One of the strategies that changed my sleep quality for the better is to stop taking coffee after 9 AM; after learning that caffeine has a half-life of around 6-7 hours[0], but a quarter-life of around 12 hours. If you have a cup of coffee at noon, a quarter of that caffeine can still be circulating around your brain at midnight.
This link unfortunately doesnt really address the chemical imbalances which are normalised throughout society as stress and aging. If you consider yourself to be just a complex chemical reaction with a consciousness as the end result of the complex chemical reactions which have evolved over thousands of years, then I'd simply be looking at chemical solutions for good rest.
Its not strictly true that caffeine has a half life of 6-7 hours, nicotine reduces this to 3-4hrs and some prescription drugs also affect the half life either by shortening it or increasing it, in extreme to 24-48hrs.
I found a few grams of Taurine will improve and increase sleep, the science is out there, the more you take the more you sleep and you can sleep through fire alarms and all sorts so use with caution.
Now a restless mind can also keep people awake, so increasing 5-alpha reductase by consuming Glycine can then break down cortisol. You will laugh your head off with lots of Glycine, so dont blame me if you laugh your head off in a stressful situation and get fired from a job or something!
I'd suggest Glycine but if you are not allowed sugar for medical reasons, consult a doctor first. Glycine like many chemicals play many parts in the body and combine with other chemicals, like other amino acids. Its one of the ingredients of creatine, now creatine gets broken down into creatinine which is a gram positive and gram negative anti bacterial, and bacteria in the brain & body can also affect personality so there may be other factors at play contributing to your mood. If you want to study this, then you should know the answer to your question!
A constant half-life is necessarily an exponential decrease (linear curve on a logarithmic plot). So, yes, if the half-life is 6 hours without qualification, then the quarter life will be 12 hours.
Though, in real-life you get things like enzyme saturation, depletion of chemicals consumed in the metabolism of the chemical, etc. Real world pharmacokinetics are probably not exactly constant half-lives.
For example, IIRC, the average American adult male saturates his alcohol dehydrogenase at about 3/4 shot of 80 proof liquor per hour. Below saturation, I presume ethanol has something close to a constant (and short) half-life, but that exponential decrease is only observed at alcohol concentrations where the effects of alcohol aren't very obvious. So, for most practical purposes, the biological half-life of ethanol doesn't apply and its metabolism is better approximated as a constant rate process.
Are there any examples of this?
If its half-life is 6 hours, then after six hours half of the caffeine is still there, and we know caffeine has a half life of 6 hours. I don't know of any molecules with a non-linear half-life but I might be completely wrong
There's a whole area for this - pharmacokinetics. See e.g. https://en.wikipedia.org/wiki/Biological_half-life#Rate_equa... for examples of e.g. first order models (exponential elimination rate, etc.) It has to do with protein binding dynamics among other factors I have no idea about. Remember that you are dealing with biological systems.
Interesting, for a second I thought that had to be wrong because I was aware of aspirin and alcohol, but apparently they are the two common ones and the vast majority are a bit more complex, which also makes sense if you think about it logically I suppose.
It looks like in addition to those, others with zero-order pharmacokinetics include salicylates (salts of salicylic acid incl. aspirin), omeprazole (for indigestion), fluoxetine (antidepressant), phenytoin (for epilepsy), methanol (a poisonous alcohol) and cisplatin (chemo medication.)
This is one of those things you just have to try and see if it works. I've quit caffeine completely for a few weeks, and didn't notice a difference in my sleep quality.
I found it didn’t improve my sleep quality or my ability to fall asleep. However - I do feel like I have a slightly easier time getting out of bed now.
I’ve been off caffeine for a year or more. Having it actually makes my stomach slightly upset now. Similar to sugary drinks - I can’t do them anymore. Once I gave them up - I couldn’t go back.
Actually for me I sleep better at night with caffeine in the morning. I find it helps with having a proper active / rest cycle, i.e. concentrate energy and stress during the first part of the day so I can start to wind down in the afternoon, instead of hovering around mildly stressed all the day and the evening.
I'm not certain how relevant that is. I definitely don't feel more awake 6 hours after coffee let alone 12 so clearly not all effects are still there. Claims like these are quoting numbers while implying things which aren't true a priori.
Sleep is admittedly easily disrupted but I also haven't noticed a difference in sleep quality when skipping my afternoon cup.
Different people reacts differently. I normally drinks 2-3 cups a day, last one sometimes after 8 PM. So to test some claims about coffee being so bad etc, I completely removed coffee from my life for a month - zero difference. And the same is true for Yerba Mate for me (although with Yerba I definitely feel different for few hours). But I believe that some simply react more to this substance.
I hear that often enough. I think the confusion is that it's true by dry weight of beans/leaves, but a cup of coffee will typically have more caffeine than a cup of tea by a factor of a few.
Thanks. Being a HSP(highly sensitive person) I am always careful of my coffee after lunch. Now I realised I need to either have it early morning or not at all.
Why talk about half-life and quarter-life here instead of full-life (which I guess is around 18-24 hours)? Having less than a quarter of caffein in your system does not impact your sleep?
It's an exponential decay, so full-life is not really a coherent concept. Detectable (but unnoticeable) levels will persist for quite some time and undetectable levels will persist for a bit after that.
Slightly related, but I use age[0] for most of my non-automated file encryption tasks; and one of the neat features it has is the ability to encrypt to a GitHub user's pubkey[1].
Joking aside, in my view the branding (and branding ability) of the name change to Meta is impressive given their long term vision.
However, I do get the feeling that Meta will aim to eventually become a household proprietary name and thereby water-down what can be considered one of the broadest, most abstract terms we're all familiar with.
In terms of traffic, my website received about ~24,000 visits in the span of about 3-4 weeks, with the majority of the views (~16,000) occurring in the first week, but the effect continued for quite some time after due to back-linking, social media sharing, and whatnot.
For reference, my site averaged less than 50 visits per month in total before my blog post hit the front page (in April 2021).
Only in the last month as of writing this comment (October 2021) have the numbers trickled down gradually from the hundreds to the tens.
In terms of performance, I have a static site (built with Jekyll, hosted on Netlify, BunnyCDN for media, and proxied through Cloudflare) so the traffic spike didn't affect the site at all. Not even a little bit.
Thank you, I've been made aware of this and have amended the post to clarify that it's ineffective w.r.t. FLoC; for the technical reason that you mentioned.
Bootstrap and Jekyll for all of my personal sites and side projects; with HTMX and/or vanilla JavaScript when needed. Same stack as well for clients who need static sites.
For other clients (that need a CMS) it's WordPress.
It’s worth noting that HTTP itself has unparalleled performance for the Web due to the protocol itself (and web servers that deliver it) being optimized over the years to support compression, transfer encoding, encapsulation, etc.
Gemini also transmits a mimetype that’s text-based (text/gemini) but it runs on port 1965 — as opposed to the usual 443 (HTTPS) or 80 (HTTP) that Web browsers usually connect to by default. Gemini therefore needs customized “browsers” that will read the protocol and parse the data that’s received from a Gemini server, however there are Web Proxies that do this as well [0].
In that sense, it’s an alternative to the Web inasmuch as it’s an alternative to HTTP; but (importantly) without any maturity, performance, or scalability whatsoever.
Now to be fair, Gemini doesn't claim to replace HTTP in any way; being a niche, small-web technology.
But in my opinion it's pretty pointless since it uses a strict subset of the HTTP spec which makes it feature-delimited by design.
Using HTML sans CSS/JS will give you a similar yet better experience.
I can understand why the vast Gopher community would immediately dump/mirror all of their content into Gemini Space. My question is why anyone else will, when one can easily create an equally-spartan experience using universal web technologies.
If you approach that question as a developer, it makes sense. Why not just restrict yourself to a subset of HTML+HTTP, which is what many people do.
However, as a user, I can't be sure what's behind each URL. Does communitywiki.org require JavaScript? Do they set cookies? Do they violate my privacy with telemetry and analytics?
If I see a gemini:// link, I know the answers to all of those questions -- they don't because they can't, not because they choose not to.
You can check what any URL does, actually; unfortunately, the browser does not make that easy.
A gemini:// link can't set cookies, but it doesn't prevent serving HTML or any other type of file. However, a browser may disable HTML with Gemini by default, or not support HTML with Gemini at all. Doing so may be useful in order to more easily answer the questions you mention.
Using HTML over HTTP in any form opens you to tracking, through the referer header, ETag lookup, and cookies.
The idea behind Gemini is to cut off all such capabilities (even when useful for good things) and prevent attempts to add them as extensions. This may make sense in the niche they are targeting.
This also prevents common session tracking mechanisms, but even form submission is not a thing in Gemini anyway.
It won't prevent serving HTML with GET forms (although POST forms won't work, and neither will cookies), although a client may very well not understand the document (or any other HTML document) and not display it (and even if it does understand HTML, it might restrict HTML with Gemini by default, in order to avoid tricking the user into thinking that one kind of document is a different kind, and/or in order to avoid doing things which are undesirable with Gemini; HTML is probably mostly undesirable with Gemini anyways).
If you need an interactive system, then SSH or Telnet might be better, rather than Gemini or HTTP(S). For other things, other protocols will be better, e.g. for communications, IRC or NNTP would help (depending on the kinds of communications). They also mentioned a Titan protocol, for writing to Gemini files.
I suppose that as the Gemini network grows, someone will create a search engine. The old-school "?foo+bar" style of GET queries should be enough even on clients supporting only standard Gemini markup. (Arbitrary MIME types are supported, so enhanced or entirely different interfaces are possible.)
> Meanwhile, temporary exceptions will be granted to dedicated banking and digital wallet apps so that they can “obtain broad visibility into installed apps solely for security based purposes.”
I'm sorry but why does a banking app need to see a list of system-wide packages? And for what security-purpose? If all apps were tightly sandboxed in the first place then this wouldn't be a problem that requires edge-case solutions.
Either way, based on the same quoted paragraph, my prediction is that Facebook will now roll out a dedicated wallet app; along with regular wallet functionality it will gleefully take advantage of this exact loophole.
Banking apps sometimes integrate 3rd party AV / threat detection SDKs (there are several available, e.g. https://www.wultra.com/malwarelytics which is part of a bigger banking security SDK solution). Sandboxing isn't the only problem on Android - a lot of malware is using Accessibility to control the device and read what's on your screen. Then there are overlays that can be drawn over your app (e.g. display a fake login over your app). Access to notification content. Reading SMS content (2FA). Different combinations of other permissions, device manager rights etc. Or even simple attacks like launching a fake app just when you launch the real one (phishing). Google is trying to limit a lot of these permissions, at least from apps installed from Google Play but so far they are still pretty widespread with malware hidden on Google Play targeting banking apps.
3rd party AV sdks? This reeks of snake oil. They should just stop treating the device as a hardware security anchor.
And how is it still ok that most android phones in the wild do not get security upgrades, let alone timely ones?
The tricky part IMHO is that with safetynet google is selling snake oil themselves. If they are claiming that security does not count as fair use to spy on the userfor others, ... .As much as I like security awareness. In the end it means patronizing users in order to control the ecosystem. The problem with banking and google is that we cannot escape this ecosystem without losing a lot of commodity. Why not do it like Apple and put annoying popups before each install process if apps want spying permissions. The only reason can be that google wants us to not be aware...
My supermarket's loyalty app refuses to run on rooted devices, I imagine they are using something like this to detect if the device is rooted (e.g. looking for Magisk). It makes no sense, because all it does is show what offers are available that week (which you can also see on their website) and provide the same QR code that is on the physical card. I imagine some PM at whatever agency they used decided they wanted to make it secure (and upsell that to the client), and installed some nonsense SDK like this.
My bank's app have no issues with my phone being rooted :-) Fortunately Magisk Hide fixes it.
Big business means it would've been defeated or just completely worked around - truth is that if you're doing this at scale you'd just reverse engineer how the application talks to the backend and replicate that in your software.
Just like DRM, it inconveniences legitimate use while doing little to defend against malicious use.
I don't believe this is the only reason. If it were, they would be blocking logins through mobile web browsers since there's no JavaScript API that dumps the list of installed apps. All those same attack vectors could exist on top of the users web browser as far as I know.
They don't have to block the login completely but they may treat it as less trusted and require additional authorization for, say, an outgoing wire transfer. Of course, this assumes banks are doing actual risk modeling not just security theater.
Can't they do this for apps too? Treat them as "less trusted", instead of doing all that bullshit with shipping bundled scanners, and the insane policies that make it impossible for me to take a screenshot of transaction details in the app...
(Yes, I know. My role as a user isn't to have opinions - it's to dutifully enjoy the software as-is, and visit the "offers" section on a regular basis.)
I don't think so - or if they do, then the functionality won't be very effective. A lot of the most common attack vectors have never existed in iOS. Applications on iOS can't draw over other apps, you can't implement your own accessibility service, you can't launch apps from the background without user interaction, you can't install apps outside of the App Store, you can't run a service in the background for unlimited time, you can't implement your own keyboard (key logger), or read SMS messages, notifications, system events and a lot of other things have never been accessible to developers on iOS. I haven't heard about banking malware on iOS. But on Android you can find hundreds of examples and even right now there are several circulating on Google Play. The openness of Android OS has advantages and disadvantages, but Google has been heavily limiting most of these options recently.
Google already allows online banking apps to block screenshot functionality, which is in my opinion total bullshit. The owner/user of a device should always be able to take a screenshot if they want. At least every bank has a market based need to allow regular browsers to sign in to online banking, to support desktop clients, so one can just ignore the provided bank's app if you want.
It's to prevent malicious applications taking a screenshot of sensitive information. I've seen other apps doing this on, for example, credit card info entry screens.
It wasn't a banking app, but I recently came across the first app I've seen that, in addition to SafetyNet, also checked if the Magisk Manager app was installed to try to detect if the phone was rooted. I wouldn't be surprised if it was for this purpose.
Computers are compromised all the time and but so far as I know banking at insertbankhere.com doesn't involve giving your browser tab root privileges on your machine in order to run its own antivirus. It's an improper separation of concerns.
Your bank also doesn't concern itself with the type of locks on your door or your car alarm. Just because something gives someone a handle on matters like the ability to see what apps are installed on your device doesn't mean its appropriate to use it.
Not allowing the bank app inappropriate access to your device means they aren't tempted to leak or misuse it.
This is amazingly useful. I've always had to settle for a tradeoffs between widths and alternates when choosing a terminal/IDE font; I've just created the perfect combination that fits my readability needs.
Storing the configuration in URL query strings is also a nice touch. Thank you for making this.
I use Flatpak extensively and I fully agree with you and the author of the response that there is a need to balance practicality vs. idealism when it comes to (fully auditable) FlatPak apps, as well as FlatHub's overall approach and continual work within the desktop Linux ecosystem.
What's more, the fact that an entire domain was devoted to what could have been a blog post gives credence to the responder's notion that this is FUD which, while valid for discussion, is most certainly not beneficial to the FOSS community writ large.
Either way, from the article you linked TIL about Flatseal[0] so I'll be taking that for a spin!
[0] https://youtu.be/k5BMGmf1ai0