In a large dark temple, a player with the Alert feat and Darkvision can only see out to 60 ft, but at 100 ft there is an enemy with 120 ft Truesight sitting in a Silence spell and firing a crossbow. If the player rolls 20 for initiative and the enemy rolls 10, does the player get to attack first? Or should the enemy get to fire the shot before initiative is rolled? Or should the enemy roll initiative for itself, fire a shot, and then have the player roll into the initiative?
If part of the party enters combat with enemies but the rest of the party is not aware of the threat or aware there is combat happening yet, does a player with the Alert feat who rolls highest on initiative act before even the enemies?
In this example, the Archer has the Alert feat but is hanging back behind a corner waiting for the Paladin to see if things are safe. The group rolls Initiative and the Archer rolls 21, the Spiders roll 15, and the Paladin rolls 8. The Spiders roll 24 for Stealth and Surprise the Paladin.
Who acts first? The only answers I come up with seem to unfairly negate the Archer’s choice to take the Alert feat.
The relevant part of the Alert feat:
You can’t be surprised while you are conscious.
If you are a B2B company [US], you may collect data on your clients as well as your clients’ customers. For example, let’s say the only thing you need to collect is your clients’ customers’ names.
In the case that your company has a data leak and the individuals’ names are shared with an unauthorized third party, (I believe) you have an obligation to inform someone.
What is the standard practice? Do you directly email the individual and say their information was leaked? Or do you give your client (a business) a list of the client’s whose data was impacted and let them reach out to the impacted clients.
In the case of emailing the impacted clients directly, what if you do not collect their contact information, and have no way to contact them?
Real world example: my personal data was leaked by a B2B software company that I had never heard of. I was contacted by the software company directly as well as their client who I had used the services of. Was it the responsibility of the B2B software company to collect my email in case they needed to contact me directly?
I’m running a game and I’m trying to gank a few of my players with a Sorcerer with Subtle Metamagic. However, one of the players has the Alert feat which states he cannot be surprised.
My question here is: can I cast subtle hold person with the sorcerer without any interference from the player with the Alert feat? Or does that person has the opportunity do so something about it since he cannot be surprised? Let’s say the Sorcerer is hiding in his hand his arcane focus (a small pearl).
Can I do this without asking my players to roll for initiative?
When i enable "chroot_local_user=YES" in my FTP server config /etc/vsftpd/vsftpd.conf
then the FTP client (WinSCP) says:
when it is commented out and "service vsftpd restart" , it login OK, but allows browsing system directories in the /.
This is CentOS 7 Linux.
FTP server and chroot: SSL3 alert write: fatal: protocol version
My character with alert feat was attacked and received damage pre-combat. Specifically, our party was walking through dark cave, and on the ceiling there was a swarm of insects (that none of the PCs noticed). Suddenly, DM describes that a swarm of insects lunges at my character and immediately attacks him dealing x damage. I asked him why the moment the swarm tried to attack me he didn’t ask us to roll initiative to see who goes first. He said that was because the swarm noticed us and readied its action to attack me when I come in range. Can an alert character be surprised in such a way? Can an enemy who wants to get the drop on a party bypass rolling for initiative versus alert character by reading attack action?
A website fully filter the alert function from his website, and replace it with an empty string, but I want to bypass it and still popup an alert, I am trying to solve an XSS challenge, and I figure out that the site identify the double "l" char, and fully removes the string.
the output is
<script>allert(1)</script>, and when I remove the second "l", the output is
<script></script>, Only the "l" is still showing the
alert function, any other double char is fully removes the string How can I bypass it ?
Google sent me a security alert about my account being accessed from a new device. In fact, I believe I did access my account myself from a new device but it was NOT the device Google warned me about. I used an Amazon Firestick for access and Google said it was an Asus Nexus 7. Is it possible Google’s device detection program was in error?
I am using Snort 2 and I can’t find anything that will specifically rule out the HTTP traffic so that I can alert for any other traffic coming in (or out) on port 80.
I just had this security alert about one of my Google accounts:
- Device : Unknown device
- Time : 25 minutes ago
- Place : United States
- IP Address : 2a00:1450:4864:20::51b
Someone just used your password to try to connect to your account from an application not belonging to Google, we have blocked this person.
This alert arrived 30 minutes after I had made some security modifications and checks on my account. Moreover, I verified this IPV6 address, and it belongs to Google (I am using a VPN). Is it a false positive? 🤔