I'm not to fire people usually but this long report shows that there are probably too many persons too well paid with nothing to do at Cloud flare.
Because that is a lot of energy spent too have done advance research for an UI that is basic (just a checkbox), not particularly great and common before and after cloudflare...
And a personal rant, I don't understand how they can be proud of themselves when you see the wasted time and energy supported by users to browse the pages that are being Cloudflare.
Imagine this billions of "click-wait" uselessely done by users everyday worldwide
Not specifically for the Mac light, but nowadays I find it very annoying that everything as a small led light for sleep or just indicate power, or power plugged.
At night it is very hard to have a dark room to sleep in small apartments or bedrooms when you have so many of them. Tv sleep lights, set top box, computers sleep and power plugged lights, small electronic devices and appliances like the one displaying time. Power multipliers that often have a safety power on light, ...
It blows my mind that nowadays, some random tools on internet tells you to do "curl -fsSL https://.... | bash" to install some "binary" things and a lot of people will do it without hesitation.
It probably explains why there is so many data leaks recently but it is like we did a 20 years jump back in time in terms of security in just a few years.
I get the hesitation :D But the code is open and the install.sh is as minimal as it gets tbh. Still, as said, I get the hesitation. What a time to be alive.
It does not install binaries, it builds the binary by checking out the project basically. You can also do the process manually and use the tool.
One day folks who live inside commandlines and TUIs all day will realize that there's nothing particular about webapps or the sandboxes that they execute in that requires we build exclusively graphical runtimes around them, instead of taking advantage of the same security and distribution model for programs accessible and usable from within terminal emulator.
How else are you going to get your openclaw to run blazingly fast??
But seriously, I think there's a bit of overzealousness/misalignment in security lately with a disregard for usability and privacy, making people less tolerant of dealing with inconveniences.
> Not adding the domain to Google Search Console immediately. I don't need their analytics and wasn't really planning on having any content on the domain, so I thought, why bother? Big, big mistake.
That should be enough to trigger an antitrust case against Google and a split of its activities. When despite unrelated, it becomes the gatekeeper of your presence in internet.
A registrar using Google's signal to deactivate your service isn't Google's fault.
Safe Browsing itself has an appeal process so I think legally they're covered. Users and governments surely appreciate someone filtering bad actors online, even if casualties don't.
It is the moment like that where it looks obvious for third parties to use it and only it to vet customers. To the point where you are forced to deal with Google because parties "can't do anything about it".
The moment that 80%+ users go to internet through their browser but at the same time control which we site can be accessed with their safe list.
The moment that you need to create an account and start using their services and accept their terms and conditions to be removed from wrongfully added "list" impacting someone.
Well for an expats, it's really a gamechanger not having to play three card monte selecting the correct card to use for each transaction. You would be surprised how many transactions are (accidentally?) geofenced based on where your card is issued from, and Paypal pretty much solves these.
I'm an Indian with a few US subscriptions and Paypal was indispensable for years. When they set a KYC deadline involving some dude in a video call suddenly asking me to produce my Aadhar (national ID), I then discovered those services work with my debit cards perfectly. BTW autonomous charging of arbitrary amounts is not allowed in India, AFAIK.
As a buyer PayPal saved me after being scammed. It was a breeze to claim my money back, once I filed a police report.
Stripe and other normal card processors make it impossible. And before someone says to "charge back" with my bank, my card is from a country where that is almost impossible. In fact I think maybe only in the US that's actually practical, because in Germany I don't remember "charge backs" being a thing when i lived there.
Might work for some countries (like US). But if you are from country with their own currency PayPal will only allow payout to account with that native currency. You get payed in USD you can't payout to USD account if your nation uses different currency. And of course they will also exchange that USD to your currency with their exchange rate that's 5-8% above services like Wise.
Basically you either keep money in your Paypal and use it there or pay their cut. It's simply usury.
Similar same happened to me, but in my country. I got a virtual stripe card to pay for the conference I was supposed to attend to and the fixing of problems took like five business days
When you think about it, it is crazy to think that the world is spending thousands of billions on AI stuffs, but still we haven't yet any affordable big size epaper display.
It could change a lot of things in the world, especially regarding the power consumption of most commonly used screens for a lot of signage everywhere. But not that much company looks like to be interested in developing the field.
I think that a few years a go, a lot of possible innovation were blocked by a few aggressive patents. I don't know if it is still the case.
> It could change a lot of things in the world, especially regarding the power consumption of most commonly used screens for a not of signage everywhere.
There's something I don't get about common e-paper displays.
I have a Remarkable, and it's great. The battery life is also supposed to be great. It can last for months while the Remarkable is turned off.
If the Remarkable is on, it won't last. All the battery will drain away. You have to babysit it carefully, or this is what will happen, and the next time you want to use the Remarkable, it will be dead and you'll need to charge it first.
For some reason, if left idle, it will enter a "sleeping" mode. The screen shows whatever was on the screen, with a little bar overlaid telling you that it's sleeping.
Sleeping mode is actually just awake mode. It continues to draw power as if it was on. The only difference is that it stops responding to touches. If you press the power button, it wakes up instantly, because it was already on.
Off mode is different. In off mode, the Remarkable stops drawing power. Also, it erases the screen, instead displaying a full-screen message that the Remarkable is off. You have to manually put it in off mode whenever you stop using it, or all the battery will rapidly drain away. If you press the power button, nothing will happen; you have to press it and then hold it down for two seconds (I measured this) in order to get it to boot up.
To put it into off mode, you have to do the same thing, forcefully holding down the power button while you wait for it to admit that you want it to turn off. This takes four seconds. Then you have to confirm on the screen that yes, you held the power button down for four straight seconds on purpose.
The ergonomics of this are awful. Leaving your Remarkable idle means losing your entire charge; it will never transition from awake-but-pretending-to-sleep to off. Turning it off is a huge pain. It would solve so many problems to just leave whatever was on screen before idle on the screen, and actually turn off.
> ePaper displays are niche, and worse for most personal and business use-cases compared to LCD et al.
Hence we need more resources for R&D to figure out the shortcomings. LCD didn't pop into existence randomly either. It's not a guaranteed win, but neither AI has proven any realized gains in the majority of industries that gambled on adopting it.
Weather agencies funded by taxes should make their data available to everyone, since it’s the public that finances them. Luckily, that’s already the case where I live, but when I travel I have to rely on global sources like Open-Meteo, which are usually less accurate than local ones. Another open (and global) alternative would be great.
I care! I have to cross-reference multiple apps to get a good detailed forecast, a "minutecast" of precipitation, and Canadian humidex and windchill numbers. I haven't tried this one yet because I'm a little confused why it didn't offer me a free trial, but if it gives me all of that then I am sold.
Even restricting the mitigation to "students and hobbyists" is bad.
I should have the right to have parents, friends or anyone use a "free" store that is not under control of Google if the user and app developer wish so. But also, somehow there should be something done to avoid the monopoly forcing to use the Google services. Like major institutions like bank, gov and co being forced to provide alternatives like a webapp when they provide app tied to the Google play store.
> I should have the right to […] use a "free" store that is not under control of Google
Yes, but we also need to stop thinking like we’re trying to please the ghost of Steve Jobs. There is no ”store”. There are installers. You distribute them how you see fit, probably through the web.
These ”alternative stores” angle is a controlled dissent corporate plan B, much like how recycling was propped up by the fossil fuel industry.
But unfortunately, it turns out that some people you interact with aren't actually your friend. That guy that seems totally legit and just wants your sister to install his fun little game/app that he wrote is actually trying to get her to install an app that's going to track your location and read all your messages and copy all your photos. To keep her safe from the "actually" bad people, of course.
By default their app cannot though because Android uses proper sandboxing and gated API access. So you actually have to give the app location access, access to your messages and access to your photos.
Well, unless you use one of the many crappy Android devices that never get security updates, are running old kernels, old vendor security patch levels, miss all Android security patches, except applying the backported security bulletins every three months (1-2 months late). Yet, Google is happy to certify them as Android devices.
It was never about security, it is about control. If it was about security, they would have revoked the GMS licenses of pretty much every vendor outside Google themselves and maaaaybe Samsung, until vendors actually started caring about security. If it was about security, there would not be as many scam apps in the Play Store itself.
Back to your sister, the proper solution is to educate her (and everyone else) not to give apps unfettered access when they ask you to, plus let Google implement more security measures that systems like GrapheneOS already have (contact scopes, sensor permissions, network access permissions, etc.).
The tricky bit with that is it would get a monopoly lawsuit from manufacturers with a lot more money to throw around quickly. The biggest problem in improving android security posture is getting manufacturers to have robust security and release updates without getting monopoly lawsuits.
It also doesn't help that mobile carriers can delay updates for months. Thanks T-Mobile.
> Well, unless you use one of the many crappy Android devices that never get security updates
You mean those crappy devices that let me record my phone calls and let the voice recorder continue recording the lecture even when the screen is locked?
Actually, what Google does is totally legit because they pester you constantly about "sharing your location/photos/installing Gemini" until you accidentally press yes, and they can say they have your consent. So they are actually the good guys.
I concur, and find it abhorrent. And wish more people would kick up a stink about this. We need a publication or channel that talks about rights like this. I don't know of any that do a decent job. I donate to my local best option.
> That guy that seems totally legit and just wants your sister to install his fun little game/app that he wrote is actually trying to get her to install an app that's going to track your location and read all your messages and copy all your photos.
1. Stop requiring computers/phones for everything. Your 91 year old grandma isn't going to make her way through your super cool very intuitive 2FA magic link email confirmation system, and I don't WANT to make my way through your super cool very intuitive 2FA magic link email confirmation system.
2. teach the people who need to use computers, how to use them.
I never said anything about 2FA magic links? We can do much, much better via things like FaceID integrated passkeys, and probably further steps from there.
> Stop requiring computers/phones for everything.
Ah yes, that sounds straight forward. Let us know when you’ve deployed that to prod.
I'm far from a Google apologist, but at the end of the day don't they have the right to write software however they want it? You have the right to build things the way you want to, fork Android, etc etc. If you're trying to say you have the right to tell Google what the code their employees write can do, well, I don't really agree with that. Sounds coercive, honestly. I wouldn't want them to do that to you and I don't want you to do that to them.
Does a business have right to produce whatever it wishes even if it affects the environment ?
Does a business have right to pay literal pennies per hour if it manages to find people willing to work at that pay ?
Does a business have right to lace food products with addictive substances for repeat customers and profit ?
All these cases are already happening today at some level depending on who you ask. But they don’t tilt to extremes because we have laws in place to maintain balance between business needs and collective good.
This move by Google will tilt that balance forever towards absolute duopoly in mobile computing space. It is time for legislation to avoid that.
No they don't. They couldn't legally write software to hack into the Pentagon and launch nukes at North Korea. They couldn't legally write software that live streams your camera to them without your actual consent.
No, Google does not have the right. If you're building roads, you don't have a right to build them unsafely. Doesn't matter if they're privatized or not; they're important infrastructure for which we don't have meaningful alternatives.
It is little surprising a lot of smart people somehow miss this simple logic.
Android is massive and extremely popular and I know several people who have been scammed already. It is important that Google makes this harder for scammers.
Google is not doing this to harm developers but to protect their users.
You already get a pretty scary warning when you try to install an app that was downloaded outside the Play Store. If people still install malware, that's the responsibility that comes with freedom. Your line of reasoning can be applied everywhere in life - people should not be able to do their own bank transfers or use a credit card, I know several people that who have been scammed already.
Moreover, there are better ways to protect against malware: 1. educate people; 2. rather than using whitelisting, use blacklisting (similar to XProtect on macOS).
Finally, the argument is not very strong on Google's side, since the Play Store itself has had its history of scams. Which, again is easier to protect against by educating people. No, don't put your banking information in a random app you downloaded from the Play Store (use the app that your bank tells you to). Do not install random keyboards from the Play Store. Etc.
This is "think of the children/grandma" logic. There is a different between maintaining a company store where everything is verified, and forcing everyone to use it.
Google shouldn't be able to hold a vertical monopoly, on what apps can run, what os's are allowed and what hardware can be used on devices that run Android, rest solely on this weak excuse that someone might harm grandma.
Oh, and of course, if grandma gets scammed by a app in the Google store, Google isn't in any way held responsible. Such garbage, two-faced bs.
1. The ownership of security can be entrusted with the user. For example, if the user wants to install a 3rd party app store that doesn't use developer registration, they should be able to do so. The consequences of that decision should be on the owner. FDroid is one such app store. But I trust it over play store any day.
2. Careless users can be prevented from making such decisions, and capable users can be prevented from making mistakes, by careful UI designs that provide copious warnings and require deliberate actions. We have plenty of examples for both. An example for a system that prevents mistakes with warnings is the certificate trust override in browsers. They allow you to override rejection of untrustworthy certificates, but not before you read a lengthy warning message and click a couple of buttons. Similarly, an example of a deliberate action is when you want a repo to be deleted on github or gitlab. They force you to type in the repo name as confirmation. Not only does it take multiple key strokes, it forces you to review what you're actually deleting.
> Google is not doing this to harm developers but to protect their users.
No. Google is doing this to satisfy their insatiable appetite for profit growth by squeezing their current revenue streams. This protects no one, but their shareholders and top executives. I'm a bit ashamed to have to explain this on HN.
> I'm a bit ashamed to have to explain this on HN.
Don't be. Like it or not, this is a site run by venture capitalists and populated most heavily by software engineers, both of which have historically been treated well by capitalism.
Although it's improved in recent years, I've noticed there's still a lot of corporate bootlickers on this site.
I think you're getting downvoted because of your slightly strong language. Well! We will know that soon, based on how this post fares! The problem I find is that some people argue on the basis of outright weird logic, while neglecting the obvious. I really can't tell if they're talking on behalf of someone else's commercial interests, or if they really believe what they say.
You're probably right about why I'm getting downvoted. But, you know, in my honest opinion, those people are just further demonstrating my point. They're probably actually paid well, or at least are afraid to badmouth the hand that feeds them.
But people need to realize that most of the population aren't treated well or paid well. Most of us don't have the luxury of being SWEs, or even white-collar workers for that matter. Most of us struggle to even put food on the table and have to scrounge week to week, let alone month to month.
So, I'm not bothered by the bootlickers downvoting me. At best, they're fooling themselves; at worst, they're class traitors.
If you ask me, the time for tactful language is long over.
> But people need to realize that most of the population aren't treated well or paid well. Most of us don't have the luxury of being SWEs, or even white-collar workers for that matter. Most of us struggle to even put food on the table and have to scrounge week to week, let alone month to month.
+1
> If you ask me, the time for tactful language is long over.
Sadly, I reached the same conclusion a while ago. Subtlety seems to have lost all value and too much is at stake to keep on appealing to everyone's sensibility.
Also something that frustrated me a lot is that when browsing with the web browser on a computer, there is absolutely no way to share a link to a post.
For exemple there is a post with details about an event that will happen, when you look at available options: you can't click on it to go to a dedicated page like on LinkedIn, there is no option in the menu to have a shareable link. You can share with: someone on fb message, a group, your wall, things like that but no link.
There's a perma-link when you click on the date of the post. But you're right, on the 'Share' button they have 5+ options, none of them is "copy link" or similar.
Because that is a lot of energy spent too have done advance research for an UI that is basic (just a checkbox), not particularly great and common before and after cloudflare...
And a personal rant, I don't understand how they can be proud of themselves when you see the wasted time and energy supported by users to browse the pages that are being Cloudflare.
Imagine this billions of "click-wait" uselessely done by users everyday worldwide
reply