Standard Notes is where it's at. Multi-platform support, auto syncs across all your devices, auto-save on update. No fuss, no muss. Think of it as Obsidian without the bells and whistles and a more sensible data persistence model. Full encryption and backups on demand.

Cheers!

There are two different cookies in there. You may extract the dCookie as you described, the team session token is stored in a way that you can't pull it that way, hence the need for code. In Firefox, two different databases are involved (cookies.sqlite and webstore.sqlite). The values in webstore.sqlite aren't accessible from the browser, hence the need for the extractor. Once the values are extracted it's necessary to get the right session token because Slack lists more than one (team, enterprise, etc.).

Cheers!

pr3d4t0r

This vulnerability is often use for good, as well as for evil. Many of us dislike the lack of flexibility, limited extension opportunites, and UI fugliness of Slack, so we use WeeChat IRC with the wee-slack plugin . In order to make it work, I and others have developed cookie extractors for Firefox and Chrome. The WeeChat + plugin user adds the cookie to the configuration via the /slack extended command, and off to the races.

Chrome is a bit more resilient in that the database is encrypted, but since the database is local it's only a matter of sleuthing using the browser console and applying some debugging kung f00 to extract the cookies. My implementation leverages Firefox because it's SQLite DB entries are in plaintext and it's a lot easier to deal with. An earlier implementation also supported Chrome but I dropped it because friends don't let friends use that browser.

Cheers!

pr3d4t0r

San Francisco police take forever to respond to a complaint or incident, if they respond at all. Having this option may be a very good idea, especially when it comes to disorderly conduct, fights, fireworks, and other incidents that the SFPD conveniently ignores. Since 2019 they tend to show up only there are major injuries or very large destruction of property. As a Citizen user, I support this idea.

Cheers,

pr3d

The version I heard from three people reluctant to take the vaccine is that they hesitate because it was granted only emergency use based on limited trials, and thus they don't want to be vaccine Guinea pigs. There are some I heard, though not first hand, that are in full Q-Anon crazy conspiracy territory, but the three I engaged at least had this somewhat sensible (albeit misguided) argument.

Yes, I'm fully vaccinated, and no, I'm not defending them. You asked for an explanation, at least some of them offered that argument.

Cheers!

pr3d

"Jesus Christ, Marie. They are time-tagged, evolved Earth-origin minerals."

Cheers!

pr3d

Hi.

I'll play Devil's advocate because my 8-year old kid has been training with WhiteHat Jr during the pandemic. My experience is colored by having enrolled him in a couple of kid coding camps before (e.g. MVCode) and additional coding advise he gets from his much older brother (professional security consultant) and me.

Context: 8-year old strong-willed kid who likes to do things on his own. He asked explicitly to have lessons, not from dad or brother, so he can feel it's "his endeavour" and we agreed to proceed. He finished the first two coding units, and started mobile development last week. He takes two guided sessions/week, plus a homework project after each.

Comparison points:
Bay Area elementary school coding classes were a joke; a bit of Scratch once every couple of weeks, not enough in-depth, he didn't realize (nor anyone explained to him) that he could install Scratch on his computer at home (2012 MacBook Pro Retina -- still going!) - near-zero learning from that.
Bay Area coding camps - meh. He learned a lot more Scratch over a 4-month period, started on JavaScript, played a bit with Minecraft coding, but the curriculum wasn't structured enough and he abandoned it.

WhiteHat Jr:
So far he loves it. He has the same instructor for every lesson, we are able to reach someone by email, WhatsApp, Instagram, or phone 7x24 if we need to re-schedule a class, kid can shoot questions to his instructor by messaging any time (and she's very responsive). There is a lot of copy/paste learning, but it's well structured and kid started writing his own games in Scratch and the Google Code Scratch-like environment, independent of teacher and course. On his own kid asked about basic shell programming, and he learned a few things like simple flow control, but decided that JavaScript or Python would be better for him; still very much a work in progress.

WhiteHat Jr provides a dashboard where you can track kid's progress, and based on what I know about my kid and what I see him do on the computer I'd say it's fairly accurate. They don't inflate the grades "to keep you on the meter" and his instructor reached out to me a couple of times when kid was slacking off. The instructors and the organization take their classes way more seriously than other kid coding camps (e.g. MVCode).

In general I feel happy about the service, kid wants to continue at least until he finishes the mobile dev module, I see no reason to stop.

Cons:
The WhiteHat Jr CRM and sales crews are harder to shake off than the mafia. They have high pressure sales as the end of a course package approaches (around 6 classes before the end), and they have other somewhat annoying cross selling / network marketing bits like trying to get referrals and granting prizes for X number of referrals. To their credit, I sent a single email asking them to stop pestering about class renewals until a given date, and they obliged.

Last con: when they start calling, they will call 2-3 times in a row, several times a day, until they're told to stop. A bit high pressure, but I see it as a cultural (have dealt with Indian companies before) as well as a sales technique. And they do stop the first time you ask them. They're also good at returning the call at a convenient time -- I've told them "call me back on Aug 20 at 19:00 PST" and they are punctual, and stop calling until then. The sales pestering can be annoying.

Overall:
I wouldn't consider WhiteHat Jr for a professional coder or for kids who have a stronger programming background. I expect my kid to grow out of it in the next six to nine months, as he explores programming on his own. For the time being I feel happy with kid's progress, enjoy the interactions I had with his instructor, I like the dashboard reports, and I feel unhappy about the sales pressure; overall it's been a net positive. But I also think it's not for everyone. I don't care about the lawsuits beyond the effect they may have on classes and instruction. I agree with Poonia's position that the marketing is a tad aggressive, no idea about whether there's infringement or other issues.

I feel curious about others' experiences as well.

Cheers!

pr3d

One more thing: BSD license -- do as you want/wish.

I'm working on something like that with a backup/restore/upload/download logic wrapper around rclone - would love more use cases outside of AWS (my current target) via https://github.com/pr3d4t0r/po...

The current workflow is:

1. Snapshot to cloud service on-demand, cron job, whatever
2. You may also upload to cloud service and wipe local file system
3. Download/sync from cloud to device as needed

Cheers!

I tried DuckDuckGo for 90 days -- the overall quality of results is poor. Someone advised me to use Qwant instead -- I trialed it against DuckDuckGo (browser 1), Google (browser 2), Qwant (browser 3). Qwant's results are much better than DuckDuckGo, and a lot less ad-influenced than Google. Qwant is based in France (different data handling rules).

Having tried all of these, I've decided to switch to Qwant full time. Better balance of effectiveness and privacy than DuckDuckGo has shown.

Cheers!

No, we don't want Texas back. Nobody likes Texas.

California, and Arizona, though -- we'd be game for that.

Cheers!

By the way - I tried some of these Bitcoin ATMs in the past -- the commissions are way, way, way too high. These may be a good "convenient" option only when there's a price crash. Not worth it when BTC is trading >= $4K. The convenience doesn't outweigh the super high cost.

Cheers!

LocalBitcoins is a good place to sell somewhat anonymously, if you know what you're doing. The site tries to avoid regulation at all costs, so they push US buyers and sellers into KYC as much as they can, to keep the feds at bay. If you spend some time there, though, you can find someone willing to meet you in person at some café and close the transaction. Some foreign buyers/sellers use PayPal and Xoom, and in most cases the experiences are positive. The only fraud I faced (for around 0.1 BTC) was a purchase using a real US bank and Zelle; somehow they reversed the transaction after the BTC had cleared escrow. Have a look at Bisq as well.

I travel a lot outside of the US, trading in other countries, in person or using non-banking payment services, is easy and convenient if you happen to already be outside the US.

Cheers!

If you're serious about speeding, you coordinate with a group of friends and send a few lookouts (and if possible a couple of decoys) ahead of time. Turn Waze on, have your pals on mobile or radios, ensure that you have a decent radar/laser detector on, and then go at it. Extra points if you take turns during the duration of the drive: open up the engine for a while, swap tod being a lookout or decoy for your buds. Because, shenanigans.

And if you're serious about racing, take your car to the track and go at it. Much safer and equally thrilling. Extra fun if you race against others (especially if you had proper training).

Either way, if you are going to speed, have a mechanic go over the car(s) involved, including tires, before you commit to going fast. You don't want vehicle failures to cut the fun short and to endanger you and others.

Last, if you insist on doing this out on the road: look up "traffic clinic" or similar in your area -- they are lawyers who specialize in getting people out of moving violations. If you get caught don't argue with the cops - take the ticket, or roll with whatever penalties without fuss (because a bored cop may decide to arrest you and give you extra hard time) and call the traffic clinic/attorney as soon as it makes sense. Let the traffic clinic handle the ticket and do everything they advise, to the T. No points and traffic school, or case dismissal, are common outcomes for high speed violations unless you were also DUI. The lawyer cost will be as expensive as the ticket itself, but no points on your record and automatic license renewals in the future are the outcome you shoot for. Remember too that the counties love the revenue from speed tickets -- so you may end up paying some kind of "court cost" -- that's part of your costs, and it won't show in your driving record. That's a great upside. You don't want high costs to insure fast cars or motorcycles later.

Cheers!