Anecdotally I agree with the message, but the research looks weak indeed.
A simple snapshot assessment and some scoring of an individual's (entire, self-reported!) social life is too simplistic. The measurements would have to be performed throughout the life of each participant with sufficiently high frequency.
For what it's worth, the dataset they used does in fact have measurements spanning 30 years of adulthood, and similar papers from that dataset leveraging the longitudinal data have found similar conclusions.
Why it happens is less clear. It could be stress effects, or it could be something like people with more social support are more likely to get help going in for preventative care etc.
Place modifiers on the thumb keys or - if you don't have any of those - use home row mods!
My ranking of measures from most effective to least effective:
1) Do everything you can to minimize workload of weak fingers (pinky & ring fingers). Just flipping control and caps lock is often not enough.
2) Split keyboard; halves roughly shoulder-width apart. Optimize for straight wrists both at rest and "in action". This usually results in zero tilting or slightly negative tilting.
Slightly off-topic: how many people are maintaining GrapheneOS? Suppose Daniel Micay suddenly disappeared from planet earth - is there someone who has the knowledge, access and keys to continue immediately?
The workarounds on this page mostly suggest to use large public resolvers. Feature request (not sure if the author is on HN): it would be interesting to know which domains are blocked by 9.9.9.9, 1.1.1.1, and especially the new DNS4EU service.
I am not an expert but I read this website [1] and got impression that dns-over-tls is first iteration of encrypted dns and dnscrpyt protocol is second iteration of encrypted dns fixing its problems. Also dns-over-tls is not supported by package dnscrypt-proxy2 on openwrt and I have personal bias for not configuring dns-over-https on routers (in my opinion https is too complex protocol and have risk of getting hacked). Maybe I am alone with my opinions - I do not know. I wanted to use dns4eu and got really disappointed with not supporting dnscrypt. That's all.
By looking the list of negative sides of DNS over TLS (DoT) in there, this project seems to list artificial problems, which makes me want to avoid the whole project. Maybe there are real benefits on using this protocol, but they should not make the list of problems looking longer than it actually is.
The project especially lists the problems of TLS. TLS is one of the most understood, tested, and well-defined protocols that can be abstracted away in implementation level. Nothing also prevents forcing TLS 1.3 which removes most of the described other problems.
This especially sounds odd:
> Questionable practical benefits over DoH
But DoH brings the full TLS stack and also the HTTP stack as well? At the same time the project complains about increased attack surface in DoT, but DoH just extends it even more.
If I also look the DoH list, there is
> Requires TCP
But just few lines befeore, they say that DoH supports HTTP/3 which is UDP.
I think my opinion is based on idea that for connection between my pc/router and dns server certificates PKI is not needed. You can just hardcode/configure public key of dns server and that is it. Similar to wireguard or ssh server.
> The project especially lists the problems of TLS. TLS is one of the most understood, tested, and well-defined protocols that can be abstracted away in implementation level.
I agree that TLS is understood, tested, used every day etc. I do not agree that you sleep calm at night. For example a few years ago [1] or [2] mozilla removed root CA from firefox for bad behavior. And you can argue everything is working properly because bad behavior was detected and removed but the thing is - you can avoid this group of problems entirely by avoiding PKI in protocol. That is why I like dnscrypt protocol more. Less problems to worry about. You only change hardcoded/configured public key if you change which dns server you are using (not a big deal). You do not have to regularly update router to keep root ca store up-to-date. Do you update your router every month? Because I do not.
I see that point. But you can do the same with DoT? Instead of public key, you just pin the cert and bypass CA in that way.
And you get the perfect forward secrecy and other benefits of TLS. But this might require the regular update of certs, and does not solve your maintenance problem.
One problem I've run into with that approach is that Akamai uses DNS for steering you to the correct portion of its CDN and the default servers you get from public DNS have abysmal peering with my ISP. So simply switching the default DNS in my router isn't enough, I'd actually have to run my own custom DNS resolver in order to special case Akamai there.
The issue I'm having with this sort of "something you own and something you know/are" two-factor authentication is that it has some potential to cause violence - both can be beaten out of you:
https://www.citizen.co.za/network-news/lnn/article/banking-a...
This is true with 1FA too. 2FA is more effective at stopping the case where you're hacked and you don't even know it because your password was in a leak.
A TAN generator or security key stored in a drawer at home. At least it reduces the opportunities for theft since people don't carry these devices with them all the time as opposed to their phones. Opportunity makes the thief.
Yeah I often think the issue with cash and crypto is that it can be easily forced away from an individual by any sufficienty armed and unscrupulous party. Money in a financial institution tends to have an upper limit on what could be forced away in a single act, or at least a single transction cycle.
Staying anonymous. For every single multimillionaire or billionaire out there flaunting their wealth, there is another who's equally secretive about it. There are many folks with tens of billions in assets who don't make their wealth part of their brand.
Like that guy in Texas whose estate paid billions in tax when he passed away.
Depending on your network configuration I could imagine abuse of EDNS(0). This is used for example by NextDNS to identify which device (MAC) on your local network sent the request in order to apply specific filters and log the request. A not-so-friendly DNS could sell such information.
After a recent sports injury I got my hands on a muscle stimulation device (Compex). What I learned:
1) These devices do not only massage. Depending on the settings they can force incredibly powerful contractions with muscle ache the next day. This feels like a real workout.
2) Because you do not have to think about the movement it is relatively well-suited to desk work. I can easily code during the sessions (which usually take 30-50 minutes).
3) Downside is that attaching the electrodes can take 5-10 minutes.
I came to like it and will continue using it after recovery - while working!
Of course this is no substitute for actual exercise with voluntary movements.Get up, do some push-ups, pull-ups and throw in squat jumps or similar high intensity stuff to get the heart pumping!
Consider handling extreme cases gracefully with a "it is not recommended to go running/cycling outside in these conditions". Otherwise I get
It will be -37°C, clear, windy so you should wear:
Hat
Long sleeves
Jacket
Gloves
Leggings
brrrrr....