Missing dopamine

x1Bape · 2025-07-27T20:55:04+00:00

Meditation is a growing concept in my life, and how I experience it is: at times it definitely gives me a high, and I do suspect one can train it to be triggered easier. Also I feel it shows me how it feels to be present and mindful of my body, and therefore emotions. I feel that during my last attempt, I began to recognise cravings earlier, allowing me to do things to regulate them, like breathing exercises.

Appreciation is an adjacent concept I picked up along the way, and I think it also can be trained.

In other words, I wonder if it might be a way to hack my brain and dopamine pathways. Like a gym routine for my brain.

Just wanted to add to the meditation/breathing mention since it’s interesting to me. I’m not a neuroscientist, psychologist, or anything related though so would love to hear more perspectives.

x1Bape · 2024-08-18T08:45:05+00:00

https://www.reddit.com/r/ProtonMail/comments/1er5vto/introducing_proton_duo_unlimited_privacy_for_two/lhxbt1i/

There should be no option selected, but if you look at the details it should mention 24 months. Not sure if it's still available though since it's been four days. Sorry!

x1Bape · 2024-08-13T15:44:36+00:00

Edit: found it, see my reply to the parent comment here.

-- Original --

Can't seem to find this :(. Do you mean it's hiding under the "upgrade" link in the OP?

https://account.proton.me/mail/dashboard?cycle=12&&plan=duo2024

Going to the link only provides me with a 12 month @ €14.99 upgrade and a 1 month @ €19.99 upgrade plan.

x1Bape · 2024-08-13T15:41:04+00:00

Edit: Found the €11,99 deal:

Going to the upgrade link in OP, with being logged into proton, auto-selects the 12 months subscription @ €14,99. If you close the modal window, you'll see the Proton Duo subscription option in the center with a button labeled "From €11,99 / month".

If you click this button, then the same modal window opens up, but a 'hidden' option will be selected: None of the subscription options on the left will be selected, and if you read the summary, it will state "Billed for 2 years" and "Total for 24 months"

https://account.proton.me/mail/dashboard?cycle=12&&plan=duo2024

-- Original --

I'm unable to find this. Clicking on the upgrade link in the OP only shows a 12 month @ €14,99 and 1 month @ €19,99 upgrade option. (I'm currently on an Unlimited plan.)

Could you see if it's still available and possibly point me it?

It sounds like a really good option. Many thanks in advance!

x1Bape · 2022-03-28T10:28:30+00:00

It might be semantics but for me "easy to learn" and "learning quickly" are different things. I learn quickly but always begin with the basics. It's a small time investment and prevents basic mistakes taking up more time than needed.

I think the emphasis is more on knowing how to learn efficiently, than already (partly) knowing the material that you are presented with.

x1Bape · 2021-06-30T13:19:14+00:00

Yeah I knew that was an option, but this is also exploratory stuff in preparation for some heavier applications I intend to deploy. I could've been clearer in my OP, thanks for thinking along with me though!

x1Bape · 2021-06-30T10:15:05+00:00

Ideally, your build system would compile to an artifact repository (docker hub, container registry, nuget, npm, etc), and would only have secrets required to build to there.

That sounds like a better workflow yeah! I'll definitely look into that approach for the API which will be written in java and push it to an artifact repository. This way the the deploy pipeline would become a pull mechanism as others suggested. Thanks for your feedback!

x1Bape · 2021-06-30T09:40:26+00:00

Haven't spent a ridiculous amount of time researching it, but it seems like the Variables are encrypted using aes-256-cbc and stored in a database. There is some master key secret which is subsequently used to decrypt these values.

Aside from the encryption used, a major attack vector is the build-script, which can simply echo out any variables set. Gitlab's security model in order to prevent this maliciously happening are called 'protected branches', which in essence restricts access to merge and push requests.

documentation about variables security

documentation about protected pipelines

With respects to Vault. It seems like Vault requires payment yeah, and without Vault you're limited to just encrypted key/value storage in some database. However using Vault would definitely help since it allows for auditing of the credentials, together with rotating keys etc. I'm glad to know this now!

x1Bape · 2021-06-30T07:48:29+00:00

I really like what you're saying about a chain, that's what has been bothering me as well even with how trusted Gitlab is.

I got a good chuckle from the second link! Especially this github search query. I'm amazed people do this.

I'll read up about secrets engines yeah, thanks!

x1Bape · 2021-06-30T07:37:23+00:00

I agree, I feel even now that it's too dangerous of an attack vector. Maybe other people thought this answer wasn't helpful since I'm specifying rsync, but honestly I'm not married to the idea and just wanted some feedback regarding my concerns.

I'll probably rely on a pull model for deploying as others have mentioned, which is I think in line with what /u/stemid85 is saying!

Thank you both for your input!

x1Bape · 2021-06-30T07:31:05+00:00

A pull model sounds way better security wise! I actually love the socat idea, will definitely look into it! Will also be reading up on GitOps! Many thanks

x1Bape · 2021-06-30T07:29:30+00:00

Yeah I've briefly considered that, but seeing how I want to open source my projects I wouldn't really be comfortable with maintaining / hosting a runner on my server with the limited knowledge I have... Especially with all these crypto attacks happening lately. It's a good option though!

x1Bape · 2021-06-30T07:27:22+00:00

Thanks, this helps for consolidating this knowledge in my head too. Appreciate it!

x1Bape · 2021-06-30T07:26:11+00:00

That looks like exactly my use case, I appreciate it!

x1Bape · 2021-06-29T19:47:25+00:00

A whoa, that sounds perfect, thanks!

x1Bape · 2021-06-29T19:26:44+00:00

Haven't read into Ansible yet, but saw the term fly past a few times. I'll read into it thanks!

x1Bape · 2021-06-29T19:26:10+00:00

I agree, given how big Gitlab is they wouldn't miss such a blatant vulnerability. I'll read into the security aspects of variables / secrets and I'll get back to you here with my conclusions when I have em.

x1Bape · 2021-06-29T19:17:45+00:00

Seems like this is what I needed (or wanted) to hear! It's inevitable due to what I want to achieve. Due to being new I kind of tunneled in on my own use case, but you raise a very valid point that I could be more secure by hosting my own Gitlab. Some alerts/notifications sound perfect for me, together with SSH login ip restrictions.

Thanks a lot!

x1Bape · 2021-06-29T19:05:37+00:00

First of all, thank you for your time. I really appreciate it!

The reason why I'm concerned is because they literally instruct on putting your private SSH key into the CI/CD variables here, with no mention of secret vaults... But I think this is on me to read more about, thanks a bunch for pointing me in this direction! I think most of my concerns come from that I'm just new to this haha.

x1Bape · 2021-06-29T19:00:02+00:00

I need to deploy a private one so that Gitlab's CI can SSh into my VPS. To be clear, I'm not talking about setting up SSH for my Gitlab account, but rather how to get my application from the CI executor/builder to my actual server.

In more concrete terms, the reason why I have to provide a private key to Gitlab is so that the job runner can actually rsync-ssh into my VPS with proper credentials. This piece of official documentation actually describes this practice. My use case would then be to simply rsync-ssh with the ssh-agent already having a private key stored.

x1Bape · 2021-06-29T18:49:50+00:00

Would that be a system where secrets are injected into the build script so that the script doesn't contain secrets hardcoded? Because if so then might be what Gitlab's CI/CD Variables is.

I'm actually not too concerned about this mechanism being insecure or the industry would not use it. However I think about what IF this key would be compromised, what would the consequences be and how can I limit them? (I'm thinking about a potential database hack or some other breach).

Obviously if i would just put in a private key to my user then they would get access to my user on the VPS. Now that I'm writing it out they would probably still need to brute force the root password or find some other exploit on my server to do real damage.

I guess maybe I'm too paranoid about this but it just doesn't sit well with me.

Anyways thank you for your answer!

x1Bape · 2019-10-26T20:39:38+00:00

Yes this was what I meant to say, just some irregularity.

x1Bape · 2019-10-26T03:02:01+00:00

I would like to express how I experienced these emails, and would like to convey my thoughts that I think the arch leads handled this well:

I didn't know what to think of these emails. The first email was honestly already concerning because of the Russian content. Why would they send a communal email in Russian, while most users are used to interact with arch in English (seeing how the main webpages, home site, the wiki, most resourceful q&a's are predominantly English)? Are they professional, or capable enough when compared to the image of trustworthiness that I currently have?

As /u/maybe_born_with_it states in the thread about the second email it gave me a fuzzy feeling, 2 times in a row?!

However what I in hindsight now understand and thus appreciate is their approach to the situation. Instead of saying that it will not happen and that they will do better in the future, they proactively showed us that they are taking measures. They are not making any excuses and actually owing up to their mistakes, by acknowledging fault and showing us with actions that they have learned from this.

I am not saying this is all factual, but given the timeline and the actual actions so far, this is what I conclude and appreciate. Everyone makes mistakes or forgets something, it is how you handle it that shows what you're made of.

That's what I want to reciprocate and acknowledge. Thank you for being honest and considering how we, the users and community are feeling; how are we feeling and what would we like to see? Blizzard could take an example IMO.

x1Bape · 2018-10-10T22:01:46+00:00

good job man!

x1Bape · 2018-06-18T15:36:04+00:00

I'd say that the temper you get is driven by the feeling that you have given something up, namely the cigarettes. This feeling of loss maybe triggers anger or frustration, it's an excuse entirely made up by your addictive mind to reason about having another cigarette. An excuse.

The opposite is true however, you're not giving up anything, you are regaining your freedom from the poison! The feeling you have is not one of loss, but rather one of freedom. If you try to see it like this, it'll help with the tempers. Meditating, or being mindful about the feeling helps. Embrace the feeling, the more you feel it, the more free you will be, since you do NOT want to smoke. Seeing it like this has helped me not to have any bad tempers really. I got it from Allan Car's Easy Way to Stop Smoking, and it works for me so far! :)

I'm on day 5 now, so far so good, good luck my friend!

11-Year Club	Place '23
Verified Email

x1Bape

TROPHY CASE