True, but I’ve had two grid-tie inverters, and both have had anti islanding protection and would not function when there is no utility power. Pretty much all grie-tie inverters have that protection.

I’m specifically referring to the interconnect agreement, though, which is where you have to jump through a bunch of hoops, fill out a bunch of forms, pay a fee, wait for the power company to come and inspect it, and get the utility provider’s blessing before you can hook in a grie-tie inverter and export even a fraction of a watt.

And you have to go through that process every time there’s a change to your system. e.g. If I start out with a 400 watt balcony solar kit, get that approved, and want to add another 400w kit, I would have to file new paperwork, pay another fee, wait for inspection, etc.

I’m all for reasonable safety measures, but the power company in my area is clearly doing all it can to pay lip service to “yes, we support balcony solar” while also making it as painful as possible for homeowners to actually implement it.

I’ve had to plan on a PV+battery+load sharing solution because my utility provider will fine the absolute crap out of you if you export any power without an interconnect agreement in place. I used to be able to stealth grid-tie with the old analog meters (I never produced more in a month than I used), but these new digital tattle-tale meters will rat you out instantly.

No thanks. Only the worst people / least deserving to live forever would be able to afford this.

No idea, just thought it was interesting and looked like an easy thing for a first time homebrewer. The guys in the video operate a honey farm, so I’m inclined to think they know what they’re doing (or at the very least don’t blink at wasting honey lol).

Did they train the model on YPTB or something? That’s so on brand it’s actually quite funny.

It is but it doesn’t federate.

Only if the USB Implementation Forum doesn’t get a chance to name it. Otherwise, it’d be something like DNA 3 2.0 Super Speed

Truth.

I just see those devices as mesh extenders waiting to happen lol.

I don’t even remember how I learned about Meshtastic. It was just one day I’d never heard of it and the next day I was obsessed and had multiple radios to play with. How I got there? Total mystery.

The irony there is that there’s a link between microplastics and Parkinson’s.

https://www.nih.gov/news-events/nih-research-matters/nanoplastics-may-help-set-stage-parkinsons-risk

I have an Omega Molecule joke, but we’re not allowed to talk about it.

Absolutely.

It’s nowhere near this level of effort, but I have a 60’s wall-mount rotary phone wired to a Bluetooth=>POTS adapter. So not only do I have a retro phone in my house, but it actually works.

The saddest part of the video, in meme format:

And the auto-submitting TOTP entry form where you’re apparently not allowed to make a typo. And obscuring the TOTP number like it’s a password or state secret.

Audio transcribing should be the little “waveform” icon at the right of the text input:

Image generation, I’m not sure as that’s not a use-case I have and don’t think the small-ish models I run are even capable of that.

I’m not sure how audio transcribing works in OpenWebUI (I think it has built-in models for that?) but image generation is a “capability” that needs to be both part of the model and enabled in the models settings (Admin => Settings => Models)

I feel like I’m stepping around landmines replying this, but I never liked the analogy either. It works fine at a small scale, and I’m fine with that, but everyone here wants to apply it universally at a macro scale to the point it’s just ridiculous.

e.g. If a nazi moves in down the street, and everyone else doesn’t up and move, regardless of their financial situation, you live in a nazi neighborhood. Guess you and your kids should just go live in your car because…moral purity or something.

Nice. I’ve got the Anker version but it’s half the capacity at 1 KWh. It charges exclusively from 800W of PV input (though it can only handle 600W input) and can push out 2,000 W continuous and 3000 peak.

I’ve got a splitter from the PV that goes to both the Anker and a DC-DC converter which then goes to a few 12v -> USB power delivery adapters. Those can use the excess from the PV to charge power banks, phones, laptops, etc while the rest goes to the Anker (doesn’t seem to affect the MPPT unless there’s basically just no sunlight at all). Without the splitter, anything above 600W is wasted until I expand my setup later this spring.

All I can say for it is that it absolutely rocks! On sunny days, I run my entire homelab from it, my work-from-home office, charge all my devices, and run my refrigerator from it if I feel like running an extension cord). It’s setup downstairs, so I also plug my washing machine into it and can get a few loads of laundry done as well.

All from its solar input.

Solutions that work for a corporate application where all the staff know each other are unlikely to be feasible for a publicly available application with thousands of users all over the world

This is something of a hybrid. There will be both general public users as well as staff. So for staff, we could just call them or walk down the hall and verify them but the public accounts are what I’m trying to cover (and, ideally, the staff would just use the same method as the public).

Figure if an attacker attempts the ‘forgot password’ method, it’s assumed they have access to the users email.

Yep, that’s part of the current posture. If MFA is enabled on the account, then a valid TOTP code is required to complete the password reset after they use the one-time email token. The only threat vector there is if the attacker has full access to the user’s phone (and thus their email and auth app) but I’m not sure if there’s a sane way to account for that. It may also be overkill to try to account for that scenario in this project. So we’re assuming the user’s device is properly secured (PIN, biometrics, password, etc).

If you are offering TOTP only,

Presently, yes, but we’re looking to eventually support WebAuthn

or otherwise an OTP sent via SMS with a short expiration time

We’re trying to avoid 3rd party services, so something like Twilio isn’t really an option (nor Duo, etc). We’re also trying to store the minimum amount of personal info, and currently there is no reason for us to require the user’s phone number (though staff can add it if they want it to show up as a method of contact). OTP via SMS is also considered insecure, so that’s another reason I’m looking at other methods.

“backup codes” of valid OTPs that the user needs to keep safe and is obtained when first enrolling in MFA

I did consider adding that to the onboarding but I have my doubts if people will actually keep them safe or even keep them at all. It’s definitely an option, though I’d prefer to not rely on it.

So for technical, human, and logistical reasons, I’m down to the following options to reset the MFA:

1. User must contact a staff member during business hours to verify themselves. Most secure, least convenient.
2. Setup security questions/answers and require those after the user receives an email token (separate from the password reset token). Moderately secure, less convenient, and requires us to store more personal information than I’d prefer.
3. Similar to #2 except provide their current password and a short-term temporary token that was emailed to them when they click “Lost my MFA Device”. Most convenient, doesn’t require unnecessary personal info, possibly least secure of the 3. Note that password resets require both email token and valid TOTP token, so passwords cannot be reset without MFA.

I’m leaning toward #3 unless there’s a compelling reason not to.

I thought about generating a list of backup codes during the onboarding process but ruled it out because I know for a fact that people will not hold on to them.

That’s why I’m leaning more toward, and soliciting feedback for, some method of automated recovery (email token + TOTP for password resets, email token + password for MFA resets, etc). I’m trying to also avoid using security questions but haven’t closed that door entirely.