whs's recent activity

  1. Comment on Borderlands 4 | Official first look in ~games

    whs
    Link Parent
    BL2 is the last Borderlands I finished. I don't know is it me growing up or the game has gone downhill since Tiny Tina's BL2 DLC (all the season pass DLC also noticably has lower polish). I didn't...

    BL2 is the last Borderlands I finished. I don't know is it me growing up or the game has gone downhill since Tiny Tina's BL2 DLC (all the season pass DLC also noticably has lower polish). I didn't even finish TPS initially. BL3 feel like more of the same, but the new Sanctuary doesn't feel like home like how the floating city was. The gameplay feel like shoot everything and go to next area. Diablo 4 is more fun because they all die in a few hits and don't hide behind covers (or they do but your AoE kill them anyway.

    2 votes
  2. Comment on Anyone interested in trying out Kagi? in ~tech

    whs
    Link Parent
    To add something not others have added, Kagi can do rewrites. If you're using nitter/xcancel, old.reddit, BreezeWiki you can make Kagi always rewrite results to those domains. If you get AMP...

    To add something not others have added, Kagi can do rewrites. If you're using nitter/xcancel, old.reddit, BreezeWiki you can make Kagi always rewrite results to those domains. If you get AMP search results (which my region doesn't in Google), you can rewrite them to the non-AMP version. They appears in the same position as the original site.

    Bang is also a killer feature if you're coming from Google. Kagi do support custom bangs which I use for game wikis that I use. For example !runescape goes to the RuneScape wiki in DDG, but I also have !rs since I used it often. I also have !bs that goes to Brighter Shores wiki which DDG bang do not exists yet. Bangs do not count against your Kagi search quota and the response time is quite fast.

    11 votes
  3. Comment on CrowdStrike avoids customer exodus after triggering global IT outage in ~tech

    whs
    Link Parent
    I'd say security is more important than uptime. As other posters says, some projects might not need 100% uptime. However, if a user reuse passwords and that software get breached, the attacker may...

    I'd say security is more important than uptime. As other posters says, some projects might not need 100% uptime. However, if a user reuse passwords and that software get breached, the attacker may credential stuffing to other software. Not to mention other potential use of PII.

    I shudder to think about people who don't pass my interview bar so they have to find work somewhere, they might work for the companies that take government contracts and build things that store my data within the government...

    7 votes
  4. Comment on What are the cons of Google being forced to give up its control of Chrome? in ~tech

    whs
    Link
    Apart from browser engine freedom and revenue stream, which is already being discussed in this thread, one of the thing Google do with end-to-end control is that they shipped some experimental...

    Apart from browser engine freedom and revenue stream, which is already being discussed in this thread, one of the thing Google do with end-to-end control is that they shipped some experimental features by using Google's server. QUIC was first deployed this way as nobody know whether UDP traffic actually works in all environments in the real world, so Google developed a draft version and they could monitor the real world conditions.

    By separating Chrome from Google, the targeted website (usually the cloud service parts of the browser) may not be popular enough to reflect real world conditions. Perhaps Cloudflare would be willing to ship experiments like that to its own free customer network, but a browser monitoring users' usage of nonconsenting 3rd party website is its own legal issue.

    Other than browsing website, Browsers do have complete control over the Certificate Authority industry.

    In 2011, Google also had problem with malicious Certificate Authority issuing bogus certificate for its own domain. iirc Chrome has Google's cert pinned and Google were able to detect the attack. They then developed Certificate Transparency and enforced that every public certificates to be trusted by Chrome needs to be publicly listed on CT. Today, most TLS security recommendations (other than from OWASP and Apple) would recommend against pinning certificates, because of the widespread use of CT making it possible to monitor misissurances. Other than Apple and perhaps Mozilla, I don't know anyone else who would otherwise have pushed the state of the art like Google did if they have the same influence.

    5 votes
  5. Comment on Should I stop using Kagi because they do business with Yandex? in ~tech

    whs
    Link
    I feel like this is why most companies caters for advertisers and not users - one misstep can easily cause users to leave and reacquiring one is hard and you get a fixed amount of money. Acquiring...

    I feel like this is why most companies caters for advertisers and not users - one misstep can easily cause users to leave and reacquiring one is hard and you get a fixed amount of money.

    Acquiring a few large advertiser may be all that a company needs and you'd only need to make a handful of advertisers happy.

    4 votes
  6. Comment on Tips for increasing online privacy (without going insane)? in ~tech

    whs
    Link
    You should have a threat model in mind and justify on what is possible vs. the cost of doing so. For example, a smartphone will have built-in spywares and it's really hard to block this. With more...

    You should have a threat model in mind and justify on what is possible vs. the cost of doing so.

    For example, a smartphone will have built-in spywares and it's really hard to block this. With more vendors you add, the more spying. This means that using a Pixel or iPhone remove one vendor from the list (any Android phone will have Google Play Services regardless of vendors, but you can avoid Samsung or Xiaomi spying on you)

    Unlike webapps, every apps you install may spy on you. I prefer to not install apps if possible and use the web apps.

    I try to only implement protections that cover a lot of areas:

    • Use NextDNS as your "private DNS" provider in Android and let it block ads/trackers. (You can also choose to run your own Pihole on the cloud, but I didn't like the experience)
    • Use browser with ads blocking built-in, as DNS-based blockers has limitations. I use Firefox with uBlock (due to ideological reasons - I don't want to support the Chrome/Blink monopoly)
    • Prefer applications on F-Droid, but only if they are competitive to other applications. For example a QR/barcode scanner are dime a dozen, so Binary Eye is preferred to Google Lens.
    • I'm currently using Hail which supposedly "freeze" individual apps so that they should not run when I don't want them to. The document doesn't says it's 100% frozen though

    I like what PagerDuty wrote on their security training - "Be secure, but usable". Most people don't put ten locks on their front door, but not zero either. My university course teach me that you should not invest in protection more than the cost of the harm itself. My bike cost $70. I'm not buying $100 bike lock to protect it (although for some people the cost of having to walk/taxi home may also make that investment worthwhile)

    31 votes
  7. Comment on What games have you been playing, and what's your opinion on them? in ~games

    whs
    Link
    Borderlands 3 - Thanks to Steam family sharing I borrowed the game from my friends. iirc the game has negative reviews at launch, but playing it I feel like it's more of the same like Borderlands...

    Borderlands 3 - Thanks to Steam family sharing I borrowed the game from my friends. iirc the game has negative reviews at launch, but playing it I feel like it's more of the same like Borderlands 2. Unfortunately we play coop and my friend are quite busy so we haven't progressed much.

    Serious Sam 4 - Yet another "let's buy this game and coop" except we don't have time to coop, so I solo-ed a few maps. I think the game feel is kinda similar to the original SS, but the monster density is lower. Instead, they added newer monster designs that are annoying to kills (one is invuln from the front, one constantly teleport). The art style is weird since SS3 that the game try to be realistic, but it feel too static. The enemies doesn't stand out from the background much.

    Diablo IV - I don't have any incentive to play this game any more, except perhaps weekly citadel runs. Spritborn is bugged which make it so OP. Why play other classes when you would never be as good as Spiritborn. And this is not about pushing content - people playing Sorcerer are struggling to do The Pit 100, while I comfortably grind out my Spiritborn glyphs to 47 in Pit 100.

    Brighter Shores - New game from the original creators of RuneScape. So far it's looking good with several experimental game designs, although I wonder how this kind of fun would last:

    • There's no trading of any kind. Everyone is an ironperson
    • In the F2P version at least, combat has not much use outside quest bosses. Perhaps if the drop table is more discovered people may found better gear farming source, but right now you just farm the level-appropriate monster
    • The combat is turn-based like RuneScape Classic, with locked gears and pre-equipped items only. Although the river crossing boss shows how complicated this combat could be as they allow more objects to be interactable in combat. I love skilling in RS, which OSRS deemphasised it in both GP/hr and items/hr by doing PvM.
    • You have to start leveling combat all over in each zone, so I wonder if they'd ever add high level bosses and how would that work.
    • Every item I know of currently has one use. There's no need to save logs to use for either fletching, construction or firemaking - you can simply process it with carpentery immediately without FOMO of other uses.
    • Coop woodcutting can be fun, but you need to bank at the same time for this to work and they need to fix the running-to-the-wrong-side bug. We'll see if they add this to more contents. There's also no player "hub" right now (except for bank standing spots for each skills) to find partners.

    There are very few quests right now, unlike RS where there's a quest path to follow that minimize manual leveling up to the mid game. BS F2P currently has two quest chains of introductory level, then it skip to presumably mid game. There's a quest that everyone grind for though - like Fairy Tale Part II that gives fairy ring. This time it unlock additional banking spots that otherwise there's only one bank per type in the entire game.

  8. Comment on Overwatch: Classic limited-time event from Nov 12 - Dec 2 in ~games

    whs
    Link
    Trailer (I recommend watching the trailers for Overwatch 1 veterans) Blizzard is bringing Overwatch 1.0 into Overwatch 2 as a limited time event: Only heroes and maps available in the initial...

    Trailer (I recommend watching the trailers for Overwatch 1 veterans)

    Blizzard is bringing Overwatch 1.0 into Overwatch 2 as a limited time event:

    • Only heroes and maps available in the initial Overwatch release are available
    • Original balance, damage numbers, health pool, projectile sizes
    • Original skills, including Mercy group res, Hanzo's Scatter Arrow, D.Va self-damaging ultimate, Symmetra's teleporter
    • 6v6 matchup. Team composition are not enforced
    • For the first few days, hero limits are also not enforced like the initial release. (6v6 Winston only is possible) Then later the one hero limit is enforced.
    • Players are locked to the original skins

    What's known to change from the original game:

    • McCree is still Cassidy
    • Interrupted ultimate do partially refund the cost
    • Even though only original maps are present, the maps are presented as they are currently appearing in Overwatch 2
    • Gamemode rules from Overwatch 2 is used
    • This is still not replacing Overwatch 2 standard queue - the Classic event is available in the Event Hub and Arcade

    Overwatch 2 is Free-to-Play to old and new players. It is also available to download on Steam and PC Game Pass.

    3 votes
  9. Comment on What moderate countries are left to emigrate to? in ~travel

    whs
    Link Parent
    As Thai people I'd say most people don't have much hope in our country not going in the Fascism route. It was only a few years that we got out of almost 10 years of military junta in full or in...

    As Thai people I'd say most people don't have much hope in our country not going in the Fascism route. It was only a few years that we got out of almost 10 years of military junta in full or in half. There is also risk that we would play by Chinese Government's rules, but I think the actual strategy is just the classical Siamese Talk - play to the powers that are useful to us.

    It might be a fine country to live in if you're 1) white 2) rich (by Thai standard) 3) not into politics. The past few coups it's almost business-as-usual during daylight hours, just with more limited freedom of speech. We do have digital nomad visa now (need to show a bank account with more than ฿500,000 and an employment contract - you get 5 years visa with max 6 months per visit)

    3 votes
  10. Comment on Games with complex-required-supporting-real-e2e logistics? in ~games

    whs
    Link Parent
    Ah yes, this. Caveat of this game is that worker movement is virtualized, similar to OpenTTD. I came in trying to build two way transportation network then it didn't work out as expected. Turns...

    Ah yes, this.

    Caveat of this game is that worker movement is virtualized, similar to OpenTTD. I came in trying to build two way transportation network then it didn't work out as expected. Turns out the citizen do not go home and instead of Cargodist you'd need to force unload (like OpenTTD) to operate a transfer station.

    My favorite transportation game is still Transport Fever 2 where it has cargodist (every goods has clear destination where it wanted to go, and transfer station works as expected) and pretty well optimized - with hundreds of vehicle the game doesn't lag at all but the simulation slows down that 3x speed feels like 1x in empty maps.

    1 vote
  11. Comment on Games with complex-required-supporting-real-e2e logistics? in ~games

    whs
    Link
    I'm looking for something to satisfy similar itch too. I'm not sure would this matches, but I played Fallout 4 with Sim Settlement twice. The first version, then SimSettlement 2. SimSettlement...

    I'm looking for something to satisfy similar itch too. I'm not sure would this matches, but I played Fallout 4 with Sim Settlement twice. The first version, then SimSettlement 2.

    SimSettlement adds an automated city building to every player owned settlements in the game (except Home Base). Unlike Transfer Settlement where it just ctrl-c ctrl-v cities, SimSettlement has level 0, 1, 2, 3 blueprints for each town (although you'll need a map pack - the built-in pack do not contains some city and only have two levels).

    A blueprint is consist of static placed props (like light poles) and also premade plots, which is new content. Plots work similar to zoning in city building games - you (or the city plan) put them down, assign (or autoassign) someone to the plot and they will start building the plot. There are several plot types - residential (home of the assigned NPC, although there are "interior" plot for multiple people home), commercial plot, utility plot (generate power, water, etc.), farming, scavenging (generate resources), industry and advanced industry (with tech tree).

    A city grow by having its resource needs fulfilled - like a city builder, which means you need to go out and find resources to donate to city. SimSettlement 2 include a logistics center which create caravan to the next nearest city automatically. In the original game, caravan physically walk from city to city but it might not 100% work. SS2 virtualize the caravan traffic so that cities with leftover can spare food and water with every other cities. (The caravan still do physically walk and you can meet them en route)

    As for the actual gameplay, I turn down the resource requirements a bit so that I don't need to farm resources myself (the city's industries automatically generate enough resource to upgrade on its own). Early gameplay would be to try to capture the towns that should generate enough resources to steamroll the lategame, but it depends on the city plan. Sanctuary should generate water, Abernathy Farms and Greygarden generate food. Unfortunately, most community city plan are self-sufficient (I believe it was contest requirements?) so even a town in the middle of a ruin do generate its own food and water by hand-powered water pumps and street-level farming.

    SimSettlement 2 add voiced quests that are as good as the original game. In part 2 they added your own HQ, but last I played it is very resource intensive and probably needs real grinding and moving stuff around.

    From what I asked around most people recommended me the Anno series, which I object to UPlay so I don't have any plan to play that soon.

    2 votes
  12. Comment on Valorant is winning the war against PC gaming cheaters in ~games

    whs
    (edited )
    Link Parent
    I used to think that it's the server's job to perform anti cheat, but some cheats are done by simply presenting existing information in a different way: Games need to show player's casted shadows...

    I used to think that it's the server's job to perform anti cheat, but some cheats are done by simply presenting existing information in a different way:

    • Games need to show player's casted shadows and sounds, so the server needs to send players' location and foodsteps before they're actually visible. Cheats make those fact more visible. Valorant simply make the player do not cast shadow, but the visibility algorithm is quite expensive especially when you need to run it for every edge of player models to every other player, instead of just you to the other players locally.
    • Cheats can help the player remember more information, like when was this ultimate used last (that your client was told), where was this player seen last, whether they entered a hotspot (perhaps to place vision wards)
    • Cheats can help the player with game knowledge, like if an objective marker is placed on a 2D map the cheat software can lookup spawn locations and reveal that the objective is in the 2nd floor/basement of the house saving time searching the area.
    • Modding can make something appear differently. Like character models that appear bigger than their hitboxes in bright colors.
    • Botting is another concern for some games

    See OSRS's RuneLite as an example of how a game that supposedly do everything server-side can have "helper" software, although it is legitimatize in that game due to how dated the official client is. RuneScape 3 have Alt1 which is also allowed and operate purely by OCR.

    Anyway I think the problem with kernel anti cheats are:

    • Some of them is always on when the game is not active (eg. Valorant's). User mode game client (incl. traditional anti cheat) normally completely exit when the user asked it to.
    • Some games do not cleanly uninstall the anti cheats and remove any driver trust. In an upcoming change this also needs to be disclosed on the Steam store, but I doubt they'd be declared correctly.
    • It runs at higher privilege than the game itself. Many modern games shouldn't require UAC prompts to run or install. (The last few games I played I clicked "no" in the UAC install prompts and they run just fine. Usually they're just to ensure you have latest MSVC installed, etc.)
    • Instead of making it another security layer, it instead get used by lazy developers to fix their flaws. It might even be cheaper than actually fixing it (eg. it might be cheaper to run P2P games and let the host cheat with anticheat bypass, than actually operating a global fleet of trusted dedicated servers and hire people to handle abuse reports). I believe boycott is the only way to increase this cost.
    • Coop games are increasingly adding anti cheats, and sometimes even single player mode also require one as it runs the exact same binary as the multiplayer mode. I think cheating and modding in single player games and private coop lobbies should be allowed. Previously you could run games with VAC/Punkbuster turned off without the ability to join multiplayer sessions that requires anticheat tickets. Now I don't think any modern games with anticheats allow that at all, as they believe that it make crackers able to develop cheats unhindered on the moddable version.
    • I wonder about the longevity of these games. Online games might have servers that shutdown, but peer to peer games and single player games can last forever. Adding highly coupled operating system integrations may make the game unplayable after some iterations of Windows. Unlike Denuvo, anticheats usually aren't removed.
    12 votes
  13. Comment on US FBI creates token to expose crypto fraud ring in ~finance

    whs
    Link Parent
    I don't actively research Blockchain (I quit before Ethereum become a thing) from my understanding Ethereum allow anyone to deploy code into the Blockchain, written in its own language (usually...

    I don't actively research Blockchain (I quit before Ethereum become a thing) from my understanding Ethereum allow anyone to deploy code into the Blockchain, written in its own language (usually via a custom compiler) called "smart contract". Each instruction has a cost called "gas" which is paid in $ETH.

    The contract can hold money and data. So people invented the ERC20 standard which is standardized data and methods for interacting with tokens.

    2 votes
  14. Comment on Vox Media, on the hunt for new revenue streams, is exploring putting up a pay wall on The Verge in ~tech

    whs
    Link Parent
    Scroll, I think. Acquired by Twitter Blue. I think it was Musk who removed the feature from Blue. I think I liked the idea and if they've more sites that I read (such as Ars) I might have subscribed.

    Scroll, I think. Acquired by Twitter Blue. I think it was Musk who removed the feature from Blue.

    I think I liked the idea and if they've more sites that I read (such as Ars) I might have subscribed.

    5 votes
  15. Comment on The eye test image mystery in ~misc

    whs
    Link
    Feel like this video is too padded to fill a certain length. To summarize Nidek make the autorefractor machine used in eye exam. Their machine feature the balloon over a long road test image....

    Feel like this video is too padded to fill a certain length. To summarize

    • Nidek make the autorefractor machine used in eye exam. Their machine feature the balloon over a long road test image. Nidek states that test images featuring houses are not used on their machines.
    • The image is composited from different images. This fact was confirmed by Nidek to several people. However, whether it is 2 (road + sky/balloon) or 3 (road + sky + baloon) or others is unknown.
    • The road is revealed in a Japanese TV show among other sources, and image matching to be taken at Forrest Gump point in Monument Valley, Utah.
    • The balloon was identified by redditors to be Raven RX-7. A search through balloon database shows a N4036Y built in 1983, located in Colorado with similar livery. It is now out of service.
    • Nidek doesn't disclose the author of the image other than that it is one of their employee. The author theorized that Nidek CEO loves to travel to the USA and sponsored a balloon with their logo, but if it is their CEO who made the images they probably be boasting about that fact.
    11 votes
  16. Comment on What game do you consider an unconventional masterpiece? in ~games

    whs
    Link
    I recently completed Hypnospace Outlaw and I loved that game. When I first heard of it as one of the detective games like Obra Dinn and stuff where you have to trawl through data to progress in...

    I recently completed Hypnospace Outlaw and I loved that game. When I first heard of it as one of the detective games like Obra Dinn and stuff where you have to trawl through data to progress in the case.

    What I didn't expect is that the game is a heartfelt love letter to the Geocities-era internet.

    3 votes
  17. Comment on What game do you consider an unconventional masterpiece? in ~games

    whs
    Link Parent
    I was going to refund since the opening moves of the game feels very set - you have to build toilet, find water, build beds, compost, then start figuring out food. Then I found that I could set it...

    I was going to refund since the opening moves of the game feels very set - you have to build toilet, find water, build beds, compost, then start figuring out food. Then I found that I could set it to very easy. This make the colonist can live for a week without food. This make the early game more fun since the time limit is like 30 cycles instead of a 5 cycles. After that it was building using community blueprints (which was tedious to replicate since many are very packed)

    I got that colony to almost mined out the entire map except for space barrier and the lava space. The only problems I run into is that waterlocks are very hard to build (mods can simplify that), I need infinite liquid storage to deal with geysers and while thermal management is not yet a problem I could forsee it become a problem in another 200 cycles or so. They now broke Pacubox (pacu fish can grow to mature with zero food, so only a handful breeders need to be fed) I believe, so I haven't logged into that save since.

    1 vote
  18. Comment on What game do you consider an unconventional masterpiece? in ~games

    whs
    Link Parent
    There's a few "clones" of the document checking genre. Here's my review of the ones I played Not Tonight - I currently play this game, but the story is more sparse than Papers, Please. You play as...

    There's a few "clones" of the document checking genre. Here's my review of the ones I played

    • Not Tonight - I currently play this game, but the story is more sparse than Papers, Please. You play as a pub bouncer checking their ID for minors and fakes. I heard later on the story may be more intense and also other job options will open up (which still involve checking people's documents)
    • Contraband Police - I never played this one, but watching streamer play and I think it's the same game done in 3D. You may need to physically search their vehicle, and go to stores to stock up your checkpoint.
    • I can't remember if Mainlining was one of them. The game wasn't so memorable for me
    • Orwell - It's not exactly the same game, but you're tasked with reviewing people's online presences (including private places like hacking their personal computer) and judging whether to report that information as related to the crime. There's a story and I find both Orwell 1 & 2's story done quite okay.
    • Need to Know - If you need more Orwell it's basically that. Review people's document and see if they matches the provided criterias. There's a story and dilemma choices, but I don't think they do anything in this game other than giving you game over screens. The game is quite long (10+ hrs), but it's a grindfest where the story doesn't move.
    • Not For Broadcast - This one is not a document checking game. It's a FMV game where you have to switch between 4 live cameras footage. There are evening news shows, sportsboard (the footage is NSFW, can you make the live broadcast SFW?) and even musicals. The game also offer options of choosing the headline news options which affect routes, and also choice of ads which affect your rating to the TV station or the anti-liberty political party.
    1 vote
  19. Comment on Paetongtarn Shinawatra becomes Thailand’s next PM, youngest ever in ~society

    whs
    Link
    I don't follow my country's politics much (as the best place to do that is Twitter, and it also often present politics as rage inducing contents). But the last time I dipped into Twitter people...

    I don't follow my country's politics much (as the best place to do that is Twitter, and it also often present politics as rage inducing contents). But the last time I dipped into Twitter people are saying that in the last weeks the courts dissolved both the leading opposition party (for "changing the form of government" by proposing changes to lese majesty laws), and the prime minister (for appointing banned individuals to ministers), which also results in dissolution of the entire cabinet.

    The rumors I heard (which is no way verifiable) is that Thai elites do not like Move Forward Party (the leading opposition party, even though they won most seats) as the party wish to reform many things including constitution, lese majesty, tax, military, monopolies, local governments. This is their second dissolution, and their new party is now called People's Party. As for the outgoing PM he is a property tycoon, I think they wanted him to be the next Thaksin Shinawatra, a populist PM who came from the Telecom&Property industry, and went into exiled after a coup. Srettha, however, doesn't seems to have the same charisma as Thaksin and is probably the reason he get kicked this time.

    4 votes