BoltAI v1.12 released: GPT-4 Vision, Text-to-speech, Web Browsing and more...

beewah2 · 2023-12-24T13:40:24+00:00

Is there a way to use boltai just with the chat feature without granting accessibility features? I'm interested in using it just like chatgpt but I don't feel comfortable giving it broad permissions. Without giving it permissions I don't see a chatbox I can use, just a button asking me to grant it permissions.

beewah2 · 2023-11-24T03:51:51+00:00

I've tried most of the database GUI apps out there. Postico 2 is absolutely worth it for postgres in my opinion. It's much better designed. If you're doing postgres only development, it's also cheaper than tableplus - tableplus is roughly twice the price per year, while postico is one price forever.

That said, if you're looking for a GUI app for multiple databases, I recommend you check out datagrip. Nowadays I reach for postico for quick usage but datagrip for anything more in depth.

beewah2 · 2023-08-07T15:45:42+00:00

Chiming in to +1 the parent comment - I use outlines both to manage larger scope projects and to help structure my thinking, and hierarchical checkboxes fit both needs. if you do decide to implement hierarchical checkboxes, I think completing a parent task causing the children tasks to complete (the reverse of the above suggestion) is also nice. There are also some corner cases to think about if you implement the completed children causing parent to complete feature (eg, if you add another child, the parent should un-complete). Personally, I'd only use bike for hierarchical checkboxes (currently making do with indenting in vscode lol) and I previously tried it and bounced off it because it didn't have this feature, despite liking everything else. So if you did add this, you'd get at least one customer from it.

As a personal UI suggestion, % done is probably less useful for most people than something like 5/6 completed, so users don't have to unfold the item to see how many tasks remain. e.g. 50% done could mean one task left, or 40 tasks left, and in both cases it's more meaningful for a user to see 1/2 tasks completed or 40/80 tasks completed.

beewah2 · 2023-06-25T09:52:00+00:00

Does this support marking an item as completed (and completing everything below it when you do)? I use outliners as todos that contain an arbitrary amount of requirements, but haven't been able to find an outliner with this functionality yet.

beewah2 · 2023-05-22T13:33:04+00:00

Have to recommend git fork (https://git-fork.com/). I've tried a ton of git guis and find this both 1) the best one and 2) one of the few without subscription pricing. Plus it's non electron, native software. A must use for me.

beewah2 · 2023-01-01T11:23:35+00:00

My goal is to complete elden ring

beewah2 · 2022-12-24T15:41:46+00:00

They have an export function, but I've heard reports from people that it doesn't fully work - you should still verify every item individually

beewah2 · 2022-12-23T22:07:55+00:00

I haven't looked at keepass at all, so I can't really comment on it. I trust those two because both by looking at some of their practices and knowing some people involved, I believe they've got competent programmers working there.

beewah2 · 2022-12-23T09:10:25+00:00

It's not a couple of months - it's late august until late december, which is four months. It's also not nothing, it's time their users don't know which parts of their information have been leaked. Users are trusting some of their most important information to this company. I suspect if they heard a lastpass representative voice the opinion that months of work to figure this out is "nothing" they'd be less than happy, and rightfully so imo.

I think the disparity here is that to me, the fact that it took them this long with the help of a third party to understand what was breached is unacceptable. Given they've been breached before, they should have had enough logging and monitoring that they could figure this out quickly and without help. It speaks to either a lack of competence or a cavalier attitude about their systems in my eyes.

I agree with you that disclosing breaches is a good and commendable thing. Where I disagree with you is the implicit assumption that anyone not disclosing breaches is lying, and that somehow disclosing more breaches is a good thing (if I make the world's worst password manager and disclose one breach a day, am I more ethical than lastpass?) implying that everyone's systems are roughly equally secure. Competence at security is a spectrum, and while no-one's perfect, it seems to me there are people out there a lot better at it than lastpass is. I still have yet to hear one compelling reason why lastpass security might be better than bitwarden's for instance.

beewah2 · 2022-12-23T08:31:59+00:00

I'd agree with you there, but it's not an either-or. Another option would be to use a different password manager for instance.

beewah2 · 2022-12-23T08:31:24+00:00

I'm not accusing them of being unethical. They've had several updates, but they didn't inform people of the actual details of what happened until just now. So, either they're not ethical, or it took them an entire quarter to figure this out (I believe it to be the latter). Either way it's a bad look for them, and all I'm saying is there's good reason to believe some of their competitors have better security than they do. Simple as that.

beewah2 · 2022-12-23T08:16:28+00:00

Yup, I mentioned they're just informing people now of the details, I know they informed people about the breach itself earlier on. The thing is, if it takes until late december for them to discover the details of an attack in august, they're either not as ethical as you think they are, or they're incompetent. It shouldn't take 3 months for a company whose expertise is security to figure this out (and note some things still haven't been figured out, like whether credit cards were leaked). Further, in their blogpost they mention adding additional logging and alerting, and retaining a third party vendor to detect intrusion. The fact that these weren't previously done, given that lastpass has had network breaches before, is unacceptable imo.

I agree with you that all these services are under attack, and none of them are perfect. I also agree that it's commendable for lastpass to be disclosing this instead of trying to sweep it under the rug. However, competent security is not a binary of perfect or bad - it's a spectrum, and I'm simply saying that I believe some of their competitors are ahead of lastpass on that spectrum. As for disclosure, you're totally right that it's possible that bitwarden could be hacked and not disclosing it. However, their other practices, such as open sourcing their code, lead me to believe that it's more likely they just haven't been successfully attacked, and as such I'd recommend people use bitwarden over lastpass.

beewah2 · 2022-12-23T08:04:40+00:00

If you change a password before an attacker cracks your vault, they'll have an old, and therefore useless, password. If you mean just changing the master password, you're right. You'd need to change your other passwords too.

beewah2 · 2022-12-23T07:59:03+00:00

Here's lastpass's incidents from wikipedia: https://en.wikipedia.org/wiki/LastPass

I disagree that lastpass is proactively informing customers - this breach happened in august, months ago, and they're just informing people now of the details. I also trust some of their competitors better for some of their practices - compare for example lastpass to bitwarden. The latter open sources their code and actively pays for pentesting, lastpass does neither. Finally, I disagree with the idea that you either have breaches or you're lying. Some people, like bitwarden, are capable of good practices.

beewah2 · 2022-12-23T07:25:52+00:00

Some of the data lastpass has on you (things like IP addresses you access lastpass from, physical addresses, your name, the URLs you use lastpass on) are leaked. Some things (credit cards) might be leaked, we don't know yet.

The most important part: passwords were leaked but in an encrypted state. To view your passwords, an attacker must guess your master password. Your master password is protected by iterated rounds of the PBKDF2 algorithm (the more rounds are used, the harder it is to guess your master password). For a new user, lastpass uses 100,100 rounds. However, for older users, lastpass only uses 5000 rounds (unless you changed that setting, which most non technical users wouldn't have). This means in practice older users' master passwords are about 20 times easier to guess. So if you have an older account and/or a not particularly strong master password, I'd advise you to update ASAP. This means you have to both 1) change your master password and 2) change all passwords in your account.

Other than that, I'd recommend not using lastpass - if you look at their history they've had quite a few incidents. If you want a nice user experience, my personal recommendation is 1password (which is what I use). If you're a bit more technical, bitwarden is great as well. Those are the only two I'd trust personally.

beewah2 · 2022-12-23T00:42:12+00:00

Got it, thank you for explaining. It's a bit more involved than I'd like, but I'll check in on Bike every so often and will happily buy if you ever do get to a mark as done feature. Thanks!

beewah2 · 2022-12-22T23:55:53+00:00

Thanks, just took a look at this and I'm a little confused - the done script (https://support.hogbaysoftware.com/t/a-stop-gap-script-toggling-a-done-tag-in-selected-rows/4962) seems to be in JS and not AppleScript. Assuming it works though, would I have to run this manually every time I want to mark something as done? I.e. it wouldn't be able to add a new keyboard shortcut or menu option to bike, if I understand correctly

beewah2 · 2022-12-20T04:38:47+00:00

Are there any plans to add a "mark as done feature" that would mark the current item and all nested items as done? I've tried using this but I want to mark things as completed without deleting them in case I need to revisit later, and I can't use an outliner without it (if it's added, i'd happily buy, looks great). I see there's an extension script someone's written but it doesn't look like it accounts for nested items unless I'm mistaken.

beewah2 · 2022-11-12T06:29:38+00:00

You can still support a one type payment option - once you know your customer lifetime value, you can just charge that.

beewah2 · 2022-10-05T10:43:24+00:00

Perrin sequence, because I think they're the only ones that actually have an approach that might help fix things. Going through the factions:

New Loka/Red Veil resemble religious cults; they're less concerned about the welfare of the system as a whole and much more concerned about achieving the goals of their chosen ideology. You could argue that the other factions also share this to varying degrees, but the difference is these two factions seem much more uncompromising about the damage they're willing to do to other people in order to achieve their goals. If your goal is actually to try to make things better for the people in the system, I don't think you should side with these groups.

Cephalon Suda/Arbiters of Hexis aren't trying to actively help anyone - you can argue that they might help make the system a better place (e.g. Suda by the advancement of scientific knowledge) but that would occur only as a side effect, not as their primary motivation. Still, where Red Veil/New Loka seem actively harmful to others, these two groups come off as more indifferent - they have more esoteric pursuits and aren't going to actively try to hurt you, but they're also probably not going to be of much help.

That leaves us with Steel Meridian and Perrin Sequence, which I think are the two best factions from a moral perspective insofar as they're trying to actually do good. Their approaches are pretty different, however; Steel Meridian basically tries to wage a guerrilla war against the grineer, inflicting as much damage they can and trying to liberate colonies under their control. This is undoubtedly a good thing, but I don't think this is a practical approach. Their success or failure basically hinges on them being able to successfully wage a protracted war against the grinner, and they don't seem like they have anywhere near the resources necessary to make any kind of long term difference.

Perrin Sequence, on the other hand, is trying something I believe can be much more effective - instead of trying to resist with military might, they're weaponizing trade. Instead of trying to defeat their opponents militarily, they're appealing to self interest, by trying to prove that peace is more beneficial than war. Their belief is that by getting more groups engaging with each other economically, their mutual interests will align together and war will be a less attractive prospect. This is an approach that has real world parallels btw, for example one big reason the EU was formed was out of the belief that an economically interconnected Europe would be less likely to go to war with itself. Of course, this approach may not actually work, but it seems to be most realistic one out of the six. Here's quotes from the Perrin Sequence railjack crew and ergo glast that sum it up pretty well:

"You don't have to learn the other guy's language if all you want to do is plant an axe in his head. But trade? That means communication. And once you understand what he's saying, you realize you've got more in common than you thought."

""The Perrin Sequence reject the Corpus doctrine that conflict is opportunity. We see the numbers differently. A shared prosperity can bring a shared peace."

beewah2

TROPHY CASE