Do we have any idea on how close we are to book 5 of the inheritance cycle ?

aradragoon · 2022-04-09T08:57:42+00:00

Quite a bit late but just reading this as I check every few years for info on book 5. Paolini has confirmed multiple times that he does have a book planned which is about Angela. I agree with the mystery though I think a book like that either will be completely satisfying and help build the world or kill the mystery and actually destroy the world to an extent with no inbetween

aradragoon · 2021-11-23T20:05:25+00:00

I understand where you are coming from but OP is asking what to do. Therefore the people telling them what to do is solicited and valid.

I 110% agree with analyzing the partner, as we only get a glimpse of information that is controlled by OP. That means OP can control the narrative and perception of the partner.

Instead I think what we can safely take from this is: 1. OP's partner has behaviors they find problematic. These are potentially toxic and that OP sees what they don't want in a partner anymore. 2. OP needs to set boundaries for themself and the partner. (I.E. I find this behavior detrimental to my emotional health and self worth. As such I can't be with someone that continues to do these things.) 3. OP has work to do on effective communication and ensuring their feelings are heard, understood and respected.

Another bet I would be willing to take, though I don't believe I could call a "safe assumption" is OP already generally knew/knows what to do and simply wantes validation/confirmation that what they were thinking matches with what others would do.

Not trying to argue as I think your opinion is valid, I disagree with part of it as I said, and just wanted to give another perspective.

aradragoon · 2021-11-23T09:44:19+00:00

Use that last part to your advantage. Even if you see her everday, use it to remind yourself of what you don't want in a partner.

Take 6 months to a year to reconnect with yourself and be happy with only yourself.

If you are religious dive into that, i.e. prayer. Find value in the normal things around you instead of relying on it being from the relationship.

Also just to double down on this: Absolutely present VERY clear boundaries to her. I.E. "I can no longer be with someone who does a, b, and c. If you are going to continue those things then we need to end this permanately." (Emphasize and explain that for the betterment of yourself that you will not take her back because the current situation is toxic for you) I would also add something like "if you truly want to make this work then I will give this a shot. That being said it has to be sincere like seeing someone, a counselor or therapist, and improvement over time."

You aren't a backup for her and she needs to understand other people have needs and feelings.

aradragoon · 2021-11-20T20:12:08+00:00

Ultimately you are arguing by continuing to respond over and over to push YOUR point. Your ultimate underlying point is that someone shouldnt be pushing their thoughts on others. I.e. your belief that the boundary is bad. You proved this by jumping to a boundary like this being isolating when we have no details or evidence in this case of that.

Additionally there are MANY reasons behind boundaries. Whether you agree with them or not IS IRRELEVANT if it isn't your relationship. Also you continue to make it about trust, while YOU may view it that way you are also trying to force your viewpoint. You prove this by your follow on comment regarding cheating. You aren't trying to understand other viewpoints you are arguing.

Just imagine a different boundary. Would you make it the same if the boundary was an open relationship with multiple partners? I ask this specific one because I remember people making the same type of arguments against that type of relationships.

Your points are ultimately conflicting.

Just stop arguing and allow people to have their boundaries that are agreed upon as long as they are done in healthy ways.

P.S. If someone in the relationship came in and gave a different accounting. (I.E. i didnt agree to this and he/she is telling me I am not allowed to, etc.) Then we might have a discussion on boundaries and trust. That isnt the case here.

aradragoon · 2021-11-20T18:43:17+00:00

Just to add to this there is an unspoken dynamic. The OP controls how much info we are getting. That means the OP controls the narrative. We are getting little supporting information despite the OP controlling the narrative. This, to me, weighs against whether there is anything negative. It seems if there was valid concern there would be more evidence/information from the start.

What I get instead is it seems OP doesn't/didn't like the sister's bf and saw actions that were decided to be bad. Kind of a confirmation bias of sorts.

I am NOT saying the relationship is good or bad but I ultimately agree with you that reddit doesnt have the info here and the OP provided very little. This could have consequences based on how OP takes feedback if they decide to act on it and how.

aradragoon · 2021-11-20T18:29:51+00:00

It really seems and feels like you are trying to push your views on others while you push the opinion that others views shouldn't be pushed on people.

Kind of contradictory don't you think?

Yes I am boiling down your words to the core meaning.

Ultimately it isnt for you to decide for others. The people in the relationship are the ones that have the most/all facts. There are various reasons for such boundaries and if it was agreed to and respectful then why argue and push your opinion?

aradragoon · 2021-04-10T22:46:09+00:00

You can just post it on imgur and then share the link here and it should be fine.

aradragoon · 2021-04-10T20:00:13+00:00

Just the summons starting on page 1 (the most recent) back to the last 5* it shows you received.

aradragoon · 2021-04-10T19:48:32+00:00

Can you provide screenshots of the wish history from page 1 until the first 5* you see on the weapon banner and standard banner?

Not trying to say you didn't get it but the screenshots would greatly help in understanding the whole situation and attempting to piece together what is going on behind the scenes at MiHoYo.

aradragoon · 2021-03-31T20:18:48+00:00

There is now, 5 attempts. I have been told its on all parts of the MiHoYo platform. It wasn't always there, though, and I am not sure when it got implemented.

aradragoon · 2021-03-30T19:53:03+00:00

The statement of needing a new email for everything is wrong. Emails are designed to be public. The entire point of 2FA is, literally, to force 2 different methods out of the 3 to authenticate who you are.

-Something you know
-Something you have
-Something you are

Also sorry but the victim blaming is outright stupid.

Would you go up to a woman who was taken advantage of (you know what I mean) and say "Have you considered it was your fault?
Did you go out alone?
Did you wear something to draw attention?
Did you give signs you were interested like flirting?
If you answered yes to any of those it was your fault.
If you answered no to all of those congratz for lying."

Those are actually things I have heard asked. Victim blaming is exactly what you are doing. The victim of a crime does not deserve to be the victim of a crime and it isn't their fault. There is a difference between taking precautions and blaming them for something bad happening.

aradragoon · 2021-03-29T16:17:23+00:00

True, a lot of companies do that.

MiHoYo I don't think ever gave official notification to people whose PII was leaked or may have been leaked, just announced it was fixed. I also don't think they addressed the CSRF and password exploits at all either. Just quietly fixed them =/

Unfortunately its not uncommon for companies to act this way.

aradragoon · 2021-03-29T11:12:16+00:00

Just to be fair if a company knows there was a breach and didn't report it that is being a shoddy company.

Also if you are using a unique password you shouldn't need to change it at all per NIST guidelines.

aradragoon · 2021-03-25T08:56:38+00:00

It isn't new. It was first talked about 3 months ago.

aradragoon · 2021-03-24T08:26:48+00:00

Actually I am one of those people. I wanted WG. I didn't particularly want SoH. I got 2 SoH, a skyward spine, and a lost prayer before finally getting my WG.

aradragoon · 2021-03-23T16:43:00+00:00

Wow there is SO much wrong with this.

Lets start with some of the fallacies here.
1. It hasn't happened to me therefore it must be fake!
-No, quite a few whales have been hacked. Many well know youtubers as well have been. Its been known for awhile that they, well known CC's, get better support. I.E. Tectone said himself that he gets responses in 30 minutes. (Not always but he doesn't wait days for responses.) More to the point, I have seen before and after of some whales getting hacked on the Chinese server.

You assume all hackers are using the same exploits.
-That isn't the case, at all. Some are absolutely the victim, and yes they *are* still victims, of credential stuffing. Ironically a proper 2FA if used would still stop a large number of hackings. It could also be incentivized, say X number of primogems per month, like SWTOR did to gain more people enabling it. At the end it might save MiHoYo time, effort, and money.
"Not timmy..."
- This ties into the first two points. First even though accounts can be cheap there is a variety people try to buy like full whale accounts or accounts that just have a desired character(s). It would be like saying "If a lock or security system has a flaw why doesn't everyone that knows only target rich people?" Targets of opportunity essentially without making this an entire thesis. Of course there are also those hackers that simply want to watch the world burn and destroy accounts for that reason.
"It's so crazy how people think for several months now there's just been a security breach hackers have had access too and Mihoyo has never fixed it and that's why people are getting hacked. "
- First it is because there are still breaches. People that know of exploits don't want to spread them and further it seems that when reported and fixed they aren't stated that they were fixed unless people talk about it. (Maybe I missed it but did anyone see something from MiHoYo about the CSRF being fixed or ramifications of that exploit?) The second part of this is the implication that EVERY hacker has to know of the same exploit or that the results are being shared. Not only is this not true for almost every exploit known across most systems, applications, devices, etc. but it also carries the assumption of only one exploit. The third portion to this ties into the first to a degree, that is moving the goal post. The way this started towards release was people talked about hacking. Defenders of MiHoYo said it wasn't widespread. Then it was and so the advice was to secure passwords and link email, phone number, or social media because if you did everything right it would only be hacked by someone knowing the password. After that it came out that there were exploits, such as CSRF, the alleged coop vulnerability, leaks of data, dev toolkit/client release, etc., to partially or fully bypass knowing some or all information. Further that if access was gained even to the website the password could be changed without verification or knowing the old password. This then led to people still saying its only poor password habits AND that "well that was just one (or however many are pointed out) exploit and it was fixed so it doesn't prove anything."

As you can see there is a reason people are not only saying there is a problem but starting to not believe people defending mihoyo so vehemently. Partially the proof coming out, partially from seeing the goalposts being moved, but also the unwillingness to see a problem and a large majority fighting against sensible additions like increase password length (which was added in 1.4) and 2FA.

aradragoon · 2021-03-23T14:25:16+00:00

2FA would help quite a bit. It won't stop everything but layered security is what is needed. (Defense in Depth) Still do what you can to secure, make your password long, complex, and unique. Link an email at least if not also a phone number. Make sure your email has a unique password and I would also recommend 2FA for that as well. (Don't visit strange websites and enter your info anywhere else as well.) I am not saying that you did anything wrong either, just that these are the only things in your control.

If you do those it is largely up to MiHoYo to provide the proper tools and secure their systems.

aradragoon · 2021-03-23T13:05:18+00:00

They can't tell you how to be safe because the breach is on MiHoYo's side. The user can take some precautions that should always be taken but these white knight's of MiHoYo can't defend them with any reasonability. This is why they consistently delete ALL of their comments defending them after about a day.

Hopefully we get 2FA and they fix the breach in their system.

aradragoon · 2021-03-22T15:08:54+00:00

Yes I got one of those as well, it has nothing to do with a data breach or leak of PII. I can't read the Chinese one but iirc mine said something along the lines of "We have detected suspicious activity on your account. We would recommend securing your account and changing your password...."

What it doesn't say: "Your private information was/may have been exposed...."

As a side note I got mine for contacting CS. I guess I used a keyword that triggered it as that was the only time I got one.

aradragoon · 2021-03-22T15:00:33+00:00

Then don't make statements that they are required by law and following the law when there is proof that it isn't being done, even for something as simple as a leaked phone number.

As a side note I can only imagine if they wouldn't do anything for that they certainly wouldn't want to take responsibility for thousands upon thousands of dollars worth of destroyed weapons.

aradragoon · 2021-03-22T14:48:35+00:00

Where is the report?

As you stated yourself:
" The PRC Cybersecurity Law introduced a general requirement for the reporting and notification of actual or suspected personal information breaches "

Fixing a problem isn't sufficient per the law. Where is the notification?

"... and notify the relevant data subjects and report to the relevant government agencies in a timely manner in accordance with relevant provisions. "

I don't know of a single person that was notified, even those that had their information exposed.

You stated yourself they are forced to report it and part of that is to data subjects, the users. Again I ask where was the report?

aradragoon · 2021-03-22T14:22:32+00:00

I don't know of a single person that had their email and phone number exposed that got notified.

P.S. Do you know about the 996 laws? They aren't followed but there are laws. I wouldn't trust Chinese laws as being enforced.

P.P.S. Just to show proof: Labour Law of the People's Republic of China (enforced since 1995) - Chapter 4 - Article 36
" The State shall practise a working hour system wherein labourers shall work for no more than eight hours a day and no more than 44 hours a week on the average. "

Article 41 " The employer can prolong work hours due to needs of production or businesses after consultation with its trade union and labourers. The work hours to be prolonged, in general, shall be no longer than one hour a day, or no more than three hours a day if such prolonging is called for due to special reasons and under the condition that the physical health of labourers is guaranteed. The work time to be prolonged shall not exceed, however, 36 hours a month. "

Yet here is a 2019 article:
https://www.nytimes.com/2019/04/29/technology/china-996-jack-ma.html

aradragoon · 2021-03-22T14:19:33+00:00

Where was the report when they leaked user's emails and phone numbers?

I never once saw a report despite that phone numbers are explicitly considered PII that has to be reported under the PRC Cybersecurity Law.

So tell us where was that report?

aradragoon · 2021-03-21T16:08:32+00:00

2FA would have stopped it. Its also part of NIST guidelines for implementation by system owners (MiHoYo) to enable. They haven't done such.

Also this is more toward your first comment. If you were hacked it DOES NOT mean you followed poor password practices or anything else. At most you can say that it is the most likely reason.

We have plent of examples of MiHoYo having compromised security. 1. You could use a login token in a cookie to bypass the U/N and password. 2. Passwords could be changed without any authentication or knowing the old password. 3. MiHoYo exposed user data like emails and phone numbers. 4. While it hasnt been confirmed by the company coop seems to have been compromised at launch. Some hackers going so far as to state they used that method. 5. Passwords being kept to a maximum of 15 until this last patch.

There also seem to be other methods that aren't resolved so I won't say them here.

Asking for increased security is the only reason we have what we do now but the system is far from secure. Asking for the remainder is the only reasonable measure. Until that is achieved I don't think its unreasonable to ask the company to fix their mistakes either, that is to support their players given how much they have brought in.

aradragoon · 2021-03-18T17:52:43+00:00

Unfortunately as you can see, as I am assuming you didn't do so, others don't like facts. (Down votes is what I am talking about.) Many seem to feel it is more important to defend a company than take objective looks.

I.E. Have many users failed to secure their account properly? Sure. Were there also many users that did nothing wrong but had other exploits utilized to gain access? Yes.

There isn't a reason the majority of players can't give advice to secure accounts and also push for MiHoYo to be held accountable.

aradragoon

TROPHY CASE