bjorney

Wonder if that includes Uber eats?

This may be the Canadian in me, but my municipal dump literally has a spot for people to bring these (and other pressurized gas canisters) for safe handling and recycling

I was trying to say the cost savings of packing lunches is not absolute, and is dependent on the opportunity cost a person places on time spent at home cooking.

But I see now that you are just incapable of the critical thought necessary to deduce meaning beyond the concrete text placed in front of your eyes

you’re not going to convince me that eating out for lunch every single day is even remotely comparable in cost to half-decent meal prepping.

I’m trying to point out that the premise is flawed because you are assuming there is no opportunity cost associated with time spent meal prepping at home. If I make $50/hr at work and wish I had more free time at home, then it’s a wash, and I’m just as well off getting subway every day

You are missing the point, it’s not “4.5 hours a week of work” vs “absolutely nothing”, it’s 4.5 hours of work vs however long to have to work to pay for the ingredients, plus the time to make the food. If I spend an hour meal prepping and it takes me an hour and a half to pay for the ingredients, eating out at lunch only costs me 2 additional hours of my time, not 4.5

I also don’t know what meal you are preparing where chopping veggies, searing meat, packaging and cleaning up afterwards only takes 20 minutes. Even making chili, which is the prototypical “throw everything in a pot” recipe takes me north of an hour when all is said and done

And meal prepping is 2 hours of your week every week, plus however long you have to work to pay for the ingredients, which is probably another 2 hours

Some people like the taste and don’t mind paying for the convenience - full stop.

Also the vegetarian option at most fast food places is generally more expensive and worse tasting

Especially because it’s to a newbie, who stands to benefit the most from using an OS with more user share and more available online resources.

“first alpha release is expected ~16 months from now”

“First Impression: I was not impressed”

You don’t say

You should look at how OPs example works first maybe

The python interpreter isn’t parsing comments, the add() function is just getting the current line number from the call stack context, and using a regex to spit out the numbers to the right of the “#” on the current executing line of the source code.

Do you stay away from C++ too? You can do this there too

https://en.cppreference.com/w/cpp/utility/source_location/line

This stuff is normally used for creating human readable error messages. E.g. printing the line of your code that actually set off the exception

The add function in the example above probably traverses the call stack to see what line of the script is currently being executed by the interpreter, then reads in that line in the original script, parses the comment, and subs in the values in the function call.

This functionality exists so when you get a traceback you can see what line of code triggered it in the error message

It’s really not that complicated. At a high level:

• $5/mo for having the service turned on
• $5/mo for every TB storage above and beyond the first 1TB
• $1 for every TB of data transfer beyond the first 1TB in a month

And then divide those numbers because it’s actually billed by the hour

That assumes that an adversary has control of the browser

No it doesn’t, if they intercept an encrypted password over HTTPS they can resend the request from their own browser to get access to your account

The big reason you don’t want to send passwords over https is that some organizations have custom certs setup

What is the problem with that? The password is secure and only shared between you and the site you are intending to communicate with. Even if you sent an encrypted password, they wrote the client side code used to generate it, so they can revert it back to its plaintext state server side anyways

It is better to just not send the password at all.

How would you verify it then?

If not sending plaintext passwords was best practice then why do no sites follow this? You are literally posting to a site (Lemmy) that sends plaintext passwords in its request bodies to log-in

Client side verification is just security by obscurity, which gains you very little.

If someone is capable of MITM attacking a user and fetching a password mid-transit to the server over HTTPS, they are surely capable of popping open devtools and reverse engineering your cryptographic code to either a) uncover the original password, or b) just using the encrypted credentials directly to authenticate with your server without ever having known the password in the first place

The word ‘decipher’ is doing a lot of heavy lifting. I’m wondering if they socially engineered or just found it written somewhere in the house?

You can plausibly brute force up to 4, maybe 5 words of a seed phrase. It takes longer than a normal password because every seed phrase is technically valid, so the only way to know if your brute force is successful is to generate thousands of addresses at each of the different derivation paths you may expect funds to exist at.

The same seed phrase is used for Bitcoin, Ethereum, Monero, etc, but each currency uses the seed phrase to generate addresses in a slightly different standard. Additionally, each wallet uses a slightly different variation of that. Within each wallet is a notion of accounts, and within each account you could have dozens of addresses. You need to generate each of those addresses, and scan each cryptocurrencies blockchain to see if those addresses have ever been used.

Realistically one of three things happened: his seed phrase was written down and they found it, it was password protected or on a drive with weak AES encryption and they cracked THAT instead, or finally, he used a hardware wallet and they exploited a firmware vulnerability to lift the PIN and transfer out funds and/or read the seed from the device

You are acting like someone checked off a “log passwords” box, as if that’s a thing that even exists

Someone configured a logger to write HTTP bodies and headers, not realizing they needed to build a custom handler to iterate through every body and header anonymizing any fields that may plausibly contain sensitive information. It’s something that literally every dev has done at some point before they knew better.

I watched all of that and I still don’t get it

Does Google Cloud not count as “own hardware” for google?

That’s why the bars are so different. The “cloud” price is MSRP