Imo the best pushback is to leave and make twitter irrelevant
Imo the best pushback is to leave and make twitter irrelevant
I've been downloading tons of my Spotify music using spotdl and sticking it on Plex, which kinda accomplishes most of what you want. I then organize it with lidarr. Spotdl doesn't actually download from Spotify but it uses Spotify metadata to tag files after matching with and downloading from YouTube music, it might just use youtube-dl/p under the hood but being able to give it a Spotify playlist, artist, or album url from Spotify makes it super convenient. For some artists I just download the entire artist in one go.
The official newpipe isn't on the play store because it breaks their terms of service, which makes sense considering 2 of the 3 "newpipes" on there are just completely different apps using the name and logo of newpipe. The third is actually newpipe but with loads of ads added, not sure how long it'll last before Google nukes it.
But yeah for newpipe just get the offical ad free and open source version from TeamNewPipe on GitHub or on F-Droid in the main repo. Or if you want newpipe with no ads and also with sponsorblock, you want to get it from polymorphicshade on GitHub or through F-Droid with the Izzyondroid repo.
For this reason I hope the element X rewrite also replaces element on desktop eventually. The element X beta android app is so much snappier than element with the new sliding sync, it's supposedly 6000x faster but it just feels on par with signal or any other performant app, not being impacted by how many rooms you're in or how big those rooms are anymore.
If I understand correctly, every sync feature that requires the subscription (and cannot be purchased by a one time fee) requires the sync dev to run a constantly online server. Translation makes calls to translation services that cost money, push notifications require a push server since Lemmy servers don't include support for it, etc. Removing ads doesn't cost sync ongoing cash which is why you can get it for a one time fee.
Seems reasonable to me.
Imo calling his channel satire for his use of comedy is akin to calling TechLinked satire because of their use of comedic quips, heckler, and goofy quick bits transitions. Satire implies a level of irony or insincerity, which I don't think code report falls under. His videos might be comedic but the topics covered are serious and factual.
It pretty much just looks like any other mundane nutrition facts. it doesn't call your attention to the amount at all or give any indication that 390mg might be high. I assumed it would be on the level of tea until I couldn't sleep at all the night after I had one (and I had it at like 2pm too, not even in the evening), and I still didn't make the connection until I later saw it in the news. I don't recall any other brand marketing using the term "charged" to indicate caffeine so I don't get people saying that everyone should understand that "charged" means caffeinated. "Spiked" and alcohol content sure, that's obvious, but "charged" is so vague.
That was about indexing without people's permission. This new system is opt-in so if you don't grant access in your settings, your posts won't get included.
The color of the bubble is only important because it helps iPhone users know who not to add to group chats, since the presence of a non-imessage user in an iMessage group chat downgrades the entire chat to grainy photos, no reactions/ read receipts, voice memos, typing indicators, etc. I don't blame them at all, many of them don't use any third party messaging apps because iMessage is built in and gives them everything that other chat apps have, with the benefit that they don't have to convince anybody to install it because all their iPhone owning friends have it preinstalled.
Watching the video and the head movement all I see is the Balenciaga ai meme
I believe Louis Rossmann said that giving a single dollar directly to a creator is more than a lifetime of watching their ads. Premium I think is really good comparatively but that's only because ads pay so little.
(https://youtu.be/4Q3ZXQZZlcE?t=55 is where he says this according to his cpm)
I almost exclusively print functional things so here's my list of things I've designed or printed:
Some of this could have been bought online but having a 3D printer really reveals how overpriced plastic stuff is. I rarely print something that costs me more than a few dollars in filament - and that's if it's a very large object, it's easily less than the shipping cost of an equivalent item alone, and small things can often only be found in large packs online while usually costing only a couple cents to print. And plenty of the stuff I print benefits from being able to be made custom and to the exact dimensions I need, for example the furniture leg extensions I made fit perfectly on the furniture legs and raise them up exactly as high as they need to be for my robovac to go under, not a centimeter more. A whiteboard marker caddy I made holds the exact number of markers I have / want to have and attaches under a light switch wall plate which I designed in order to avoid needing to attach it with command strips or screws (it gets clamped between the wall plate and the wall by the existing light switch screws). The first item I listed, the tubular key, was printed with the exact bitting needed for the lock (layer height of 0.05mm is enough vertical resolution for the key to work).
I pay for refrigeration destruction, but that's about it. It's strongly verifiable, additional, and as permanent as can be. It's through wren, which seems to be the most strict about credit quality since they removed all the other projects like cooking stoves and tree planting a while back leaving only refrigeration destruction and biochar, which also seems like a quality credit albeit many times more expensive than refrigeration destruction.
That said I don't treat carbon credits as offsets, just an additional charity that I do on top of doing my best to be sustainable, reducing, reusing / repairing, and responsibly disposing of things. At the end of the day you can only do so much individually so the only way to do more is to put some of your extra money somewhere that might do a little extra good.
Who also wants to bet that every update has a 10% chance of re-enabling it
Not wanting to use any app that goes to a google server for a lemmy app is being privacy focused. Telling other people their preference in not valuing the same thing is wrong is elitism - saying that no app should do something, and nobody else should use an app that does that thing, because you prefer it that way - that's elitism.
Sync and the people who like it aren't invalid just because your preference is being privacy focused.
Along the same lines, it's totally possible to espouse the values of privacy to others without being elitist, as long as you aren't talking down to other people or invalidating other people's preferences, because that's elitism.
My roborock has been revolutionary for my apartments cleanliness. I've had it about 1.5 years and I've only emptied the dock's bag twice (I live in a small apartment). I have the water change kit so it auto refills the docks clean water tank from the laundry hookup and auto empties dirty mop water down the laundry room's drain. I only have to clean the sensors and rinse the drain screen every 2-3 weeks but otherwise it's on autopilot on a schedule and my floors are spotless and free of dust and cat fur.
I think the main point of replacing sms with rcs is that it would be the default preinstalled carrier-agnostic-protocol messaging app on everyone's phones. If signal could be preinstalled and be an open platform instead of using centralized servers then I think that would achieve the same thing. But because it isn't, it can't be the lowest common denominator that everyone falls back to if you and someone else don't have the same messaging app preferences.
Right now, you can say "use signal" all you want, but if you make a friend who isn't interested in installing a messaging app, you have to fall back to sms. Rcs is just about making a better fallback option that people won't refuse to download because it's ubiquitous and supported by even the default preinstalled messaging apps.
I think you'll want to minimize using one battery to charge the other since that would cause more losses, so my vote is on keeping the SD full by playing off the external then continuing with the internal battery once the external is empty. That way most/all power goes directly from battery to being consumed.
I use both plex and jellyfin and my files are on a nas. Previously truenas but now synology. I just mount my collection over smb to my Intel nuc with quick sync so that Plex/jellyfin can provide me and my friends a slick UI as well as transcoding (can store stuff in hevc, flac, 5.1 or 7.1 dts hd ma and not worry about codec support on each device), a nice web player with subtitles /audio track selection, and nice apps on every device to access the collection.
But yeah NAS and jellyfin aren't mutually exclusive, many people use them together.
They said we were at least a few years out from a performance upgrade, but a refresh could involve other things like nicer screen, battery, hall effect joysticks, etc. So they could still preserve the same performance target and still release a premium version in the meantime.
For me the math worked out that it was cheaper to get a nuc with quick sync than to pay for the extra storage h264 uses, it's less than half the bitrate (usually ~2Mbit for 1080 compared to 8+), I have 23TB of content and my Intel nuc power efficiently transcodes to h264 on demand if the device needs it.
I am become burrito supreme, destroyer of toilets
After watching a Jackson galaxy video on how to stop your cat from waking you up early, I followed the advice of never feeding immediately after getting up, and instead doing a certain activity first, like making coffee. After a month of taking a shower before feeding, my cat no longer makes any noise in the morning and only starts getting noisy when I step out of the shower. So thats a good tip for those who can't free feed. I also started collecting every toy and putting them in a secure box before bed since she has a tendency to chase toys around in the middle of the night and yelp with one in her mouth.
No she wasn't. The name matches because the article and picture are both about the person who missed out on the scholarship because of the twerking video, but she still wasn't the person twerking in the video.
"[She] was seen dancing at a private homecoming afterparty on September 30 behind a friend who was twerking"
The person you're replying to is pointing out that they aren't showing the picture of someone who was twerking because her scholarship was revoked for being next to someone who was twerking.
Agreed, I happened to just make this mockup chronicling my journey through screen sizes. I loved the HTC One m7, the pixel 2 despite being a bit larger was still comfortable because it still has a "chin" at the bottom. I thought going to the pixel 5 would be fine and I chose it because it's within ~1mm of the same body dimensions, but I forgot to account for the screen going all the way to the top/bottom - trying to press the back button at the bottom of the screen with 1 hand is so much more of a stretch and it sometimes makes my hand sore. Given that I've had the P5 for a while and my hand still hasn't adjusted I just can't go to a bigger phone, especially since the P5's increased height over the 2 lower screen bottom compared to the P2 makes it want to flip backwards out of my hand when I'm trying to reach down to the back button. At a minimum I need my next phone to be same or smaller than the P5.
(Comparison: https://i.imgur.com/gAc306o.png )
That said, I get that FP wants to make a repairable phone that appeals to the masses, and it might hurt that mission to cater to a specific crowd instead of competing with the veritable hand-tablets that other companies are producing. I just hope that they grow large enough to be able to make a "Luddite" version though with a non-cramp-inducing size and a headphone jack. I don't care either way about headphone jacks but I feel like there's a lot of overlap between the crowds that want smaller phones and people who want headphone jacks.
Also definitely dont look into setting up sonarr, radarr, prowlarr, and overseerr in combination with Plex or jellyseerr in combination with jellyfin. Otherwise you could find yourself with an extremely low touch automated downloading and organizing system that you can let your friends log into to request movies and shows without them needing to bug you at all for it to be downloaded in your preferred quality, size, codec, etc and automatically show up in Plex/jellyfin as soon as it finishes downloading, all renamed and sorted into folders as you please. That would be horrible.
My go tos are
I recently got an instant pot and gave my rice cooker back to my parents, the tough part was figuring out how to make it not stick of you don't have a nonstick liner. Letting it naturally release pressure with the keep warm off seems to do the trick for mine, I'm guessing quick release releases too much moisture, and the keep warm doesn't help either. With that I get good rice every time with no sticking.
Check out Purina liveclear food and shampoo, I just moved in with a cat and have pretty bad cat allergies, but feeding the cat that food and occasionally rubbing on some of the dry shampoo seems to have mostly eliminated the issue. I can rub my face in the kitty's belly no problem.
I downscaled from a 12u rack and went with a $1600 synology with $230 ram upgrade, $600 in wd red pros and a $450 Intel nuc10 with quicksync and ill still come out ahead in a few years (~30 months) compared to what it would cost to access all streaming content ad free ($95/mo for netflix, prime, dnsp+Hulu bundle, max, paramount, peacock, and appleTV by my count)
Add in sharing with a small group of friends who pitch in small amounts and the convenience of not needing to juggle 8 logins or figure out where a particular piece of content currently lives and piracy really does win.
That's why you gotta start a Plex share with your friend group - they get content, you get booze. Win win.
A major reason for me is manifest v3 and other shenanigans designed to neuter ad blockers. Secondary to that is promoting web renderer diversity - as a web dev I don't want to go back to the days where we could only afford to cater to one engine - chromium / blink in this case.
Was also gonna say this since expensive gadgets weren't excluded. I played a bunch of VR minigolf over pandemic to socialize with my irl friends who I couldn't hang out with and these days VR has been the center of more than half of the social gatherings at my place where I demo games and we pass the headset around for everyone to try different stuff. Seeing new people try VR for the first time never gets old.
The way I see it, that's just browser history exfiltration with extra steps. Whether they're sending the actual history or parsing your history and sending topics, both are equally as objectionable to me as both could reveal information about something private you've been visiting.
That's about beeper, not beeper mini. Mini was just launched, that's older information that only applies to the MITM version (beeper which is now beeper cloud).
Beeper mini talks directly to the services you use, no MITM, which is why they plan on adding more services to mini until it can replace the older Beeper (cloud).
This would be huge, one of the biggest draws to Plex for me is being able to use a single account to watch content across all my friends servers from any Plex UI (be it the hosted one at app.plex.tv or the copy hosted with each Plex server)
I think it's ok. The problem is my wallpaper is a cat so everything material you is like light coffee colored which I don't really like. But I'm too lazy to find a better color that doesn't look worse.
I just keep a USB c dongle permanently attached to my wired headphones, I forget it's there. It adds like 1" to the overall cable length. I basically just converted all my wired headphones into USB c headphones.
I just run them side by side on the same nuc. All my friends still use Plex though I think because the apps look nicer. I wish jellyfin had federated features so that you could choose to use a single account across many friends instances. I still use Plex because I don't want to deal with syncing watched status between instances.
Article text:
Teens Hacked Boston Subway’s CharlieCard to Get Infinite Free Rides—and This Time Nobody Got Sued Andy Greenberg 8 - 11 minutes
In early August of 2008, almost exactly 15 years ago, the Defcon hacker conference in Las Vegas was hit with one of the worst scandals in its history. Just before a group of MIT students planned to give a talk at the conference about a method they’d found to get free rides on Boston’s subway system—known as the Massachusetts Bay Transit Authority—the MBTA sued them and obtained a restraining order to prevent them from speaking. The talk was canceled, but not before the hackers’ slides were widely distributed to conference attendees and published online.
In the summer of 2021, 15-year-olds Matty Harris and Zachary Bertocchi were riding the Boston subway when Harris told Bertocchi about a Wikipedia article he’d read that mentioned this moment in hacker history. The two teenagers, both students at Medford Vocational Technical High School in Boston, began musing about whether they could replicate the MIT hackers’ work, and maybe even get free subway rides.
They figured it had to be impossible. “We assumed that because that was more than a decade earlier, and it had got heavy publicity, that they would have fixed it,” Harris says.
Bertocchi skips to the end of the story: “They didn’t.”
Four young people posing together
The Boston subway hackers (from left to right) Scott Campbell, 16; Noah Gibson, 17; Matty Harris, 17; and Zack Bertocchi, 17.Photograph: Roger Kisby
Now, after two years of work, that pair of teens and two fellow hacker friends, Noah Gibson and Scott Campbell, have presented the results of their research at the Defcon hacker conference in Las Vegas. In fact, they not only replicated the MIT hackers’ 2008 tricks, but took them a step further. The 2008 team had hacked Boston’s Charle Ticket magstripe paper cards to copy them, change their value, and get free rides—but those cards went out of commission in 2021. So the four teens extended other research done by the 2008 hacker team to fully reverse engineer the CharlieCard, the RFID touchless smart cards the MBTA uses today. The hackers can now add any amount of money to one of these cards or invisibly designate it a discounted student card, a senior card, or even an MBTA employee card that gives unlimited free rides. “You name it, we can make it,” says Campbell.
To demonstrate their work, the teens have gone so far as create their own portable “vending machine”—a small desktop device with a touchscreen and an RFID card sensor—that can add any value they choose to a CharlieCard or change its settings, and they’ve built the same functionality into an Android app that can add credit with a tap. They demonstrate both tricks in the video below:
In contrast to the Defcon subway-hacking blowup of 2008—and in a sign of how far companies and government agencies have come in their relationship with the cybersecurity community—the four hackers say the MBTA didn’t threaten to sue them or try to block their Defcon talk. Instead, it invited them to the transit authority headquarters earlier this year to deliver a presentation on the vulnerabilities they’d found. Then the MBTA politely asked that they obscure part of their technique to make it harder for other hackers to replicate.
The hackers say the MBTA hasn’t actually fixed the vulnerabilities they discovered and instead appears to be waiting for an entirely new subway card system that it plans to roll out in 2025. When WIRED reached out to the MBTA, its director of communications, Joe Pesaturo, responded in a statement that “the MBTA was pleased that the students reached out and worked collaboratively with the fare collection team.”
“It should be noted that the vulnerability identified by the students does NOT pose an imminent risk affecting safety, system disruption, or a data breach,” Pesaturo added. “The MBTA's fraud detection team has increased monitoring to account for this vulnerability [and] does not anticipate any significant financial impact to the MBTA. This vulnerability will not exist once the new fare collection system goes live, due to the fact that it will be an account-based system versus today’s card-based system.”
The high schoolers say that when they started their research in 2021, they were merely trying to replicate the 2008 team’s CharlieTicket hacking research. But when the MBTA phased out those magstripe cards just months later, they wanted to understand the inner workings of the CharlieCards. After months of trial and error with different RFID readers, they were eventually able to dump the contents of data on the cards and begin deciphering them.
Unlike credit or debit cards, whose balances are tracked in external databases rather than on the cards themselves, CharlieCards actually store about a kilobyte of data in their own memory, including their monetary value. To prevent that value from being changed, each line of data in the cards’ memory includes a “checksum,” a string of characters computed from the value using the MBTA’s undisclosed algorithm.
The hackers figured out how to reproduce a “checksum” calculation intended to prevent the value stored on CharlieCards from being changed, circumventing that anti-hacking protection.Photograph: Roger Kisby
By comparing identical lines of memory on different cards and looking at their checksum values, the hackers began to figure out how the checksum function worked. They were eventually able to compute checksums that allowed them to change the monetary value on a card, along with the checksum that would cause a CharlieCard reader to accept it as valid. They computed a long list of checksums for every value so that they could arbitrarily change the balance of the card to whatever amount they chose. At the MBTA’s request, they’re not releasing that table, nor the details of their checksum reverse engineering work.
Not long after they made this breakthrough, in December of last year, the teens read in the Boston Globe about another hacker, an MIT grad and penetration tester named Bobby Rauch, who had figured out how to clone CharlieCards using an Android Phone or a Flipper Zero handheld radio-hacking device. With that technique, Rauch said he could simply copy a CharlieCard before spending its value, effectively obtaining unlimited free rides. When he demonstrated the technique to the MBTA, however, it claimed it could spot the cloned cards when they were used and deactivate them.
Early this year, the four teenagers showed Rauch their techniques, which went beyond cloning to include more granular changes to a card’s data. The older hacker was impressed and offered to help them report their findings to the MBTA—without getting sued.
In working with Rauch, the MBTA had created a vulnerability disclosure program to cooperate with friendly hackers who agreed to share cybersecurity vulnerabilities they found. The teens say they were invited to a meeting at the MBTA that included no fewer than 12 of the agency’s executives, all of whom seemed grateful for their willingness to share their findings. The MBTA officials asked the high schoolers to not reveal their findings for 90 days and to hold details of their checksum hacking techniques in confidence, but otherwise agreed that they wouldn’t interfere with any presentation of their results. The four teens say they found the MBTA’s chief information security officer, Scott Margolis, especially easy to work with. “Fantastic guy,” say Bertocchi.
The teens say that as with Rauch’s cloning technique, the transit authority appears to be trying to counter their technique by detecting altered cards and blocking them. But they say that only a small fraction of the cards they’ve added money to have been caught. “The mitigations they have aren’t really a patch that seals the vulnerability. Instead, they play whack-a-mole with the cards as they come up,” says Campbell.
“We’ve had some of our cards get disabled, but most get through,” adds Harris.
So are all four of them using their CharlieCard-hacking technique to roam the Boston subway system for free? “No comment.”
For now, the hacker team is just happy to be able to give their talk without the heavy-handed censorship that the MBTA attempted with its lawsuit 15 years ago. Harris argues that the MBTA likely learned its lesson from that approach, which only drew attention to the hackers’ findings. “It’s great that they’re not doing that now—that they’re not shooting themselves in the foot. And it’s a lot less stressful for everyone,” Harris says.
He’s also glad, on the other hand, that the MBTA took such a hardline approach to the 2008 talk that it got his attention and kickstarted the group’s research almost a decade and a half later. “If they hadn’t done that,” Harris says, “we wouldn’t be here.”
Update 5 pm ET, August 10, 2023: Added a statement form an MBTA spokesperson. Update 11:25 am, August 11, 2023: Clarified when the teens' meeting with the MBTA took place.