dnd 5e – Mechanic implications of the Psionics tag?

Quite a few monsters have the Innate Spellcasting trait. Some of them, such as the Gith (MM) and the Neothelid (VGtM) have a trait called Innate Spellcasting (Psionics) instead.

I cannot recall having seen any mechanic referencing the fact whether or not someone is a psionic. So my question is: Does the Psionics tag on Innate Spellcasting have mechanic implications?

forms – Are there any significant implications to re-design a settings page?

We’re doing a migration for some of our settings pages for our website at my current job and we’re also trying to hit an external deadline. The way the current settings pages are laid out is a tabbed format. You press a tab and it opens up the account info settings like username and password. you hit another tab and it opens up the subscriptions settings (it’s literally only 1 setting). You hit another tab and open up 1 setting.

I was thinking of minimizing work and putting all the settings on 1 page for the initial phase of the migration (it’s about 1 full page and 1/4 page scroll down (however, more in mobile devices) and then iterating on the design and UX later. Now, let’s keep in mind this is a settings page on our website and not our main product. (the simplified new settings page looks like the screenshot below.

enter image description here

Will this new layout of 1 page for settings have a significant impact on our users in terms of them unsubscribing from our service or deciding not to use our service if they newly signed up?

For more context, here’s a close example of what the current settings looks like below –I can’t post the actual design we have.

enter image description here

Implications of UK visa extensions beyond July 31?

I have asked a separate question on this forum, but this one pertains more to the situation in the UK for stranded visa customers. To sum up, my wife is from Kazakhstan and has been visiting me on a Standard Visitor Visa. Her visa originally lasted until 21 July but she was recently granted an extension to 31 July.

It’s still very difficult for her to get from the UK to Kazakhstan, who have entered a second full lockdown. There remain no direct flights, and indirect flights come with a lot of risk. We’ve ascertained that transiting through Istanbul is an option – but she will be in a world of bother if she were to fly to Istanbul only to find that her connecting flight to Kazakhstan has been cancelled due to lack of demand (understandable, the country is in lockdown again!).

What is she to do if she can’t travel before 31 July? We have tried emailing the Home Office “Coronavirus Immigration Helpline”, but after one working day, they sent back what seemed to be an automated response providing information about switching to a different visa category – this does not help us. I’m out of ideas here. I hope she’ll be able to depart before July 31 for the sake of her future visa applications, but I really don’t know if it’ll be possible for her to do so.

Ideally, the UK will extend visas further, but it’s impossible to know at this point if they’ll do so since, in theory, they seem to believe they’re now in a “post-Covid” phase.

forms – Are there any significant implications to re-designing a settings page?

We’re doing a migration for some of our settings pages for our website at my current job and we’re also trying to hit an external deadline. The way the current settings pages are laid out is a tabbed format. You press a tab and it opens up the account info settings like username and password. you hit another tab and it opens up the subscriptions settings (it’s literally only 1 setting). You hit another tab and open up 1 setting.

I was thinking of minimizing work and putting all the settings on 1 page for the initial phase of the migration (it’s about 1 full page and 1/4 page scroll down (however, more in mobile devices) and then iterating on the design and UX later. Now, let’s keep in mind this is a settings page on our website and not our main product. (the simplified new settings page looks like this: https://jsfiddle.net/ahmadabdul3/atg15ckj/5/show)

Will this new layout of 1 page for settings have a significant impact on our users in terms of them unsubscribing from our service or deciding not to use our service if they newly signed up?

For more context, here’s a close example of what the current settings looks like – I can’t post the actual design we have: https://d2d3qesrx8xj6s.cloudfront.net/img/screenshots/e014cd256903f95bddeba5a8e6c7217211215d4c.jpeg

dnd 5e – Implications of liberally handing out higher quality healing potions

The term healing potions in this context refers to the ensemble of {Potion of Healing; Potion of Greater Healing; Potion of Superior Healing; Potion of Supreme Healing}, not to the item Potion of Healing.

Potion of Healing appears on the table of purchasable goods (PHB p. 150). Furthermore, the descriptions of Potion of Healing and the Herbalism Kit (pp. 153/154) suggest that the latter can be used in the production of the former, which was discussed in this question: How does one craft Potions of Healing?

Xanathar’s Guide to Everything (p. 128) provides rules for crafting magic items, involving the acquisition of a formula. Healing potions, however have simpler rules, without the need for a formula (p. 130).
XGtE further has a suggested magic item progression detailing the number of magic items that should be gained on average on different levels.

The fact that Potions of Healing can be purchased at 50 gp a piece, suggests that they are in fact exempt from the progression. Similarly, the fact that magic items can be crafted in downtime questions the magic item progression. For most magic items, I see no problem, since opportunities to acquire formulae can be restricted in the same manner as opportunities to obtain complete magic items. Healing Potions do not require any formulae, however, and are much easier to craft, which bears the question if they are, in fact, generally exempt from the magic item progression.

In know that I can ignore or modify the magic item progression, that magic items are completely optional, and that I could hand out e.g Potions of Greater Healing within the boundaries of the progression.

I liberally hand out potions of healing, through loot and quest givers. I’m wondering, however, what would happen if extended this to other healing potions. For example, the loot in one of the more dangerous dungeons would contain four potions of greater healing instead of four potions of healing, or I replace half of all potions of healing in loot with potions of greater healing, or I increase the quality of the healing potions given out with tier of play.

My question therefore is: Given the crafting rules on XGtE p. 130 (and potentially other rules that I overlooked), are healing potions exempt from magic item progression? If not, what would be the balance implication of changing that?

My Canon EOS 5D Mark IV is asking if the inserted battery is original or not. What are the implications of my answer?

If they worked just fine in your EOS 5D Mark II, you won’t likely brick anything using them in your EOS 5D Mark IV.

From a Canon Digital Learning Center article titled: How to protect yourself against counterfeit Canon batteries:

It’s important to understand that these warnings will still allow the user to proceed, after confirming via simple menu commands on the camera whether the battery has a Canon logo and, if so, whether the user accepts any potential risk in using a battery that the camera cannot confirm is a genuine Canon-brand battery. If you have purchased a non-Canon branded third party battery, you may get this warning screen upon every start up — but you’re free to use the battery, after telling the camera that you accept any possible risks.

The older batteries should still provide power to the camera, you just won’t get the full functionality you got when using them with the 5D Mark II. This would include ID and registration, advanced power information such as last date inserted, recharge performance, number of shots since last charge, etc. You may or may not get even the basic battery power level symbol on the top LCD screen of your 5D Mark IV. I’ve read one anecdotal account that said the battery symbol did not appear immediately after power up, but later did show during the same shooting session (without any power cycling of the camera).

The exact sequence and the results of each answer to the challenge question, as outlined in the same Canon article, goes like this:

Here’s what you’ll see on the newest cameras:

  • Actual Canon-brand battery:
    No warning screen appears. Camera starts up normally and is ready to use.

  • Camera cannot confirm full communication with battery:
    Warning screen appears. Here’s the sequence:
    1) Within 5 seconds: “Battery Communication Error. Does this battery display the Canon logo?”

    NO “Canon does not guarantee the performance or safety of this battery. Continue use?”

    If you select YES and press the SET button, the camera turns on normally.

    You’ve told the system this is a non-Canon branded battery and you accept any possible risk of a performance or safety issue.

    If you select NO, you’ve told the camera not to continue use with this battery and the camera will shut off. You can restart it by turning the camera’s main switch back to ON or pressing the On-Off button again, if you change your mind.

    YES “Battery may be counterfeit! Please call customer support. Shutting off for your safety.”

    A battery with a Canon logo (not a third party accessory, as discussed above) is one of two things:
    (1) a genuine Canon battery which cannot communicate with the camera possibly due to a defect or dirty battery contact or
    (2) a counterfeit Canon-branded battery, made to look like a genuine
    Canon battery but without the internal communication circuitry needed
    to complete the start up process with the select Canon camera(s).

    “OK” is your only option in this case; the camera will shut off to prevent potential damage to you and your property. You can turn it back on by repeating the start procedure.

    This new protective sequence will happen each time you turn the camera on (recent Canon EOS, PowerShot, and VIXIA products), if full battery-to-camera communication cannot be confirmed upon start up.

What Canon seems to be doing with this challenge question that requires a user answer that acknowledges “Canon cannot guarantee the the performance or safety of this battery…” is to shift liability from Canon to the user if anything should go wrong. Although not spelled out anywhere that I can find, it would probably be safe to assume that the camera is storing the user’s response to proceed with a third party battery. If there are issues with the camera later that might be attributable to a faulty power supply Canon will likely attempt to decline warranty coverage. Laws vary widely from one locality to the next so the full implications of the user acknowledgement can not be covered in an answer of this scope here. The legal ramifications regarding warranty coverage should be similar in each locale to the older cameras such as the 7D Mark II and 5D Mark II that have a one step sequence: “Communication with Canon LP-E6 battery is irregular. Continue to use this battery?” The user chooses either Cancel, in which case the camera shuts down, or OK, in which case the camera continues the power on sequence.

I have read scattered anecdotal reports that the 5D Mark IV will refuse to power up with some, but not all, older third party batteries. It is unclear from those reports if the user answered Yes or No to the challenge question. I’ve also read reports that new copies of the LP-E6N from companies such as Watson, Wasabi, and SterlingTek work just fine in the 5D Mark IV without even being challenged with any dialog upon turning the camera on. Sometimes one firmware version may accept the same battery without the challenge question that another firmware revision will not.

If you are that worried about damaging your new camera, then use the older 3rd party batteries only in your older camera. If you’ve sold it, then offer the buyer a good deal on them. You can buy fresh 3rd party LP-E6N batteries that have been confirmed to work with the 5D Mark IV for as little as $15 each. That’s not much to pay for peace of mind regarding a $3,500 camera.

Canon periodically updates the battery protocol, apparently just to discourage use of third party batteries. Canon older batteries are not (supposed to be^) affected because the firmware in the older batteries already contain some “secret” lines of code that are only needed with the updated protocols. When the newer camera detects a battery without the hidden code it will give you the message to try and scare you into only buying Canon batteries. (^When Canon updated the LP-E6 battery to the LP-E6N and revised the LC-E6E charger they had an issue with many older OEM LP-E6 batteries not charging properly in the new charger.)

Since the third party battery manufacturers reverse engineer their batteries, they didn’t include the “hidden code” in older copies of their LP-E6 replacements that were reverse engineered from the older Canon batteries upon which they were based because the older cameras do not interact with the “hidden” lines of code.

It’s all a cat and mouse game. It usually only takes a few weeks for the top third party battery makers to crack the new protocol and include it in their copies. I use MaximalPower (Amazon is the only authorized seller) and Sterling Tek third party batteries. My older ones function fully in the 5DII and 7D, but have the limited functionality in the 5DIII and 7DII. My newer third party batteries from MaximalPower and Sterling Tek also fully function in the 5DIII and 7DII. The third party batteries seem to also handle more charge/discharge cycles before their performance noticeably degrades. That may be one reason why Canon plays such games: their own batteries aren’t as good as the best third party batteries. There are a lot of crappy third party batteries too, though.

Another thing to consider is that the genuine Canon batteries are more likely to be counterfeited and passed off as genuine by shady sellers. Fake third party batteries aren’t near as common. After all, if you’re going to make a cheap fake, why not mimic the version that sells for $60 instead of the version that sells for $20 or $10 or $5? If you buy a ‘genuine” battery from an unauthorized seller it is highly likely you have bought a fake. If you buy “genuine” or third party batteries from authorized, reputable sources you are much more likely to get what you think you are paying for.

For more about using third party batteries, please see:
Why do cameras use proprietary batteries?
Should the INFO display show the status of both batteries in a Canon battery grip?
Should I buy an original manufacturer battery, or is a generic brand OK?

dnd 5e – What would be the implications of ignoring the incapacitated condition tied to the paralyzed condition?

The paralyzed condition notes

A paralyzed creature is incapacitated (see the condition) and can’t move or speak.

Under incapacitated it says

An incapacitated creature can’t take actions or reactions.

I mistakenly thought that my character could issue mental commands (to control a spiritual weapon perhaps) while under the influence of a hold person spell. However, as has been noted on the site already, paralyzed creatures are incapacitated, and therefore can’t take actions, and therefore can’t take bonus actions.

I’m wondering what issues could arise from allowing paralyzed creatures to take actions that do not require physical movement. I’m particularly concerned with in-game logic, game balance, and ease of play, but there may be other issues that pop up that I haven’t considered. It might also be possible that such a change wouldn’t cause any problems.

virus – Security implications of using VM compared to dual boot

I have my main computer and Windows installation which I use to work with (for me) important data. I keep this environment reasonably secure, however, I need a place with relaxed restrictions. I thought of 2 possible ways to do it using a single machine

  • just create and use a virtual machine
  • use a secondary drive and install Windows on it. Since the main Windows installation uses Bitlocker for the entire drive (using a passphrase, because TPM is not supported by my mobo), it should be impossible for a virus to rewrite files on my main Windows. What I'm not sure about is the possibility of a UEFI virus that would compromise the boot process, gain access to the passphrase and the underlying system.

Is any of these solutions reasonably safe? (I'm not some sort of a senior government official or someone who works for a large company, so I think even if the data I'm working with is important to us, I wouldn't be someone's target, so "reasonably secure")

What are the legal implications if you deny being Satoshi Nakamoto?

I have read the identity of Satoshi Nakamoto, and so far it seems like the most likely candidates have all denied being Satoshi (or being part of "Satoshi").

What are the legal implications if:

  • You are do not Satoshi, but pretended to be him, and later proved that you are not him.
  • You are really Satoshi but publicly denied to be him, then later turned out to be him.

I felt this question was better published here than on https://law.stackexchange.com/. But guys
on the other side can be pinged and might answer here.

Implications of a 6-digit password reset token

I am in the process of designing a password reset system for my website / application at the moment and I am not sure if the solution I have found could be considered sufficiently secure. The steps to reset a password are as follows:

  1. The user visits the login page (HTTPS) and chooses "Forgotten password".
  2. The user submits their email address (or their username because the application allows them to connect with one or the other).
  3. If no account is found with the email / username provided, no email is sent (the user is not notified of this to prevent its enumeration).
  4. A 6-digit number is randomly generated as a reset token and stored in a key-value store (the key being the token and the value being the user ID). This store entry is configured to expire after 1 hour.
  5. The token is sent to the account email address.
  6. The user then submits the token on the same page as the one on which he provided his email (the content of the page changes to provide an entry for the token).
  7. If the token is valid, the corresponding store entry is expired prematurely and the user is prompted for the new password (with a 'repeat password' entry for double checking).
  8. When submitting their new password, the user database record is updated to reflect this change and all active login sessions are invalidated.

This system does not use the standard method of generating a longer token (which includes a larger character set than just numbers); is it considered unsafe?

My reasoning for this method is that our application is developed for young people (especially children and adolescents) and that this password reset system should be as simple as possible. This system means that the user does not have to modify the page on which he is located (because the form to provide the reset token is automatically displayed after the sending of the e- mail) and it doesn't have to open a link from email, which means only one browser tab is ever used (and it's the same tab ).

And from what I can tell, another benefit of this system is that the password reset token is never exposed to any logs as it is never included in URLs , although it is still exposed in the email, but it's not something I can get around.

Can this system be considered sufficiently secure?

Also, does implementing a CAPTCHA service anywhere make this system more secure, or should I only consider adding one if we start to see too many requests in progress?