• 0 Posts
  • 118 Comments
Joined 1 year ago
cake
Cake day: July 14th, 2023

help-circle

  • The rules text says it creates an area of darkness, and with your interpretation, it doesn’t, which means your interpretation is wrong. Yes, the ability could be written more clearly, but the logic for a reasonable way for it to function follows pretty cleanly. Your interpretation is not RAW or RAI.

    There’s a reply on RPG StackExchange that covers a similar line of logic to what I wrote above.

    Remember that Fifth Edition D&D is intentionally not written with the same exacting precision as games like M:tG. The game doesn’t have an explicit definition of magical darkness, but it’s pretty clear that the intent is for magical to trump mundane (when it comes to sources of light and darkness). Even the Specific Beats General section says that most of the exceptions to general rules are due to magic.


  • If you have normal darkness everywhere, there isn’t a reason to use it, but you don’t always have darkness everywhere. In fact, you generally don’t.

    Not all monsters with darkvision have access to light sources. Even if they do, they may need an action to use it or may be out of range. A torch or the light cantrip only has a 40’ range. If you collaborate on positioning with the caster, you can basically set yourself up to have advantage every turn thanks to the darkness, since as a ranged attacker you don’t have to stay within 40’ of your enemies.

    Also, Gloom Stalkers can’t see through Darkness like Warlocks can, so this effect is useful to them in a way that the Darkness spell isn’t.

    That all said, Tricksy wouldn’t do anything if it didn’t block nonmagical illumination, so it’s reasonable to run it as though it does. Sure, it still wouldn’t block even a cantrip, but it would block torches, lanterns, the sun, etc…

    And running it as though it doesn’t block nonmagical darkness results in nonsensical behavior. You’re in a torchlit chamber and use the ability - now there’s a cube of darkness, blocking the light of all four nonmagical torches. If you move one of those torches away and back, why would it suddenly pierce the magical darkness? If it wouldn’t, why would a new nonmagical light source?



  • the law has already made it clear you cannot copyright the output of an LLM.

    That’s true in this context and often true generally, but it’s not completely true. The Copyright Office has made it clear that the use of AI tools has to be evaluated on a case-by-case basis, to determine if a work is the result of human creativity. Refer to https://www.copyright.gov/ai/ai_policy_guidance.pdf for more details.

    For example, they state that the selection and arrangement of AI outputs may be sufficient for a work to be copyrightable. And that’s without doing any post-processing of the AI’s outputs.

    They don’t talk about situations like this, but I suspect that, if given a prompt like “Rewrite this paragraph from third person to first person,” where the paragraph in question is copyrighted, the output would maintain the same copyright as the input (particularly if performed faithfully and without hallucinations). Such a revision could be made with non-LLM technology, after all.



  • Do you memorize all of your passwords? If so, I take that to mean that you don’t use a password manager. Password managers - really, any app with 2FA - have this problem, too. But if you use a password manager and store your 2FA methods in it, then you only need to be able to regain access to your password manager.

    If you use a cross-platform password manager with Passkey support, like Bitwarden, you can use it on any of your devices. In the event that you lose all of your devices, if you don’t have an Emergency Contact set up, you will need your password and one of the following to gain access to your account:

    • Access to your 2FA method
    • Access to your Recovery Code
    • If you’re in an enterprise using Duo 2FA, access to a Duo bypass code (contact your Duo admin to request this)

    If you use security keys for 2FA, then you should have at least two - one that you keep with you and a backup that you keep in a safe place, like at home in a lockbox.

    If you use a TOTP app to log in, or if you use security keys and want another backup, then making sure you’ll have access to the Recovery Code should be your priority. You can write it down and keep it in a few different places - at home, in your car, in your locker at work, etc… You can share it with someone you trust in person or over an encrypted channel (like Signal). You can store it on a flash drive, encrypted by a second password (which can be much easier than your primary password) or even unencrypted, if you generally keep the drive somewhere safe, disconnected from your computer. As long as you remember your password and can access your recovery code, you’ll also be able to regain access to your account, including all of your passkeys.

    Emergency Access requires someone else to have access to their Bitwarden account, but assuming you don’t both lose access, it’s a pretty solid solution. When they request access, Bitwarden will send you an email allowing you to accept or reject their request. If you accept or don’t respond within the allotted “Wait Time” (which you configure: 1 day minimum, 90 days maximum) then they’ll be granted access. You also get a choice (when setting this up) to let them takeover the account (resetting your master password) or to just get read-only access.

    Maybe you don’t like Bitwarden and want to use some other app, like 1Password, Dashlane, Roboforms, etc… Whatever your choice, familiarize yourself with how to restore access to your account in an emergency. Then you only need to worry about that and not about how to get access to your passkeys that are on your Windows laptop or only synced to your Apple devices.


  • But that is exactly what he recommends, using a password manager - with one time email authentication for the first login as an extra step, right?

    Nope.

    Using a cross-platform password manager with synced passkeys is different and much more secure than using a password manager with email TOTPs or sign-in links with emails that aren’t end-to-end encrypted.

    And password manager adoption is much higher than PGP keyserver adoption, and if you can’t discover someone’s public key you can’t use it to encrypt a message to them, so sending end-to-end encrypted emails with TOTPs/sign-on links isn’t a practical option.

    According to Statista, 34% of Americans used password managers in 2023 (a huge increase from 21% in 2022), so it’s not even like the best case scenario is rare.


  • The author mentions it: the QR code approach for cross device sign in. I don’t think it’s cumbersome, i think it’s actually a great and foolproof way to sign in. I have yet to find a website which implements it though.

    The site doesn’t need to implement this; the browser handles that part.

    I confirmed this works and logged into Github using Google Chrome on my work computer using a passkey stored in Bitwarden earlier today. I had to enable Bluetooth for Chrome, since I’d had it disabled, but then everything else was seamless.





  • I made a typo in my original question: I was afraid of taking the services offline, not online.

    Gotcha, that makes more sense.

    If you try to run the reverse proxy on the same server and port that an existing service is using (e.g., port 80), then you’ll run into issues. You could also run into conflicts with the ports the services themselves use. Likewise if you use the same outbound port from your router. But IME those issues will mostly stop the new services from starting - you’d have to stop the services or restart your machine for the new service to have a chance to grab the ports while they were unused. Otherwise I can’t think of any issues.


  • I’m afraid that when I install a reverse proxy, it’ll take my other stuff online and causes me various headaches that I’m not really in the headspace for at the moment.

    If you don’t configure your other services in the reverse proxy then you have nothing to worry about. I don’t know of any proxy that auto discovers services and routes to them by default. (Traefik does something like this with Docker services, but they need Docker labels and to be on the same Docker network as Traefik, and you’re the one configuring both of those things.)

    Are you running this on your local network? If so, then unless you forward a port to your server on the port your reverse proxy is serving from, it’ll only be accessible from the local network. This means you can either keep it that way (and VPN in to access it) or test it by connecting directly to your server on that port and confirm that it’s working as expected before forwarding the port.



  • Paired with allowing people who own the original to upgrade for $10 (and I’m assuming something similar in the UK) when they’re charging $50 for the remaster if you don’t have the original, that makes sense. They’re just closing a loophole.

    I’d much rather they double the existing game’s price than for them to charge $25-$30 for the upgrade or to even just not have one outright.

    It sucks for anyone who’d been planning to play the original and who just hadn’t bought it yet, but used prices for discs should still be low, so only the subset of those people who have disc-less machines are really impacted.


  • I don’t know that a newer drive cloner will necessarily be faster. Personally, if I’d successfully used the one I already have and wasn’t concerned about it having been damaged (mainly due to heat or moisture) then I would use it instead. If it might be damaged or had given me issues, I’d get a new one.

    After replacing all of the drives there is something you’ll need to do to tell it to use their full capacity. From reading an answer to this post, it looks like what you’ll need to do is to select “Change RAID Mode,” then keep RAID 1 selected, keep the same disks, and then on the next screen move the slider to use the drives’ full capacities.


  • upper capacity

    There may be an upper limit, but on Amazon there is a 72 TB version that would have to come with at least 18 TB drives. If 18 TB is fine, 20 TB is also probably fine, but I couldn’t find any reports by people saying they’d loaded 20 TB drives into theirs without issue.

    procedure

    You could also clone them yourself, but you’d want to put the NAS into read only mode or take it offline first.

    I think cloning drives is generally faster than rebuilding them in RAID, as well as easier on the drives, but my personal experience with RAID is very limited.

    Basically, what I’d do is:

    1. Take the NAS offline or make it read-only.
    2. Pull drive 0 from the array
    3. Clone it
    4. Replace drive 0 with your clone
    5. Pull drive 2 (from the other mirrored pair) from the array
    6. Clone it
    7. Replace drive 2 with your clone
    8. Clone drive 0 again, then replace drive 1 with your clone
    9. Clone drive 2 again, then replace drive 3 with your clone
    10. Put the NAS back online or make it read-write again.

    In terms of timing… I have a Sabrent offline cloning hub (about $50 on Amazon), and it copies data at 60 Mbps, meaning it’d take about 9 hours per clone. Startech makes a similar device ($96 on Amazon, that allegedly clones data at 466 Mbps (28 GB per minute), meaning each clone would take 2.5 hours… but people report it being just as slow as the Sabrent.

    Also, if you bought two offline cloning devices, you could do steps 1-3 and 4-6 simultaneously, and do the same again with steps 7-8.

    I’m not sure how long it would take RAID to rebuild a pulled drive, but my understanding is that it’s going to be fastest with RAID 1. And if you don’t want to make the NAS read-only while you clone the drives, it’s probably your only option, anyway.