And the blog's logo has 4 letters n 4 mario colors. They aren't a sequence (YGVR) that is found in any title for the first 4 letters. For the last 4 letters either, but Maro Party 7 is a close match with: YGVO.
Thanks for your recommendation! With Sonophone, my group of one Sonos Outside + 2 old Play:3 speakers now reacts almost instantly instead of waiting minutes for that group to be ready to be controlled. Awesome.
One use-case I always try is to have an AI try to read a school calendar image where days off are or days of interest are highlighted using a legend. i.e.: days with a square, circle or triangle or different color, etc.
When asking days for specific days of interest for the school year, AIs always struggle. They get some days right but forget some or fabulate new days. They fare a bit better if you remove some of the noise and give them only a picture of a month but even then, it's unreliable.
The comparison isn't exactly fair. I love my Tesla and won't go back but if I'm not mistaken when leasing other brands you can buyback the car at the end of the term which isn't the case when leasing a Tesla.
Oh believe me it will be the case. EV technology is moving so fast and as a result ev depreciation is so high they will be glad to sell you the car after two to three years, even if the contract does not currently provide for it.
Perhaps they do not want to put it in the contract now because they have some increasingly desperate robotaxi dreams, but it is clear to me that the robotaxi aint happening with the current hardware, and in a couple of years even elon will have to admit that.
> EV technology is moving so fast and as a result ev depreciation is so high they will be glad to sell you the car after two to three years
Doesn’t this imply even-faster falling prices for ICE vehicles? We’re nowhere close to the Norwegian death spiral [1], but at 7.3% of sales growing at 2.6 percentage points YoY from a 1% base [2] we’re 5 years from their 20% fleet penetration rate [3], which implies a lot of gas cars being sold today will be scrapped versus resold. (I own a gas car. I expect to drive it until write off / they start penalty taxing gas.)
The cheap leases for EV's from other brands ($250/month for a Hyundai EV6 is a steal) rely on high residuals. So even if you can buy the vehicle back at the end of the lease there's a good chance you won't want to.
With the exorbitant cost of changing out the batteries once they crap out, unless you planned to replace the car anyway by that point, it seems like leasing EVs would be the ideal solution. Drive it for the lease period, then when the time comes for the batteries to get replaced, someone else is footing that ~20k bill.
I've owned an EV for 7 years, ignored the recommendations (I charge to 100%, use fast chargers, etc) and the degradation is like 5-10% over those 7 years.
I think most EVs are more likely to be totaled by a crash than have their batteries replaced due to wear or defect.
For my Mazda I got a fair-market estimate price at the time of lease signing. Tesla doesn't allow you to buy a used Model 3? If so, why is it they won't let you buy your used model 3?
"The Robotaxi Repo Theory: Tesla overstated S/X sales in 2018 using new lease accounting methods, however this led to large 1Q19 writeoff. To avoid further writeoffs, TSLA declares cars appreciating assets in 2Q19, allowing collateralized borrowing to be considered sales."
As a developer/CTO who's use-case when travelling is just being able to take care of emergencies if something present itself I wanted to do away from bringing a laptop in vacation. Since I develop using Docker, my solution is basically an EC2 machine I can fire if needed that has VSCode installed as a server running in a browser with Docker installed in the same machine. Basically a cloud dev environment available in the browser.
It's amazing how it all works well, even the Docker integration inside VSCode. The main thing that doesn't work as well as locally is searching the source code which is very slow. A work-around would be to search your code separately in Github or whatever service you use.
Anyway, with this setup, I can go away with a clear mind that I have a dev machine available even if I only bring my iPad (with keyboard cover).
I trialed a similar set up with code-server for a few weeks, and was shocked at how well it works, provided stable and fast internet access.
Although VSCode is impressive, at the end of the day, I'm an emacser. I went back to: emacs in a terminal over mosh, accessed with Blink Shell on the iPad; or access the same instance over Microsoft Remote Desktop for a desktop experience.
emacs in a Blink terminal over mosh is still my goto; I haven't found a better solution yet. It's surprisingly effective, and being able to access it instantly over the cell network of my iPad Pro is awesome for dealing with emergencies/little changes while I'm traveling.
Who says an attacker auth Web site cannot ask for the MFA code behind the scenes and supply it? Problem is no one, especially Twilio employees shouldn't never click and never trust any link they receive from trusted or untrusted source. They should use the links they already have bookmarked.
For properly implemented MFA (FIDO/U2F tokens) an attacker-spoofed website can't ask for the code behind the scenes - i.e. they can ask, but they'll get a code that won't work on the proper site.
Not sure about MFA with a USB key but for the sake of the argument, if they are using App-based MFA as their own Authy, I would think a headless browser in the backend of the fake site accessing the proper site on behalf of the real user would do the trick. It asks the code for the user on the real site and the user replies on the fake site and the fake site supplied the real code to the real site. The only thing needed is that the user gets and supply the code that was asked on their behalf to the fake site.
Is what you're responding to, and such an attack cannot work with them. The parent comment already clearly understands the flaws of Authy, you don't need to talk through it.
I'll try to explain the key difference between totp and webauthn style flows, as it relates to security here.
Conceptually, you can think of it as the hardware token (the yubikey or whatever) gets the site domain name the user is on from a trusted source (the browser), and then sends back a secret that is specific to that hardware device and domain. If they're on the real site, the token sends the right secret, but the attacker can't intercept it since it's sent directly between the local browser and usb device. If they're on a fake site, the secret will only work for that fake domain, not the real one, so the attacker can't forward it and have it work.
Many large tech companies use hardware tokens of this sort now, and for a company of twilio's size it's quite reasonable to expect that they provide such a token to employees and mandate using it when accessing customer data.
No, MITM does not circumvent that, unless you can MITM the TLS connection and convince the browser (not the user) that you're actually connecting to the proper domain, e.g. hacked private keys or malicious CA issuing fake certs, which is quite rare.
For U2F, there is no possibility for a user mistakenly approving one site's challenge on another site, if the challenge request is coming from (and the response would be sent to) https://badsite.com, then any challenge that's not for https://badsite.com would be automatically rejected by the browser even before asking the user anything. (This is the type that is usually implemented through a USB key.)
That's why I don't give my mobile number to any mobile service. Heck, I don't even give it to my service providers. I use Twilio phone numbers as a filter to transfer voice or texts without using my real number.
