site banner

Small-Scale Question Sunday for February 26, 2023

Do you have a dumb question that you're kind of embarrassed to ask in the main thread? Is there something you're just not sure about?

This is your opportunity to ask questions. No question too simple or too silly.

Culture war topics are accepted, and proposals for a better intro post are appreciated.

Jump in the discussion.

No email address required.

How to turn off response animation in chatgpt, and automatically save all data? Maybe in something git-like, because there's "regenerate" or "modify and regen" buttons.

If one uses chatGPT to write a fiction story, is it possible to somehow tell "this is response is good, let's add this to canon" or "this response is bad, let's reject it". I tried to instruct it to label responses with a number, so i could give commands like "rewind story to NNN" but I failed at this.

Would anyone happen to know where I could find a summary of the Dreyfus affair which is short enough to be read in ~1 hour, and engagingly written?

Not so much a question as just me venting.

A while ago, I made the mistake of poking around the /r/OLD and /r/Tinder subreddits, and noticed a new bit of advice being given to women, (apparently) by other women: don't give out your phone number, use the app instead. Advice from men to men to switch to texting as soon as is reasonable also attracted these replies.

The reason given for this is apparently that "men will try to get you off the app so that they can be abusive or unpleasant to you without you being able to Report them." Stay on the app, where it's Safe, and They can't Hurt you with mean words, which is what they all want to do.

(To my understanding in all online dating: Getting off-app is supposed to be an escalation of intimacy. It's admittedly in the self-interest of men to be in Text notifications rather than lumped in with Tinder notifications; every time she opens tinder to reply to you is a chance for her to notice a message from some other hotter guy. I've also had women provide me their phone number unprompted with some non-reason about notifications not working or hating the lack of threading, but really because they just want the interaction to move forwards faster. I'm pretty sure women use this themselves to sort good suitors from Eh ones).

I think of it every now and then when I mess around with the apps, or when I need to remind myself to stay away from Reddit in general and certain subreddits in particular. It just struck me as perversely obstructive. Why does Reddit have to make everything worse? It's like warning job-seekers that employers offering in-person interviews are a ploy to kidnap you.

Years ago, it felt like there was an ideological arms race in Geek Dating to sabotage men in exciting new ways, by giving them bad advice and warning women away from them. That arms race seems to have continued in my absence. I suppose I'm just still annoyed that I spent my formative years surrounded by this cautiously cringing crap.

Why isn't it more common for a woman with kids to run a small daycare consisting of her own kids and those of her siblings and cousins? Wouldn't parents strongly prefer this over leaving their kids with strangers?

Because (a) sibilings/cousins often don't live in the same areas, (b) it's not super-common for all to have kids at approximately the same ages, (c) professional regulations make running one's own daycare a font of legal liability and compliance costs, (d) the vulgar version of modern feminism abroad in the culture insists that such work is beneath women of mid- or upper-level intelligence and/or means.

How common is "common?" I have no empirical sense of the answer to your question. Anecdotally, I've known many women who have done something along these lines. But in many places there are licensing requirements based on numbers of children being cared for, and often those licensing requirements are minimally compatible with home-based businesses.

As people have fewer children, of course, "siblings and cousins" also trends toward becoming an empty set.

Because it's been deliberately made prohibitively expensive, if not legally impossible.

  1. Is the search not working for anyone else? "Ohio" gets no results.

  2. How do you do spoiler tags on this site?

  3. I haven't heard any news about Ohio recently. I was hoping we'd know how bad the situation is by now. Is there any reason to be optimistic? I have friends and family in Cleveland and Columbus.

I was hoping we'd know how bad the situation is by now. Is there any reason to be optimistic?

There's probably going to be some incidental cancer and endocrine disruption issues over the next couple decades for those nearest the East Palestine site, but these sort of massive release crashes aren't that uncommon, and their impacts are usually felt more in the statistical-SuperFund sense.

It's possible there's some other reasons to expect this one to be Much Worse or more immediate, especially given the hemming and hawwing over what chemicals, precisely, were involved. But it's more just normal bad.

  1. Search serves post results by default. Switch to the comments tab.

  2. There's a Formatting help link under the preview when you're typing a response.

  3. No idea. I kept up with the memes for a bit, but I have no idea how dangerous the whole thing is. All the best to you and yours.

You can't tag people on this site yet can you?

You can, by putting an @ in front of their username: @Tollund_Man4

My bad, I meant a tag that shows up next to their username every time I see them. Makes it easier to remember who's who.

Userscript could do it easily. I think I can even write that.

Oh, I see. Yeah, as far as I know, you can't do that.

What do you mean? User script could do it easily.

What's the best short writeup on the fall of Constantinople? A primary or contemporary source would be amazing.

In terms of contemporary Christian accounts there's the Diary of the Siege of Constantinople by the Venetian Nicolo Barbaro and the official Byzantine history by Doukas, though they might be hard to access without academic credentials. The History of Byzantium podcast isn't quite there yet, but hopefully whenever it concludes it will be one of the most accessible sources of information about this period.

It's not quite what you want but Fall of Civilizations podcast is a wonderful series about empires collapsing and their episode in Byzantium is no exception.

Who are the Four Anti-Horsemen of the Infocalypse? In case you're one of today's lucky 10000, the Four Horsemen of the Infocalypse are drug dealers, money launderers, terrorists and pedophiles, that is, the groups governments invoke when they want to attack privacy tools.

So, what are the four groups that people can invoke to promote the use of privacy tools? Whistleblowers, dissidents, that's two. Anyone else?

“Dissidents” covers just about everyone, no? Trans Saudis, anti-war Russians, whichever Americans are out of power this year, all four of the Infoboys…

You’ve got to make a more specific category, lest you include something both normies and the government dislike. Split “dissidents” out into the political, social, and maaaaybe economic outcasts, and that’s four categories.

"Pro-democracy dissidents in authoritarian countries" is a mouthful.

Ah, the “freedom fighters.”

I worked in privacy tech for a couple years, and the other two examples du jour are abuse victims and LGBTQ+

What music do y'all listen to? I've recently gotten back into Florence + the Machine. Gotta say, it's much better going back as an adult. It's hard to find positive, upbeat music with good lyrics.

Not a lot of what I listen to could be called "upbeat", I'm much more a blues and grunge kind of guy. But one artist that the better half and I have been enjoying a lot of late is Lee Brice songs like this may be stupid and hokey but they are fun.

I mostly listen to Brazilian music from the 1960's, despite not speaking Portuguese.

This is the brazilian state of the art

Bossa nova?

Voce precisa apprendar ingles portuguese...

I thought I’d been exposed to that via Tim Maia’s Rational Culture, but nope. 1975.

recently I've quite enjoyed a punk rock band called The viagra boys

Shrimp Sessions on YouTube are fantastic

Performers that the algorithm suggested to me and I liked: Alice Merton, Saint Motel, Katzenjammer, The Ting Tings, The Pointer Sisters, Warlock, Thundermother, Gesaffelstein.

Huh. I didn’t think of them as particularly upbeat. Maybe that’s because their only song which I hear on the radio is the mental-illness-romanticizing “picks me up/puts me down” one.

I’ll concur that good lyrics are likely to be sad or at least cynical. Or, perhaps, that cheerful lyrics have a higher risk of feeling trite. Consider folk/country like Robert Earl Keen: his best-known stuff is wistful (Gringo Honeymoon, Front Porch Song). When he gets more upbeat the lyrics tend towards the bitter (Swervin’ in my lane, or God forbid It’s the Little Things). And when he does positive lyrics, i.e. Feelin’ Good Again, it’s over outright mournful instrumentals. Such is the genre.

Oh, it may be the wrong time for Merry Christmas from the Family, but it really is deliciously cynical while remaining positive.

Lately I’ve been listening to Adrian Quesada’s Boleros Psicodelicos. I’m not really a fan of the Black Pumas but his work on this album is just excellent. It’s so richly layered. I doubt that it solves your lyrical conundrum, but I don’t speak Spanish, so who knows?

As a recovering metalhead, I have made an active effort to find upbeat songs to counter a playlist I've literally titled "oppressive despair" (ask me about that one LOL).

Check out:

  • Young the Giant - Proggy Arctic Monkeys but less sexy-all-the-time. Their popular stuff is great.

  • Sammy Rae & Friends - Just plain fun. Their top spotify picks are great.

  • Silk Sonic - Just plain funky fun but Bruno Mars. Start with Leave the door open & Skate.

  • Vulfpeck - funky fun turned up to 100. Lyrics can be a little nonsensical. 1612 & Wait for the moment are good starters.

  • King Gizzard - Psychedelic derpy fun. They're prolific. Start off with 'The River', 'Catching Smoke', 'Fishing for Fishies' and ofc, the infamous: 'Rattlesnake'.

Pirate metal is pretty upbeat. Alestorm - Fucked With an Anchor for example!

There’s an alternative: Embrace hair metal. Fairly upbeat, not very serious and often party atmosphere while still being metal.

The music should serve the theme, and not vice versa. Genre should be seen as tool-kits. You start writing music with the intention of constructing something. A good musician knows to find the right tool-kit to build the structure they have in mind. If the tool guides the dream, then the dream loses all purpose.

Hair metal can be fun in context : stadium & road trip music. But it does not lend itself well to deep listening. Metal is by-definition an intense & tense (alliteration not intended) type of music. That's why it lends itself well to intense emotions which can only develop after years of festering. Grief, anger, wrath, despair & violence are obvious. Meditative states, yearning, (the feeling of) enlightenment are less obvious ones that lend itself well to the genre tools leveraged in metal.

Some metal tools make for great happy music. Djazz is one such example. But mainstream metal genres make for schlocky happy music . Although admittedly, I have occasionally indulged in some of it. Speaking of schlocky metal, here are my 2 "favorites" : Children of Bodom : rebel yell cover and Iron Maiden - Charlotte the Harlot.

I want to ask you about oppressive despair. There’ve been times when Call of the Wretched Sea was just what I needed.

'Viljartha - Den Helige Anden' is the poster boy of the sound I am trying to capture. Atmospheric, Deep sub-bass, and never gives you that bright climax you keep expecting. Usually they induce this thick tension by having very few accent beats (think high E strums, Snare hits, Crash), but the count on the drums to keep tempo is really fast. So it has this incredible speed to it, while being made quite long for the accent hit that resolves the tension.

Death Grips's On GP & No Love are great examples of this sound too.

I like blackgaze too, but that's too melodic. It tries to be beautiful in grief, and that's not the point. On the other hand, extreme metal just comes across as noise without tension. So this playlist tries to avoid those 2 styles of music.

Post-hardcore. Bands like Title Fight, Drug Church, Joyce Manor, Fiddlehead. Here are some cool songs. But it's not for everyone.

Drug Church - Dollar Story

Fiddlehead - Down University

Title Fight - Crescent-Shaped Depression

Joyce Manor - Angel in the Snow

Oh man have you listened to letlive. at all?

I never have. I'll check it out!

I was surprised by how much I liked her new album.

I've been listening to Farya Faraji on Youtube recently -- lots of Byzantine and Balkans music, and some other folk music, for instance from Canada. Unfortunately, I haven't been able to buy or download his music to listen while traveling.

Maybe Im a phillistine but despite listening to a lot of music, I dont know what music Im into. I just shahzam songs I like from public and songs I end up liking from movies and spotify reccomendations does the rest.

Mostly a mix of 90s rock, early 2000s pop and deep house. My favorite song of all time is 'Mr Brightside'. Funny considering I cant stand any of the The Killers other songs.'I aint worried' is my second most played as of late, courtesy of Top Gun Maverick.

Oh and the slowed and reverb genre also has some hidden gems. Pop songs slowed and reverbed become something entirely different, more so than other remix genres. Such as this, or this or this.

I should also out myself as a zoomer and let it be known that TikTok sometimes actually popularizes good lesser known songs, often old ones. Very hit or miss though.

My favorite song of all time is 'Mr Brightside'.

Have you thought about moving to the UK?

Not the first time Im hearing this. Ive been called a coconut too because I like that song too much for someone not white, let alone not from the UK lol.

In recent years, I've become very fond of Enya.

I loved Enya as a child, soured on her in my adolescence and have slowly come back around to appreciating her music. This seems to be a fairly consistent pattern among my peers.

Enya holds a special place in my heart. I have fond high school memories of everyone in the group call meditating to Only Time while waiting for the servers to come back online.

Glad to hear other players had their own downtime traditions. We would find crappy rips of terrible movies to watch MST3K-style. Fond memories of watching Japanese Star Wars knock-off "Message from Space" one Tuesday night.

Does anyone have any thoughts on “day of hate”? Might make post about it this week

Near as I can tell, the original source is this Telegram post. Some nobody with virtually no engagement. Their group's only sign of real-life activity is a banner drop done by 2 people. I found dozens of channels with hundreds to thousands of times the exposure mocking it as an obvious fed trap, and zero promoting it. Looks to me like the usual batch of activist groups lifted this out of obscurity to scare people, promote themselves, and get more donations. Oh, and also waste a ton of law enforcement time chasing ghosts and protecting things that were never threatened.

The Counter Extremism Project is responsible for pulling it out of obscurity. What’s so odd (telling?) is that nobody really wants to link this back to them. This is billionaire Thomas Kaplan’s project. The reason for this spectacle is to reinforce the idea of Jewish victimhood status. Now, Kaplan has funding ties to ultra-orthodox yeshivas and rabbis. Bear with me on this leap: the reason for this spectacle is to increase the funding allocation for the Nonprofit Security Grant Program. This is a 200mil slush fund for nonprofits to increase their “security”, broadly defined, and Jewish groups want to increase it to 400mil. Since 2010 (when the fund was smaller), up to 97% of all funds went to Jewish groups — I have read numbers indicating 75% or 97% depending on year.

So it’s… actually much more nefarious. Like something out of James Bond. A billionaire mining magnet, who has previously bet his money on war with Iran (sacrificing thousands of American lives), and who funds actually racist ultra orthodox groups, has created (out of thin air!) a national spectacle involving a day of hate. Now, sure, it’s obvious stereotype of a gold-investing billionaire able to control the media like a puppet master and thanos snap his finger into existence more than 120,000 tweets on his day of hoax… but this is essentially what happened. And all for a nefarious end.

Never heard of it. Googled it--found a bunch of articles declaring "resistance" and "resolve" in response to a "day of hate" declared by unspecified actors who I could never manage to source. I'd say "Streisand effect" except that your post is the only way I would have heard anything at all.

Imagine giving some midwestern loner of dubious psychological stability that much attention for so little effort. Or, for that matter, imagine ginning the whole thing up in hopes of generating some new faux-holiday for the terminally progressive and excessively online. Truly, the demand for hatred exceeds the supply by several orders of magnitude.

I'm very suspicious. The point is to record yourself posting antisemitic fliers and then put the recordings online. Not to blame everything on the FBI, but is this a trick?

Also I skimmed a few news articles but couldn't find a primary source for the day of hate. Is this all some tiny discord group or other tiny group? Is this real in any sense other than overblown articles and public statements?

In short, the origin is one guy from Iowa, who does not belong to a group, who may or may not be real or a fed, who is only known for giving out free heil hitlers at the Iowa capitol building. His telegram post got limited engagement (four emotes) and only 1000 views when I saw it, up to 999 of which could be journalists / curious people and not supporters. The group who originally put this out is funded by a prominent billionaire, whose wife’s family runs a major bank in Israel, and who is best known for lobbying to get us into war with Iran and funding ultra-orthodox groups which want to make the conversion process more difficult. It is very interesting, I’ll make cited post later this week

I posted most of what I was able to find. If you know more or better, I'd be interested to hear that.

The TLDR I'm getting is that none of this even tries to sound real.

Please do, this sounds interesting.

First I’ve heard of it. I could believe it was alt-right, alt-left, astroturfed corporate, or all of the above.

On what? Fuck, did I miss hate day? That's like sleeping through Christmas.

(Seriously though I have no idea, please do a cafesplainer for us clueless boomers if you've got thoughts to share)

This is the first I've heard of it too. Tried looking it up, and all the links are self referencing back patting by "day of resolve" people, so it's unclear if it's real or fake.

It was the official hate day indeed, and came as a shock to many, including every single far right extremist on Twitter

What if they declared a day of hate and nobody came?

They did. Then they declared that the absence of hate meant their warnings worked and they called it a day of resolve.

So, what are you reading?

Still on Freinacht's 12 Commandments. I think I have my answer as to what post-metamodernism looks like. Metamodernism claims to be both sincere irony and ironic sincerity, but I wonder if it isn't lacking the latter in practice.

Star Trek SNW seemed to me from the start like an ideal example of both metamodernism and its failings. Pike is a Nice Guy not because he sees through your resentment and learned a better lesson than you, but because he's already decided what box he wishes to live in. As much as I loved the show, one looks in vain for a sense of actual conviction.

It runs instead on a fait accompli which says "there are Thoughtful People who won't be hypnotized anymore." I imagine people will be shocked if the general populace once again willingly chooses to be dupes of obvious frauds rather than to be this kind of Thoughtful. Something is still attempting to be expressed, and spirals of complexity and sophistication can also be used as tools of suppression. The trick would be to ironically tease out what is actually being expressed and suppressed without being duped oneself, and to derive enduring principles stated in simple, effective forms on which a new sincerity can be built.

Anxious People by Fredrik Backman. It's good - it has clever writing (I've laughed out loud several times) and an interesting way of unfolding the story, but does suffer a bit from a Reddit-style "life is pain" mindset.

I recently read "The Old Axolotl" by Jacek Dukaj. It reminds me a great deal of rationalist fanfics (for good and for ill), though given the subject matter and the ending I think that is to a fair degree intentional and critical of such modes of thought.

But I have repeatedly charitably interpreted things as ironic that were in fact unironic, so I don't trust myself on that. Picking up one of his other books, "Ice", partially because I did enjoy "The Old Axolotl" and "Ice" has reviewed well and partially to get a better sense of his writing.

Double Blind. It's another pretty quality litRPG.

Looking for a new one to start actually. I'm about halfway through Barbara Pym's A Glass of Blessings, but like most of her work there's very little sense of tension and so there's not much to pull me to read it fast at all. I do usually walk away from a session with her glad that I did it, though.

Some contemporaries described Barbara Pym in the '50s as a modern Jane Austen; and I think that Jane Gardam was our latter-day Barbara Pym. I thought that Gardam's very last books, the Old Filth trilogy, were actually her best by a mile. I have only read early Pym so far, but I have some later Pym on the shelf and I'm curious how she went on to develop and if she had this same pattern.

(Update: I have just realized that Jane Gardam is in fact still alive, aged 95. I do think she's done writing though.)

I'm about 25 pages into The Beautiful and the Damned today, and possibly I'll go ahead and stick this out. Read Tender is the Night last year and it was one of the highlights of 2022 for me.

This comment I made about how hard/easy it is to find pseudonymous users online identities got me thinking about infosec.

So I spent the rest of the evening researching about OSINT tools and other methods to do bad things (This has the added benefit of implicitly letting you know how to not have bad things done to you, but knowing how to be safe won't necessarily teach you how to be dangerous).

I am not sure how feasible this is, but I checked some emails of people I know using and it tells you which databreach the email password combination was found in. So isn't all that remains to acquire the breached data hoping they don't use 2FA? Or am I missing something?

Anyways, back on the topic of infosec/osint, what are you favorite tools that you totally use for security reasons? I am interested in knowing any clever techniques you have heard being used or used yourself as well for/against all things infosec.

I am interested in knowing any clever techniques you have heard being used or used yourself as well for/against all things infosec.

For a very broad definition of 'clever,' I basically keep all my internet activity 'siloed' between different username/password combos that generally NEVER interact. I apply somewhat different levels of information hygiene to each.

My pseudonym on reddit was different from my youtube username is different from my motte username is different from my twitter handle is different from my Steam username. Okay, I copied my motte username over from reddit.

Sure, you could probably tie them all to a particular IP address, and then use that to make a connection to a location in realspace that roughly corresponds with my physical location, but fundamentally that is shaky evidence if you want to reasonably prove that a given comment was physically typed out by a given person. If the account in question doesn't include dozens of photographs and videos that really only could have been uploaded by me, it requires a sizeable leap to say that the comments in question couldn't have been generated by someone else.

Most of the time if someone is pilloried IRL for any comments they posted to a pseudonymous forum it means they:

A) They admitted to typing them.

B) They used the pseudo to communicate directly with another party and exposed their identity to said party (maybe even meeting up in person) such that the other person could reliably ID them as the account-holder.

C) They directly connected the pseudo to some account that was directly tied to their IRL identity.

That is, I don't think it is easy at all to tie a purely text-based interaction on a given forum via pseudonyms to a real person in a way that can't be plausibly denied, unless you're a major government or corporation that controls the person in question's account.

Here's a genuine thought I've had: if all they really have on you are internet comments associated with a psuedonym, and they have no further direct proof that you, the real person, actually typed those comments, then one can probably invoke the Shaggy Defense.

Wasn't me!

"Oh but all those personal details divulged in the comments match your profile."

And? those details are all things that someone else could emulate with minimal effort. Why do you assume those details were true about the person typing the comments?

"You saying you were framed?"

I'm saying I'm falsely accused, I never typed those comments.

"The typing style even matches posts publicly associated with you!"

Yeah, so it's wouldn't be difficult to mimic that style. Unless you're saying you saw me physically type the text I'm not sure how you're so certain you found the right person.

"Show me your browser history and I'll maybe believe you."

Nice try, but no. I think we're done here.

This defense has only gotten more plausible in an era of GPT and deepfakes, where generating absolutely gobs of convincing text would require much less effort by a savvy actor.

Of course if you've pissed off someone online enough to come and actually try to harm you or your reputation that denial might not be enough.

I have been tracked down a few times actually – though all instances but the one mentioned in the last thread have taken place before I started to pay any real attention to privacy. Virtually all of those people who have succeeded became my friends, at least for a while. Guess I was more likable back then. One of them was a fledgling teenage hacker who later started working for FSB in basically the same capacity, and knows a lot about this stuff, but we haven't been in touch in a while.

I don't believe there are very clever things one can do to ensure anonymity. (Maybe LLM instances to populate correlated but misleading online identities? Style transfer? I'll use this as soon as possible though my style is... subjectively not really a writing style in the sense of some superficial gimmicks, more like the natural shape of my thought, and I can only reliably alter it by reducing complexity and quality, as opposed to any lateral change). @gattsuru gives decent advice but, aside from those technological attack surfaces, you should just understand the threat model and not share data that meaningfully narrows down one's identity. Speaking of elder gods, Terry Tao has written on this topic:

Anonymity on the internet is a very fragile thing; every anonymous online identity on this planet is only about 31 bits of information away from being completely exposed. This is because the total number of internet users on this planet is about 2 billion, or approximately 2^{31}. Initially, all one knows about an anonymous internet user is that he or she is a member of this large population, which has a Shannon entropy of about 31 bits. But each piece of new information about this identity will reduce this entropy. For instance, knowing the gender of the user will cut down the size of the population of possible candidates for the user’s identity by a factor of approximately two, thus stripping away one bit of entropy. (Actually, one loses a little less than a whole bit here, because the gender distribution of internet users is not perfectly balanced.) Similarly, any tidbit of information about the nationality, profession, marital status, location (e.g. timezone or IP address), hobbies, age, ethnicity, education level, socio-economic status, languages known, birthplace, appearance, political leaning, etc. of the user will reduce the entropy further.

One can reveal quite a few bits of information about oneself without any serious loss to one’s anonymity; for instance, if one has revealed a net of 20 independent bits of information over the lifetime of one’s online identity, this still leaves one in a crowd of about 2^{11} \sim 2000 other people, enough to still enjoy some reasonable level of anonymity. But as one approaches the threshold of 31 bits, the level of anonymity drops exponentially fast. Once one has revealed more than 31 bits, it becomes theoretically possible to deduce one’s identity, given a sufficiently comprehensive set of databases about the population of internet users and their characteristics.

Thus, in today’s online world, a crowd of billions of other people is considerably less protection for one’s anonymity than one may initially think, and just because the first 20 or 30 bits of information you reveal about yourself leads to no apparent loss of anonymity, this does not mean that the next 20 or 30 bits revealed will do so also.

Restricting access to online databases may recover a handful of bits of anonymity, but one will not return to anything close to pre-internet levels of anonymity without extremely draconian information controls. Completely discarding a previous online identity and starting afresh can reset one’s level of anonymity to near-maximum levels, but one has to be careful never to link the new identity to the old one, or else the protection gained by switching will be lost, and the information revealed by the two online identities, when combined together, may cumulatively be enough to destroy the anonymity of both. additional way to gain more anonymity is through deliberate disinformation. For instance, suppose that one reveals 100 independent bits of information about oneself. Ordinarily, this would cost 100 bits of anonymity (assuming that each bit was a priori equally likely to be true or false), by cutting the number of possibilities down by a factor of 2^{100}; but if 5 of these 100 bits (chosen randomly and not revealed in advance) are deliberately falsified, then the number of possibilities increases again by a factor of \binom{100}{5} \approx 2^{26}, recovering about 26 bits of anonymity. In practice one gains even more anonymity than this, because to dispel the disinformation one needs to solve a satisfiability problem, which can be notoriously intractible computationally, although this additional protection may dissipate with time as algorithms improve (e.g. by incorporating ideas from compressed sensing).

We've moved past compressed sensing, of course.

I wonder if this was a purely theoretical musing, a good-faith advice, or a hint that Fields laureates, too, have opinions to hide and shitposts to send. «On the internet, nobody knows you're a Tao».

I don't believe there are very clever things one can do to ensure anonymity. (Maybe LLM instances to populate correlated but misleading online identities? Style transfer? I'll use this as soon as possible though my style is... subjectively not really a writing style in the sense of some superficial gimmicks, more like the natural shape of my thought, and I can only reliably alter it by reducing complexity and quality, as opposed to any lateral change).

Reminds me of that joke about a janitor who looked exactly like Vladimir Lenin. When someone from the Competent Organs suggested that it's kinda untoward, maybe he should at least shave his beard, the guy responded that of course he could shave the beard, but what to do with the towering intellect?

This is precisely why one should regularly nuke one's internet identity. Online handles are like underwear in this regard. Have multiple, switch them often, and don't use them past their expiration date.

This goes very much against common sentiment on basically all internet communities except for the chans. Mainly because the people who will have the largest sway over the community will be those who have built a reputation for themselves. We are thus amplifying the voices of the least OPSEC conscious.

If your attacker is particularly skilled/motivated (or maybe this has changed with new tools, too lazy to duck it now), stylometry is also a hard to work around threat. It isn't as easy to use at scale (queries of the type: sort all users on Twitter whose writing most resembles this sample, descending, a la perceptual hashing), but if you can narrow down with communities that a person is likely to be a part of, it can be a pretty fast iterative search.

People particularly intent on segregating online identities often either take on affected styles (harder than it might seem at first, especially with 100% consistency!) or use a scrambling tool (rudimentary form of this used to be roundtripping translation).

If your attacker is particularly skilled/motivated (or maybe this has changed with new tools, too lazy to duck it now), stylometry is also a hard to work around threat.

If stylometry is all they have, though, surely one can simply deny being the person who posted the offending comments?

After all, in order to get a sample to compare the offending comment's style, you had to pull info that was publicly available, which would probably be available to anyone else who wanted to mimic that style.

Sure, it is more plausible that the same person produced comments of the same style. And one can always attempt to track down corroborating evidence to bolster the claim.

But by itself it has to be considered pretty weak evidence that merely because the style matches, the same person must have typed it.

It's not interesting as a proof of identity, more as an extra powerful correlation/fingerprinting attack. Consider the following scenario, you perfectly segregate two identities (separate devices, connection locations, posting times, interests) online. For some piquant, let's assume you have aboveboard beliefs/communications (posts that are kosher for your local authoritarian government) and below-board/seditious ones. Your aboveboard ones often leak your identity location, because why practice aggressive OPSEC when you're asking where's the best place to buy fresh onions near your village (even worse, aggressive OPSEC in these cases could tip off the authorities that someone buying onions around that area is up to no good!)? However, because you don't randomize your writing style, your government eventually is led to suspect that FuckTheGovernment93 is actually the same person as LocalFarmer82. You are arrested by the secret police, tortured and shipped off to a black site.

Even worse, consider a more aggressive scenario that's actually plausible in the modern age: you only have one identity that's completely distinct from your day-to-day activities. There is no other public content to compare to. However, because your government has access to your online schooling records/past essays/whatever writing you performed during mandatory schooling, they still manage to figure out FuckTheGovernment93 is you. Same outcome as above.

I am not sure how feasible this is, but I checked some emails of people I know using and it tells you which databreach the email password combination was found in. So isn't all that remains to acquire the breached data hoping they don't use 2FA? Or am I missing something?

Depends on the data breach. I've been pwned on gravatar, for example, but that meant that it only linked my gravatar to my e-mail. Even if a breach includes password information, it's been long-considered a best-practice to hash stored password data, and while some hashes are effectively broken (MD5), others are expensive enough to break that uncommon passwords have not yet been broken.

And some more important sites will block even correct passwords if the login is coming from a strange enough location (usually banks, some e-mail providers). And some people will change (or be forced to change) their passwords.

That said, it's usually a good practice to change passwords after a breach rather than praying.

Anyways, back on the topic of infosec/osint, what are you favorite tools that you totally use for security reasons? I am interested in knowing any clever techniques you have heard being used or used yourself as well for/against all things infosec.

Answering the explicit question:

Absolutely most vital: KeePass is an offline locally-stored password manager. People find cloud options like 1Password and LastPass more attractive because they're a little more convenient across multiple devices, but there's a reason that they have long incident reports. KeePass can't protect you from a pwned host computer, but it reduces your threat model to that. More importantly, it makes it possible to avoid or reduce password reuse across multiple sites.

Some non-SMS 2FA. I like Authy, but they're a dime-a-dozen. Not every site supports this, and even sites that do support it sometimes it's too obnoxious to be worth the effort, but for banks and e-mails you really should default to it on. Do make sure to save your emergency tokens, however; in addition to the risk of losing a cell phone, time desyncs can cause Problems.

(Open)SSH. Yes, you could do a self-hosted VPN of some kind if absolutely necessary, but it's obnoxious. SSH can quickly get ports on one machine to ports on another machine, where and when you need them, whether that's to redirect your web browser requests or something more esoteric.

Some web-scraping tools. I use a home-mixed C# abomination, some fossils just use wget, some madmen use javascript. Being able to bulk pull files down from the web and parse them locally has a ton of applications, and is really something you need to understand. More advance options exist -- SpiderFoot seems pretty popular for specifically OSINT work -- but ultimately it's just an extrapolation of existing tools.

Related, Inspection Mode for your web browser of choice. This is pretty useful for anything from bypassing paywalls to finding the underlying sources for specific media to tracing javascript. The UIs are universally bad, but you still should learn them.

The implicit one:

SHODAN or MassScan. It's so damned hard to lock down this stuff that a surprising number of places are vulnerable across a wide range of matters. You can use nmap if you're going after one or two targets, but as either black or white hat, you absolutely need to understand that these are running everywhere all the time.

Remote Access Tools. This is an ugly one because they're absolutely vital to even small-scale IT management and support. TeamViewer's an easy and relatively legit one, but SplashTop, LogMeIn, yada yada are all valid mainstream services focused on it; Guacamole and the various VNC descendants are more self-hosted options. For Virtue of Silence reasons I'm not gonna list the scuzzy ones. But they're also core to a lot of really scummy stuff, ranging from tech support scams to outright owning someone's home machine.

People find cloud options like 1Password and LastPass more attractive because they're a little more convenient across multiple devices, but there's a reason that they have long incident reports.

It's unfair to lump 1Password and LastPass together, 1Password's security record is much better.

There are key differences that make 1Password much more secure.

Yeah, of the two I've been more impressed by 1Password's model and record. If your use case makes online a requirement, it's probably better than self-hosted file transfer, if you trust 1Password.

Passwords are hard. Pwned host computer is game over for almost everyone, barring some Qubes-type VM segregation setup. The passwords need to be entered in plaintext somehow. You can limit the extent of a breach by keeping your entire password db on an offline machine and lazily QR code'ing it across to the live machine whenever it needs a refresh. Password db encrypted with a gpg smartcard is also pretty good (though not as good as the offline setup, unless you need to tap per decryption like with a Yubikey, in which case I'd rate it as only slightly inferior).

I think you forgot the most important tip however: the more secure your setup, the higher the risk of you locking yourself out of your accounts/backups/encrypted storage. Find a way to dump your secrets in plaintext that fits your threat model (all of them, including TOTP secrets - ie, what generates your 2FA codes). This might be a box in your apartment with a backup at your office, or a safety deposit box, for instance. On the other end of the paranoid spectrum, a engraved titanium plate inside a waterproof container encased inside a block of concrete dumped in the middle of a remote lake works as well.

For what it's worth, I could probably dox 3-5 regular posters with overlap on here/reddit/twitter, given say a week or two's work. If you have read 70-90% of someone's comments over the years, you can build up quite a reasonable profile on someone. For example, if you have:

-Age range

-Industry (narrowed to a few places of work)



-Social background (schools etc)



And at least 2 of their social media accounts, how much harder could it be to dox someone from that, without even having to use data-breaches. If you were a PI I imagine you'd begin by trawling sites like Linkedin (probably the most useful due to the breadth of information and easy access) and quite quickly finding some obvious candidates. I've always assumed I'd be relatively easy to dox and I tend on the lurker side of reddit/blogposts/twitter.

I remember there being a website that would scrape your Reddit comments and catch all the little details you let slip about you. It would quite reliably guess your age, marital status, place of residence, etc.

Strong argument for salting your comments with the occasional absolute fabrication.

I don't use any type of warez to cover myself (besides a VPN where good hygiene is advisable), due in part to sloth and also a lack of wherewithal. My justification for this is probably cope, but my layman's view is that, these days, unless you have a pretty comprehensive suite of software and are unrelentingly fastidious with your choice of hardware/setup, any government entity or motivated individual/group who wants to find you will.

As a result I try to keep myself clean with burner emails, use a new handle for every new platform (and password, which should go without saying. That said I know an embarrassing number of people who use the same pass for everything, up to and including using their ATM card's PIN for their phone) I find myself on and semi regularly (1-3 years) change up the primary screen names and PFPs I use. My last trick and the one I use the least because it discomfits me some is lying consistently about minor identifying details. The consistency of it is important as the purpose is to generate a false positive that'll show up in the kinds of datasets you were demonstrating in your previous post.

Gwern's incredible analysis on Death Note was the primary inspiration for these practices, not that I'm familiar with opsec/digital fingerprints or anywhere near important enough for someone to look for me. The idea is to just throw enough obstacles in the way that, contingent upon an amateur getting ants in the pants over my presence online, I have time to scrub what I can from the 'net (not much, in practice more than you think, so long as you aren't notorious or prolific, as you said). Then I can move my daily business over to a set of cutouts made a while back that I keep the credentials for in my safe.

I'm not anonymized from serious players but I can't play at that level anyway, so fuck it. If things get that far I'll have bigger fish to fry than that time my teenaged self wrote the n-word on a BBS for a kids show fifteen years ago. Would love it for someone with actual expertise in this field to chime in, maybe let me know how if my prophylactics are stupid or not.

I believe lying is quite effective, and there's no need to be consistent. On one of my longer-running Reddit alts, I've claimed to live in at least a dozen different cities, none of which I've ever actually been to. And made up a bunch of careers, family situations, hobbies, etc. Let any attacker read them all and try to guess which if any are real and which are fake. The bonus of being highly inconsistent is if you slip up once, there's no way for any attacker to know that that detail is real versus all the others.

I think just lying is the most effective and information theoretically robust infosec measure. I lie about minor details as well. Not egregious lies but shifting the months of events by a month or two, or claiming I went to neighboorhood X when I actually went to the identical neighboorhood 5 miles away from neighboorhood X. Dont do it much on the motte because I am confident anyone I will ever come across will not be on the Motte, but extremely useful when Im posting on my city subredit.

After reading that post I'd honestly pay one of you guys to pentest dox me, because better a friend than an attacker. Hadn't realized there were so many automated tools.

Admittedly I am terrible at doing this. My heuristic to gauge how easy someone would be to dox is;

  1. Obviously directly proportional to how much details they share about their personal life.

  2. Directly proportional to the volume of content they have online as well. It's really hard to have thousands of comments online without giving away at least some identifiable information. Combining little bits of information over a long period of time can effectively nullify not sharing detailed information.

But the above is just basic applied information theory/ deduction. I am looking to learn more but I am getting some pisstake useless stuff anywhere I look online, it's as if no one wants you to learn how to potentially do bad things, lol. Also those who do might not want to give away their tricks.

Nonetheless using the heuristic above, I'd wager 2rafas doxxer was just a standard issue doxer, but Daseindustries doxxer must have been an elder god. (Assuming both of them start from 0 information like I would have to, which often isn't the case if they are 2-3 layers of separation away from you)

The most likely case for being doxxed if you write lots of words online is someone who knows you or knows of you in real life putting the pieces together. In Ilforte’s case I imagine he’s active in some ultra nicheposting Russian communities and my impression is he has or has had real life acquaintances in similar circumstances.

Yeah, I found a relative's Reddit account just because something he wrote sounded like something he would say, and when I checked his posting history, everything matched: the city he lived in, his career, his other opinions, his family.

A few others were opportunistic. Scott Alexander it was because someone said he was easy to dox so I went looking and quickly found out who he was. A regular here I figured out because he said something about himself that was extremely specific and Googleable. He probably isn't trying to be very anonymous though. The hardest were some reddit mods of a certain subreddit where I was told that some of were involved in political parties, but eventually I found some of them describe their jobs and combining that with the cities they lived in was able to find their LinkedIn accounts.

So, I don't think I've figure it out who anyone was completely from scratch without having some reason to think I'd be able to figure it out. I've never used any fancy tools though.

It may very well have been a legit (above) average neurodivergent slav who had a bone to pick with our Russian friend. As a group, they seem to be quite handy with computers.

So, I recently got into some online gaming again. Vermintide, Rocket League, that kind of stuff. And well, I have noticed some patterns.

Without fail, whenever someone with a cyrillic handle joins, they treat the game as a single player game in which they are the protagonist. Zero communication (that at least is understandable due to the language barrier), extremely selfish play, zero team play whatsoever, just CHAAAAAAAAAAAAARGE straight ahead and fuck it up for the whole team, сука блять. It's like every single gamer from Russia is 13 years old.

Am I wrong here? Any speculation as to why that is?

I will confidently assert that anyone who hasn’t played League of Legends on the Turkish servers during a school holiday season can imagine the depths of online gaming hell.

There is a contiuum of people in Russia (and other nations using Cyrillic). Those who know and are comfortable with English you won't generally notice as any different from the mean player. They're filtered out from this perception. Those who are left have some combination of tribalistic sentiment, anti social inclinations, and youthful immaturity which stops them from engaging normally.

and other nations using Cyrillic

They either have very large overlap with Russians (Belarus, Ukraine), or are small nations (Bulgaria, Mongolia, Tajikistan). Uzbekistan and Turkmenistan dropped using Cyrillic, Kazakhstan to follow next.

So likely person using Cyrillic be Russian.

I don't know much about the specific examples you gave, most of my online gaming experience is about League of Legends, but I can repeat what I've read about interesting anecdotes there. Korean players have a reputation for being much more individualistic and trying to maximize their own in-match resources to increase their impact on the game, as opposed to North American players who try harder to get their teammates to cooperate with their plans to take objectives that will provide large team buffs. The people I read describing their experience guessed it's because Korea has much lower ping, so a single person performing near-perfect micro(pressing buttons at the right times and places required to kill their opponents and avoid getting killed) will have a much larger impact on the game outcome in Korea than North America. Because in North America, even if you play perfectly, the restraint of not seeing an enemy attack until 60 milliseconds after its launched may make it unavoidable in a way it isn't in Korea where there's 10 millisecond ping. So in Korea, it's incentivized to get really good at really fast reaction speeds, and play the game more like it's a FPS. Whereas in North America, reaction speed counts for less, so it's more incentivized to get really good at strategy, and play the game more like it's chess, where you try to get your team and the enemy team positioned in a way that your victory is inevitable.

This is refuted by the fact that SEA players have the highest pings on average, on one the of the most reflex loaded FPS games, csgo, and still play exactly like you described. I dont know whats the deal but SEA players cant play as a team to save their lives. This includes east asians as well.

Players letting all their teammates die whilst hiding behind cover and not doing anything about it (baiting) is very frowned upon and immediately chastised in all regions but its the norm when playing in SEA servers. They are the opposite of Russians in ingame temperament, instead of charging they hide too much.

Did they not play sports as kids or whatever, I dont know.

Adding to the interesting speculation here: might language barriers play a much larger role than we think? North Americans all have a common lingua franca, Asians do not, at least not to that extent. And that also includes Russians. There is no reason to emphasise team play if you can't coordinate because you can't communicate. But that doesn't account for MEs being relatively good team players, unless they are mostly Arab-speaking.

FYI as a ME resident, all communication is done in English because you rarely get teammates who all speak the same language outisde of NA and because callouts and common strategies are standardized, for e.g the infamous RUSH B that the Russians are so fond of is one of those strategies, everyone knows immediately what to do when "RUSH B" is uttered.

There isnt much strategizing when playing with randoms either. I used to be very very high ranked so my definition of strategizing is more strict than most gamers.

To be clear about League of Legends, the USA+Canada is one region(NA), and Korea is its own region because League has just really taken off there. So Korea probably actually has even more of a lingua franca than NA, since NA would be mostly english speakers but have a few spanish and a few french speakers, where as Korea is almost all Korean.

Russian players being the way you described is one of the most common memes in gaming, CSGO at least. The CSGO analog is "RUSH B, cyka blyat" which is practically the same thing as CHAAARGGEEE. It's just Russian kids. Once you go into higher ranks you don't see that many of them around.

FYI, this specific selfish no teamwork main character playstyle is exactly how South East Asia servers in general are, across games. It doesn't matter if they are Indian, Pakistani, Phillipino, Indonesian, Korean, whatever. If they play in SEA servers, they will have 0 concept of teamwork. It seems to me Russians behave more like their Eastern counterparts than their Western ones even though most of the time you will run into Russians in EU servers.

In my experience, the best random teammates are Scandinavians. The team just works like a well-oiled machine if you get matched with a few Swedish/Danish guys.

I am aware that this dynamic might flip in other game genres like RTS or MOBA where East Asians tend to dominate.

My geographical taxonomy having played CSGO all over the world with randoms are as follows;

Middle East: Generally chill teammates, things work decently enough.

North America: Too much talking on mic, other than that about the same as Middle East, thinks work fine enough.

Europe: Things work great even with language barriers. Best teammates to have in general.

South East Asia: Worst teammates to have by far. Way too much ego and terrible teamwork. Criticism of playstyle gets met with extreme self harming prejudice.

My experience is that Brits are the worst, even worse than Russians.

Russians might be raging egomaniacs but at least they consistently want to win. Brits throw shitfits if other people don't do as they say and have superiority complexes because they are native English speakers.

Give me a russian demanding mid and screaming the entire game any day over some primadonna self appointed leader.

My almost four year daughter has expressed an interest in learning to read. I am lazy, and don't particularly want to teach her to read, but also can't afford preschool any time soon, so probably should.

Recommendations for methods/curriculum/concrete actions would be appreciated. Preferably that doesn't include a lot of small pieces -- my mother is really into teaching reading, but tends to give us a bunch of matching letter toys that are instantly scattered throughout the house.

Hooked on Phonics is how I learned to read. Now they have a subscription/app model with most instruction taking place on the app, and supplemental books being sent to you. You get weekly progress reports asking you to target certain lessons/games. I have the app on the adult profile of our tablet because it's something I need to direct and observe.

Before this I tried All About Reading, but it wasn't clicking with her. It got to the point where she wouldn't even look at the words. There were also a lot of pieces and crafts. Hooked on Phonics app at least has some novelty/fun to it and is better at building confidence.

Duolingo also has a reading program now. I don't like it as much because it lets the kid brute force their way through each lesson. But it's free and I can leave it on the kids profile for practice.

I stumbled upon an old HN comment advocating for Bloomfield and Barnhart's Let's Read, a Linguistic Approach (Amazon), which seems pretty promising.

A previous thread (which I can no longer find) recommended Dolly Parton's Imagination Library as a way to get age-appropriate books delivered each month for your child. But most of their books are published by Penguin, and we all know what Penguin just did to Roald Dahl, so I'd vet the book list carefully before signing up.

Thanks -- it looks like both daughters might be eligible for the Dolly Parton Imagination Library (quite the mouthful). I only recognize a few of the books here and am wondering why The Snowy Day, a book about a black boy, is tagged "Hispanic." Or why there needs to be a special tag for "Hispanic" at all. It's odd that the procedure is to print and mail an application or deliver it in person, but maybe it signifies a certain level of commitment that suggests the person will actually read the books?

Friend of mine swears by the book "teach your child to read in 100 easy lessons" by Siegfried Engelmann. It's from 1986 or something and I think there are free pdfs floating around online.

I tried that when my son was 4 and I just could not get him to pay attention through any of the lessons. He ended up learning to read at school in Kindergarten and is the top reader in his class now. If OP's daughter is actually driving the effort though, it should work well!

That looks interesting, thanks. I find it appealing that it's one book instead of a set of 50 books or something.

My parents are book hoarders, and while I do own children's books, I mostly prefer to check books out from the library, and still have trouble managing even the ones we have, and those my parents have given us.

Read books to her at night, find her books that she wants to read on her own.

(The old) Letterland books and videos had even a retard like me reading newspapers before kindergarten, at the low cost of my parents' sanity. Although now I think about it my mom was pretty engaged with reinforcing the lessons.

At that age, edutainment is where it's at. Sesame Street has been the gold standard for decades. LeapFrog's Letter Factory and Word Factory are also solid choices (though their more recent stuff is reportedly hit-or-miss). If your daughter can use a mouse, you should also let her play these games at, especially the alphabet and learn-to-read games and "books." (If she can't use a mouse, teach her--if she has a PC with a keyboard and mouse, she's got all the tools she needs to learn whatever she wants, provided sufficient motivation!) Once she knows the basics, the Scribblenauts games can help with her vocabulary and spelling. If she has siblings, friends, or cousins who will play multiplayer games with her (like Minecraft or Roblox, where much communication is done via text messages), that can also present an opportunity and motivation to learn to read, spell, and type better.

Also make sure there are many books in her bedroom. A deep Dr. Seuss collection is a timeless choice, but there are lots of other options, too. Read a book to her every night--not to teach, just to read, hopefully your laziness will permit at least that much! Kids that age will pick up a fair bit just by osmosis.

Toys like alphabet puzzles and alphabet blocks presumably help in some way, I suppose--I know a lot of educators are really into making learning "tactile" for young children. But I feel like I've seen far better results from simply curating opportunities with books and screens.

At that age, edutainment is where it's at. Sesame Street has been the gold standard for decades. LeapFrog's Letter Factory and Word Factory are also solid choices (though their more recent stuff is reportedly hit-or-miss). If your daughter can use a mouse, you should also let her play these games at, especially the alphabet and learn-to-read games and "books." (If she can't use a mouse, teach her--if she has a PC with a keyboard and mouse, she's got all the tools she needs to learn whatever she wants, provided sufficient motivation!) Once she knows the basics, the Scribblenauts games can help with her vocabulary and spelling. If she has siblings, friends, or cousins who will play multiplayer games with her (like Minecraft or Roblox, where much communication is done via text messages), that can also present an opportunity and motivation to learn to read, spell, and type better.

This is interesting. She's at home with my husband all day, and this is much more his style than the kind of thing my mother did with me. She currently has a tablet, and likes to play games where she's supposed to trace letters, but then gets frustrated because it's actually kind of hard and not very useful to trace letters with fingers (it doesn't let me pass about half the time). Lately she's been binge watching Octonaughts. Husband has lots of opinions on computers, games, and Internet stuff broadly, and I'm sure can set her up when she's ready. (I probably shouldn't... he makes fun of me and my rose gold Macbook with only trackpad and no mouse). She watches him play computer games a fair bit, and he has way more opinions than me, especially about "fremium" sorts of things.

I have a mild lingering feeling that TV watching and video game playing are vices compared to reading books, but am not sure exactly where that comes from, or to what extent it's true. Other moms I know also seem to feel that way, but it seems implicit, perhaps aesthetic and related to class in some way.

She currently has a tablet, and likes to play games where she's supposed to trace letters, but then gets frustrated because it's actually kind of hard and not very useful to trace letters with fingers (it doesn't let me pass about half the time).

Yeah, that sounds minimally helpful to me--especially in an era when handwriting seems to be on its way out entirely. Making letters is totally unnecessary to the task of reading, except insofar as your daughter may want to do things like write her own name and then read it back to you.

I have a mild lingering feeling that TV watching and video game playing are vices compared to reading books, but am not sure exactly where that comes from, or to what extent it's true. Other moms I know also seem to feel that way, but it seems implicit, perhaps aesthetic and related to class in some way.

There are definitely times when the heuristic "if it's fun it's bad (or at least not good) for you" applies! And I would certainly say that poorly-curated media is like that. Educational shows like Sesame Street were specifically created in response to large numbers of young, lower-class children being left in front of television sets all day. The internet poses a similar problem, but in a way that is harder to fix. Plenty of games and television shows are rubbish--but the same was always true of books. That's why curating opportunities is so important. Fortunately, curating opportunities is a lot easier with the internet at hand. It doesn't take a lot of work, but it does take some. Just as parents should sit and read books to their children, they should also, I think, sit and play educational games with their children. Children learn best through imitation, so doing activities with them is very important, at least initially.

Also, there will almost certainly come a time when your daughter will have to work at something dull for her own good--it's just not at all clear to me that this is an important lesson for four-year-olds. Many countries don't worry about formal education at all before a child is 7 or 8 years old. I have known children as young as two years old who could read pretty fluently, but their understanding of what they are reading is limited by their experiences. It's actually surprisingly difficult to find good reading material for a six-year-old child who reads at a high school level, because the books written for that level of reading are also written with plots and problems aimed at appealing to teenagers. Precociousness is often a good problem to have, but it does come with some unique challenges!

Everyone seems to think electronic entertainment is somewhat of a vice compared to reading books. They just do them anyways, sort of like how even people who know donuts are less healthy than salad still tend to pick donuts over salad.

Soviet invasion of Poland of 1939, agreed upon in the Molotov Ribbentrop pact, and subsequent occupation of "Eastern Borderlands" (EB) is usually justified on the grounds of either the collapse of Polish governance over EB, making it Terra Nullius, or on Soviets protecting EB from falling to the nazis.

Yet when Polish, communist, government was constituted at the end of WW2 and nazis lost, thus rendering both arguments used to justify Soviet rule of EB null, Warsaw wasn't returned sovereignty over it.

Is there an explanation for this military operation that wouldn't render Soviet administration of EB illegitimate under the Stimson Doctrine?

No, the Soviet Union was an Axis power and should have been eradicated along side the 3rd Reich.

You have been long to this site, you should have known better.

At exact same time, USSR was fighting Japan (it is an Axis power?) in the east.

It doesn't make USSR an Axis power, didn't you read that USSR was fighitng Japan at exact same time, can you read at all?

It this this your link proves anything, then

proves UK&France were Axis powers too. Later UK&USSR occupied Iran. UK, the evil accomplices of Stalin.

Couldn't you just deny that it's an occupation but rather that it is a peacekeeping operation in the wake of Nazi deveststion of the area? Troops and administrators are there to prevent others from breaking the Stimson doctrine.

What charitable organizations, activist groups, political entities etc. do you donate to? I'm finding that I have enough slack in the budget each month that I'd like to support some good causes. Starting off with some local orgs but keen for more ideas.