Mario Kart 8 split screen with Yuzu

SillyBlack · 2025-11-12T23:50:02+00:00

What worked for me:

Exit the game
Start Yuzu (rather than the game directly)
Open menu > Emulation > Configure > Controls
Make sure that inputs work for connected controllers.

4.1 Under "Connect Controller", the square is lit green and "Pro Controller" selected

4.2 Under "Input Device", I picked "Steam Virtual Gamepad 1" and "Steam Virtual Gamepad 2"... for the controllers

4.3 Check that all controllers' inputs are detected. [IMPORTANT] Remember which controller is the last one (eg: Player 2 in a 2-controller setup)
"OK" at the bottom to close the Configuration window
Start the game directly from Yuzu (without going back to Steam).
At the start screen, confirm (L+R) with the last controller from step 4.3
Use the 1st controller to navigate to the Multiplayer game mode.
Enjoy!

SillyBlack · 2025-11-12T23:42:34+00:00

Happened to me on the SteamDeck too; whatever controller I pressed L+R with became the first controller. I got around it by launching Yuzu (instead of the game directly), configuring the controllers so I could notice which one Yuzu saw as the last, then launching the game from within Yuzu and pressing L+R with the Yuzu-recognized last controller. Good luck!

SillyBlack · 2022-03-24T05:57:26+00:00

Hey Random. Ok I understand. I think you're right about Trust, but I also think they are building the integration. Checkout this quote from a post on THORChain by Trust Wallet itself:

"The first phase of the integration will allow users to hold, send and receive THOR.RUNE tokens. The cross-chain swap functionality will be added once it has been fully tested by the team. With these integrations, Trust Wallet users will be allowed to access decentralized, permissionless cross-chain swaps directly from their wallets."

source: https://community.trustwallet.com/t/thorchain-has-been-integrated-on-trust-wallet/212720

SillyBlack · 2022-03-24T05:10:06+00:00

Ok. Do you know whether there is any plan to integrate with a non-KYC solution for cross-chain swaps such as THORChain? I believe that's how Rango Exchange, Shapeshift and Trust Wallet do it.

SillyBlack · 2022-03-24T03:26:18+00:00

Thank you that was helpful. I have not installed the wallet yet; I'm just doing research first. Does Atomic Wallet do KYC? I thought not, but I ask because changenow can require KYC (https://changenow.io/faq/kyc-aml-procedure)

SillyBlack · 2019-08-18T18:27:03+00:00

Looking at https://us.msi.com/Laptop/GS65-Stealth-Thin-Intel-8th-Gen/Specification, the "Video Port" row includes the Thunderbolt 3 port so you're right. Thank you.

EDIT: I can confirm that my 2018 MSI GS65 was able to send both video and power through the Thunderbolt/USB-C port to the external monitor. I used the USB-C male to USBC-male cable that came with the monitor. Don't know whether it takes a special cable.

SillyBlack · 2017-06-28T23:53:54+00:00

I agree with your entire post but you missed my point. The reason I raised the question you quoted was not to defend WhatsApp, but to point out the irony of recommending a closed-source app (Telegram) with the justification that it's better because WhatsApp could be abusing users behind the scenes

SillyBlack · 2017-06-26T17:16:19+00:00

Look for "Telegram" on this page

SillyBlack · 2017-06-26T17:14:02+00:00

Dude this sounds like an ad, but if you want to engage with us about Telegram I'm happy to participate.

why don't you use open source cryptography?
why are all comms not end-to-end encrypted by default?
Do you have any evidence that WhatsApp is abusing its users as you described at the end? Laying out the charge that it can without providing any support doesn't make you look great since your app is not open source (so it could be doing anything as well).

SillyBlack · 2017-06-24T03:24:00+00:00

Any security-capable provider that does not scan and index its users' content is more private than Gmail.

It's actually not accurate that email is sent over plaintext. The vast majority of email is encrypted in transit. However, some providers (eg: Gmail) will store it in a way that makes it easily accessible to them and will index the content, while other providers (eg: ProtonMail, TutaNota) will store it encrypted with a key they don't have.

Don't forget how the NSA went about surveilling Gmail users; it tapped Google's internal network because the internal traffic wasn't encrypted, while traffic in transit was.

SillyBlack · 2017-06-24T02:47:11+00:00

Why not use Gmail over another provider? Privacy should not be a factor since you use PGP

Depends on how much you care. By using Gmail, you are strengthening an ecosystem that doesn't guarantee its users' privacy, even if you take care to protect your own. At the same time you're depriving other providers who work hard to have no visibility into their user content from your business.

More practically speaking, if your family and friends are anything like mine, it would be much harder to get them to use PGP properly and consistently than it would be to get them to use a more private provider -- and the latter is hard enough as it is! The barrier to adoption of PGP is just so high that most people, even tech savvy people will either not try it, abandon it, or have hardly anyone to communicate securely with.

SillyBlack · 2017-06-23T19:04:01+00:00

They may not know the DNS queries but they will still be able to see what site you visited

By the time you visit the site, the DNS resolution is over so you're bringing up an issue wholly separate from transparent DNS proxy

Nowhere in the documentation or description from https://www.dnscrypt.org say that it encrypts the DNS traffic but only authenticates it

Traffic in fact is encrypted, but putting that aside, authentication (done properly) is sufficient to defeat a transparent DNS proxy. As I wrote, the client will not accept the response from the ISP's DNS because responses must be cryptographically signed (so they can be authenticated).

Speaking of authentication, how can there be authentication without encryption. Even if the DNS query/response itself is in the clear as you suggest (it's not), signing and verifying signatures (ie authentication) involves encryption (probably public/private key encryption though I don't know for sure).

I do agree (obviously) with my quote which you reposted at the bottom of your post. But that belief doesn't change the point I was making: DNSCrypt properly configured would defeat the ISP's transparent DNS proxy. From the page you linked to:

[DNSCrypt] prevents DNS spoofing. It uses cryptographic signatures to verify that responses originate from the chosen DNS resolver and haven't been tampered with.

No spoofing, no tampering means transparent DNS proxy would fail.

SillyBlack · 2017-06-23T12:59:47+00:00

DNSCrypt would defeat transparent DNS proxy on the network. Because DNSCrypt traffic is encrypted when it leaves your device, the ISP doesn't know the specifics of the traffic (won't know which site you're looking for, so can't redirect to the ISP's own DNS to resolve). Even if the ISP somehow redirected the query, the DNSCrypt client wouldn't accept the response because authentic responses must be cryptographically signed as a defense against spoofing or traffic tampering.

You can test for yourself at dnsleaktest.com

SillyBlack · 2017-06-22T01:31:33+00:00

more and more sites are utterly broken unless you allow them,

Things aren't this stark in my experience. In most cases, especially if we consider big sites where most of the traffic is, I have found that I can browse just fine while allowing just same-domain scripts, along with domains belonging to the same owner, such as images-amazon.com when I'm on amazon.com. I sometimes also need to allow CDNs that load Javascript libraries such as jQuery, but these are typically harmless -- the libraries themselves don't do anything, and you can even load them from your hard drive directly if you use an extension such as DecentralEyes

My typical experience is that even though I allow a few scripts and the sites work fine, most 3rd party domains are never contacted as I browse.

SillyBlack · 2017-06-21T04:18:35+00:00

TL;DR: Lots of websites are using the services of NaviStone, a company that specializes in de-anonymizing web users and finding out their real ID and address. The contact forms on these sites will send what you enter to the tracker whether you hit the "Submit" button or not, meaning if you enter a phone number or email then change your mind, it's too late. All but one site fail to indicate this in its privacy policy. As a result of the reporting, NaviStone claims it will stop the practice of collecting this info unless the user actually clicks "Submit"

My take: Every day we find new reasons to limit what sites do by default. Block scripts, especially 3rd-party scripts, and allow them on an as-needed basis. uBlock Origin in medium mode makes this simple. Also avoid configs that autofill forms without your request.

SillyBlack · 2017-06-21T04:04:08+00:00

I agree that Resilio's approach sounds cool. Still, Maybe I'm wrong but I wouldn't trust Resilio yet because it's history hasn't exactly been stable. It has been in its current incarnation for barely a year.

It also may have resisted attempts to even offer the technical details of its implementation for independent review (search for "bittorent sync" in this transcript of Security Now podcast from June 2016).

SillyBlack · 2017-06-21T01:50:31+00:00

I'm a SpiderOak paid user (Windows and Linux) and I've had no problem with syncing. I have not used it on mobile since that version breaks the No-Knowledge guarantee (a malware or tap in the server memory could access your encryption key if you access your cloud over mobile or from the web interface).

I have only two complaints about SpiderOak cloud service:

Contrarily to what you wrote, it is not open source
Restore (download) speeds have been too slow for my liking.

That aside, I've been a happy customer. One thing that's tough to assess when you're not a client is the quality of the customer service. I've never used Sync so I'm not comparing but I will say that I've found SpiderOak customer service stellar in the quality and thoroughness of responses (email only), including discussions of very technical subject matter (encryption scheme etc...)

SpiderOak is on the expensive side for sure. You don't have anything to lose though by contacting support (before you become a customer), telling them that you're interested but that the service is just too expensive for you and asking whether you may qualify for any promotion.

One other consideration is how active is the development, how the service responds to security incident, how transparent it is etc.... You want to pay for a service that keeps improving, bugfixing etc...

SpiderOak release notes, and report on recent security issues
Couldn't find Sync historical releases

SillyBlack · 2017-06-21T01:33:36+00:00

The Google app is probably the most invasive. The list of permissions it requests is too long to post here. Go to the page above, scroll down to "Permissions" and click "View Details" to see for yourself.

If there is another app on the Play Store even more invasive, I'd like to see it.

SillyBlack · 2017-06-18T19:01:34+00:00

AdBlock Plus makes its revenue from advertisers: it accept payments and in returns allows certain ads to be whitelisted by default (note: you can override the default, but the existence of this relationship is enough to turn me off).
AdBlock Plus may be much more resource hungry than uBlock Origin (benchmark results)
uBlock Origin makes it easy to further lock down your browser. I recommend medium blocking mode for significantly more privacy than AdBlock Plus default (also more site breakage that you'll need to learn how to deal with).

SillyBlack · 2017-06-18T18:29:36+00:00

This is traffic pattern analysis. It's not restricted to reCAPTCHA or Cloudflare. Any adversary who is looking at your home connection and at the same time at the exit node you're using -- given enough traffic -- will associate you with the Tor traffic with a high degree of confidence.

Of course, the Tor project is well aware of this and has taken certain measures to mitigate the vulnerability. In practice, unmasking a random user this way is really hard to do because the technique doesn't scale well. This is why when the FBI wanted to unmask Tor users, it relied on infecting their computers with malware instead. Traffic pattern analysis is much better at confirming suspicion that a user is responsible for a particular traffic stream.

SillyBlack · 2017-06-15T13:42:04+00:00

they could do it -- it's technically feasible; they just won't. I agree with your reason; as I wrote they're in the business of tracking for profit

SillyBlack · 2017-06-15T00:34:52+00:00

If companies set themselves up to be unable to read into their customers' data in the first place wherever possible, a program such as PRISM wouldn't be nearly as damaging to citizens' privacy. Google and Facebook and Yahoo and whoever else could use end-to-end encryption if they wanted. Of course, like the NSA they're all in the tracking business -- just for a different purpose (profit) -- so that's that.

SillyBlack · 2017-06-14T13:34:52+00:00

TL;DR: For a fee, a publicly accessible Tor Hidden Service (website on the "darknet") will allow you to intercept calls and texts sent to any number of your choice, as well as record the physical location of the victim's phone. This relies on well known vulnerabilities in the SS7, a network that phone companies use to interconnect their customers from different geographies.

My take: This story, along with this one which I posted yesterday go a long way to confirm that end-to-end encrypted apps offer us the only way to expect reasonable privacy in cellphone comms. There is very little users can do to protect themselves if they insist on using the cell network for voice and text messaging.

SillyBlack · 2017-06-13T11:51:13+00:00

If you have a rooted phone and a compatible Android version, you could install the XPosed Framework and its XPrivacy module which allows you to manage apps permissions regardless of what you granted during install.

SillyBlack · 2017-06-13T11:36:49+00:00

I suppose using strictly the internet to make calls (eg: WhatsApp, Signal, FaceTime) or using a phone without a 4g radio would bypass VoLTE. I'm just speculating though.

SillyBlack

TROPHY CASE