đź”— Quick links thread
-
@tsaukpaetra This one looks interesting for english speakers. I liked the plus codes better.
Edit: it also seems to be proprietary, I'd rather go with the old geography numerical coordinates.
-
-
-
https://sonniesedge.co.uk/talks/dear-developer
If you’ve ever wanted to see an old lady’s personal anger and rants about the modern web industry turned into a talk, you’ve come to the right place.
This is Old Lady Shouts At Clouds to the nth degree.
...
It’s technically amazing that you’ve built this Boeing 747. It’s incredible that you’ve somehow squeezed it into your garage, and that you get into it every morning, and taxi out onto the road, and then thunder down your side street until you reach takeoff speed, and then you swoop up up up! into the sky, where you circle for a while until you find a spot at your company car park 2km away, and you then set it down, somehow, magically, into the parking space.
But…Wouldn’t it have been better, in every conceivable, practical, and financial way, to just buy a fucking bicycle?
-
@bb36e That's a good article. Aside from the over simplifications of history, this sort of thing drives me bonkers:
However, one of them works for all people, while the other deliberately excludes huge segments of the population.
Saying "deliberately" strikes me as being in bad faith and in contradiction with the previous "lessons." I mean, sure, maybe someone deliberately meant to keep people or dogs from using the knob but that's assuming a lot there and is the sort of thing that will turn people off of the rest of your (xer) message.
Better to say something like, "effectively excludes."
Also, is "FOMO?"
-
-
@boomzilla said in đź”— Quick links thread:
maybe someone deliberately meant to keep people or dogs from using the knob
I have sometimes wondered what led to the proliferation of the spherical knob. My perception is it was intended to make it more difficult for youngers to use it and thus more effective at keeping them
contained.cagedentrapped
-
@bb36e said in đź”— Quick links thread:
For those coming in later: Blakey started a topic to discuss it:
https://what.thedailywtf.com/topic/24943/good-article-dear-developers-the-web-isn-t-about-you
-
Social media sites are littered with seemingly innocuous little quizzes, games and surveys urging people to reminisce about specific topics, such as “What was your first job,” or “What was your first car?” The problem with participating in these informal surveys is that in doing so you may be inadvertently giving away the answers to “secret questions” that can be used to unlock access to a host of your online identities and accounts.
-
@bb36e Ha ha! Not when I generate random answers using keepass.
-
@boomzilla said in đź”— Quick links thread:
keepass
never used a password manager for more than a week, but do you keep the DB synced across multiple devices? right now I switch between my phone, my linux desktop, and my windows/linux laptop and having to copy stuff back and forth seems like a pain.
-
@bb36e I keep a copy of it in dropbox. Then I tell it to sync whenever I update things. My phone uses it directly from there. I occasionally update it on my USB drive that I carry, but honestly I've only very rarely needed to use that.
-
@bb36e said in đź”— Quick links thread:
@boomzilla said in đź”— Quick links thread:
keepass
never used a password manager for more than a week, but do you keep the DB synced across multiple devices? right now I switch between my phone, my linux desktop, and my windows/linux laptop and having to copy stuff back and forth seems like a pain.
How often do you register for new sites and how often do you change passwords? I tend to make backups including the date and then manually sync them.
-
@boomzilla said in đź”— Quick links thread:
@bb36e Ha ha! Not when I generate random answers using keepass.
Somebody in the comments of that article had an interesting comment on that though:
Kevin Fee said:
Be careful, a savvy scammer will social engineer that by saying “Oh, just a random string of letters, it would be pointless to read it out.” …and apparently that works on the customer service reps who have to ask the security questions. Consider storing the answer in your crypto vault but using a couple words and then the gobbledygook. That way the service rep can think it odd that “you” didn’t say the real words.
-
@jbert Hmm...I've never had to read that sort of thing out loud.
-
@jbert said in đź”— Quick links thread:
Somebody in the comments of that article had an interesting comment on that though:
Kevin Fee said:
Be careful, a savvy scammer will social engineer that by saying “Oh, just a random string of letters, it would be pointless to read it out.” …and apparently that works on the customer service reps who have to ask the security questions. Consider storing the answer in your crypto vault but using a couple words and then the gobbledygook. That way the service rep can think it odd that “you” didn’t say the real words.This is a perfect illustration of why "security questions" are bad for security. Their effect is to create an alternate system that is functionally equivalent to having your password, but much easier to break (in many different possible ways!) than an actual secure password.
-
https://www.washingtonpost.com/graphics/2018/world/too-many-men
The consequences of having too many men, now coming of age, are far-reaching: Beyond an epidemic of loneliness, the imbalance distorts labor markets, drives up savings rates in China and drives down consumption, artificially inflates certain property values, and parallels increases in violent crime, trafficking or prostitution in a growing number of locations.
Those consequences are not confined to China and India, but reach deep into their Asian neighbors and distort the economies of Europe and the Americas, as well. Barely recognized, the ramifications of too many men are only starting to come into sight.
-
@bb36e said in đź”— Quick links thread:
https://www.washingtonpost.com/graphics/2018/world/too-many-men
The consequences of having too many men, now coming of age, are far-reaching: Beyond an epidemic of loneliness, the imbalance distorts labor markets, drives up savings rates in China and drives down consumption, artificially inflates certain property values, and parallels increases in violent crime, trafficking or prostitution in a growing number of locations.
Those consequences are not confined to China and India, but reach deep into their Asian neighbors and distort the economies of Europe and the Americas, as well. Barely recognized, the ramifications of too many men are only starting to come into sight.
They should send them to Mars! Oh wait...
-
-
@tsaukpaetra said in đź”— Quick links thread:
@bb36e said in đź”— Quick links thread:
https://www.washingtonpost.com/graphics/2018/world/too-many-men
The consequences of having too many men, now coming of age, are far-reaching: Beyond an epidemic of loneliness, the imbalance distorts labor markets, drives up savings rates in China and drives down consumption, artificially inflates certain property values, and parallels increases in violent crime, trafficking or prostitution in a growing number of locations.
Those consequences are not confined to China and India, but reach deep into their Asian neighbors and distort the economies of Europe and the Americas, as well. Barely recognized, the ramifications of too many men are only starting to come into sight.
They should send them to Mars! Oh wait...
That would still give them more purpose than they have now.
-
As Call of Duty has, just like any modern game these days, a not-so-bad anticheat mechanism (namely VAC), modifying it could result in myself getting banned from the game.
After a few other failed attempts of exploiting this vulnerability, I came up with something completely different: Why shouldn’t I use the game, without actually using the game?
The idea is still to take the game as base, but instead of hooking it, the underlying network transactions are analyzed to recreate the state of the game and to inject custom packets into the system’s network stack that look as if they were sent by the game.
So you don’t modify the game itself, but rather control all the data it sends and receives.
As this method doesn’t touch the game at all, it is not possible for current anti-cheat systems to detect this (it actually is possible, but I don’t think there is any anti-cheat that tries to detect that, yet).
-
@bb36e Wait, games don't communicate over encrypted tunnels?
-
@pleegwat Of course not. That's technology that was invented more than 20 years ago!
-
@pleegwat said in đź”— Quick links thread:
@bb36e Wait, games don't communicate over encrypted tunnels?
Even if they did, it raises the barrier but doesn't make it impassible. Just snarf the encryption keys out of process memory then carry on. Point is you can't trust the client, period.
-
@pleegwat I think game development prioritizes performance over security, so it's taken a long time for things like encryption to become common:
every title released after MW2 has some kind of TLS layer underlying the network traffic which makes the analysis process much harder.
-
@pleegwat
That's why FF14 doesn't even bother with anti-cheat software. In fact, they just straight up accept your client commands using the built-in macro system to perform actions without checking whether you're in a context where those actions are allowable.tl;dr: They implemented a special limit break as part of their "do dungeons with NPCs" feature, made it so the button to perform that limit break would be locked out anywhere except the dungeon, but then didn't perform any validation of user macros, so you could set up a macro that said "perform action Ungarmax" (the special limit break) and do that limit break anywhere. And that limit break was something like 100 times more powerful than the normal 3-bar limit break you get in end-game content, and only took 1 bar of limit break.
People started abusing it, it got reported but got referred to the "cheat tools" task force because of how it got reported, they looked and said "nope, no third party cheat tools in use here" and closed it out, and it took 3 more months of abuse and the loophole going front page on both Reddit and the game's official forums before it finally got fixed.
-
@pleegwat said in đź”— Quick links thread:
@bb36e Wait, games don't communicate over encrypted tunnels?
Xbox 360 (and Xbox One natch) encrypt everything by default since day one.
Must be shitty PC games he's talking about.
-
@izzion said in đź”— Quick links thread:
tl;dr: They implemented a special limit break as part of their "do dungeons with NPCs" feature, made it so the button to perform that limit break would be locked out anywhere except the dungeon, but then didn't perform any validation of user macros, so you could set up a macro that said "perform action Ungarmax" (the special limit break) and do that limit break anywhere. And that limit break was something like 100 times more powerful than the normal 3-bar limit break you get in end-game content, and only took 1 bar of limit break.
The fuck is a "limit break"? Limit break. Limit break. Limit break.
-
@blakeyrat
An abnormally powerful action (you can choose to consume it as an attack, defense, or recovery action) you build up over time in combat, with bonuses to build up rate for doing certain special actions.Which has been a pretty core Final Fantasy concept since at least FF7.
-
@izzion You mean the extremely boring game I couldn't play because it was so goddamned boring? I guess I didn't get that far. Could they have picked a more nonsense phrase than "limit break" to describe that? I guess "power attack" has the risk that other people might know what the flying fuck you're talking about.
-
@blakeyrat it's a JRPG. choosing normal people names for mechanics, characters, settings, items, and everything else would fly in the face of convention :tropicana:
-
@izzion said in đź”— Quick links thread:
Which has been a pretty core Final Fantasy concept since at least FF7.
Is it still in FF22? Asking for a friend.
-
@pleegwat said in đź”— Quick links thread:
@bb36e Wait, games don't communicate over encrypted tunnels?
UE4 (at least) doesn't do much more than a checksum after you've logged in.
-
@boomzilla
You’ll have to ask again in about 15 lawn mowing seasons.
-
Interesting post about UI from a non-tech perspective (with good links):
-
@blakeyrat said in đź”— Quick links thread:
The fuck is a "limit break"? Limit break. Limit break. Limit break.
The reason why Cloud is overpowered in SSB4.
-
 https://imgur.com/gallery/WUdNw9p
Purposefully broke onebox because it doesn't do it justice.
-
@pie_flavor said in đź”— Quick links thread:
 https://imgur.com/gallery/WUdNw9p
Purposefully broke onebox because it doesn't do it justice.You could have linked to the source.
-
@zecc There also was a follow-up article just today:
-
-
@bb36e tl;dr
-
For those who still have a scrollbar: the bottom half of the page is citations of different quotes of why to delete your BookFace account and the references list.
The actual article is more philosophy on why you should delete your account and stop watching clickbait news or maybe even why you shouldn't regularly visit this site
-
Encountered while reminiscing about RCXs...
-
@tsaukpaetra said in đź”— Quick links thread:
Encountered while reminiscing about RCXs...
Fun fact: sometimes movies modify open source code and the code gets put back into the open source project:
-
@tsaukpaetra said in đź”— Quick links thread:
Encountered while reminiscing about RCXs...
Someone in the comments wrote:
IT can be assumed JARVIS uses LISP code because the UI on the monitor looks customized, unlike any windows systems.
-
The Internet made it easy to gather together vast swaths of humanity and allowed them to communicate with each other at scale. These mostly anonymous ginormous nations of humans have no shared purpose and no shared values. With no common understanding of how to treat each other and no incentives to do so, communication in these “communities” rapidly degrades to the lowest common denominator where uninformed hate is a typical knee-jerk reaction to differences.
Vast swaths of the Internet are full of toxic uninformed hate, and I believe it is time to return to our villages.
-
-
@jbert Holy shit, after getting a master's degree (looks like undergrad and graduate were literature degrees), this is the job she gets in NYC!
When I finally got my first full-time office job at the start of 2013, it paid less than $20,000 a year. I would make $1,400 a month and send $750 to Sallie Mae. In New York City in 2013, the average one-bedroom apartment rented for about $3,000 a month, and with more than half my net pay going directly to loans, I made the “choice” to live with my parents in the Bronx, on the last stop on the 6 train.
...
When you’re barely making enough money to survive, living from one paycheck to the next, you can feel every cent you spend.
Um, yeah, because you already blew tens of thousands of dollars of OPM on those literature degrees.
According to its website, in 2013, Sallie Mae “celebrated 40 years of helping make education accessible to families around the country,” and that carefully-worded phrase isn’t entirely wrong. I wouldn’t have been able to afford college without a student loan provider. I wouldn’t have had access to an intellectual and competitive learning environment, I wouldn’t have been able to meet and make friends with people from all over the world, and I wouldn’t have the same tools to think critically and dynamically about complicated subjects that I would otherwise have no idea how to approach. It’s obvious that college is an invaluable experience. Still, should it really cost the next 20 to 30 years of my life?
No, it shouldn't. And you and your parents should have thought about that before you piled up the debt! (Actually, that's not fair...her parents were definitely against at least some of the debt.) Ugh, this student loan nonsense is a terrible scam that's only created a positive feedback loop with higher tuition rates.
-
@boomzilla said in đź”— Quick links thread:
In New York City in 2013, the average one-bedroom apartment rented for about $3,000 a month
Bullshit. Unless she trying to live on Central Park West with nice park view.
I currently have a 2.5 BR in a lower end neighborhood for less than $2000.
-
@boomzilla said in đź”— Quick links thread:
Ugh, this student loan nonsense is a terrible scam that's only created a positive feedback loop with higher tuition rates.
I find it interesting that you and I would come to that same conclusion (though probably vastly different opinions).
We’re not legally required to disclose when we change your interest rate
Holy Shit Snacks.