing shade at random groups of people all you've got?
[FYI: I know little of obsidian other than planning to look into it at some point as people I know use and like it. I stepped into this set of comments in case there was something useful I should be passing on to those people]
The attack relies on social engineering to get the victim to disable protections and could just as easily have happened with a plugin for any code editor.
Anyway, What I like about obsidian is that it can handle a truly huge amount of notes without slowing down, and the notes are just markdown files on disk, so there's no lock in. I have used evernote, ms one note and zoho notebook before, and had issues with all of them.
That isn't a response to my post, it is a bit of information already present in the thread that isn't relevant to my question followed by a positive review. This suggests that a shill brigade has been attracted to these comments. I suggest you don't do that, it isn't a good look.
well there was this previous issue in the crypto community where it turned out someone was not a competent engineer and should have stuck to their online exchange for magic: the gathering
A more mature response would be to mention the case you are talking about, perhaps linking to further details, rather than repeating the attack on a hobby that many share.
What software do you use that would be immune to a scenario where you disable all protections to take some action?
One whose protections can’t be disabled.
So locked up platform where vendor owns your ass and fucks it the way they want to, à la Chrome.
So i assume you dont use an android device, github, etc? Everything is vulnerable to social engineering.