Tl;Dr the protocol requires there to be trusted token providers that issue the tokens. Who do you suppose are the trusted providers in the Google and Apple implementations? Google and Apple respectively, of course. Maybe eventually there would be some other large incumbents that these implementers choose to bless with token granting right. By its nature the protocol centralizes power on the web, which would disadvantage startups and smaller players.
Private State Tokens are Google’s implementation of the IETF Privacy Pass protocol. Apple has another implementation of the same protocol named Private Access Tokens. Mozilla has taken a negative position against this protocol in its current form, and its existing implementations in their current forms. See here for their blog post on the subject, and here for their more in-depth analysis.
I think you’re referring to FlareSolverr. If so, I’m not aware of a direct replacement.
Main issue is it’s heavy on resources (I have an rpi4b)
FlareSolverr does add some memory overhead, but otherwise it’s fairly lightweight. On my system FlareSolverr has been up for 8 days and is using ~300MB:
NAME CPU % MEM USAGE
flaresolverr 0.01% 310.3MiB
Note that any CPU usage introduced by FlareSolverr is unavoidable because that’s how CloudFlare protection works. CloudFlare creates a workload in the client browser that should be trivial if you’re making a single request, but brings your system to a crawl if you’re trying to send many requests, e.g. DDOSing or scraping. You need to execute that browser-based work somewhere to get past those CloudFlare checks.
If hosting the FlareSolverr container on your rpi4b would put it under memory or CPU pressure, you could run the docker container on a different system. When setting up Flaresolverr in Prowlarr you create an indexer proxy with a tag. Any indexer with that tag sends their requests through the proxy instead of sending them directly to the tracker site. When Flaresolverr is running in a local Docker container the address for the proxy is localhost, e.g.:
If you run Flaresolverr’s Docker container on another system that’s accessible to your rpi4b, you could create an indexer proxy whose Host is “http://<other_system_IP>:8191”. Keep security in mind when doing this, if you’ve got a VPN connection on your rpi4b with split tunneling enabled (i.e. connections to local network resources are allowed when the tunnel is up) then this setup would allow requests to these indexers to escape the VPN tunnel.
On a side note, I’d strongly recommend trying out a Docker-based setup. Aside from Flaresolverr, I ran my servarr setup without containers for years and that was fine, but moving over to Docker made the configuration a lot easier. Before Docker I had a complex set of firewall rules to allow traffic to my local network and my VPN server, but drop any other traffic that wasn’t using the VPN tunnel. All the firewall complexity has now been replaced with a gluetun container, which is much easier to manage and probably more secure. You don’t have to switch to Docker-based all in go, you can run hybrid if need be.
If you really don’t want to use Docker then you could attempt to install from source on the rpi4b. Be advised that you’re absolutely going offroad if you do this as it’s not officially supported by the FlareSolverr devs. It requires install an ARM-based Chromium browser, then setting some environment variables so that FlareSolverr uses that browser instead of trying to download its own. Exact steps are documented in this GitHub comment. I haven’t tested these steps, so YMMV. Honestly, I think this is a bad idea because the full browser will almost certainly require more memory. The browser included in the FlareSolverr container is stripped down to the bare minimum required to pass the CloudFlare checks.
If you’re just strongly opposed to Docker for whatever reason then I think your best bet would be to combine the two approaches above. Host the FlareSolverr proxy on an x86-based system so you can install from source using the officially supported steps.
From https://www.githubstatus.com/ (emphasis mine):
We suspect the impact is due to a database infrastructure related change that we are working on rolling back.
If you fuck up the database, you fuck up errythang.
They smell like plastic, metal, complex hydrocarbons, and death.
It’s likely CentOS 7.9, which was released in Nov. 2020 and shipped with kernel version 3.10.0-1160. It’s not completely ridiculous for a one year old POS systems to have a four year old OS. Design for those systems probably started a few years ago, when CentOS 7.9 was relatively recent. For an embedded system the bias would have been toward an established and mature OS, and CentOS 8.x was likely considered “too new” at the time they were speccing these systems. Remotely upgrading between major releases would not be advisable in an embedded system. The RHEL/CentOS in-place upgrade story is… not great. There was zero support for in-place upgrade until RHEL/CentOS 7, and it’s still considered “at your own risk” (source).
Oh for sure, those are a communal resource.
Because the toxins your body is reacting to are already in your bloodstream. It’ll take time for those to get metabolized by your liver, and how much or little you vomit won’t change how much work your liver has to do.
One of my grandfathers worked for a telephone company before he passed. That man was an absolute pack rat, he wouldn’t throw anything away. So naturally he had boxes and boxes of punch cards in this basement. I guess they were being thrown out when his employer upgraded to machines that didn’t need punch cards, so he snagged those to use as note paper. I will say, they were great for taking notes. Nice sturdy card stock, and the perfect dimensions for making a shopping list or the like.
He was a raging alcoholic who hid his illness from the medical professionals who examined him as part of his Super Size Me “experiment.” A lifetime of booze did way more damage than 30 days of McDs possibly could.
The plow. It allowed early river valley peoples to generate semi-reliable food surpluses, and those food surpluses triggered everything that came after. I can’t take credit for this argument, I first encountered it in this episode from the first season of Connections.
Jesus, what a bunch of needless “security”
I disagree with this part. Ticket theft is an actual issue, there are lots of ways to get a copy of someone else’s barcode and either use it before they do or (more likely) sell it to someone else online. TicketMaster’s marketing is talking up the increased security to distract from their true purpose, which is of course to find more ways to take more money from fans. Of course it’s debatable whether the increased security is worth the decreased convenience for ticketholders. That is the inevitable tension when it comes to security, where any increase in security always incurs at least some cost in terms of convenience.
This is all for personal data mining.
TicketMaster might be selling user data, but I don’t think that’s their main aim. They want control of the resale market so they can take a cut when tickets are resold. Note how they don’t allow direct transfers between two mobile wallets, they only allow transfers using their app. That’s so they can monitor transfers. If they see someone transferring dozens or hundreds of tickets to many other TicketMaster users then that person is likely reselling and they can clamp down on their account. TicketMaster’s true intent is to force all resales onto their ticket marketplace, because that’s where they get to take a cut of resales.
Oh yes, I don’t mean to absolve them of any blame. They treated it as an expensive lesson, which is probably the best way for them to process it.
Also while TicketMaster is going to sell this as being an “enhanced security” thing, it’s pretty obvious that increased security is only a side benefit for them. Their angle in this is getting more control over the tickets they sell. As long as there are many people who want to go than can physically fit in a venue, there will be a reselling market for event tickets. TicketMaster wants to take a cut of these downstream transactions.
While the security of rotating barcodes does hinder outright scams, mobile wallets normally allow wallet users to transfer items like tickets to another user if the ticket issuer allows it. TicketMaster does not allow this for their tickets, of course, because it could allow someone to resell tickets while cutting TicketMaster out of the transaction. Currently TM allows transfers using their app, but I’m sure they monitor usage of the feature and clamp down on anyone transferring many tickets. In other words if you try to resell in bulk without using TicketMaster’s own platform (where they get to take a cut), they drop the hammer on you.
The reason you can’t use screenshots or printouts is because they’re now using rotating barcodes. Much like the rotating codes in an authenticator app, the number values behind the barcode are changing on some regular cadence. Only the most recent barcode value is considered valid.
The only other option is to use a mobile wallet, but that prevents me from sending my friends their tickets, since I purchased them all together.
Some ticket sellers allow you to transfer tickets from one wallet to another wallet, but of course TicketMaster isn’t one of them because they’re fucking TicketMaster. What TicketMaster does allow is transfers from one TicketMaster account to another. Of course then everyone needs to have a TicketMaster account, needs to have the app, etc. It’s either that or leave all the tickets in your app or wallet and go in together. If you tell the door person “I have the tickets for these X people,” they’ll be able to handle that.
Yes because the security of barcodes and screenshotted tickets were such a huge problem before.
I think what you just described is actually a problem. Friends of my parents were visiting somewhere, bought tickets to a show from a reseller, met up with the seller (normal looking guy, no red flags, gave some plausible story why he was selling) and paid cash for printed out tickets with barcodes. Printouts looked legit, dates on the printouts were correct, etc. Went to the doors, tried to scan their tickets, got told that unfortunately they’d just been scammed. The impression they get from the box office worker is that this sort of bad news is something they’ve had to deliver frequently. Anecdotal, but I doubt those friends of my parents were the only ones to get scammed in this way. TicketMaster still sucks as an organization but the extra security of rotating barcodes does serve a legitimate security purpose, just like the rotating security codes generated by an authenticator app.
Airlines have recently been having problems with stowaways using screenshots of boarding pass barcodes or QR codes too. Such stowaways should get caught before departure by passenger headcounts or boarding ID checks, but clearly there are gaps or breakdowns in these procedures because some of these stowaways are getting caught at the destination. Others may have successfully flown for free. If it keeps happening I bet we’ll see rotating barcodes come to mobile boarding passes too, if that hasn’t already happened.
Hardly the first time. I’d argue the US made the same mistake in Afghanistan in 2003, diverting resources to Iraq because Bush Jr. had such a hard-on for Saddam.
Guy Gavriel Kay. First book published in 1984, part of a trilogy that was Tolkien-esque, quite decent, but not exactly ground-breaking. He’s since gone on to something a little more unique, which he describes as “historical fiction with a quarter-turn to the fantastic.” Impeccably researched but set an alternate world that’s a close but not exact mirror of our own. This allows him to take a few small liberties with historical accuracy in service of telling a better story. Personally I think he really hit his stride in 1995 with The Lions of Al-Rassan, and almost everything he’s written since then has been exceptional.
I’ve been using the LG Jellyfin app for a few months now and it’s been great. I’ve got an LG CX from 2020 and didn’t need to use developer mode, but I guess others weren’t so fortunate. I’m not sure which TVs were missing support before but great to see that it’s now supported on all versions of WebOS.
Is it exploitation? I’d argue slave or prison labor is exploitation because the workers have no freedom of choice. Bees are free to leave, and the queen will in fact do so if not content with the conditions in the hive. If the queen leaves, all of the bees will swarm with her and you’d be left with an empty box.
Beekeeping strikes me more as symbiosis. The beekeeper provides ideal conditions, far better than the average location that would be found in the wild, and can help protect the hive against threats like mites. In exchange the beekeeper receives a share of the honey produced by the hive.
No beekeeper takes all of the honey from the hive. Only the top box (the “honey super”) of a typical hive stack is harvested. A grate below the top box (a “queen excluder”) prevents the queen from entering it so no larva are laid in the top box. The workers bee are smaller and can pass through the grate to build out comb and produce honey. The comb and honey in the bottom boxes are left to the hive to feed its workers and produce the next generation of bees, ensuring the survival of the hive.
A queen excluder cannot be used to prevent swarming long-term as the drones that gather the pollen also won’t for through the grate! An excluder might be used to delay swarming and buy time so the beekeeper can offer another solution, like adding more boxes to the hive or splitting it into two hives. Better beekeepers proactively manage their hives, e.g. by setting up an empty hive in advance to essentially offer a swarming hive a new ideal home whenever they’re ready for it.