pallas's recent activity
-
Comment on Confess your food crimes in ~food
-
Comment on Confess your food crimes in ~food
pallas (edited )LinkPerhaps this is a cultural difference, but how on Earth is this a 'food crime'? Yes, I eat pizza with a fork and knife when in civilized contexts, and so do most other people around me in those...Do you eat your pizza with a fork and knife?
Perhaps this is a cultural difference, but how on Earth is this a 'food crime'? Yes, I eat pizza with a fork and knife when in civilized contexts, and so do most other people around me in those contexts. In many cases a good pizza would not even be reasonably edible by hand. Some pizzas, especially those in restaurant contexts, are meant to be eaten with a fork and knife; others, especially those in contexts like street vendors, are meant to be eaten by hand.
Looking into this a bit, it appears the anti-utensil view, seeing using a knife and fork as a travesty, is some sort of New York City combination of crassness and pretension, though most sources at least seem to be criticizing using a knife and fork to eat NYC-style pizza, in NYC.
-
Comment on What are your goto cocktails? in ~food
pallas LinkIn tending to be influenced in drinks choices by literature: In what was probably not at all the message one was supposed to take from the novel, white ladies show up again and again in Molly...In tending to be influenced in drinks choices by literature:
-
In what was probably not at all the message one was supposed to take from the novel, white ladies show up again and again in Molly Keane's Good Behaviour, and I became rather fond of them as a reliable choice of something to make. They are reasonably simple, while being more nuanced than gin sours; egg whites also considerably enhance them. Oddly enough, if I recall correctly, after some research I decided that their presence in the novel is most likely anachronistic.
-
In the decidedly earlier Castle Rackrent of Maria Edgeworth (some would argue it was the first historical novel), the subjects of the novel destroy themselves while drinking whiskey punches, and for various reasons, I decided to try making this a few times. The first time, it turned out quite well, and I was quite enthusiastic about trying it again: it had a delightful depth of citrus, and it even seemed like I could come up with a non-alcoholic version to have two alternatives for parties, because the primary ingredient of whiskey punch is, of course, oleo-saccharum, the oils of citrus fruits leeched from their peel by sugar. Unfortunately, the second time I made them, for a small dinner, they turned out so poorly --- 'like a sugary orange soda' --- that I haven't tried since, in part because of the time involved.
-
-
Comment on Tips on attending a metal fest in Europe in ~travel
pallas (edited )Link ParentJust to be a bit contrary here: yes, hearing protection is important for people who go to metal concerts, or are around any sort of loud noises, but you also shouldn't be the guy, like me, who...Don't be the guy who thinks they'll be fine without HP for whatever reason, because you won't be.
Just to be a bit contrary here: yes, hearing protection is important for people who go to metal concerts, or are around any sort of loud noises, but you also shouldn't be the guy, like me, who wears hearing protection and is generally uninterested in loud music or hobbies, and thinks that as a result you certainly won't get tinnitus (if quite mild in my case). It can also have a variety of other causes, even just earwax and stress.
-
Comment on You can join thousands telling US President Donald Trump what they think of his anti-trans passport policies. Here’s how. in ~lgbt
pallas Link ParentThe federal register page the ACLU links to has a comment button, which in turn has an anonymous option. As a bit of a warning to people thinking of submitting comments: public comments in the US...You can apparently also directly submit comments anonymously, although I'm not clear on the specifics of how:
The federal register page the ACLU links to has a comment button, which in turn has an anonymous option.
As a bit of a warning to people thinking of submitting comments: public comments in the US like these are very public, if you don't make them anonymously. Your information will be available to the public. You can expect that the data will be harvested.
-
Comment on Firefox's new Terms of Use grants Mozilla complete data "processing" rights of all user interactions in ~tech
pallas Link ParentWith their new blog post explaining the changes, where they say that at least some of the changes are because 'some jurisdictions define “sell” more broadly than most people would usually...I think there's some "abused dog syndrome" happening here: in recent years we have become so used to product offerings and privacy guarantees becoming steadily worse that we flinch whenever we think it might be happening again, even when what we're actually reacting to has no ill-intent.
With their new blog post explaining the changes, where they say that at least some of the changes are because 'some jurisdictions define “sell” more broadly than most people would usually understand that word', and then proceed to describe one the things falling under those 'broad' definitions being when they 'collect and share some data with our partners, including our optional ads on New Tab and providing sponsored suggestions in the search bar', which seems to be precisely selling data, it seems like flinching here was rather appropriate?
-
Comment on Phishing tests, the bane of work life, are getting meaner in ~tech
pallas Link ParentWhen the consequence is needing to do a 5-15 minute online video/text course, and nothing else, I'm not sure how important it is to avoid overreaching. I found it obnoxious when the obviously-fake...The question is whether clicking on a link in an email (perhaps out of curiosity) should fail the test, even if the user takes no further action.
When the consequence is needing to do a 5-15 minute online video/text course, and nothing else, I'm not sure how important it is to avoid overreaching.
I found it obnoxious when the obviously-fake (not even real emails with valid headers) tests used out our university, to a department with some security researchers, counted going to the link via Tor in a VM as failing the test. But ultimately, spending 5 minutes watching a course wasn't that bad, and it was good to know the bad advice being given in it.
-
Comment on Phishing tests, the bane of work life, are getting meaner in ~tech
pallas (edited )Link ParentAs others have noted, this is a significant part of what makes a good phishing test. It's also very far from what many people receive. For comparison, the phishing tests I receive at a...The simulated emails look just like an attacker email would. They're marked as external emails from our email filtering system, they come from an outside domain, if you hover over the links in them (which we train users to do), they direct users to domains that we don't control.
As others have noted, this is a significant part of what makes a good phishing test. It's also very far from what many people receive.
For comparison, the phishing tests I receive at a Microsoft-handled university email are not even actual emails sent through the mail server. They don't have valid headers; they're just put into my inbox directly. The links in them go to Microsoft-registered domains, with valid Microsoft certificates, on IPs that are validly Microsoft's. When I first received one, I spent the morning assuming that our email system had been compromised.
The emails linked to a typical user-and-password collection scheme. It appears to be connected to a short training course that teaches users to ignore SSL certificates, and instead judge whether a domain asking for a username and password is valid on whether it has "onmicrosoft" in the domain name; rather unusual advice when the university's mail system also mangles all links in emails so that most users can't actually see the URLs.
I now just have my email client route emails that don't have any Received headers to a special spam folder.
Meanwhile, the actual phishing scams we get are usually impersonation-based emails that try to route the users onto phone calls, texts, or an email conversation, usually with the goal of getting fraudulent payments made. They don't involve links at all. And of course, there is no IT training about this at all, despite it actually being a problem for some of our staff.
-
Comment on UK orders Apple to let it spy on users’ encrypted accounts in ~tech
pallas Link ParentThat is at least restricted to their jurisdiction. This demand is for global reach, which seems absurd and likely to result in insurmountable legal conflicts: can Apple comply with data privacy...That is at least restricted to their jurisdiction. This demand is for global reach, which seems absurd and likely to result in insurmountable legal conflicts: can Apple comply with data privacy laws in other countries, for example, while also giving the UK a back door even to data stored in those countries?
Surely if China demanded that Apple give it access to UK users' data, stored in the UK, and unrelated to China, the UK government would decry that as abusive and unacceptable. Yet that appears to be exactly what the UK is demanding.
-
Comment on How to cook the perfect boiled egg, according to science in ~food
pallas Link ParentThat's just a fundamentally different cooking method, with different goals. It cannot cook the yolk and albumen uniformly to two different temperatures, as this method does.Or simply buy this and never think about it again.
That's just a fundamentally different cooking method, with different goals. It cannot cook the yolk and albumen uniformly to two different temperatures, as this method does.
-
Comment on How to cook the perfect boiled egg, according to science in ~food
pallas Link ParentWhat they are trying to replicate is a much more complicated technique, involving deconstructing the egg, cooking the yolk and white separately, and putting them back together into an egg....What they are trying to replicate is a much more complicated technique, involving deconstructing the egg, cooking the yolk and white separately, and putting them back together into an egg.
However, it does not appear that they did a systematic search on the timing parameters here, or any optimization on them. It seems possible that simpler or faster parameters could be found that would work, and that there could be a tradeoff in complexity vs transition sharpness/uniformity.
-
Comment on How to cook the perfect boiled egg, according to science in ~food
pallas (edited )LinkThe actual paper is open access, and available here. This is a research paper on an interesting question of how to cook the albumen uniformly to 85°C, while cooking the yolk uniformly to 65°C,...The actual paper is open access, and available here.
This is a research paper on an interesting question of how to cook the albumen uniformly to 85°C, while cooking the yolk uniformly to 65°C, with a sharp transition between them. This is not achievable with a constant external temperature source: the transition won't be sharp enough, so you'll either overcook the yolk, or not get all of the albumen to set.
The method is not intended to be a method that is practical for common domestic use, and comparing it doesn't really make sense. It's instead competing with modernist techniques where it is actually significantly more practical, for example separating the yolk and albumen, cooking them separately (but in compatible shapes), and putting them back together. By comparison, a 32 minute cooking time, transferring eggs between two water baths at 2 minute intervals, is quite easy.
-
Comment on Right to root access in ~tech
pallas Link ParentAn insidious problem with that, too, is that the applications will often not be honest about refusing to run; instead, they'll claim network problems, or temporary failures, or just not work, and...applications will refuse to run on any modified system.
An insidious problem with that, too, is that the applications will often not be honest about refusing to run; instead, they'll claim network problems, or temporary failures, or just not work, and sometimes will do so inconsistently. I had to stop using GrapheneOS when FreeNow suddenly just stopped actually calling taxis, while I was trying to get to the airport in a city where taxis simply can't be hailed without a smartphone in practice.
That standard corporate security practice often involves lying now is quite disappointing.
-
Comment on What are everyone’s favourite pens and stationery items? in ~creative
pallas LinkTo give an unusual answer: over the last several months, I've stopped regularly using any of my other fountain pens, and have entirely switched to vintage safety fountain pens. "Safety" is an odd...To give an unusual answer: over the last several months, I've stopped regularly using any of my other fountain pens, and have entirely switched to vintage safety fountain pens.
"Safety" is an odd term for them. In a safety pen a retraction mechanism makes it so that, when closed, the nib is actually in the ink reservoir, entirely, and the reservoir is fully closed. In some sense, this maybe makes it less likely to leak if shaken very strongly, something that seems unlikely. It comes with the downside that, if opened improperly, it will dump the ink out.
But the real advantage is that it is completely reliable. The ink never dries out, and the nib never dries out: there are stories of pens being found in from fallen soldiers in European battlefields that are still usable with the ink that had been put in them at the time. When opened, the nib is always in the same state, and writes consistently. There are also models with the sorts of flexible nibs that simply aren't produced today.
-
Comment on Soldering irons/stations - Buy once, cry once advice needed in ~hobbies
pallas Link ParentI have a nice Hakko somewhere, which cost significantly more than my Pinecil. I'm not actually sure where it is, however, as the Pinecil is simply useful enough that I haven't needed to find it....I have a nice Hakko somewhere, which cost significantly more than my Pinecil. I'm not actually sure where it is, however, as the Pinecil is simply useful enough that I haven't needed to find it.
Since I already carry a large enough USB C power supply for my laptop, and often have a battery pack with me, I can carry the Pinecil in a bag about as easily as I can carry a pen and use it, even if I'm not planning on doing any soldering, which makes it even more useful.
It may be 'not as good' in some ways, but the advantages that these sorts of cheap modern devices have over more traditional ones shouldn't be ignored.
-
Comment on I hate 2FA in ~tech
pallas Link ParentIn principle, they can just ask for consent at the time to use it for other purposes, and I have seen instances of that; it does mean that you can be at least somewhat confident they won't do so...In principle, they can just ask for consent at the time to use it for other purposes, and I have seen instances of that; it does mean that you can be at least somewhat confident they won't do so unless you check a box, at least, though they will sometimes a bit more dubiously put that box (unchecked) in a list of things like "I agree to the ToS".
In practice, they can try sketchier things, like the 'pay or OK' tactic (pay us or consent to everything if you want to see our site). And even if they just ignore the GDPR on a point like this, enforcement is dependent on who they are and where they are; they could be in a country with a strict DPA and find themselves quickly fined, or they could be in a country where the DPA really doesn't care.
-
Comment on Need a haircut (a good one) in ~life.style
pallas Link ParentI'd argue that online ones are not necessarily all scams, but in order to not be scammed, you'd have to know enough about tailoring, the industry, and measuring and fitting, that anyone asking for...Made to order will be in the 500-1500 range. Do not do the online ones. They’re all a scam.
I'd argue that online ones are not necessarily all scams, but in order to not be scammed, you'd have to know enough about tailoring, the industry, and measuring and fitting, that anyone asking for basic help like this would get scammed if they tried to go an online route.
Prices are rather dependent on location; I feel like currently, for, eg, London or other major city prices, it would be more around double the prices you list for each of those categories (with the exception of Savile Row itself, where both bespoke and mtm prices are significantly higher than double those prices, and at that point you're really paying more for the name; those higher price interestingly don't extend even to Jermyn Street).
-
Comment on Need a haircut (a good one) in ~life.style
pallas Link ParentTo add to this: I'd emphasise that getting the tailoring right is very important, and the person doing the measurements and fittings, and deciding on what to tell the tailor to do, is equally if...The suit just needs to be tailored. You can get a great looking suit from men's warehouse if they have a proper sales person who takes your measurements, holds the garments for their tailor, and helps you pick pieces that look good on you.
To add to this: I'd emphasise that getting the tailoring right is very important, and the person doing the measurements and fittings, and deciding on what to tell the tailor to do, is equally if not more important than the tailor doing the actual alterations. Finding a person who does a good job can be a challenge, but is important. There are limits to how far a suit can be altered, so looking around for a company that makes suits that already fit you at least somewhat well can be helpful.
I'd also argue that in terms of how you appear, especially when they are reasonably new, an extremely good fit is more important than quality of construction or materials, above a rather low bar (some cheap polyester, for example, is going to look bad regardless). While it is dependent on how well-suited the base size is to you, when I buy ready-to-wear suits, the amount I spend on tailoring and alterations can be comparable with the price of the untailored suit.
I wear a mix of bespoke, made to measure, and well-tailored ready-to-wear, and it is specifically some of the RTW that gets the most positive comments, even from people in the men's fashion industry. The suits are not nearly as well-constructed as some of my much more expensive ones, they aren't necessarily as comfortable, and they don't last as long, but they look very good, and that is entirely from how well they fit me.
Also: shirt alterations are much rarer than suit alterations. Bespoke shirtmakers usually don't alter shirts at all: they do fittings by making a shirt, doing a fitting, and then making a new shirt based on that fitting for the next fitting, until they have them right. However, when wearing a suit, shirt fit can be less important: sleeve length matters, but can be adjusted with bands if necessary, the shirt front needs to look reasonable, and the collar needs to fit, but most everything else is hidden by the suit.
-
Comment on I hate 2FA in ~tech
pallas Link ParentThat assumes the point of 2fa for these companies is to secure accounts, not to get contact information.Phone numbers/emails are recognized as a terrible way to do 2fa.
That assumes the point of 2fa for these companies is to secure accounts, not to get contact information.
-
Comment on I hate 2FA in ~tech
pallas Link ParentPeriodic password changes have had a SHOULD NOT recommendation from NIST for at least a decade or two. The recent proposed change was to make it SHALL NOT. Considering that, the number of state...This is partly the reason why NIST(I think?) recently decided to remove this recommendation from their standards.
Periodic password changes have had a SHOULD NOT recommendation from NIST for at least a decade or two. The recent proposed change was to make it SHALL NOT.
Considering that, the number of state and federal agencies in the US that require periodic password changes, often saying it is a federal government requirement, is infuriating.
Oh, yes - my comment was not meant as a criticism of @kfwyre at all; I was just rather curious about that being there.
I think it's just a matter of two completely different styles of pizza. European-style pizzas, at least in restaurants, are often thin to the point of not being able to be practically lifted and eaten by hand. I've also had these in California.