Can you keep using Shapechange after dropping to 0HP?

Can you use Shapechange again after dropping to 0 HP?

This might sound strange, but I belive that, according to RAW, you can keep using Shapechange even after getting dropped out of the previous form due to taking damage.

Specifically, the sequence of events I am thinking about goes like this:

  • having X HP in your base form, use Shapechange to assume a form with Y HP
  • take at least Y points of damage, but less than X+Y
  • turn back into your base form†
  • make your con save to keep concentrating on Shapechange – nothing in the spell says that it ends upon dropping to 0HP!
  • You are now in your base form, with a nonzero amount of HP left – let’s call it X’ – and still have Shapchange up
  • use your action to assume any new form, with the only restriction being that the new form’s HP cap out at X’

I believe this last bullet point to be a valid option due to this part of the spell’s description:

During this spell’s duration, you can use your action to assume a different form following the same restrictions and rules for the original form, with one exception: if your new form has more hit points than your current one, your hit points remain at their current value.

This says nothing about the last form you assumed using the spell – it’s your current form whose HP are relevant.


While I believe this to be an obvious oversight in the spell’s description – just like the fact that it doesn’t actually flat out say that you turn back upon being reduced to 0 HP – I think that, according to Rules As Written, this is how the spell works.
Did I miss something or am I reading this correctly?

† This is never explicitly stated to happen, but can reasonably be inferred from this paragraph:

When you revert to your normal form, you return to the number of hit points you had before you transformed. If you revert as a result of dropping to 0 hit points, any excess damage carries over to your normal form. As long as the excess damage doesn’t reduce your normal form to 0 hitpoints, you aren’t knocked unconscious.

During a long rest if someone is fully rested, can they keep watch longer than 2 hours?

So I am currently running a game with 3 PCs, 2 of which are Elves and 1 a Human. I am just trying to calculate the most efficient way to run watch shifts during long rests since both of the elves only need 4 hour meditation to be considered fully rested.

In the PHB pg 168 in the section about long rests it states that (emphasis mine):

A long rest is a period of extended downtime, at least 8 hours long, during which a character sleeps or performs light activity: reading, talking, eating, or standing watch for no more than 2 hours.

Now my question is, once a character is considered fully rested and no longer needs the “long rest” are they able to keep effective watch for longer than a period of 2 hours? So say that the elves both finish their 4 hours, can they now keep a vigilant watch for the other 4 hours the human PC needs to rest?

Keep password in macro

I had an idea to assign my keyboard’s macro keys to various passwords so I can just hit the key and it will paste in (the passwords are long and random so I won’t remember them). This is on a home desktop PC. Are there any reasons this is a bad idea security wise? Thanks

How to keep backup servers safe?

I use duplicity on a few Ubuntu servers to encrypt backups and send them to a backup server, which then sends another copy to, and then, once a week, give it or take, I download these backups to a local server.

The problem I have with this is that to send these encrypted archives to the backup server, each server has a password-less SSH key that allows them to connect to the backup server.

While each server has its own user on the backup server, file changes are monitored with OSSEC and the user only has permission to write to its own backup directory, I still fear that a compromised server — thinking ransomware, to be specific — could damage the backup server as well.

I thought about doing the inverse and having the backup server connect to the other servers, grab what it needs, and then shut itself down, but that seems worse, as a compromised backup server would have access to the entire server inventory.

So, I am wondering what is the best solution to keep backup servers safe? Is there a better software than duplicity to handle this?

Thanks in advance!

EDIT: Few details I forgot to include, might be worth something.

  • Backup server is set up with a hardware RAID controller in RAID 10 with 15 drives
  • Backup server uses Ubuntu 18.04 with EXT4 as the filesystem
  • Backup server is a dedicated server with plenty of RAM and CPU power
  • Backups stay inside /var/backups/SERVER-NAME/
  • Client servers are all unprivileged LXD containers

How to keep a Cloud-hosted trading algorithm private? Encryption?

Are there any reliable ways of protecting a cloud-hosted trading algorithm from being seen/copied – for example, by people working at a company who are hosting an algo (like QuantConnect, Quantopian, AWS, GoogleCloud, etc.)?

This seems like a potential risk to me – even though I’ve seen these companies saying that they take privacy and users’ intellectual property seriously.

Are there any best practices – like encryption? (And any reliable methods/specifics on encrypting a trading algo?) Or does one need to create their own server to keep an algo private?

Thanks for any guidance.

What is a good way to keep track of time between encounters with an ability that regenerates at a rate of 1 per minute?

What is a good way to keep track of time between encounters with an ability that regenerates at a rate of 1 per minute?

Force Ward

You constantly surround yourself with a ward of force. You gain a number of temporary hit points equal to your kineticist level. You always lose these temporary hit points first, even before other temporary hit points. If an attack deals less damage than you still have as temporary hit points from force ward, it still reduces those temporary hit points but otherwise counts as a miss for the purpose of abilities that trigger on a hit or a miss. These temporary hit points regenerate at a rate of 1 per minute. …

This gives you a pool of temporary Hit Points that regenerate at the rate of 1 THP per minute. How do would you keep track of THP gained during the session?

Example with multiple encounters, how you keep track of time between random and predetermined encounters to know how much THP you regenerate in between?

Does user need to keep updated with the certificates locally when using TLS with smtp?

HOWTO: Install/Configure msmtp and mutt on ubuntu

I got GTS CA 1O1 as the common name instead of Google Internet Authority G2. What is the difference between the two.

So GTS CA 1O1 refers to the one listed here

I see GTS CA 1O1 valid until Dec 15, 2021. So by Dec 15, 2021, I should regenerate the local crt file by openssl x509 -inform DER -in GTS1O1.crt -outform PEM -out gmail-smtp.crt

$   msmtp --serverinfo --tls=on --tls-starttls=off SMTP server at ([]), port 465: ESMTP a10sm3703146oic.46 - gsmtp TLS session parameters:     (TLS1.3)-(ECDHE-X25519)-(RSA-PSS-RSAE-SHA256)-(AES-256-GCM) TLS certificate information:     Owner:         Common Name:         Organization: Google LLC         Locality: Mountain View         State or Province: California         Country: US     Issuer:         Common Name: GTS CA 1O1         Organization: Google Trust Services         Country: US     Validity:         Activation time: Tue Nov  5 15:45:23 2019         Expiration time: Tue Jan 28 15:45:23 2020     Fingerprints:         SHA256: 50:E7:13:03:7B:A8:D8:28:3C:D2:66:AC:58:E3:76:6D:BB:DB:E2:9D:B6:8F:54:38:10:BC:A5:93:67:25:7D:4D         SHA1 (deprecated): F4:D9:49:8F:FA:F0:06:D1:B8:D7:AE:A8:56:A3:36:B4:FB:76:3E:32 Capabilities:     SIZE 35882577:         Maximum message size is 35882577 bytes = 34.22 MiB     PIPELINING:         Support for command grouping for faster transmission     AUTH:         Supported authentication methods:         PLAIN LOGIN OAUTHBEARER  

Is there any way to keep the request in intercepting proxy for atleast a min before application says check your connection?

I just bypassed SSL pinning on an android application but the problem is application won’t let me play with the request on my intercepting proxy. It says something like problem with your network or check your internet connection, it might be slow. It used to say the same thing before I didn’t bypassed SSL pinning.

My assumption is that the application is coded in such a way that it expects to get response from the server quickly. Since am playing around with the request on my intercepting proxy there is no response from the server because the request is still on my proxy and not sent to the server.

Is there any way out of it?

How can I keep Twitter from banning me despite using a VPN and different phone numbers? [on hold]

I keep getting banned on Twitter for unironically attempting to evade banning this last time I used a VPN and a new phone number and despite this, they caught me before I sent a tweet so I am assuming they have a way to trace me even using a VPN so my question is what, if anything can I do to prevent this…I was curious if using a different computer would help?

Do temporary hit points from the Heroism spell keep a troll alive?

The Troll’s Regeneration feature states:

The troll regains 10 hit points at the start of its turn. If the troll takes acid or fire damage, this trait doesn’t function at the start of the troll’s next turn. The troll dies only if it starts its turn with 0 hit points and doesn’t regenerate.

Let’s assume heroism has been cast on the Troll, a spell which states:

[…] Until the spell ends, the creature is immune to being frightened and gains temporary hit points equal to your spellcasting ability modifier at the start of each of its turns […]

Let’s also assume the troll has taken acid/fire damage, and is at 0 HP. What happens at the start of its turn?