[-24] I will turn this damn car around! Put the sword down!
Tags:
#I think this is trying to be ominous or something #but I look at it and go ”well…yes?” #shovels for digging emergency latrines and maybe trying to get the car unstuck #knives for opening boxes and cutting food #masks for when your friends insist on rolling the windows down and blowing pollen in your face #all very sensible #*nods* #comics #art #101 Uses for Infrastructureless Computers #overly literal interpretations
…now that you mention it, that actually sounds like a pretty excellent way to get around the problem where a lot of otherwise-excellent skirts lack pockets and are thus impractical for me to go outside in. (At least insofar as the belt is light enough to not be uncomfortable the way backpacks are.)
Do you have any advice on how to get started trying out utility belts? It hadn’t occurred to me until this post that they might be a thing worth looking into, so I don’t have a good sense of what the market for them looks like or of any particular pitfalls I’d need to avoid.
The first thing you’ll need is terminology: they aren’t normally called “utility belts” because I guess that’s too nerdy or something. The main keywords you’re looking for are “belly bag” or “fanny pack”, though they are also occasionally called “belt bags” or “waist bags”.
(I usually call mine a belly bag in day-to-day conversations, though I sometimes call it a utility belt if I’m emphasising the preparedness aspect.)
I’ve had my current one for ages, but I *think* I got it in the camping section at Walmart. It looks roughly like this [link], though mine has only one side-release buckle (the lefthand one). Eastsport seems to have discontinued those models as part of a pivot towards backpacks, but that picture still gives you an idea of the sort of thing I mean.
—
Some tips on using them:
You can use the bag as a platform, allowing more stability while carrying bulky objects.
Don’t be afraid to string other pouches onto the belt strap. Maybe don’t go *all* the way around–a pouch right in the back would be both difficult to use† and probably uncomfortable while sitting in chairs with backs–but a pouch on either side is very doable, and perhaps a couple of small things as well like a paracord bracelet or pen-fork pouch.
Speaking of which, here is a list of the stuff I had in my belt as of two years ago [link]. It’s *mostly* still accurate, and certainly remains useful for inspiration.
—
†though perhaps no worse than a backpack in that regard
Tags:
#reply via reblog #utility belts #clothing #the more you know #101 Uses for Infrastructureless Computers
#this but unironically #I wear a utility belt and it’s so great and y’all should join me #101 Uses for Infrastructureless Computers #clothing #utility belts
so like. there’s this budgeting thing called the 50/30/20 method. apparently it is popularized by elizabeth warren? the idea is you spend only 50% of your budget on needs, 30% on wants, and 20% on savings or debt reduction (after counting all minimum payments on your current debt as part of Needs).
So I know my bills take up more than one of my 2 paychecks a month. (I ignore the occasional third one for budgeting purposes till it rolls around, so I don’t overbudget for months that don’t have one.) So for curiosity’s sake, I broke down my entire budget into Needs, Wants, and Savings, then did percentage math at it.
For this purpose, you count your non-tax payroll deductions, like healthcare and 401(k) contributions, as part of your income and expenses, but you don’t count money that goes away as taxes. So the budget starts off with putting 401(k) contributions in Savings and healthcare deductions in Needs. Then you start listing off shit like rent, utilities, car expenses…
Right now, while I’m still catching up on a bunch of my COVID-deferred bills and loans, my Needs come out to about 74% of my income. However, my Wants are very minimal: I have my massage subscription and tip, I’ve budgeted for fast food or takeout maybe 2-3x a month, and I pledge to one Patreon at the $1 level. All together, my Wants are about 6% of my income, leaving the requisite 20% to go toward reducing COVID debt for now.
However, once my COVID deferrals are all paid off, my Needs go down to about 67% of my income – and this is with generous projections, like at least one specialist copay every single month and gasoline if we ever start driving again. My Wants stay at about 6%. So I could either use the other 27% for savings and debt reduction, or I could stick with the recommended 20% and have 13% of my budget for Wants.
And I’m like… this is so much money. This is $150 just unallocated *after* going out to eat at least once a month and keeping my massage subscription. That’s… I do not know what else I would want. I could buy my entire wardrobe at LL Bean. I could have a massage every single week. I could eat at a sit-down restaurant every week. I could buy the newest and most expensive iPhone every single year. I could buy a brand new American Girl doll every month with money to spare. Like I couldn’t do all of those at *once* obviously, but that’s with just 7% of my income by this method of reckoning.
Like, if I somehow did make twice my Needs expenses after tax. That’s not impossible; I’d have to make a little under $33k a year, or a little over $2700 a month, which would be about $17 an hour excluding taxes. I don’t expect to get there at my current job in the near future, but it’s not astronomical.
But like, at that point I’d be saving about $545 a month, covering all my Needs expenses, and I would have *over eight hundred dollars a fucking month* to spend on Wants! Like… jesus fuckwaffles. How would I… I could buy a new one of my current phone every single month and have money left over. I could go to one of those black-tie restaurants that are like $100 a plate *twice a week*. I could not only move into a bigger apartment but hire a maid service to clean it. I could buy every single book I’ve ever read in short order and pay to store them all. I could live on like… caviar and avocado toast.
Hell, even if my living expenses were somehow miraculously reduced and my Needs were only half of my tax-excluded pay *now*, I’d be living on a little over $1000 a month, saving about $400 a month, and trying to figure out how to spend $600 a month on Wants. How… I don’t fucking know what else I could want. I’m not used to having money to spare. It’s weirder than winning the lottery, even, because it’s just like… it’s not enough to go “I will pay off all my friends’ student loans and buy a condo!” but it’s enough that I’m like “Do I just… put all 27% of my income in savings? Do I save for a car? Pay off my student loans? Invest for retirement? Am I fundamentally missing something I should be wanting?”
That sounds like a sign that 50/30/20 isn’t for you.
A lot of budgeting methods have this…maybe not “problem” exactly, but this thing where they’re clearly aimed at people who start with an entertainment budget of “everything after necessities” (or in many cases even higher) and negotiate *downwards*, which makes the methods a bad fit for people who start with an entertainment budget of zero and negotiate *upwards*. I guess the people spending money they don’t have on things they could do without are the ones most in need of frameworks, so the frameworks are designed for them. Getting *down* to 30% is a good start for people who were previously spending *more*.
—
Personally, I do struggle to wrap my head around things that draw a bright line between “wants” and “investments”. Sure, there are *occasional* items–like restaurant food–that are just wants and not also investments, but by far the most common reason for me to want to buy something is because I think it will leave me better off in the long run. I have a long list of things to save up for, and it’s all stuff like “house repairs” and “things that give you a leg up on Vimes Boot Theory” and “retirement funds” and “hedging against the future being wildly different from the present, such that normal retirement funds don’t cut it [link]”.
—
I think it’s important to bear in mind: given how weird your life is in general, and in particular the fact that your ability to work has a history of fluctuating erratically, saving is even more important for you than for most people.
There’s a concept called “self-insurance”. (…actually it turns out that there are at least *two* similar-but-not-identical concepts called self-insurance, and the Wikipedia article is about the wrong one. Investopedia [link] has the right idea.) You, in particular, *really* should get disability insurance if you can possibly manage it, and while third-party disability-insurance companies *exist*, you’d have to file claims (during the periods of time when you are least capable of filing claims!), and take the risk that whatever shit happens to you next won’t technically be disability by their standards, and operate under rules designed to let the insurance company turn a profit. (The house always wins.) Ideally, then, what you’d want is to instead save up enough in the good times that you can cover the bad times yourself.
(For example: you mention you’re digging your way out of COVID-related debt. My brother was temporarily laid off in the spring, and because of [glitches in the hastily-expanded Canadian welfare system] was unable to receive any kind of unemployment payments in time to actually help him with it. But he had lots of money in his savings account, and he used some of *that* to cover his bills until the restaurant re-opened. Now that he’s working again, he’s replenishing it; in the long run, he plans to save up enough for a condo.
(We not-quite-joked that if the glitch had to happen to *someone* at his workplace, it’s good that it happened to him: his co-workers spend all their money on booze and weed and wouldn’t have been able to handle it. His co-workers, meanwhile, not-quite-joke that they should get him hooked on something so they can drag him back into the crab bucket.))
Tags:
#reply via reblog #adventures in human capitalism #covid19 #illness mention #drugs cw #101 Uses for Infrastructureless Computers #is the blue I see the same as the blue you see
There are two iron laws of security that are often tragically ignored:
I. “There is no abstract ‘security’ – only security from some specific threat”
II. “There is no security in obscurity.”
Bridgefy, an app that’s been billed as a way for protesters to communicate securely, illustrates both of them.
Bridgefy is an offline messaging tool – a mobile app that uses Bluetooth to pass encrypted messages around a crowd where there is no internet access.
It was originally billed as being useful for big festivals and concerts out in the countryside, where there were lots of people but little or no internet connectivity.
However, as protests have spread around the world, the company has promoted its product as a tool for at-risk protesters seeking to coordinate uprisings for which they might face severe retaliation, including imprisonment, torture and murder.
In April, a group of Royal Holloway researchers audited the app and found it severely unsuitable for these contexts, potentially exposing users to life-threatening hazards. They told the company about these flaws then, but have only now published their findings.
The researchers’ findings reveal that the threats to users from using the app at festivals are very different to the threats that protesters face in repressive regimes (“There is no abstract ‘security’ – only security from some specific threat”).
They also find that the product team made a bunch of mistakes that they overlooked, a common problem (it’s why I can’t find my own typos!) that exposed users to attacks from anyone who knew how to hunt for these errors (“There is no security in obscurity”).
For example, the app sends the ID of both the sender and recipient of every message “in the clear” (without encryption). That allows an attacker who intercepts this metadata to assemble social graphs: Alice knows Bob, Bob knows Carol.
This might expose concertgoers to some risk (for example, if Carol is arrested for selling drugs, Alice and Bob’s messages to her might put them under suspicion). But in a protest context, that exposes the whole movement to risk.
What’s more, the identifiers the app uses are tied to users’ phone numbers: an attacker at a concert would need access to a database that maps phone numbers to real identities. A state-level adversary can simply demand these connections from the phone company.
But not all the flaws in the system stem from the differences in threats at concerts and protests. Some of Bridefy’s flaws threaten users in ANY context, and stem from the developers’ own blind spots about errors in their thinking.
For example, the system doesn’t have any “out of band” way to initialize keys between users. That means that when Alice wants to send a secret message to Bob, she first announces to the whole network that she is Alice and this is her public key that Bob should use.
An attacker in the network can – rather than passing that message on – replace it with a message that substitutes their OWN key, and thereafter intercept, read, and relay all the messages from Alice to Bob (a “man in the middle” attack).
Worse than that, the actual encryption formatting used for the messages is PKCS #1, a system that has been deprecated since 1998 due to unsalvageable flaws.
The app also fails to do vital forms of input sanitization: it doesn’t check for “zip bombs” – small compressed files that, when decompressed, expand to junk files that are millions of times larger. These bombs could crash enough devices in the network to shut it down.
Though Bridgefy has known of the vulnerabilities since April, they are only now announcing them. They attribute the delay to their fruitless internal efforts to remediate these defects, and their ultimate conclusion that their system needs to be rebuilt from the ground up.
They say they are now doing that work, rebuilding the app around the Signal protocol, which is very robust and has been widely probed to identify and shore up weaknesses.
It’s good that they’re doing this. A third iron law of security is that “Security is a process, not a product” – that is, security is always contingent, and requires constant tending and upgrading to patch newly identified defects.
We can’t and shouldn’t expect products to be perfectly secure – all we can ask is that product teams are transparent about which threats they considered in their design, how their products work, and which defects have been identified in them.
Unfortunately, while Bridgefy is doing the right thing by acknowledging these bugs, thanking the reasearch team, and fixing the bugs, the rest of their conduct is less than exemplary.
It was wrong to promote an app designed for concerts as a tool for protesters without considering the differences in the threats to those user populations.
Worse, though the team has known of these defects since April, they didn’t start correcting the record on end-to-end encryption promises until June. And, as Dan Goodin points out on Ars Technica, their messaging continues to imply that it is safe to use.
Bridgefy: even worse than previously believed.
(They lost me at “must have Internet during installation” [link]; I didn’t even get as far as security.)
((*reads articles* wait, hang on, verification is optional now? did Bridgefy become an actual functional mesh system in December and not tell anyone?? Bridgefy: *better* than previously believed???))
(((of course the *other* part of my misgivings about them were vague shady-corporation vibes, which have now intensified)))
Tags:
#promoted the above from a tag ramble because I thought it ought to be fully part of the thread #and also to be able to include that very relevant and timely link #101 Uses for Infrastructureless Computers #reply via reblog #oh look an update
Not to detract from joak but here’s what the camera looked like
It was 14cm diameter but the lens poked through a buttonhole in his waistcoat from where it was hanging around his neck, and he has a piece of string from that lever on the side to his trouser pocket to take the photos. (Also! It could hold six four cm photos, so viewing them on your phone screen is probably about full size)
Sure, the actual hiding might not be that great, but who would see that and think “ hidden camera ”. Who would have any possible frame of reference to be able to deduce “ that guy has a camera in his coat, that’s a thing that people do ”.
Tags:
#the first lifelogger necklace!! #history #101 Uses for Infrastructureless Computers
anyway how do I get firefox to remember my web history forever
@moonlit-tulip, you eventually gave up on getting this to work per se, right? Have you tried that repurpose-web-scraping-software-to-make-a-URL-archive idea yet?
I actually got indefinite history-saving working, a bit over a month ago! I’m not confident it’s going to stay working forever—they already broke it on me the once, I wouldn’t be surprised if they did so again eventually—but, for the moment, I’ve got essentially three tricks, in ascending order of difficulty.
First: go into settings, and in the History section, set it to “Firefox will: Remember history”. This is the default for that setting, so it’s probably not a concern; but, if you changed it in the past for whatever reason, changing it back will ensure that your history gets saved and doesn’t get deleted after the end of each browser session.
Second: in about:config, change the value of places.history.expiration.max_pages from its default value to a very large number of your choice. (I went with 2147483647, because that’s the maximum and I didn’t see any reason not to.) By default, Firefox has a limit on how many history entries it will store, and will start auto-deleting the oldest ones as you open new pages; I don’t know of any way to avoid the limit entirely, but setting that number high enough is the next-best thing. Supposedly your browser will start slowing down as it saves more history entries, though, so… be warned? (I haven’t experienced this firsthand, but also I only discovered that setting a bit over a month ago, so my history hasn’t had much time to build up yet.)
Third: use BrowsingHistoryView to export your history to CSV, and update your backup every few months, such that if Firefox does start deleting older history again you won’t lose what you’ve got. If your history is anywhere near as large as mine, the resulting CSV files will likely be large and annoying to work with; but it’s still worth it, as least for me, for the peace-of-mind value it gives.
hmm well they’ve probably been monkeying with it, then, because I actually have slightly different about:config stuff here – specifically I’m seeing only a transient current max pages, which won’t let me put in a number nearly that large (I’m on 78.0.2).
the search continues!
There’s a plus sign button at the bottom right of the config interface; if you do a search for places.history.expiration.max_pages, set the type to “number”, and then click that plus sign, it’ll create the entry. At that point it should work as I described; I’m on the same Firefox version, so there shouldn’t be any underlying differences interfering.
(I’d forgotten, at the time of the previous reblog, needing to create the entry myself like that. But, in retrospect, I’m pretty sure I actually did need to.)
Tags:
#101 Uses for Infrastructureless Computers #conversational aglets #the more you know #amnesia cw?
ALSO there were a bunch of ancient (okay from 2014) SCP games on it?? and a Gameboy Emulator and a copy of the game Lifehouse, based off the concept album The Who tried to write in the 70’s, but Pete Townsend got too lost in the sauce or whatever and had a mental breakdown and never finished it
Thank u for your translation also I don’t know how to feel about this but based on the name of the USB I can’t say I’m surprised
Tags:
#I didn’t actually laugh aloud but it still amused me enough to reblog #101 Uses for Infrastructureless Computers #(don’t try this at home kids) #(at minimum‚ try it only on some old computer you don’t care about and aren’t allowing to connect to the Internet) #(mysterious USB sticks turn out to be booby-trapped with viruses too often for comfort)
Item: Bowtie of Charging, a failed experimental charging device created by an eccentric artificer. Initially was designed to charge electrical devices by physical contact, but proved too unpredictable for large-scale manufacture, occasionally even sapping energy away to charge itself. Tie it around an electrical device and roll d100 to determine what the device’s battery percentage will be once you take the bowtie off.
If wrapped around anything else, including a character trying it on as a normal bowtie, roll d10 for every round worn.
2-10: no effect
1: d10 Lightning damage
Tags:
#””failed”” #I mean yeah it’s not *ideal* but as long as you understand its limitations that sounds very useful #clothing #101 Uses for Infrastructureless Computers #pretty things
anyway how do I get firefox to remember my web history forever
@moonlit-tulip, you eventually gave up on getting this to work per se, right? Have you tried that repurpose-web-scraping-software-to-make-a-URL-archive idea yet?
Tags:
#reply via reblog #101 Uses for Infrastructureless Computers
Brinens and Things - Tumblr Mirror 