• 8 Posts
  • 753 Comments
Joined 1 year ago
cake
Cake day: June 7th, 2023

help-circle
  • Probably worth noting that, if you are using an employer owned system to watch said porn, they likely have software on the endpoint which will let them see what porn you are watching, regardless of HTTPS/VPN/Tor. Depending on how much your employer cares about such things, that may or may not come back to bite you. I’ve worked at places where we regularly reported on users watching porn on work computers, and I’ve worked at places where we only reported on users getting malware while browsing porn at work. But, never assume your activity isn’t being monitored on employer owned systems.




  • Aren’t they inherently less secure than a TOTP code?

    They can be, depending on the types of threats you expect to face. If physical theft is an expected threat, then a hardware token runs the risk of being stolen and abused. For example, your attackers might just buy off cops to rob you and take your stuff. Having the physical device locked with a PIN/Passcode can mitigate this threat somewhat. But, that just becomes another password the attackers need to figure out.

    On the other side of the coin, TOTP applications have started offering Cloud Backup options for accounts. What this demonstrates is that it’s possible to move those accounts between devices remotely. A hacked device means those codes may be exfiltrated to an attackers device and you will be none the wiser. Good security hygiene and device hardening can help mitigate these issues. But, it also means you need to a lot of trust in a lot of third parties. Also, you need to be unimportant enough for an attacker to not burn a 0-day on.

    Ultimately, security is all about trade-offs. If you worry about physical security and don’t expect to face a threat which might compromise your phone, then a TOTP app might be a better option. If you are more worried about a hacked device being used to leak credentials, then a physical token may be a better choice. Each way you go has some ability to mitigate the risks. PIN for a physical token and device hardening for TOTP. But, neither is a silver bullet.

    And, if your threat model includes someone willing and able to engage in rubber hose cryptanalysis, then you’re probably fucked anyway.

    I’ve heard that in the US, the 5th amendment protects you from being forced to divulge a password, but they can physically place your finger on the finger print scanner.

    Ya, it’s a weird space that you cannot be legally forced to divulge a password, except in cases where the content of the drive is a “foregone conclusion” (as defined by the US Supreme Court). But, they can absolutely collect biometric markers (including forcing a fingerprint scan).


  • As far as the rest of it, it seems to be happening with every filament I slice in Prusa slicer.

    This just reminded me of an issue I was facing recently. I also use Prusa Slicer and was having a hell of a time with my prints. It turned out to be the “Arc Fitting” setting.
    In Print Settings - Advanced - Slicing look for the *Arc Fitting setting. When I had it set to “Enabled: G2/3IJ” it just completely borked my prints. Just weird problems all over the place. As soon as I set that to “Disabled”, it cleaned up my prints considerably. Not sure exactly what I’m giving up there, but I do know I’m getting much better prints.


  • I’m glad to see them trying and I really do want to see competition in the digital game storefront space. However, I have zero trust in EA to not try and fuck me as a customer at some point. So ya, no matter how good of a fee structure they offer devs, they will continue to lack the one thing devs actually care about: customers.

    Also, as a Linux gamer, it’s really tough to consider a store front which doesn’t offer a Linux client. Sure, I might be able to get their app running in Wine. But, at that point, maybe I should just go support the company which is supporting me.


  • If you haven’t yet, try a cold pull and see if that helps. I personally just do a cold pull every time I change filaments. Maybe it helps, maybe it’s overkill, but I rarely have issues around clogs.

    Other things to think about:

    1. Does this happen with other filaments? Maybe your current filament is wet and needs drying. Maybe you just got a bad batch.
    2. Does slowing down the print speed for infill make a difference? Perhaps this filament is just flowing differently and you need to change the printing temperature, flow rate, or just slow down.
    3. How old is your nozzle? They do wear out and a worn out nozzle can manifest as all kinds of wonky problems.

  • What Im observing though is more and more indies filling the void with smaller and cheaper games due to easy access to digital distribution. Not exactly a new take as its been hapening for over 15 years now. Interestingly, Epic seems to not take the same stance as Steam does in this space. Where steam gives pretty much any shovelware the same chances, Epic wants to be super picky about these low budget titles. Where is Epic’s Balatro?

    This reminds me a lot of the days of the original PlayStation (PS). Nintendo was the large, dominant company. But, they were also really, really picky with the games they let on their platform (still are). Along comes Sony with a better physical format and a willingness to let just about anything on their system. And there were a lot of terrible titles on the PS; but, there were also some real gems from smaller devs and lots more choice for people to find what they wanted to play. That openness and plethora of options drew people to the system. Sure, Nintendo is still around and still a juggernaut, but they gave up a lot of market space to Sony.

    Sweeney and many of the big studios seem dead set on trying to replicate lightning. They keep churning out Fortnight clones, live service games and lootbox infested grind fests. None of this is because they want to make a game for players, it’s all a bald-faced money grab. And it comes across so clearly in their games. Yes, big budget games cost a lot of money and I don’t begrudge studios trying to make money. I’m more than happy to throw money at devs who make a great game (I just pledged ~$250 at the Valheim Board Game project, based mostly on the fact that I fucking love Valheim). I’ve also bought into way too many Early Access games, because they looked like they had the bones of good games. But, the big budget games seem to get lost trying to pump every last dollar out of your wallet and just quickly become a turn off.

    I remember one particular instance in Dragon Age, where an NPC had a “Quest Available” marker floating above his head. When you talked to him, you quickly discovered that you could buy his quest and the game was happy to kick you over to the EA store so that you could buy his quest right there. Fuck that noise. I’m not against DLC, but that sort of “in your face” advertising pisses me right off. Hell, I’m one of those weirdos who likes the Far Cry series. I put tons of hours into Far Cry 5 (seriously, the wing suit was just good fun). Far Cry 6 was ok and I did finish it, though the micro-transaction spam grated on me hard. After that experience, I’m not sure I want a Far Cry 7.

    And I think that points to the elephant in the room. Big publishers, like EA are so focused on making profits, they have lost sight of making a good game. Give me a solid, complete experience. Give me good controls, enough story to hold the action together and just a general sense of fun. Once that is in place, then maybe throw hats for sale on top of that. But, when lootboxes and micro-transactions are core to the gameplay and the game is balanced to force you in the direction of buying that crap, fuck your game. If the core gameplay is designed to suck so much that I want to buy cheats to bypass that core gameplay, I’ll save myself a bunch of money and just skip the game entirely. There are way too many options available out there, which don’t suck, for me to waste my time and money shoveling your shit.





  • While I don’t agree with the criminalization of marijuana, it’s really rough when it comes to a prosecutor and a law they may not like. Step back and ask the question, “should an Attorney General (AG) be allowed to not prosecute laws they don’t agree with?” You might be willing to say, “yes” for laws you also don’t agree with; but, what happens when it starts to cover laws you want to see enforced? Should “prosecutorial discretion” effectively allow an AG a complete veto power over the laws as passed by the State and Federal legislatures?

    As much as it may suck for the person in that position, it would be really bad for democracy to allow that sort of power. We empower an AG to enforce the law as written. But, we also expect that they will enforce the law as written. So ya, I would expect that Harris (or her office), as AG, prosecuted marijuana cases. That’s really what the whole “rule of law” thing means. It means the laws, as written, being enforced on all people. And it’s up to us, the people, through our representatives to get that law changed.

    And hopefully, this will work out to be more than an empty campaign promise. Though, I don’t plan to hold my breath.






  • Reality often takes a backseat to narrative in books/movies/games/etc. If you want to “well akshuly” your way though a book, you’re likely to find a lot of details the author got wrong. At the same time, those failed details may provide useful ways for the author to move the story or scene along. “Moonrise” is one of those areas where, if you polled most people, the majority would probably get it wrong. But it’s a useful trope in stories where clocks and precise timekeeping aren’t a thing and where lunar accuracy is also not important. A character saying “it’s well past moonrise” will convey to many readers the idea that it’s pretty late in the night. Could it be done another way? Sure, but the trope gets the job done and not one really cares about the inaccuracy.



  • the filibuster bound Senate will never convict.

    The filibuster doesn’t really enter into it. Article I, Section 3 of the Constitution requires a 2/3 majority to convict:

    The Senate shall have the sole Power to try all Impeachments. When sitting for that Purpose, they shall be on Oath or Affirmation. When the President of the United States is tried, the Chief Justice shall preside: And no Person shall be convicted without the Concurrence of two thirds of the Members present.

    The only positive fact about Thomas’s tenure is that the guy is 76 years old. The actuary tables look worse and worse for him every year.


  • While it was kinda lame for Mozilla to add it with it already opted-in the way they did

    That’s really the rub here. Reading the technical explainer on the project, it’s a pretty good idea. The problem is that they came down on the side of “more data” versus respecting their users:

    Having this enabled for more people ensures that there are more people contributing to aggregates, which in turn improves utility. Having this on by default both demands stronger privacy protections — primarily smaller epsilon values and more noise — but it also enables those stronger protections, because there are more people participating. In effect, people are hiding in a larger crowd.

    In short, they pulled a “trust us, bro” and turned an experimental tracking system on by default. They fully deserve to be taken to task over this.