16·
3 months agoNot that I’ve seen, but I know some people who somehow missed the video, and he doesn’t link to it on the website so:
- 0 Posts
- 87 Comments
Joined 11 months ago
Cake day: August 4th, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
2·4 months agoPixels have this too. I believe one plus does too but I don’t remember. Idk about anyone else.
The notification itself is super helpful if you care about battery health. There are apps that try to do it if your phone doesn’t have one, but they aren’t nearly as well integrated into the system and are therefore more clunky.
The insane/annoying part is just that the setting is not opt-in. Or whether there’s a setting to turn it off.
That’s why Pixels and some others have a “smart charge” feature that will wait to charge your phone until just before your alarm time so that it will finish right before you take it off the charger.
why am I going backwards to needing to babysit my phone when it’s charging, and why would anyone want to charge their phone when they want to be using it vs when they’re asleep?
I honestly don’t understand why people have such trouble with this. I can throw my phone on a charger when I go to shower and it’s at 80 percent when I get out, and that’s enough for my day. I could leave it while I get dressed and eat or something and it’d be at 100 if I needed. I don’t need my phone 24 hours a day. And there are many points in my day where I’m not using my phone for an hour that I could spare to charge it. I don’t need to leave it burning away permanent battery capacity for hours and hours every night.
Yes, the battery doesn’t charge to “dangerous - could explode” levels. But they very much do still charge to levels that are damaging to long term health/capacity of the battery.
Yes, they tune the batteries so that 100% isn’t the absolute cap. But even with that accounted for, many batteries will be above values that would be considered good for the long term health of a lithium cell. 80 percent on most phones is still very much at levels that are considered damaging to lithium batteries.
To put it another way, the higher you charge a lithium battery, the more stress you put on it. The more stress you put on it, the fewer charge cycles those components will hold. It’s not like there’s a “magic number” at 80 percent, it’s just that the higher you go the worse it is. Yes, some manufacturers have tweaked charge curves to be more reasonable. But they’ve also increased limits. Many batteries now charge substantially higher than most people would consider sustainable.
And after such changes, 80% lands pretty close to the general recommendations for improved battery longevity. Every percent will help, but it’s not a hard and fast rule.
Calibrations have gotten a little better in some ways, but all you have to do is look at basic recommendations from battery experts and look at your phones battery voltage to see that almost every manufacturer is pushing well past the typical recommendations at 90 or even 85 percent.
It hasn’t been in a long time. Charge controllers still charge to damaging voltages anyway. 100% isn’t 100% but you can very easily check the voltage on phones and many still are into damaging territory beyond 80%.
Can’t answer the rest of your question because I don’t use a one plus but:
aren’t you supposed to charge the phone overnight?
No, you aren’t “supposed” to charge your phone overnight. Leaving your phone on the charger at 100% is actually pretty bad for long term battery health. Hence why the notification exists in the first place. Modern phones also full charge in like an hour, so this leaves your phone in that state for many hours.
The longer story is it’s actually best to stop charging your phone at 80 percent unless you really need the extra juice, because any time your phone spends above that is potentially damaging, but that tends to be hard to deal with for most people.
Most of the phones I’ve seen with this feature have a “battery warning” or “charge notification” or “protect battery” type setting somewhere you can turn off. But again, I’ve never used a one plus so Idk if they do or where it is.
I really do not understand how server anti cheat is not way easier.
In a clean slate, it is. It’s also way more effective (except for things like wall hacks, aim bots, recoil suppressors, etc, but most of those things are only really important and popular in competitive FPS). It’s also much simpler to understand and to leave no “holes” behind. It also lives in the developers domain so it can’t be “compromised” or circumvented.
The thing is that client side “anti cheat” can be commoditized. Every game with server authority/anti cheat needs specific server software to run their game logic. Client anti cheat is basically “look at everything else running on the system and see if any of it seems suspicious”. As such, there’s not really anything “game specific” to these - they basically are just a watch dog looking for bad actors - so as such, one company can come along, make one, and sell it to other devs.
This being “off the shelf” and not something the dev team has to think about besides a price tag means that management is just going to buy a third party solution and check off the “anti cheat” box on their task list.
I feel like devs are caught up on realtime anti cheat and not willing to do anything asynchronous.
First, this is a management problem and not the devs. Any dev worth their salt knows this isn’t really a good solution.
But I’d say the more relevant and prominent thing here is that game companies just don’t want to have to run servers anymore. It’s a cost, requires dev time, and requires maintenance, and they don’t want to do that. If these games had servers running the game world like games used to, they’d inherently have their own “anti cheat” built in for free that wouldn’t necessarily catch everything but would do a better job than some of these. And it could be enhanced to cover more bases.
But studios don’t want to do this anymore. It’s easier to make the game p2p and slap an off the shelf anti cheat and call it a day.
Some games still require matchmaking servers etc, but the overhead there is way lower.
Or they really like paying licensing fees for client-side anticheat.
Not that I agree with the decision, but it is definitely cheaper and faster than the alternative. But picking something like nprotect totally fucking baffles me. There are better options.
I just don’t understand how any competent software engineer or systems admin or architect trusts the client so fervently.
In some ways, same. Every project I’ve been on that has gotten anywhere near client side trust I’ve fought adamantly about avoiding it. I’ve won most arguments on it, but there are some places where they just utterly refuse.
But then there are things like New World… I don’t know how the fuck that shit released like it did. The number of things trusted to the client were absolutely baffling. I expected Amazon’s first foray into gaming to be a fucking joke, but I was totally appalled at how bad it turned out. They even touted hiring ex blizzard talent to get my hopes up first.
I don’t know if this makes me “a redditor” somehow or what, but…
As a dev, I am deeply troubled by the gaming industry so calmly walking into kernel anti cheats. It’s insane and being tossed around like it’s nothing.
Helldivers especially, since they picked one of the sketchiest ones and it’s a game that entirely doesn’t need it.
I have no idea if Reddit has suddenly picked up on this, but I’ve been pissed since at least Valorants release, but have seen more YT videos talking about it recently.
I had a programmer lead who rejected any and all code with comments “because I like clean code. If it’s not in the git log, it’s not a comment.”
Pretty sure I would quit on the spot. Clearly doesn’t understand “clean” code, nor how people are going to interface with code, or git for that matter. Even if you write a book for each commit, that would be so hard to track down relevant info.
2·4 months agoYeah this is why I don’t get it. If you expect me to respond instantly, you should be placing a phone call and not sending a text.
711·4 months agoWhy not just sort me out of the Mailing-list?
Because that would cost their time instead of yours
752·4 months agoTo make sure millenials can’t read your password, 𝔀𝓻𝓲𝓽𝓮 𝓹𝓪𝓻𝓽 𝓸𝓯 𝓲𝓽 𝓲𝓷 𝓬𝓾𝓻𝓼𝓲𝓿𝓮.
How would this mess with millennials? I think you mean gen z.
9·4 months agoProblem 2 also shows they have no double checks on access to private video feeds. Mixing up what’s being requested at any step and not reverifying anywhere after that point just reveals fucking terrible security practices.
No, this does actually sound like a solution. But it’s a solution that should be scattered all throughout the process, and checked at multiple steps along the way. The fact that this wasn’t here to begin with is a bigger problem than the “client library failure” as it shows Wyze’s security practices are fucking garbage. And adding “one layer” is not enough. There should be several.
To give a bit better context, which I can only be guessing at by reading between the lines of their vague descriptions and my first hand experience with these types of systems…
Essentially your devices all have unique ids. And your account has an account/user ID. They’re essentially “random numbers” that are unique within each set, but there appear to be devices that have the same ID as a some user’s user ID.
When the app wants to query for video feeds it’s going to ask the server “hey, get me the feed for devices A, B, and C. And my user ID is X”. The server should receive this, check if that user has access to those devices. But that server is just the first external facing step. It then likely delegates the request through multiple internal services which go look up the feed for those device IDs and return them.
The problem that happened is somewhere in there, they had an “oopsie” and they passed along “get me device X, X, X for user ID X”. And for whatever reason, all the remaining steps were like “yup, device X for user X, here you go”. At MULTIPLE points along that chain, they should be rechecking this and saying “woah, user X only has access to devices A, B, and C, not X. Access denied.”
The fact that they checked this ZERO times, and now adding “a layer” of verification is a huge issue imo. This should never have been running in production without multiple steps in the chain validating this. Otherwise, they’re prone to both bugs and hacks.
But no, they clearly weren’t verified to view the events. Their description implies that somewhere in the chain they scrambled what was being requested and there were no further verifications after that point. Which is a massive issue.
It doesn’t even need to go that far. If some cache mixes up user ids and device ids, those user ids should go to request a video feed and the serving authority should be like “woah, YOU don’t have access to that device/user”. Even when you fucking mix these things up, there should be multiple places in the chain where this gets checked and denied. This is a systemic/architectural issue and not “one little oopsie in a library”. That oopsie simply exposed the problem.
I don’t care if I was affected or how widespread this is. This just shows Wyze can’t be trusted with anything remotely “private”. This is a massive security failing.
Amongst many other reasons, my biggest is it’s not searchable by search engines.
Well gee, I hope you don’t use texting, phone calls, emails, private forums, social media DMs, or talk to anyone IRL, because those aren’t searchable either!
This argument seems like reaching for something to complain about rather than having a legitimate problem with discord. If anything, you don’t like the “large group chat” paradigm, but that’s like hating a screwdriver because it’s not a hammer.
I think discord is primarily just useful for voice chat, yes.
But:
It’s a closed ecosystem that locks what would otherwise be searchable knowledge on the web, with an unsearchable, proprietary lockdown of that information.
Yeah, no. Proprietary, sure, but you can say that about almost communication mechanism that’s not a website with an API. It’s not like people would otherwise be posting these things somewhere else if discord didn’t exist. If it wasn’t discord it’d be slack or something. Discord is an entirely different medium and complaining that it isn’t a forum is just not a legitimate argument. They’re entirely different things.
The only scripts I’ve seen still leave a giant empty box at the top… Are there any that fix this too?