What is the status of the nation of Chondath in the Forgotten Realms of 5th Edition D&D?

The 4th Edition Forgotten Realms Campaign Guide indicates that Chondath was among the lands "most changed by the Spellplague" (p. 50), inasmuch as the entire nation was "obliterated" (p. 100) in the violent merging of Abeir with Toril. "[T]he strip of land formerly called Chondath" was either subsumed into the Abeiran realm of Akanûl (p. 86) — now littered with "[t]he shattered ruins of Chondathan cities" (p. 90) — or else became part of a frontier called the Vilhon Wilds (p. 193).

All of that happened in the late 14th century DR, with 4th Edition officially starting in 1479 DR (see FRCG p. 40).

Starting in the 1480s, the Second Sundering separated Abeir and Toril once more, and 5th Edition is set circa 1489 DR.

Popular opinion seems to hold (not without evidence, granted) that 5e was intended to roll back some of 4E’s more drastic lore changes, leaving the state of the world roughly compatible with pre-4E lore. However, even with Akanûl returned to Abeir, the ten-year stretch between 1479 and 1489 seems awfully short for Chondath to have been rebuilt from blasted ruins into the functioning nation it was before 4E.

Mysteriously, the Sword Coast Adventurer’s Guide mentions various other nations around the Sea of Fallen Stars, such as Aglarond, Chessenta, Impiltur, and Thesk, (see p. 11-13), yet there is no mention of Chondath.

Is there any available information on the state of Chondath as of 1489?

When does a .com domain become available after it expires? (With status clientTransferProhibited)

the domain I want is taken and according to ICANN it expires on 2021-01-05. The only status it has is "clientTransferProhibited". I am not sure how to interpret this domain status… Does this status prohibit me from getting the domain once it has expired? And can I acquire the domain as soon as it expires according to the expiry date on ICANN?

WordPress add page under admin submenu and retaining the active status of the parent submenu page in the menu

I have added a page in the admin menu(pxmag-menu) and a submenu(pxmag-plans). There is another page(pxmag-plans-edit) set under the submenu(pxmag-plans) as the parent page.

public function __construct() {     require('pxMagAdminPlans.class.php');     $  this->admPlanObj= new pxMagAdminPlans();      add_action('admin_menu', array($  this, 'add_plan_admin_menu')); }  public function add_plan_admin_menu() {     add_menu_page(__('Dashboard', 'textdomain'), get_bloginfo('name'), 'manage_options', 'pxmag-menu', array($  this, 'pxmag_dash'), 'dashicons-welcome-view-site', 6);              add_submenu_page('pxmag-menu', __('Subscription Plans', 'textdomain'), 'Plans', 'manage_options', 'pxmag-plans', array($  this->admPlanObj, 'plan_admin_menu_page'));     add_submenu_page('pxmag-plans', __('Add/edit Plans', 'textdomain'), 'Add/edit plans', 'manage_options', 'pxmag-plans-edit', array($  this->admPlanObj, 'plan_admin_menu_edit')); } 

All the menu and submenu pages load fine.

But, when I open this page(pxmag-plans-edit), the menu selection in the WordPress admin shows nothing as current item, whereas the pxmag-plans is supposed to be the current selection.

(It is supposed to work like: when I click ‘Posts > Categories‘ and subsequently open the ‘edit category‘ page, the ‘Posts > Categories‘ option in menu keeps selected).

What is going wrong? What is the correct process?

WordPress “Site Health Status” trust it or myself for its security advice?

I’m using WordPress to host a few sites. Lately it includes this feature called Site Health Status. This information has in part been valuable, but it also itches me the wrong way somehow that I can’t get it to show "green" due to something I’d consider non-issues 😉

Here is how the "critical issue" looks.

Relevant snippet from Site Health Status

Here’s the relevant text excerpt, because search engines aren’t all too good with indexing text from screenshots:

1 critical issue

Background updates are not working as expected [Security]

Background updates ensure that WordPress can auto-update if a security update is released for the version you are currently using.

  • Warning The folder /vhosts/sitename was detected as being under version control (.hg).
  • Error Your installation of WordPress prompts for FTP credentials to perform updates. (Your site is performing updates over FTP due to file ownership. Talk to your hosting company.)

The folder /vhosts/sitename is indeed under version control and the actual blog is under /vhosts/sitename/blog and that’s what the web server serves as webroot. However, /vhosts/sitename/wp-config.php contains the blog configuration. As WordPress allows it to live outside of the webroot, that’s what I opted for out of security reasons. Anyway, the conclusion from this first (yellow) point should be that there’s no way anyone could glean the contents of the version control system, since it lives entirely outside the webroot.

The second (and red) point is about FTP credentials. This one I find particularly unnerving. I have scripts in place, I have 2FA, and the servers in question are only accessible via SSH (and by extension SFTP). WordPress doesn’t support SFTP nor would I want to enable this at all. In fact the files inside the webroot have tight file modes so that even in case a breach occurred very little could be done. In other words, I am updating WordPress in a semi-automated fashion triggered manually. Unlike some setups of WordPress I have seen or administrated in the past with FTP enabled, I haven’t had a breach, going by all the indicators I have available. So to me this is the desired setting. But someone decided to categorize this as a critical issue.

So my questions (two actually):

  • Is there a way to dismiss and ignore these exact two items in the future?
  • Should I trust some WordPress dev who doesn’t know my exact setup more for security advice than myself or should I spend (mental) energy on actively ignoring the issue (under the assumption that it can’t be dismissed and ignored for the future)?

NB: I am not interested in having the overall feature (or the visible widget) removed. I simply want this feature to be valuable and that means not raising the alarm when nothing is wrong, as far as I’m concerned.

What is the status of the nation of Tashalar in 5e Forgotten Realms

As far as I understand, the Chultan Peninsula became an island for a time during 4e, and after the Second Sundering the regions around the Mhair Jungle were restored. Tashalar, an established and prosperous nation on the peninsula, was described in earlier editions (2 and 3 if I’m not mistaken), then presumably disappeared in 4th.

In 5th edition several neighboring nations on the Peninsula are mentioned in passing in the Sword Coast Adventurers Guide (p.10)

Eastward along the Chultan peninsula lie the remains of Thindol and Samarach. Despite the apparent fall of both civilizations, Thindol remains infested with yuan-ti, while the illusions cloaking Samarach’s mountain passes conceal the activities in that nation.

I’ve yet to find any reference to the current state of Tashalar, aside from a mention in the Forgotten Realms Style Guide under the heading "Don’t Whitewash the Realms"

The Forgotten Realms is a huge world with many earth analogs. Turmish, Tashluta, and Chult provide sources of humans with black skin and features.

(Curiously, as far as I can see in previous editions Tashluta was a city in Tashalar, and not a nationality or a region)

Is there any canonical reference to the current state of Tashalar in 5e?

I’m exploring basing an adventure to be published on DMs Guild in the region, so I’d like to avoid contradicting anything published. I’ve seen the Forgotten Realms Wiki entry and the Realmshelp listing, but as far as I can tell both refer to earlier editions of the game.

What is the current (mid-2020) status of hardware rootkit/malware and possible detection/monitoring?

I’ve posted a question (link) related to a potential compromised computer via SSH access with root user. Although no evidence of a break-in, I’m considering extended measures to ensure (as much as possible) that my hardware has not been compromised. The software rootkit/malware would be easier to deal with apart of technical details as I expressed in another question (link). I’m particularly concerned because a SSH root access seems much more serious than a rootkit/malware infection from a compromised application downloaded from the internet.

OTOH, hardware rootkit/malware is a different level of a threat and I was trying to get more information about it. As I could see in other questions (link,link, plus some internet articles), the debate regarding hardware threats was much related to state-actors aiming high-level targets a few years back (prior 2017). However LoJax surfaced in 2018 and possibly others until today.

So, what is the current status (mid-2020) of these infections? Are they popular or still related to particular high-level targets?

My research showed that the only ways to get rid of such threats at hardware level would be either (i) flash the hardware with default firmware (not simple) or (ii) replace the piece of hardware. Besides, I’m not sure this hardware-level intervention would be detected in any manner, even using specialized application like rkhunter or TDSSKiller, since it could be hidden at kernel Ring 0 area outside the userspace. In the end, the user would have an evidence only if the rootkit drops a malware in the userspace, which could be caught by an AV or other scan app.

I see that OSSEC would be a handy tool to monitor the system, but possible setup before an infection. In case one has a potential compromised system, what would be the way to detect and/or to monitor the activity of a potential compromised hardware rootkit/malware (if any)?

In summary, such threats could be hidden in any writable firmware in the hardware (BIOS, SSD, HDD, GPU, etc.), however detailed knowledge of these firmwares are needed in order to deploy such malicious software, making it not so popular (this answer from 2015 states it in a more clear way, although somehow old). If this level of threat is still not popular in the wild, I would consider a very small possibility that such threat would be deployed in my computer, but I don’t have the clear picture yet.

What is current status (5E) of Thay and its economy?

In the last century between 3.5E (~1372 DR), and 5E (~1489), Thay went through the civil war in which lich Szass Tam won, and banished other wizards making necromancy and undead arcanist the ruling class of the nation.

In 3.5E Thay was famous for two exports – slaves and magic items. However, in the current situation of the world creating magic items is more difficult, and Thay going full necromancy shouldn’t be so interested in the exports.

This connects with enclaves which they were building in distant countries in the Sword Coast. If I remember they even appeared in one of the offical adventures for D&D 3E. I can’t find any materials which confirm that they are still there, but if they can’t produce and export magic items they don’t make too much sense.

Is there any mention in the books or other official materials for D&D 5E that Thay Mages still are selling magical items in the enclaves, or are they abandoned?

How can an Android app like Whatslog detect user online status from Whatsapp?

Whatslog on Android allows you to check the online status of whatsapp users. You don’t need to scan a whatsapp qrcode, you just have to enter a phone number and it works pretty well.

I don’t understand how they do it.

  • I’m pretty sure they don’t use web.whatsapp.com because they don’t ask any QR code furthermore I have reverse-engineered the apk to java with jadx and I don’t see any trace of them using any “hidden” whatsapp api or anything like that.

  • I don’t see any communication between Whatslog and Whatsapp through Android Intents or the like.

There is this question which discusses the same thing but the answers talk about web.whatsapp but I’m pretty sure it’s not what they use : How can application like Whatsdog detect user online status from Whatsapp?