Creat

Creat , 8 days ago

The gyroscopic effect of slowly spinning, light bicycle wheels is negligible compared to the weight of the bike and it’s rider. If it was what keeps you upright, riding a tiny scooter-thing with skateboard/inliner wheels would be impossible. I mean those without motor, pedals, where you push yourself forward with one foot on the ground), often for kids.

What actually keeps you upright isn’t a physical effect, but just training your brain to instinctually keep you upright. While you’re moving, turning the handlebar effectively moves the bike below you left and right. So if you start tilting to the right, you turn right (slightly) so the bike/scooter is moving below you to compensate. That’s why learning to ride anything that is balancing on 2 wheels takes a relatively long time, but only once. Then your brain knows what to do, and it just works without thinking about it.

Creat , 7 days ago

Normal bikes that you just push aren’t that stable without a rider, but you can get it some distance. They still fall over rather quickly. That’s mostly the form of the handlebars like gnu commented. And yes, without a rider, the gyroscopic effect is relevant. A bike weighs let’s say 15 kg, and a rider is commonly like 75kg. Of course removing like 80% of the weight changes if the gyroscopic has a meaningful influence. Add the rider back, and it becomes negligible again.

This is of course even more pronounced if you push only a wheel with nothing else, then there’s nothing left but momentum and the gyroscopic effect.

The reason you lean into a turn is exclusively the centrifugal force (not sure that’s the right twin), if you don’t you fall over because you have nothing to turn against. Changing direction needs something to push against.

Creat , 14 days ago (edited 14 days ago)

There’s also mods in satisfactory. For example “satisfactory plus” is essentially a full rework, increasing complexity by 2-3x. Obviously needs to be updated for 1.0 first though… Just in case you need something until factorio dlc at the end of October.

Edit: if you’re familiar with factorio mods, it’s similar to and inspired by bobs+angels.

Creat , 14 days ago

Satisfactory with it’s 1.0 release yesterday. Just pure serenity.

Creat , 16 days ago

Any password manager should be able to “type in” the password. Or be a browser plugin that doesn’t rely on copy pasting, but use other mechanisms to inject it directly into the field.

But yes, if that’s their online portal, I am not kidding I would change banks.

Creat , 17 days ago

Getting them there wasn’t exactly smooth either…

Creat , 20 days ago

That story is genuinely hilarious. And from the judges summary judgement it really does sound like the license holder of the disputed songs did some legal juggling just to be able to play the victim and sue Spotify. What an odd business plan…

Creat , 26 days ago

That’s not actually a solution when talking single-use either. Remaking the bottles from recycled glass is incredibly energy intensive and not an environmentally friendly process either. Multi-use bottles are much better, but the cleaning required also isn’t that simple and also relatively energy intensive (far from remaking the bottles of course).

There’s also practical downsides to glass (heavy, breakable), but those are subjective and their relevance highly depends on the use case.

Ideally, we wouldn’t buy stuff to drink in any kind of bottle, but just use tap water. possibly just buy some concentrated stuff to then make your actual drink at home. Nothing beats the effectiveness of transporting water through a simple pipe, but that isn’t even possible everywhere in the world due to drinking water quality issues…

Creat , 26 days ago

Good job with reading you did there. Your didn’t even make it 8 words in and already decided to comment. Maybe give it another go, if you dare, and try getting a little further this time.

Creat , 30 days ago

The “key” of an m.2 defines what the pins mean, basically what signal they carry (PCIe, USB, …). There’s a nice table here, if you scroll down a bit. Some are extensions to others, and are pin compatible (meaning the things they have in common are on the same pins).

A key and E key are very similar, while E just provides a few more interfaces, but importantly A doesn’t provide anything the E doesn’t. So any card that can work in A can also work in E. This is why A+E is so common: they don’t require the Mainboard to provide E, only A, but both will work so both notches are present.

Creat , 1 month ago

Yup, that’s the correct reaction.

Creat , 1 month ago

“just export it” sounds so simple, but the required infrastructure is actually incredibly expensive. Also most of Europe is already pretty tightly connected and trade does happen to a significant degree, but I have no idea what the actual percentage is or if it’s used to balance oversupply and/or shortages. Kinda hard to find reliable sources for that.

Creat , 1 month ago

is under active development.

The latest release is from 2018 though? So they just refuse to call something “stable” and everyone has to pick between nightly and beta or something?

Creat , 1 month ago

She did probably win some local chess-related competition, which technically makes her a “chess champion”. See also parks & rec “award winning” meme/quote.

Just typical editorial exaggeration and clickbait, par for the course in today’s “journalism”. I hate it.

Creat , 1 month ago (edited 1 month ago)

Might wanna fix your formatting Mr. Bot…

Edit: nevermind, sync for lemmy is just bad at formating. I knew it had issues, but didn’t know how bad it was until I had seen this recently.

Creat , 1 month ago

Amended my comment, yes it’s my client and shows fine on desktop/browser. Sorry for the drama.

Creat , 1 month ago

You might want to actually read the article, cause that’s completely missing the point of the program, and ignoring all context. As with all things, context matters.

It’s a free market though. You can just buy from the wonderful companies that are Dell or Lenovo instead. Don’t try to look to closely at them, or you won’t be able to but a laptop ever again.

Creat , 1 month ago

All these news about in-development technologies in the renewable energy sector are causing real fatigue for me. This would be great news if it was commercialy viable, but it isn’t. It never is. If all the news about amazing new battery technologies were viable, we’d have 10x the capacity by now with cells that have zero fire risk and last 10 million cycles. But it’s always laboratory conditions.

Gonna be honest, I kinda stopped paying attention to news like this, it’s a flood of theoretical advancements. I care about it when I can buy it.

That being said, obviosuly the state-of-the-art technology has made significant advancements in the last 10 years, but it’s been incremental (it always is) and nowhere near the numbers that are thrown around in reports and articles like this.

Creat , 1 month ago

We’re saying the same thing with different words. Your prespective it’s “its’s so great”, mine is “it’s gotten slowly better”. I’m sick and tired of reading about some irrelevant technological breakthrough with +10% solar efficiency or +30% battery density in some laboratory every 2 weeks. Actual change comes in (very) low single digit percentages for efficency of panels per year (or similar for battery density). Not once in the last 30 years did we have an actual jump for stuff you can buy (within a short timeframe) that comes close to the hyperbole in these reports. The advancement in price can probably be attributed to scale of production most of all though. Who would buy

why are you reading posts in a technology community? That seems self-destructive. Go actually look at that community maybe? Only the energy-pseudo-news in here is like that. The rest is mostly actual (relevant) news around technology and/or companies in that space. That’s my ENTIRE POINT. Thanks for emphasizing it. It’s not just that: renewable energy news has been like that for actual decades, no other field has this problem as far as I can tell.

Creat , 1 month ago

You guys really seem to have a hard time to understand my point, so that’s on me. Clearly I didn’t explain it very well. First, look at my reply to GreyEyedGhost. Let me reemphasize from that post: I have never said or intended to imply that there were no advances made in the last 20 or 30 years. I have no idea why you keep bringing up long term (price) developments at all. It wasn’t even about price at all, please go back and read my comment again.

Let’s address your points: Of course stuff has gotten cheaper, as that’s how “scale of production” works. That’s how the price AND the “doubling of installed capacity every 3 years” were achieved. Nothing about that is a technological breakthrough, it’s just production capacity you need for this.

Of course there were improvements in technology (solar efficiency, battery density and others, wind “stuff”, …). But none of those were anywhere near those claims that you read in these pseudo-news. It’s a percent here or there. Look at the nice graph on Wikipedia. See how those lines go up very very little per year? Yet in the article that sparked this thread, it’s a whopping 10%! Unfortunately, the cells fall apart when they get warm. No idea how a solar panel would ever get warm. But hey, let’s make another headline claiming amazing gains, can’t ever have enough of those!

Creat , 1 month ago

That’s pretty definite by any measure.

Not really, sorry. The complaint still is that the announcements are of some magical huge improvement that is just not real. They might work in a prototype, maybe in a laboratory, or the thing just disintegrates after being exposed to water or something. Of course the results influence existing or future products, that’s how the real world improvements come about.

By the time you modify the prototype (or whatever) into something that is actually real world production viable, with a reasonable lifespan and production costs, there’s barely anything left in common with the hyperbolic announcement about fantasy stuff.

I stand by that statement you highlighted. And the fact that it isn’t hyperbole. With all of these achievements being released as clickbait news articles, somehow when something exciting it’s actually everything the market, it’s crickets. Like solid state or “salt” batteries are starting to become products, seen any articles on those posted here recently? Or in news outlets in general? I haven’t, but I honestly could’ve just missed them, or they didn’t gain as much traction.

Creat , 1 month ago

Maybe they down vote because they think I don’t like the research or think it’s pointless (far from it). The only thing I dislike is the reporting about it, and even there mostly the clickbaity headlines intentionally misrepresenting the facts. It’s clearly intentional, because when reading the articles it usually becomes quite clear that the author was well aware.

I can also imagine that articles like that stop at least a couple of people here and there from adopting solar for their home, cause they read what they think means that there’s about to be a 10% efficiency increase for panels. Clearly that’s a time to wait, not to buy! The number is people that only read the headline is probably uncomfortable high, but I got no clue what the actual percentage is, or if those that don’t click through take the headline at face value…

Creat , 1 month ago

Are you taking about patents? Cause a world without copyright doesn’t sound very fun to me. Or anyone in a remotely creative job.

Ever for patents: There’s a reason innovations are protected literally anywhere in the world, but the durations being ever longer is a real problem (5 years would probably be fine). The basic concept is still just straight up necessary.

Creat , 1 month ago

I agree that the current state of laws is overkill by about an order of magnitude, and that’s obviously bad.

But you do need some amount of protection for works created. Imagine being a photographer, you can’t make money. You make some nice photos, and how do you sell them? If you send a sample to someone, they can just print that and you can do nothing. There’s no copyright after all. It isn’t somthing you can protect legally, so you can’t stop them or sue them for compensation. There’s also a flip side from the corporate perspective: You might find employment as a full time photographer in places that need them, but what about all the companies that just need an occasional picture? You can’t contract it out, because you have no way to negotiate anything if their work isn’t protected, you can’t even look at samples cause nobody would ever dare showing any or they might just be used.

Creat , 1 month ago

It highly depends on the job. Some companies run fully on Windows, no exceptions. There it obviously would not help. But many still either host various services on Linux, or buy hosting/cloud commuting that is Linux based. There it might even be necessary.

It also depends on what you mean by “power user”. I would generally advise you to look into the server side of things. In my work, there are zero Linux machines that have a GUI of any kind installed. t The 50 or so Linux machines are all administered through SSH and Shell.

Creat , 1 month ago

And that is why we don’t buy things that depend on proprietary apps and/or cloud connectivity. Can’t break my shit if it’s local only.

Creat , 1 month ago

I remember that Asus did this back in the day at least, not sure if they still do. But I remember having rss feeds for at least 2 of my motherboards in my reader, back when rss was actually widely used. It’s been like 10-15 years though…

Creat , 2 months ago

Arguably gambling.

Creat , 2 months ago

This is still not an ordinary failure by your definition of it being a single point that failed. It’s was like half a dozen “things” that went wrong for that plane to get into the air without those bolts. From not putting them in, to missing inspections, missing cross-checks. Sounds extraordinary to me. Which is the whole point of why it’s a deeper issue, showing systematic problems at Boeing and it’s partners, and the FAA not doing it’s job, too.

Creat , 2 months ago

It’s also numbers. YouTube has given creators tools to literally benchmark thumbnails. You can just see which one does better. The vast majority of people unfortunately are susceptible to the same patterns. In the end, you need people to click on your video or they can’t watch it (which is the point here, to inform people). So here we are.

For example, thumbnails with faces work much better than without (doesn’t really matter what or who the face is). I find that monumentally stupid and weird, it just is what it is.

Creat , 2 months ago

It isn’t a Microsoft issue in the first place. Doesn’t mean switching to alternatives isn’t a good idea, but this one isn’t on them for a change.

Creat , 2 months ago

Ah so it’s a linux problem when the gpu driver causes instability, cause NVidia is making a shitty and proprietary linux driver and the market share is too small to warrant putting more effort in. Linux doesn’t have it’s own fully-featured graphics driver, so that company has to come in and provide their own since linux can’t supply it. And mistakes happen. Roughly the same logic.

That’s not linux fault. Neither is it Microsofts fault when a company selling a security product decides it has to run in kernel mode and then they don’t properly test a release and just decide to yolo it.

Creat , 2 months ago

I didn’t initially read the title and guessed it was “new world order beyond heavy metal”. Reasonably close I’d say.

Creat , 2 months ago

This is a very complicated and backwards way of saying: it’s not illegal, you’re required to talk to a specialized counselor first though. That’s also frankly not an un reasonable requirement.

It’s not that complicated.

Creat , 2 months ago

Because there are laws that specify when the brake light has to come on, and it isn’t when the car shows down (slightly). You could be starting to go up hill, or a list of other reasons. The point of brake lights isn’t too signify the car slowing, but that the driver intends to slow down. Which is also why it doesn’t come on if you’re motor breaking" (is that the right term?).

This obviously varies wildly depending on where you are in the world. I’m also sure there are some places where it would be allowed.

Creat , 2 months ago

Oh yes, that sounds right. Thanks!

Creat , 2 months ago (edited 2 months ago)

That is indeed US-specific. I’m in the EU, and here it’s defined by when and how it’s switched. Specifically, it is required to be tied to the brake pedal (i.e. then intention to brake) and/or the hand brake being pulled. It is not allowed to illuminate otherwise. But the exact specifics probably also vary by country here. That’s why I emphasized that part.

EDIT: There are actually deceleration values in some laws, possibly tied to regulation of EVs and the regenerative braking. Since that isn’t necessarily tied to the brake pedal when silmulating engine braking, but can be adjusted in strength at will (it isn’t tied to the mechanics of the drag of an idling engine as it would with an ICE). A quick google told me that the lights are allowed to come on at 0.7 m/s² and are required to come on at 1.3 m/s². This obviously implies that they are NOT allowed to come on below 0.7 m/s². This still applies only to (pure) EVs, as far as I can tell (not hybrids, and not ICE powered cars).

Creat , 2 months ago

For it to do that, “Auto-Correct” in the Gboard settings has to be on. You can also kind of accidentally kill a feature like this by having a single lowercase i added to the dictionary. If you have, just remove it like someone showed above. Note: there is no list of words in the options anywhere where you can see the list, you can do it while typing anywhere though. Just type a single I, press space, then backspace, then drag the single “i” entry from the suggestions to the trash that appears when you hold the i.

side note: I have typed this comment using Gboard glide, and I had to correct a total of 2 words. Everything else was recognized as intended.

Creat , 2 months ago

Basically any game that doesn’t in itself follow a story, so you are the story (or make it). For me personally it’s building and factory games, like Factorio, cities skylines (1 or 2), satisfactory, Kerbal Space program (1 only), Rim world.

This list is essentially endless.

Creat , 2 months ago

The point is you physically and locally back up the database. Put it on your computer, or a flash drive or whatever. You can set a different, longer password for backups, and I would recommend you do that. When you get your new phone, you just copy the database into it and load it into a freshly installed Aegis. You don’t even need to self host anything, there is nothing to host.

Not everything needs to be “in the cloud”. I think this event illustrates nicely why.

Creat , 2 months ago

Well I thought this was kinda obvious what I meant, but I guess not. What you say is a requirement (sms recovery of a cloud account) is just one of many solutions to your specific problem. I’ll just list off a few solutions below that involve neither SMS (the most insecure communication method in common use today) and only optionally a cloud account. For cimplicity sake I’ll stick to Aegis, where you can create password-protected local backups you can then put wherever you want. This password needs to be very strong for obvious reasons: I would recommend a long sentence (40 characters or more) that you can just remember, like a quote from a movie/tv show/book/poem or something, including normal punctuation as a sentence for example.

Solution 0: This is more of a trivial solution I wouldn’t actually recommend. You can allow account recovery via eMail and have your eMail not use 2fa, but a long/good password so you can login from memory (see above). This is probably more secure than SMS for the recovery-case, but less secure for the everyday use case of eMail, therefore “not recommended”.

Solution 1: USB Sticks are tiny, as in the size of a USB port (slightly longer but slimmer for USB-C). If you want to have a backup “on you”, I’m sure you can find a place where it wouldn’t get robbed with the phone/wallet. A tiny pocket somewhere, a string around your ankle, make a compartment in your shoe, or just have it with your luggage at the hotel. I’m sure you get the point. You get your new phone, you plug in the USB, you install Aegis and restore the backup.

Solution 2a: Dedicated “online” storage. This can be self hosted, or a free account of any cloud provider, but the important part is that it does NOT require 2FA and you do NOT use it for anything else. You have the backup in there. It also needs a very secure password (again: long, but easy to remember, no garbled letter nonsense), but obviously not the same as the Aegis-Backup. So you now need to remember 2 long passwords. You get your new phone, you log in, get the backup and proceed as usual.

Solution 2b: If not having 2FA is not an option for the solution above, you can have a friend/family store the 2FA on his phone. To log in, you go to the login page and enter your password (which your friend doesn’t need to know), and you ask him over the phone for the current 2FA-Code, which he tells you and you can log in, download the backup and proceed as above. I assume such a high security isn’t that critical, since you have been using something involving SMS. Restore then goes as per usual.

Solution 3: Store the whole backup with a friend and when you need it he just temporarily puts it somwhere you can access, and removes it again after. Since the backup is protected by a monster of a password, and the accessibility is temporary anyway, this isn’t security critical.

Solution 4: If you absolutely must, you can find a cloud-provider for 2FA, and use it only as the “first stage”. The only 2FA code in there is the one you need to get access to your main online storage/account where you then have your real Aegis-Backup and/or other files. Obviously this service would need to allow you to login without 2FA, and the usual password rules resulting fom that apply. You can just add the 2FA of your primary service to more than 1 app or service, or if it allows for this, you can generate multiple authenticators so you can also revoke them serperately if needed.

Creat , 2 months ago

2a. No 2fa, so this is a reduction in my current security

That’s open to interpretation. Your current solution you thought was secure, but you used a service that as it turned out had bad security practices, which you just didn’t know (arguably couldn’t know). ANY online/cloud service that you don’t host yourself has this issue with being a black box of unkown quality. Any online service you do host has to be secured by you (or you need to trust that the base setup of that tool is “sufficiently secure”), and is in essence limited by your knowledge of the tool and technology used. Also if you’re reusing any passwords, anywhere, just stopping that practice is likely more secure in practice compared to 2fa in isolation.

2fa in general isn’t just plaing “better” than not having it, security is rarely this black and white. It also depends on what is allowed to be the “second factor”, and since yours included SMS, it really wasn’t secure at all (like others have also mentioned in this thread). And it depends on the password of course. For example if you use a really secure password (30+ characters), and don’t reuse it, it will in practice be more secure than a short(ish) password and a 2nd factor that allows SMS. Generally 2 factor is used as a term for 2 categorically different athentication methods: one thing you know (password, pin) and one thing you own (phone, physical device/key, or a file works too). The problem is that SMS doesn’t require your phone. It’s incredibly easy to get the SMS without having your phone (even easier with physical proximity) or flat out faking owning your phone number (dpends on a lot of factors how easy or hard that is in practice, doesn’t require physical proximity). Basically, if someone actively targets you and/or that account secured by SMS 2fa, it isn’t overly hard, but it’s good enough at preventing giving access through a data leak for example.

So, back to the security of “solution 2a”: how would someone get access to a long password you don’t use anywhere else, that isn’t written down anywhere (or nowhere accessible), and where you essentially never need to use/access the account in the first place? Nobody would even know that whole account exists unless you specifically tell them, let alone knowing how to get in. Note that this can also be combined with the concept in solution 4, so you’re then using it to only restore a single 2fa code. So that “safety net fallback account” very rarely needs to be updated with a newer Aegis-Backup, making it even more obscure/unknown. That 2fa code then lets you access your normal account and backups, and you restore the full suite of 2fa you need.

It boils down to this: local 2fa with a backup means you need to get access to a single file to securely restore full access to everything. That file can be transmitted insecurely (due to strong cryptography and hopefully a good password not used anywhere else), but I wouldn’t store it out in the open either. On the other hand, any cloud based solution is an inherent black box. You trust them to properly do things, and you only know they didn’t once it’s too late (like Authy). It also means they are, by nature of what they do (storing account access information), a target and if the attacker is successful, you’re the collateral without having been explicitly targeted. Maybe there are sevices out there that let third parties audit their security and publish the results, but I don’t know of any and it would probably increase the price by an prohibitive amount for most people.

Creat , 2 months ago

Well to be frank, the fact that you’re asking this shows you haven’t really understood what makes something secure or insecure, or it isn’t as important to you as you claim. If you want your stuff to be secure, your phone is the only “thing” that generates the 2nd factor. Especially things that are critical shouldn’t have duplicate devices being able to also generate codes. If you do want to generate codes for less critical accounts somewhere else, you should register a 2nd TOTP generator with that service and use one each per other machine. That way, if something gets compromised, you can just revoke those devices preventing any damage without having to re-setup existing 2fa again for the devices that weren’t compromised.

Now aegis is Android only, like you said. It also has no way of syncing with another instance (by design). It’s local only, it can just do backups. Having it send the highly critical information anywhere kind of defeats the security-purpose of it being local only. It adds a whole communications protocol that has to be secured, and somehow you have to authenticate the other side and so on. This also probably doubles the complexity (or at least size of the codebase) for the project, which then makes audits harder et cetera. Aegis currently does one thing (generate TOTP codes), and does this very well and as secure as it can without compromises.

Now for an actual answer: Most password-managers can also generate TOTP codes, like KeePass or KeePassXC to name two open source ones. But it’s their secondary purpose, with the primary obviously being storing the passwords. I’m not going to get into the implications of storing a TOTP code generator secret together with the password of the account it protects, let’s just say there are some. Since the actual secrets are stored in a (secured) database, you can sync these between devices. Or you can just create multiple TOTP generators for a single service and keep them separate.

Or we circle back to something server based, like BitWarden, which is primarily a password manager but also does TOTP. It’s a commercial, server based solution that is free for individuals. I’m not sure what the current limitations are for those accounts, like number of entries or just who you can share stuff with and so on. There is a open source implementation of their protocol called VaultWarden, where you can self-host the back end and not rely on the company securing their servers properly (and/or not being collateral damage in a breach of some kind). Again, combining password + TOTP-storage in the same service that is accessible online should be done with considerable thought to how it’s secured, but you could use this to only store the 2fa aspect as well.

Creat , 2 months ago

As far as I’m aware, the aegis database format is only used by them. You also can’t do an automatic import (only export), so keeping multiple systems in sync (particularly more than 2) can only be tedious.

If that’s what you’re after, just use a KeePass database, in particular if you’re already using one anyway. Most clients can sync with a remote storage (like Keepass2Android or KeePassXC on multiple platforms), and I do mean real sync: Both sides can have modifications, and it’ll consolidate them correctly (of course unless both have modified the same entry, then you’ll be prompted). Just throw the database onto a nextcloud or something, as the clients can also usually talk to that directly without another app doing the file transfer (at least Keepass2Android can).

BitWarden has a pretty good reputation, and is a frequent recommendation as well. But then again, so was Authy… With your own VaultWarden as the backend (if you can easily host that yourself) it would be a no brainer as a near universal solution. And this would probably also be “secure enough” for normal, everyday purposes. It can import and export a KeePass database btw, if that helps.

Since I haven’t actually said anything about how I’m handling this, here’s a quick summary: Critical accounts use a complex password (stored in my password manager) and the 2FA is only stored in Aegis. There are generally backup codes on paper stored “somwhere safe”, if this is supported by the service (google does, steam does, …). On any account that just happens to require 2FA, but I don’t use it for anything critical, the TOTP is just stored inside my password manager, for convenient auto-filling. Examples are a Twitch account (I don’t stream, I just happen to have an account for chat and stuff). My password manager is also KeePass-based and used on multiple systems, sync’d via nextcloud and with a mf’er of a password (plus an additional factor). I generally don’t reuse passwords anymore, at all, ever: They are generated, at least 24 characters long (usually longer) unless the service prohibits passwords of that length (yes, this happens, surprisignly often actually). The password database is of course backed up in like 3+ different locations, and some are located somewhere physically different (i.e. not at home).

Creat , 3 months ago

What else do you want from that email? You got a new subscriber. There’s their name. Why change the layout just for the sake of change? Surely there are people having rules or automations tied to them, why brake them? Just for funsies?

Creat , 3 months ago

But that’s my point. They didn’t change. In decades. Did your even read the OP?

Creat , 3 months ago

Another name, depending on the exact context, is “hairpin NAT”. Should make googling with the specific router OP has easier.

Creat , 3 months ago

Yea imagine this was a video of soldiers of some state murdering people. Same argument. You still agree? Also a video of one (or more) stabbings.