So, we’re making bacon on rye in the lab now. Science was never so savory.

Aren’t they inherently less secure than a TOTP code?

They can be, depending on the types of threats you expect to face. If physical theft is an expected threat, then a hardware token runs the risk of being stolen and abused. For example, your attackers might just buy off cops to rob you and take your stuff. Having the physical device locked with a PIN/Passcode can mitigate this threat somewhat. But, that just becomes another password the attackers need to figure out.

On the other side of the coin, TOTP applications have started offering Cloud Backup options for accounts. What this demonstrates is that it’s possible to move those accounts between devices remotely. A hacked device means those codes may be exfiltrated to an attackers device and you will be none the wiser. Good security hygiene and device hardening can help mitigate these issues. But, it also means you need to a lot of trust in a lot of third parties. Also, you need to be unimportant enough for an attacker to not burn a 0-day on.

Ultimately, security is all about trade-offs. If you worry about physical security and don’t expect to face a threat which might compromise your phone, then a TOTP app might be a better option. If you are more worried about a hacked device being used to leak credentials, then a physical token may be a better choice. Each way you go has some ability to mitigate the risks. PIN for a physical token and device hardening for TOTP. But, neither is a silver bullet.

And, if your threat model includes someone willing and able to engage in rubber hose cryptanalysis, then you’re probably fucked anyway.

I’ve heard that in the US, the 5th amendment protects you from being forced to divulge a password, but they can physically place your finger on the finger print scanner.

Ya, it’s a weird space that you cannot be legally forced to divulge a password, except in cases where the content of the drive is a “foregone conclusion” (as defined by the US Supreme Court). But, they can absolutely collect biometric markers (including forcing a fingerprint scan).

As far as the rest of it, it seems to be happening with every filament I slice in Prusa slicer.

This just reminded me of an issue I was facing recently. I also use Prusa Slicer and was having a hell of a time with my prints. It turned out to be the “Arc Fitting” setting.
In Print Settings - Advanced - Slicing look for the *Arc Fitting setting. When I had it set to “Enabled: G2/3IJ” it just completely borked my prints. Just weird problems all over the place. As soon as I set that to “Disabled”, it cleaned up my prints considerably. Not sure exactly what I’m giving up there, but I do know I’m getting much better prints.

I’m glad to see them trying and I really do want to see competition in the digital game storefront space. However, I have zero trust in EA to not try and fuck me as a customer at some point. So ya, no matter how good of a fee structure they offer devs, they will continue to lack the one thing devs actually care about: customers.

Also, as a Linux gamer, it’s really tough to consider a store front which doesn’t offer a Linux client. Sure, I might be able to get their app running in Wine. But, at that point, maybe I should just go support the company which is supporting me.

If you haven’t yet, try a cold pull and see if that helps. I personally just do a cold pull every time I change filaments. Maybe it helps, maybe it’s overkill, but I rarely have issues around clogs.

Other things to think about:

1. Does this happen with other filaments? Maybe your current filament is wet and needs drying. Maybe you just got a bad batch.
2. Does slowing down the print speed for infill make a difference? Perhaps this filament is just flowing differently and you need to change the printing temperature, flow rate, or just slow down.
3. How old is your nozzle? They do wear out and a worn out nozzle can manifest as all kinds of wonky problems.

What Im observing though is more and more indies filling the void with smaller and cheaper games due to easy access to digital distribution. Not exactly a new take as its been hapening for over 15 years now. Interestingly, Epic seems to not take the same stance as Steam does in this space. Where steam gives pretty much any shovelware the same chances, Epic wants to be super picky about these low budget titles. Where is Epic’s Balatro?

This reminds me a lot of the days of the original PlayStation (PS). Nintendo was the large, dominant company. But, they were also really, really picky with the games they let on their platform (still are). Along comes Sony with a better physical format and a willingness to let just about anything on their system. And there were a lot of terrible titles on the PS; but, there were also some real gems from smaller devs and lots more choice for people to find what they wanted to play. That openness and plethora of options drew people to the system. Sure, Nintendo is still around and still a juggernaut, but they gave up a lot of market space to Sony.

Sweeney and many of the big studios seem dead set on trying to replicate lightning. They keep churning out Fortnight clones, live service games and lootbox infested grind fests. None of this is because they want to make a game for players, it’s all a bald-faced money grab. And it comes across so clearly in their games. Yes, big budget games cost a lot of money and I don’t begrudge studios trying to make money. I’m more than happy to throw money at devs who make a great game (I just pledged ~$250 at the Valheim Board Game project, based mostly on the fact that I fucking love Valheim). I’ve also bought into way too many Early Access games, because they looked like they had the bones of good games. But, the big budget games seem to get lost trying to pump every last dollar out of your wallet and just quickly become a turn off.

I remember one particular instance in Dragon Age, where an NPC had a “Quest Available” marker floating above his head. When you talked to him, you quickly discovered that you could buy his quest and the game was happy to kick you over to the EA store so that you could buy his quest right there. Fuck that noise. I’m not against DLC, but that sort of “in your face” advertising pisses me right off. Hell, I’m one of those weirdos who likes the Far Cry series. I put tons of hours into Far Cry 5 (seriously, the wing suit was just good fun). Far Cry 6 was ok and I did finish it, though the micro-transaction spam grated on me hard. After that experience, I’m not sure I want a Far Cry 7.

And I think that points to the elephant in the room. Big publishers, like EA are so focused on making profits, they have lost sight of making a good game. Give me a solid, complete experience. Give me good controls, enough story to hold the action together and just a general sense of fun. Once that is in place, then maybe throw hats for sale on top of that. But, when lootboxes and micro-transactions are core to the gameplay and the game is balanced to force you in the direction of buying that crap, fuck your game. If the core gameplay is designed to suck so much that I want to buy cheats to bypass that core gameplay, I’ll save myself a bunch of money and just skip the game entirely. There are way too many options available out there, which don’t suck, for me to waste my time and money shoveling your shit.

weirdos who bought a bunch of bud light only to shoot it after

In fairness, a bud light can being ripped apart by a .22 hollow point is a pretty awesome sight. And what else is canned horse piss good for?

writes Nestler. “We want to hear from you when you think Reddit is making decisions that are not in your communities’ best interests. But if a protest crosses the line into harming redditors and Reddit, we’ll step in.”

Translation: We don’t really give a shit what you think. Now shut up and generate that content for us to sell to AI companies.

According to T-Mobile’s 2023 Annual Report they had $8.3 Billion in Net Income in 2023. A $31.5 Million dollar settlement isn’t even a rounding error. Unless and until these fines start actually cutting into profits, in a significant way, businesses aren’t going to care about cybersecurity.

We really need to take a page from the EU’s GDPR and start assessing these fines as a percentage of global annual revenue. Quit dicking around and make the fines high enough that companies make the secure choice, rather than the cheap choice, because the ROI for the cheap choice includes a high risk of “fuck you” level fines.

While I don’t agree with the criminalization of marijuana, it’s really rough when it comes to a prosecutor and a law they may not like. Step back and ask the question, “should an Attorney General (AG) be allowed to not prosecute laws they don’t agree with?” You might be willing to say, “yes” for laws you also don’t agree with; but, what happens when it starts to cover laws you want to see enforced? Should “prosecutorial discretion” effectively allow an AG a complete veto power over the laws as passed by the State and Federal legislatures?

As much as it may suck for the person in that position, it would be really bad for democracy to allow that sort of power. We empower an AG to enforce the law as written. But, we also expect that they will enforce the law as written. So ya, I would expect that Harris (or her office), as AG, prosecuted marijuana cases. That’s really what the whole “rule of law” thing means. It means the laws, as written, being enforced on all people. And it’s up to us, the people, through our representatives to get that law changed.

And hopefully, this will work out to be more than an empty campaign promise. Though, I don’t plan to hold my breath.

Some employees have accused Dell of trying to shrink its workforce with this policy

There’s the real goal. Cut headcount without directly cutting headcount. Of course, the headcount which bails first will be the highest performers with the greatest ability to find other employment. But, that won’t show up on the bottom line for a few years.

Necessity is the mother of invention. Laziness is the father.

Although thinking about it I could clip the PEI to the glass giving it a flat bed…

Having had a similar issue, actual bed more warped than a TV preacher, and a dead, impossible to replace leveling sensor. I moved to a glass bed. But, now that you mention it, this seems like a great way to get then PEI adhesion and have the bed actually level. Just ordered some larger clips and I’m gonna try this out.

I suspect every security baseline is going to include guidance for removing recall. There’s just no reason for this sort of malware on a system.

Reality often takes a backseat to narrative in books/movies/games/etc. If you want to “well akshuly” your way though a book, you’re likely to find a lot of details the author got wrong. At the same time, those failed details may provide useful ways for the author to move the story or scene along. “Moonrise” is one of those areas where, if you polled most people, the majority would probably get it wrong. But it’s a useful trope in stories where clocks and precise timekeeping aren’t a thing and where lunar accuracy is also not important. A character saying “it’s well past moonrise” will convey to many readers the idea that it’s pretty late in the night. Could it be done another way? Sure, but the trope gets the job done and not one really cares about the inaccuracy.

This seems suspiciously similar to the Parable of the broken window. Sure, overall security has increased, but it has costs. That said, since we will invariably have criminals, it has been a good thing that companies and individuals have gotten more aware of the risks and are taking actions to protect themselves.

the filibuster bound Senate will never convict.

The filibuster doesn’t really enter into it. Article I, Section 3 of the Constitution requires a 2/3 majority to convict:

The Senate shall have the sole Power to try all Impeachments. When sitting for that Purpose, they shall be on Oath or Affirmation. When the President of the United States is tried, the Chief Justice shall preside: And no Person shall be convicted without the Concurrence of two thirds of the Members present.

The only positive fact about Thomas’s tenure is that the guy is 76 years old. The actuary tables look worse and worse for him every year.

While it was kinda lame for Mozilla to add it with it already opted-in the way they did

That’s really the rub here. Reading the technical explainer on the project, it’s a pretty good idea. The problem is that they came down on the side of “more data” versus respecting their users:

Having this enabled for more people ensures that there are more people contributing to aggregates, which in turn improves utility. Having this on by default both demands stronger privacy protections — primarily smaller epsilon values and more noise — but it also enables those stronger protections, because there are more people participating. In effect, people are hiding in a larger crowd.

In short, they pulled a “trust us, bro” and turned an experimental tracking system on by default. They fully deserve to be taken to task over this.

As with most things, it gets easier with practice. After enough practice, you’ll find many of the actions and reactions of driving will become habits you do automatically. Which is one of the reasons it’s a good idea to practice good habits now, as practice makes permanent. Take your time, and try to be predictable to other drivers (use your signals, don’t make radical maneuvers). And don’t let the assholes who think the horn is an “I’m annoyed at you” button get to you. Fuck them and the camel that came on them. Take your time and make sure you are driving your car in a way you can control.

As for learning on a manual, yes that increases the difficulty. Depending on the specific vehicle, it can make it easier or harder. Some clutches will let you get away with murder, others will murder you for being less than perfect. Many years ago, my brother owned a car with a clutch that was just brutal. It would go from “not engaging” to “fully engaged” within the slightest movement. My truck, on the other hand, the clutch was so forgiving, you damn near couldn’t stall it. Thankfully, I learned to drive a stick on my truck and when I tried my brother’s car, it took a lot less time to get used to it. As above, take your time and it will come to you with practice.

Are there seriously no lemmy users on a Mac?

Artist are probably still on Reddit to access the larger user base.