Craigslist type site for domain/website asks for my selfie with identification card – Unsafe?

Flippa is a website that lets sellers of domains and website list their properties for sale. They do not handle funds, escrow d0t com and/or paypal handles the sales. After taking my money for listing (250) I was able to sell my website. When it came to finish sale, told me that in order to proceed to escrow d0t com that I must: Upload selfie with my govt id, scan both sides of id, AND also do a "liveness video." I was a bit alarmed and looked in the their partner. They use a company that does KYC verification. Find it strange flippa, a non-financial company, is using KYC. Anyway the company they use claims to be based out of London. Which is is not true, their address in London is paid virtual business office. They are a Russian company, with russian founders and employees. No hate on Russia but as an American I am not comfortable uploading all this private info JUST to complete a website sale!

Is this even legal for Flippa to do? Flippa also says they store the information I sent them. I don’t like that they only ask me to complete this AFTER they have my money.

TL;DR A company that offers listing service for domains wants my selfie with my govt id. They use verification service that obscures that they’re based in Russia. Is this safe?

VPN provider asks to install RootCertificate. How is it safe?

I want to use VPN provider (ProtonVPN), and don’t want to use an app. They ask user to install their Root Ca. How safe is it? What type of info could they get from my laptop? If I have their certificate installed, does that means they can see and get all info from my browser, including passwords and https sites? And what about other non browser traffic? How safe is it? What are the risks?

GPG asks for Passphrase for new key

i want to know what to do after forgetting a passphrase. I’ve deleted and revoked all keys and made a new one but i was hoping that the passphrase would reset for me. to make a newer one. Do i need to uninstall the application to reset passphrase? If I’m wrong please do correct me and help me figure this out thank you!

What happens if a player asks to roll for an Ability Check?

New DM here, playing casually with my friends for fun during Quarantine. An interesting series of events conspired last night, and I hope to get some other people’s opinions on it, please 🙂

Udaron the Monk says: “looks around and notices the goliath.” (he then asks ooc for a perception check on whether the goliath looks friendly or corrupt/zombie)

I say, uh ok.

-rolls an 18-

I respond: “so as you look at the goliath, you don’t really notice anything strange about him. You don’t know a whole lot about goliaths, maybe never even seen one before. But as far as you can tell, he’s not undead, or corrupt. He also appears to be sleeping.”

First, I was taken off guard by the pc asking outright for an ability check. Nobody at the table had done this before, and it was strange. I let him roll, since that’s what he wanted to do. The way we’ve been playing, looking and observing is not something that I normally require pcs to roll for. Realistically, I imagine that if you just look at something, you would be able to tell if it’s a zombie. (Maybe flesh hanging off, a certain smell, or other things that are just obvious.) If he hadn’t outright asked to roll for perception, I would not have made him do so.

In the end, he was upset because he thought his roll allowed him to glean more information from observing the goliath than I gave him.

A similar thing happened later in the same session, when he tried to persuade the innkeep to let him and the team stay for free for 3 whole months. He once again asked to roll for persuasion, and he rolled a 16. Obviously you cannot convince the innkeep to let 4 total strangers stay in the inn for free, so I (secretly) made the DC 30. He therefore failed his persuasion attempt, and was not happy.

My questions: -Should I have even allowed the pc to make the rolls? -Should I simply have told him that a roll is not necessary and gave him the outcome of his efforts? -Since I allowed the pc to make the roll, am I bound to letting the events play out as the roll dictates?

When a spell asks for targets, can I choose the same target multiple times?

When a spell has multiple targets, can I choose the same target multiple times?

Is there any general rule I can refer to?

An example of ambiguity is the spell Steel Wind Strike:

You flourish the weapon used in the casting and then vanish to strike like the wind. Choose up to five creatures you can see within range. Make a melee spell attack against each target. On a hit, a target takes 6d10 force damage. You can then teleport to an unoccupied space you can see within 5 feet of one of the targets you hit or missed.

Nowhere does it say you have to choose up to five different creatures, although Crawford has disallowed targeting the same creature multiple times on Sage Advice EU. However, this answer does not give light on a general rule.

Similarly, for Acid Splash:

You hurl a bubble of acid. Choose one creature within range, or choose two creatures within range that are within 5 feet of each other. A target must succeed on a Dexterity saving throw or take 1d6 acid damage.

The intended answer is clearly no. But how can I know that? Is there a general rule?

How can BitLocker be considered safer, if it doesn’t asks for a key during boot

This is most likely a naive question, but I failed finding proper answer to it, so I dared to ask here.

When I was using TrueCrypt / VeraCrypt, my key / hash / password was never stored anywhere and I was forced to provide it upon each boot. When I have now enabled BitLocker in my Windows 10 Pro, my key / hash is stored inside TPM (?) and I am never asked for it. My system disk is being decrypted on-the-fly as system boots.

Now, if I don’t have to provide this key during boot then my disk is completely unsafe, if someone would stolen it toghether with my computer (very likely, most often scenario?). I am only safe, if an attacker will get the disk, but not the computer, and will install it in its own computer.

When I was using TrueCrypt / VeraCrypt, I always safe, now matter whether unauthorized person got access to my disk in mine or in any other computer. Without key / hash, my disk was garbage.

Please, explain what am I missing? How can BitLocker be considered safer than TrueCrypt / VeraCrypt give above two scenarios.

Filezilla asks for key (which doesn’t exist), only in my laptop

When I try to connect to a FTP server with Filezilla, it asks for a password fo unlock a private key, which I never configured. The site is not configured to use keys.

If I enter my key password it works, but I’m worried, is this secure? Why is it asking my private key if I never configured it?

Other sites don’t ask for this key.

Thank you.

How to handle a player who asks me never ending questions about roleplay things

Recently I started up a new game. I recruited players, got them to make characters, and was ready to have some fun with them.

One of the players keeps asking questions. They ask about every detail of their character, they ask about other roleplay systems, they ask about other characters they’re generating, they ask about games and movies they’re playing, they ask questions about the rules. It’s a long, never ending barrage.

I regret inviting them into the game now, because it’s such a drain being asked endless questions. I’ve told them to ask questions in the public discord or online, they agree, but they immediately go back to asking me more questions, in private messages on discord when they get some new idea. There’s a certain amount of, politeness in helping them with their character and understanding the world, but their sheer volume of questions is getting tiring.

It’s made worse by the fact that English isn’t their first language, and often their questions are vague and confusing and not easy to answer.

We’re involved in another game, and I need to remain reasonably polite, so saying “Go away and shut up.” isn’t a good option. What’s a reasonably polite way to stem the tide of questions?

The game we are playing is Dungeons and Dragons fifth edition, so there are many knobs to tweak and play with on characters.