But have you considered, line goes up?

Sadly, there are probably a lot of developers who are burning the candle at both ends to push this out the door, on an unrealistic schedule. And who will then burn the candle in the middle as well when the release is a buggy mess. Only to finally be tossed aside like so much trash when the game fails to realize these unrealistic expectations. And all of that will squarely be the fault of management, who will wipe away crocodile tears with the profits this game will generate. Just not the profit they unrealistically promised investors; so you know, the game was actually a failure. Fuck EA’s management, the world would probably be a better place if the C-Level suite and board room got emptied out by some disaster.

Valheim.

Mistlands - Not because “whaaa, Mistalnds hard”, but because the whole area is built around verticality and the game engine most certainly is not. Combat is Valheim is generally pretty good, but after a reasonable amount of playtime, you will experience the frustration of swinging under/over enemies, because of minor variations in terrain height. Mistlands dials this problem up to 11, with the added bonus of enemies which specifically take advantage of this problem.

The Mistlands also turns exploration into a boring, grindy chore. The shorelines are a nightmare to sail around and even with the wisp, the mist is always too close to deal with said shorelines. So, you’re hoofing it through terrain which is designed to be difficult to navigate and move across. The feather cape helps, a bit. But, you’re still going to spend way too long faffing about, jumping up one side of a ridge and floating down the other, only to find that you’re in a gully with nothing useful and need to jump up the other side. Seeing dungeon entrances at any range is impossible. Enemies regularly pop out of nowhere and you’re forced into dealing with the combat verticality problems.

I’ll also throw a bit of shade at “Refined Eitr” as a resource, though I think the problem is less the resource and more the grind to get the parts for it. To start with, you need to make a Black Forge, to make that you need Black Cores, to get Black Cores, you need to spend hours in the mists hoping to stumble across one or more dungeons to get the cores. And inside the dungeons, expect lots of combat where the verticality problem is on prominent display. Now that you have the Black Table, you get to make the Eitr Refinery, which requires more Black Cores. Hope you enjoyed getting them the first time! Ok great, more cores obtained, time to go stumbling about again looking for Soft Tissue. With any luck, you’ve been mining (or at least marking) nodes along the way. Though, expect to spend more time lost in the Mists, you need a shit ton of Soft Tissue. Thankfully, this is a resource you can take through a portal, so that’s nice.

And finally, you get to raid Dverger towns for a required material to extract sap, a Sap Extractor. “What about trade? Vikings were well know traders”, you ask. Nope, fuck trade, all that gold you’ve been collecting, go spend it on some clothes which you will never actually use. You want a Sap Extractor, put on your killing pants and get raiding. Ok fine, we have our Sap Extractor covered in Dverger gore. And that gets us to the least horrible part of our Refined Eitr. Sap extraction is not terrible, find a spot with several roots in close proximity and just rotate a few extractors through them.

Right let’s get our Eitr Refinery built…and why the fuck is one of the input ports on the top? Ok whatever, I’ll build some stairs and…why the fuck is this thing tossing off damaging sparks? Yes, I know you can wrap it in iron bars, but seriously what the fuck? Why is this even a game mechanic? It’s really the perfect metaphor for all of the Mistlands. It’s needlessly annoying and doesn’t really provide anything positive for gameplay or fun. Just another pointless grind tossed in because, “players like hard things, right?”

Mmm, feel that nice astroturf.

The initial access seems to include an Apache CVE from 2019 and a WordPress plugin CVE from 2017. Honestly, UCSD should write a “thank you” letter to Androxgh0st for highlighting their poor patch management, and only using it for C2 in the process. Rather than as a beachhead into the network for a full-blown ransomware attack.

If your patch management is this bad, you shouldn’t be allowed to put stuff on the internet.

For anyone else who asked:
WTF is deepin?

It’s less fun than the first guess I came up with based on the name “deep in”, and it’s really just a Chinese Linux Distro with a bunch of re-packaged and/or proprietary applications. Which, one would expect, to be completely balls “deep in” your private information.

Why We’re Opening Betting Sponsorships

Because holy fuck that’s a lot of money.

How We’re Doing It Responsibly

We’'re not. We’re just trying to cash in and pretend we’re not going to take advantage of people with poor impulse control.

I have it on good authority that you currently have a project idea which you can use to pick one (or more) of those paths and start learning. ;-)

For example user management in studio3T

Not sure how I missed this on my first read of your post. But, this looks like a fancy front end to making MongoDB calls. That makes life easier, MongoDB has a well documented API and a driver for C#. As an aside, if you want to get really good at PowerShell, getting a basic working knowledge of C# and .Net in general is really helpful. For the lazy (and I always like lazy), there’s even a pre-built MongoDB module on the PowerShell Galley called Mdbc. There is also the Project’s GitHub Page which has a lot of useful info.

Granted, this path likely means learning enough about MongoDB to create/delete/modify users. But you came here expecting a load of homework, right? Also, this is a good excuse to spin up a docker container running MongoDB and go hog wild breaking the fuck out of it (just call it “research” if management asks). And who doesn’t love breaking stuff?

I’d also note that you may be able to get some help along the way by capturing the network traffic to the server caused by the Studio3T GUI. WireShark can capture the traffic to/from the DB server and you can read that to reverse engineer some of the calls you care about. Just, make sure you talk to your security folks before you download/install WireShark. If they are worth their salt, they’ll understand an engineer installing/running wireshark, it just makes their day easier if they know the alert is coming first. Assuming the GUI isn’t complete shit, it may encrypt traffic. This can be dealt with by using the SSLKEYLOGFILE environmental variable. In most cases, this results in the TLS keys being saved to a file and that can be imported into WireShark.

Good luck, and have fun!

How you gonna teach English without being able to teach nouns words which describe people, places or things?

FTFY, you dirty n-word user you.

The other way to read this data is that 75% (a sizable majority) of people feel they can be comfortable on less than $150k. I also suspect this strongly correlates to location. Someone living in Washington, DC is going to need a lot more to feel comfortable than someone living in Bumblefuck, MO.

There’s plenty of fraud, waste and abuse. It’s just conveniently called “contracting”, so money can be shoved out the door to private companies which do half the work at twice the price and end up delivering shoddy results. The reason DOGE didn’t find anything was that they weren’t looking at the contracting companies and instead were looking at the agencies themselves and the employees working for them. I won’t say that some of those agencies aren’t a complete waste of money (see: TSA, ICE, DOGE); but, DOGE was hyper-focused on agencies which actually do useful stuff (e.g.: SSA, NOAA).

Theoretically, browsers could even stop from the JS engine from being started for the site in the first place.

The NoScript extension is basically this. Most of the client side stuff is off by default and you can enable it per-domain. It breaks a whole lot of websites, but often in ways where the main content of a website is still readable. Over time, you can build up a list of “allow by default” domains and most of the web you care about works. Though, you may have to spend a moment or two sorting out permissions when you visit a new site.

There are a few options:

1. Use AutoIT or some similar automation framework. Generally, this is pretty easy and gets the job done. Your security folks may hate you (AutoIT binary hashes are basically all assumed to be malware IoCs at this point),
2. Depending on how the GUI works, you may be able to reverse engineer the calls made by the application and just make those calls yourself. For a Web UI, you can use something like BurpeSuite or even just the FireFox developer tools to catch the web calls and then modify/replay those as desired. For a console application, it could be trickier, as you may need to either load the software’s libraries (DLLs) or figure out database calls. It all depends on how the user data is stored and updated.
3. Using P/Invoke you can load several functions from the Win32 API, specifically FindWindowEx and EnumChildWindows to locate the GUI application and any specific form items you want to manipulate (e.g. TextBoxes to fill, Buttons to click). You can then modify properties or send clicks. You’ll probably hate yourself at the end of this project, but you’ll learn a lot.

That’s my bet. This is cranks and grifters thinking no one is going to check their work, so they saw no reason to bother checking it themselves.

If you care about your privacy, don’t use products from a company whose entire business model is built on invading your privacy.

While I don’t doubt that Iranian backed groups are more likely to target US based assets, I’ve been reading these reports for the last couple days and the “guidance” coming out of the US Government (USG) has been incredibly lackluster. CISA is basically saying, “use MFA and don’t use default passwords.” No shit, should I also plug in the power cord? It’d be great if some sector of the USG would publish something useful. Like a rundown of TTPs or even IoCs. The USG no doubt has a ton of SIGINT on these groups, and I understand that they can’t share all of it; but, fuck me could you at least put something more useful out than “use MFA”?

If you repeat a lie enough times, eventually you start to believe it. Others might also start believing it. Get enough people fully wrapped up in your lies and now you have a cult. Your cult followers will happily swallow any lie you tell them and defend it, often to the point of torture and death. This is pretty much where we are with MAGA, it’s a cult of personality and it’s followers will happily slurp up anything which dribbles out of Trump.

I’m curious to see if the cult outlives its original prophet. Once Trump kicks it, does the cult undergo a transition to a full blown religion? Or, does it fizzle out without it’s original charismatic leader?

1. I don’t want to use the command window for everything, or really much of anything, at least at the start.

With many of the modern distros, you can get a long way without a lot of command line work. But, some interaction will likely still be inevitable. However, most distros include either flatpak or snap, which lets you download, install and update software via the Graphical User Interface (GUI). So, there shouldn’t be too much command line work required.

2. I currently use Proton VPN and I’d like to use it on this new laptop too.

It looks like Proton officially supports Ubuntu. And I would note that it expects the GNOME desktop, not KDE. So, Kubuntu will likely run into issues (probably the same issues as Mint). That said, they also have a page on installing on Linux Mint which seems to indicate skipping a single step. There are also guides out there for installing Proton VPN, without using the terminal.

As an aside, unless you need a VPN to securely access a remote network, shift your apparent location or for downloading/sharing copyrighted works, consider saving the money and not paying for a VPN. They are mostly just a waste of money for the average user. Sorry, I’ll get off my soapbox now.

So, does this mean I should use Ubuntu? And will Kubuntu work or would I have to use a different version of Ubuntu? And is there no way to get Proton without using the console?

Just going with Ubuntu might be easier and it’s the officially supported distro. If you run into a problem, you may have trouble getting support on an unsupported distro. That said, it looks like getting it running on Mint/Kubuntu seems easy enough and works. I’m personally a fan of the KDE desktop (this is where the “K” in Kubuntu comes from) and think it makes the Windows->Linux transition somewhat better.

if I’m able to change to a custom mouse pointer (I currently use a cute one that I’d like to also use on the new laptop)

Yup, you can change the mouse pointer. Not sure if you can import your current one, but that’s going to depend on the format and where you got it.

if keyboard shortcuts like alt-tabbing work or are easily configurable

You’ll find many of the shortcuts work the same. Even the ones using the “Windows” key are mostly similar, though you’ll see it referred to as the “Meta” key. Alt-Tab as an example works exactly the same. And yes, they are configurable.

I’m kind of confused about how updating things works on linux. Will I be able to easily update to a new version of whatever distro I’m using?

So, edging back onto my soapbox for a sec (you can safely skip this whole paragraph, if you want), the software ecosystem in Linux is a mess at the moment. It’s very much the XKCD Standards situation. First, you will likely have the main OS way to update the OS and software. For Ubuntu, this will be via .deb packages. You’ll update these via a command like sudo apt update && sudo apt upgrade. The you will have one or more other package managers for containerized packages. This will be flatpak or snap. Why do we have one (or both) of these? Well, like a lot of standards fuckery it comes down to some very good technical reasons and nerds thinking that they are going to be the one to provide the “One True Solution”. And of course, that’s why we now have multiple completing standards. And then you get AppImage based software for developers who don’t want to be bothered with package managers and who hate security.

(non-soapbox answer) Yes, updating is usually pretty easy, but it may involve updating in more than one place. At minimum, you’re likely to need to do OS updates via something like the apt commands and also updating via flatpak.

Will I be able to easily update to a new version of whatever distro I’m using? Do I even want to update to the newest version?

Mostly yes and absolutely yes. For the distro upgrade here’s an example (not my blog) for the latest Mint upgrade. Pretty simple stuff. As for “Do I even want to update to the newest version?”, tip number one for keeping your system secure is: install your updates. This is true regardless of what OS you’re on. Please, if you install it, keep it up to date. This is what happens when people neglect updates.

And is there a way to be notified and set auto-updates for some applications?

Yes, and probably best to just turn on automatic updates and forget about it.

I’ve seen quite a few threads and questions about having to manually update things, but if I get an application from the software manager then will it be as easy as a clicking a button?

Yes, if you install from the software manager (behind the fancy name, this will be either flatpak or snap in Mint or Kubuntu) updates will be a one-click affair. Or better yet, automagically handled, if you turn that on. Turn that on.

I know I’ll have to adjust and just learn-by-doing some things no matter which distro I pick

Unfortunately yes, there will be a learning curve. But, I promise it’s not so bad and it’s completely worth it. And there are lots of folks here who will be happy to help (and a few jerks who will scream “RTFM!”, sorry about those, they suck.). If things get too bad, you can always go back to Windows, you have a license and it’s pretty easy to reinstall these days.

uhhh how easy is it to fuck up the process of trying and then installing a linux distro? Like completely-make-the-computer-unusable fuck up?

It’s really, really, really hard to get the computer completely fucked up and unusable, just by changing the OS. Seriously, the most likely way you would do this is by dumping your drink of choice in the keyboard because you got distracted. The great thing about software is that it is very rarely permanent. And nothing you’re doing here would be permanent. Go wild and try try a new distro. If things don’t work out, going back to Windows isn’t hard at all.

So based on all that, should I just go for Linux Mint like most new users? Or would you recommend a completely different distro?

I’m gonna go out on a limb and say that Mint is great choice and the one I’d recommend. While I don’t use it myself (I hate myself, so I use Arch), it’s got a solid reputation, is designed to make the transition from Windows easier and uses KDE for the interface (don’t worry if that last bit doesn’t make sense, just roll with it). There is also a lot of support available here on Lemmy and across the web.

That actually sounds like a reasonable response. Driving assist means that a human is supposed to be attentive to take control. If the system detects a situation where it’s unable to make a good decision, dumping that decision on the human in control seems like the closest they have to a “fail safe” option. Of course, there should probably also be an understanding that people are stupid and will almost certainly have stopped paying attention a long time ago. So, maybe a “human take the wheel” followed by a “slam the brakes” if no input is detected in 2-3 seconds. While an emergency stop isn’t always the right choice, it probably beats leaving a several ton metal object hurtling along uncontrolled in nearly every circumstance.

First thing that comes to mind is spending a week camping on the shores of Lake Mead many years ago. Didn’t shower for a week, though one could argue that being scoured by lake water when you either go flying off an inner-tube or make a mistake while water skiing, does a fine job of taking the dirt off.

That’s the Preamble to the Declaration of Independence. And for as much as it is a foundational document of the US, it’s also not a legal document.