I want bulbs with as many lumen as possible and I would want an extreme brightness screen so I can comfortably see it even against a bright window at noon. Locking light out during the day so you can see the screen is probably as bad as having much blue light late at night.
That said, I almost never have issues falling asleep.
If any specific wavelengths matter, LEDs will either have to produce all of those or there's no alternative to an incandescent light. But I suspect the human genome mostly developed absent any artificial light, including fire, so it's probably healthiest to get out during the day and sleep at night. It's not the most productive, especially where nights are long but that's kind of what we are built for.
I know, I know.
I was a maker on localbitcoins and it got me into trouble.
First I had to talk to the police and the state attorney to explain to them that I'm not a part of some scammer ring. To be fair she apologized for citing me as the fiat remained less than an hour in my account and returned to the scammed person cause I was rightfully suspicious but it still cost me many many hours of worrying and a trip to the state attorney 3h from home and legal fees as I felt more secure with professional advice.
A year later, my bank closed my account from one day to the other.
So I considered putting an offer in but that does not allow me to set minimum age of the other trading account, so people hacking bank accounts can abuse my offer? Whats my protection there?
@bisq why can't I apply the same filters as a maker that I apply as a taker? I would provide liquidity but not if new users can take it. I want to require a minimum account age.
I had not seen this coming. Bitcoiners screaming about their safe space getting invaded by Xitter removing the hurdle for blocked people to see their *public* posts.
https://i.nostr.build/zD19rt2luaWXMwQq.png
@Vitor Pamplona please consider paid features. Something tiny but make those who pay extend their benefits to their follows! Make it $5/month and the follows also get the benefit for free, with a hint that it's sponsored by their follower XYZ.
I think, WoT relays should add similar mechanisms to spread the word which relay to use. DM followed users that they can use this relay to reach their followers on that relay. Yes, it's a bit more unsolicited messaging so you might need to bring the message across in some other way but I think it's a powerful message that users can be sponsors of premium features for their follows. It's one thing to pay for you, the client dev but it's a different thing to pay for my follows to benefit what I like.
nostr:naddr1qvzqqqy9hvpzp3yw98cykjpvcqw2r7003jrwlqcccpv7p6f4xg63vtcgpunwznq3qythwumn8ghj7un9d3shjtnwdaehgu3wd9hxvme0qydhwumn8ghj7un9d3shjtn0wfskuem9wp5kcmpwv3jhvtcqtf8y75652gk5xs2sf92yznzf2dxj64zgg5k5v42524fy2t20gck4xn6rf9q5ct2dg4zyjsfdwa5hg6pd2ey4gn6j94gyzn2sf385usfd23yy2t2zd96xxmmfdck4qmmyvdshxapdwf3hz6pcdyaq64aa
This client was started development less than a month ago? It's not a fork of strfry? Ok ... it sounds hard to believe there are not massive down sides to it.
To say, APKs can never be reproducible because of the signature is disingenuous. Reproducible builds are about binary transparency and while technically you could argue if an app is reproducible when the provider packed a signature into the file and you managed to reproduce all but these 64B, it's a moot point as the important part is the binary transparency of the executable code.
Now you could say that the signature might contain evil code, right? Then the rest of the app would still need to invoke that code. So yes, maybe there is a backdoor in the signature but as long as the signature is exclusively uses as signature, it won't work as a backdoor. And if some part of the app uses its signature in some creative non-signature way, auditors should scream foul regardless of what the signature is.
The other problem with relaxing the definition of reproducibility is the package format. In Android, APK files are basically zip files but not quite. APK uses zip compression but also has extra data like the signature itself. But absent a flaw in the operating system, that extra data is not available to the app during runtime, so binary transparency is possible under some assumptions.
In the case of Android the approach we use is to compile the apk ourselves and then compare the results. Comparing involves unzipping both apks and then comparing file by file. This is necessary as zip compression can result in different bits depending on the version of zip being used but the uncompressed data matches. We also use diffoscope that provides more insight into signing blocks that are in parts that normal zip tools might ignore. A different approach is to compile the app, extract the signature from the official app, add the signature to the compiled app and then verify the signature. If it's valid, the file is reproduced with only the signature coming from the official file.
In the case of hardware wallets, the signature is typically a block of binary at the start or the end of the file, too. We shift the burden of verification if other stuff might reside there and do harm to those that do actual code audits, which we do not provide at this point.
Yes, the app is quite popular for such a young product but not huge yet neither. I guess they'll figure it out soon. Looking forward to seeing it reproducible.
Of a random set of recent 750 events I see 26 different kinds being used. No surprise, 189 kind-7 reactions leads the list but second are 155 kind-31234 events, something encrypted? Is this group chats? Next are 138 kind-1 text notes. No surprise there but what's it with the 78 kind-5 delete events?? Seriously?
Is there any project where I can see an interpretation of all the kinds of events floating around?
$ cat Downloads/eventsForAll.json | jq | grep '"kind": ' | sed 's/ "kind": //g' | sort -n | uniq -c | sort -n
1 10007,
1 1010,
1 1063,
1 1984,
1 23195,
1 30001,
2 10011,
2 16,
2 30078,
3 10002,
3 42,
4 0,
4 30311,
7 4,
9 1009,
9 7000,
10 6300,
11 10000,
14 3,
14 6,
18 9735,
52 5300,
78 5,
138 1,
155 31234,
189 7,
Which client are you using? It did not tag nostr, nostrich and arg, probably because you also used the tags nostriches and argentina and the missing tags are prefixes of those?
A way to know what people send your way even if it's not supported yet. Apparently @hzrd149 's noStrudel doesn't support nip17, so people wonder why I'm not replying and I had no idea I was mentioned in some encrypted messages.
nip17 support
Limit all events to follows-of-follows-of-follows. It's trivial to determine those few thousand pubkeys and filter by those. Would get rid of "ReplyGuy#" immediately.
Not sure if this is the case. Apparently the batteries looked not suspicious and I'm pretty convinced these pagers went through TSA checks many times over the years. Sure, Hezbollah will be paranoid about devices now but others are by far not paranoid enough yet.
Apparently the company was setup to do this, so they didn't need to clip capacity of otherwise good pagers but could design them with explosives in mind. Until now, a 4x over-sized battery wouldn't have raised a red flag.
I didn't pay close attention but if ReplyGuy only does one-off posts, what then?
My approach as advertised since over a year now would be to give new pubkeys very limited allowance. No links, no images, little tags, no mentions and only few bytes.
Reading also incurs a cost on the relay.
I would run a public relay if I could meter access.
Paying customers get X GB per month. Their follows get Y GB per month etc.
If you want to be completely anonymous, add Chaumian Cash to your request.
Reply Guy is not 4 weeks old, is it? I haven't checked how many pubkeys it uses but it's many. It might be one per reply though.
But looking at the chart, 50k cannot possibly contain spam. That's the order of magnitude of follows of your follows.
That animation looks like 1980s CGI.
Is the movie worth watching?
For context, LLM said this: In the movie Kingsman: The Secret Service, Valentine, the main antagonist, played by Samuel L. Jackson, is responsible for the "security implants." He convinces powerful individuals, including politicians and celebrities, to accept these implants under the guise of protecting them from the chaos that he plans to unleash. In reality, the implants are designed as a form of control and can be detonated, creating a deadly explosion.
It's utterly insane to assume these 5k pagers were distributed before any of the users went on some international flight, so one of these must be true:
* they had very strict order to not carry pagers abroad - and 5k terrorists didn't break that rule once
* TSA and its equivalents are in on the attack
* the explosive nature of the modification did not show on the scans
If flying with pager was a thing, and I assume it was, how high was the likelihood of the attack striking in mid air? Maybe there's no signal in mid air. Was it a normal message that would get delivered as soon as signal was obtained, upon landing? Sounds like with 5k users the chances of some of them being on planes was far from zero.
Who's idolizing him? If he dances for us, it means his team determined that we are a demographic worth fighting for. That's the news I see, not that he's "one of us". Fuck Trump. Fuck Harris. But Trump is the lesser evil either way.
I'm beating that drum since over a year now. Relays need to charge for use and users need to sponsor their follows' use of relays. End of spam.
In other words, if you have many followers that pay to see your messages, your messages reach relays that get paid for the effort. If you have no followers, pay for your reach until you have followers. If you are forever a lurker, you should pay forever. If you have much to share that nobody wants to see, pay for it.
Supply chain attacks are more than a theoretical thing and they happen at scale.
If adversaries can hide enough explosives in pagers to kill or hurt thousands, how can you be sure your hardware wallet is what it says on the box?
Some hardware wallets come in transparent casings and while that might help to detect explosives, it's more of a gimmick when it comes to hidden antennas or chips.
But what can we do to still be safe? Commodity hardware like @SeedSigner? Multi signature? Who has an answer?
@stick@Foundation@NVK@BitBox@Blockstream@Keystone
I sort of agree here. Trezor is proud of the tamper-evident welding but a sophisticated attacker that would attack at scale could easily fake it. Better make it such that you can easily open it.
Well, there were already mining rigs with remote kill switches and we don't know if others have that, too.
I'm more worried about hardware wallets though.
zaps already support comments. Clients should show these comments accordingly as normal replies and allow replying. Then you could limit replies from people outside your WoT to those paying zaps, only.
TIL: Bitcoin Core deprecated the use of private keys (legacy wallet). How is that supposed to look? When somebody opens an old wallet.dat, will the new Bitcoin Core just fail to load it and suggest to install some extra old client? Or is this feature being moved to an extension of some sorts?
Him being aware of npubs I wonder why he's not mentioned in the post here? Is he not on nostr? I want to follow him. @brock looks a bit like maybe involved but ... who is who?
No, it's not. Get back to work. ;)
I mean seriously, how many spots do you have that would with some good will count for this challange? For what it's worth, I have spots all over the place but not there ;)
And I had OP muted. Might mean something.
We will check it out for WalletScrutiny.com asap!
https://i.nostr.build/D7Arvr2TAOERa96G.png
At least in noStrudel, your nip05 is not resolving right. I think you are forwarding to a different url there.
Tell us more. So do they only analyze blood or do they also explore your life style and other markers? With claimed 200k users they should be in a position to get very clear data for life style interventions.
A personal human coach is not scalable but they could have questionnaires about life style and attribute markers to life style and aspects to follow up with.
Oddbean new post about login | logout
Notes by LeoWandersleb | export
Of a random set of recent 750 events I see 26 different kinds being used. No surprise, 189 kind-7 reactions leads the list but second are 155 kind-31234 events, something encrypted? Is this group chats? Next are 138 kind-1 text notes. No surprise there but what's it with the 78 kind-5 delete events?? Seriously? Is there any project where I can see an interpretation of all the kinds of events floating around? $ cat Downloads/eventsForAll.json | jq | grep '"kind": ' | sed 's/ "kind": //g' | sort -n | uniq -c | sort -n 1 10007, 1 1010, 1 1063, 1 1984, 1 23195, 1 30001, 2 10011, 2 16, 2 30078, 3 10002, 3 42, 4 0, 4 30311, 7 4, 9 1009, 9 7000, 10 6300, 11 10000, 14 3, 14 6, 18 9735, 52 5300, 78 5, 138 1, 155 31234, 189 7,