This is amazing. My entire web browser session state for every private and personal website I sign onto every day will be used for training data. It's great! I love this. This is exactly the direction humans should be going in to not self-destruct. The future is looking bright, while the light in our brains dims to eventual darkness. Slowly. Tragically. And for what purpose exactly. So cool.
Answer: bank/financial apps, enterprise apps, government apps and copyrighted media (music, video, games, books, ...).
Those are the players that demand excessive control over end-user devices, and thus the ultimate driver behind the problem we're discussing.
It's not that a new mobile platform couldn't possibly succeed. It's an open platform that cannot, because aforementioned players don't want it, and without them, mobile devices lose 90%+ of their usefulness, dooming them to become mere gadgets instead of (crappy, toylike) tools for everyday use.
China, north korea, and russia, all prolific cybercriminal nations with significant state backing of the same, are signatories. This means it's at best meaningless and at worst surrenders power to a regime with partial control by objectively bad actors. Staying out of this was the right move.
Plus it has too many implications for surveillance and security; poor idea in any case.
It's extraordinary to me that Minecraft is both the game that has the most robust mod community out there and that the modders were working from obfuscated, decompiled Java binaries. With elaborate tooling to deobfuscate and then reobfuscate using the same mangled names. For over a decade! What dedication.
I'm so surprised there is so much pushback against this.. AWS is extremely expensive. The use cases for setting up your system or service entirely in AWS are more rare than people seem to realise. Maybe I'm just the old man screaming at cloud (no pun intended) but when did people forget how to run a baremetal server ?
> We have 730+ days with 99.993% measured availability and we also escaped AWS region wide downtime that happened a week ago.
This is a very nice brag. Given they are using their ddos protection ingress via CloudFlare there is that dependancy, but in that case I can 100% agree than DNS and ingress can absolutely be a full time job. Running some microservices and a database absolutely is not. If your teams are constantly monitoring and adjusting them such as scaling, then the problem is the design. Not the hosting.
Unless you're a small company serving up billions of heavy requests an hour, I would put money on the bet AWS is overcharging you.
I gotta say, I feel pretty vindicated after hearing for years how Python’s tooling was just fine and you should just use virtualenv with pip and how JS must be worse, that when Python devs finally get a taste of npm/cargo/bundler in their ecosystem, they freaking love it. Because yes, npm has its issues but lock files and consistent installs are amazing
I'm going to say something that probably will get me down votes:
Why do we have to beg Google to keep Android open? Seriously. So many open source projects have risen out of real and concrete needs and successfully made their way into our every day lives.
A new platform needs to rise that breaks out completely from Google. I've given PostmarketOS a go (with a PinePhone) and while today I can't say it isn't a daily driver for everyone it is certainly the route that needs to be taken.
I'm still unable to use it because is not easy to break away from Android, but is a platform that I think about almost every day, because I do not want to use Android anymore and I'm willing to sacrifice certain aspects to have an open and friendly platform on my hands. And if it is not PostmarketOS then let it be another project.
We need these kind of projects, not kneeling down to a company like Google and begging for Android to be open. Effort needs to be put elsewhere. That's how major projects like Linux, BSDs and open source projects have flourished and taken the world.
There is nothing I dread more within the general context of software development, broadly, than trying to run other people's Python projects. Nothing. It's shocking that it has been so bad for so long.
As I wrote elsewhere, the US government and economy are now essentially a private equity takeover for a large segment of wealthy business: Squeeze out as much money as possible short term - including by issuing debt againts its assets, slashing and burning any costs regardless of ROI and with no regard for the future, and leave the bankrupt husk for someone else to deal with.
The treatment of fossil fuels and renewables fits: Block the obviously more economical and better long-term solution in order to shovel money toward the entrenched wealthy. That it sabotages the future due to climate change and economic inefficiency doesn't seem to be a significant factor to them.
I forgot, one of the entrenched corporate wealthy told us that climate change isn't a big deal, and we should send money to his and his friends for solutions.
I'm not anti-business; in fact, quite the opposite: These policies block a free market and the brilliant new businesses that can thrive and deliver solutions to everyone.
Good article, but the reasoning is wrong. It isn't easy to make a simple interface in the same way that Pascal apologized for writing a long letter because he didn't have time to write a shorter one.
Implementing the UI for one exact use case is not much trouble, but figuring out what that use case is difficult. And defending that use case from the line of people who want "that + this little extra thing", or the "I just need ..." is difficult. It takes a single strong-willed defender, or some sort of onerous management structure, to prevent the interface from quickly devolving back into the million options or schizming into other projects.
Simply put, it is a desirable state, but an unstable one.
The absolutely outrageous thing is that apparently they are instructed to ignore all other evidence of citizenship if that app says someone is not a citizen. So even if you have your birth certificate ready, doesn't matter.
This is completely lawless.
From the article:
> He also said “ICE officials have told us that an apparent biometric match by Mobile Fortify is a ‘definitive’ determination of a person’s status and that an ICE officer may ignore evidence of American citizenship—including a birth certificate—if the app says the person is an alien.
Back in the 2007 or when it came out in Sweden I bought the iPhone and started developing for it. This was cool, new and exciting and it was fine as long as my company was paying the $100 fee every year. But then I switched jobs and worked at a company which produced mostly open source code. Suddenly I would have to pay $100 every year just to be able to put my own software on the phone ...
This is why I switched to Android, just for Google now to pull the rug from under my feet again ...
Nvidia seems to be operating more like a sovereign wealth fund than a traditional business. They have a very-in-demand product, that is not likely to last forever, and is getting their fingers in as many pies as possible with the money and influence while they have it.
The direct cost is the easy part. The more insidious part is that you're now cultivating a growing staff of technologists whose careers depend on doing things the AWS way, getting AWS certified to ensure they build your systems the AWS Well Architected Way instead of thinking themselves, and can upsell you on AWS lock-in solutions using AWS provided soundbites and sales arguments.
("Shall we make the app very resilient to failure? Yes running on multiple regions makes the AWS bill bigger but you'll get much fewer outages, look at all this technobabble that proves it")
And of course AWS lock-in services are priced to look cheaper compared to their overpricing of standard stuff[1] - if you just spend the engineering effort and IaC coding effort to move onto them, this "savings" can be put to more AWS cloud engineering effort which again makes your cloud eng org bigger and more important.
[1] (For example implementing your app off containers to Lambda, or the db off PostgreSQL to DynamoDB etc)
It still surprises me how much essential services like public transport are completely reliant on cloud providers, and don't seem to have backups in place.
Here in The Netherlands, almost all trains were first delayed significantly, and then cancelled for a few hours because of this, which had real impact because today is also the day we got to vote for the next parlement (I know some who can't get home in time before the polls close, and they left for work before they opened).
The method is buried about 60% through the article, but it's interesting. It seems incredibly risky for the cloud companies to do this. Was it agreed by some salespeople without the knowledge of legal / management?
Leaked documents from Israel’s finance ministry, which include a finalised version of the Nimbus agreement, suggest the secret code would take the form of payments – referred to as “special compensation” – made by the companies to the Israeli government.
According to the documents, the payments must be made “within 24 hours of the information being transferred” and correspond to the telephone dialing code of the foreign country, amounting to sums between 1,000 and 9,999 shekels.
If either Google or Amazon provides information to authorities in the US, where the dialing code is +1, and they are prevented from disclosing their cooperation, they must send the Israeli government 1,000 shekels.
If, for example, the companies receive a request for Israeli data from authorities in Italy, where the dialing code is +39, they must send 3,900 shekels.
If the companies conclude the terms of a gag order prevent them from even signaling which country has received the data, there is a backstop: the companies must pay 100,000 shekels ($30,000) to the Israeli government.
This is the result of a ton of research into Crunchyroll's recent subtitle changes that have tanked the service's first-party presentation quality to an all-time low. The article ended up being quite long, so I highly appreciate anyone taking the time to read it in full!
> During the TLS handshake, the client tells the server which treeheads it has.
I don’t love the idea of giving every server I connect to via TLS the ability to fingerprint me by how recently (or not) I’ve fetched MTC treeheads. Even worse if this is in client hello, where anyone on the network path can view it either per connection or for my DoH requests to bootstrap encrypted client hello.
I'm struck with how long the history of Apple's earliest iPhone has shaped and produced long-term damage to the concept of digital ownership. Apple originally didn't allow anybody but Apple to create software for the 1st gen iPhone, and only later was forced "opening" it my market forces.
People who realized they actually owned the thing they bought wanted to do what they wanted, which required circumventing Apple's control or "jailbreaking". This differentiator stimulated Google to "allow" installing on Android without "jailbreaking" the device aka "sideloading", giving the illusion of the kind of freedom that was never in question on normal computers.
It is interesting though how this same conversation doesn't exist in the same way in other areas of computing like video game consoles or other embedded computing devices where the controls against arbitrary applications is even stronger.
The fact that mobile phones aren't yet just a standard type of portable computer with an open-ish harware/driver ecosystem that anybody can just make an OS for (and hence allow anybody to just install what they want) is kind of wild IMHO. Why hasn't the kind of ferver that created Linux driven engineers to fix their phones? Is Android and iOS just good enough to keep us complacent and trapped forever? I can't help but think there might be some effect here that's locking us all in similar to how the U.S. healthcare system can't seem to shake for profit insurance.
I'm sometimes surprised at the plethora of cheap handheld gaming systems coming out of China that support either Linux, Android, or sometimes both, and seem to be based on a handful of chipsets. If anybody ever slapped an LTE module and drivers onto one of those things we'd have criminally cheap and powerful, open phone ecosystem.
Suffered a stroke in 2004 (migrainous infarction). Became half blind. Rested for a good year.
Became a photographer for 8 years, then switched back again to software development.
From then on, the limits were: WFH only, limit stress, run away from job if things go bad again. Nap if brain feels exhausted. Sleep, more and better.
20 years later (53yo), I'd say I'm doing great! Also fitness helps remind me to take care of the body...
- they're completely stopping all updates to v2; even image trace won't be coming to it. You might have paid for perpetual access to it 2 months ago, but it has completely stopped. As the world moves on (new chips, new OS features, just general software movement) this will increasingly feel like a second-class experience.
- the new "free" software is a sales funnel into the paid subscription, and will also increasingly have that "second-class" feeling as new pro-only things are added to it. it is also practically guaranteed to feed your work into AI unless you buy pro sometime in the next 5 years
In short, something secure, top class, the "best the company offers" product doesn't exist anymore. What was once there isn't.
This is such a shame IMO. The Serif suite was great, and I used to try to get every designer I could to dump adobe and switch to serif.
Now that it has switched to a freemium model trying to get you to subscribe to AI, I wont be using this or telling other people about it any more. Their priorities have changed. No longer are they trying to to beat adobe at their own game, they are just chasing AI money like everyone else.
This is a game of cat and mouse -- to the extent that LLMs really give consumers an advantage here (and I'm a bit skeptical that they truly do) companies would eventually learn how to game this to their advantage, just like they ruined online reviews. I would even wager that if you told a teenager right now that online reviews used to be amazing and deeply accurate, they would disbelieve you and just assume you were naive. That's how far the pendulum has swung.
This thing is an absolute security nightmare. The concept of opening up the full context of your authenticated sessions in your email, financial, healthcare or other web sites to ChatGPT is downright reckless. Aside from personal harm, the way they are pushing this is going to cause large scale data breaches at companies that harbour sensitive information. I've been the one pushing against hard blocking AI tools at my org so far but this may have turned me around for OpenAI at least.
