- This is a fine mentality when it takes a certain amount of "Internet street smarts" (a term used in the article) to access the internet - at least beyond AOL etc.
But over half of the world has internet access, mostly via Chrome (largely via Android inclusion). At least some frontline protection (that can be turned off) is warranted when you need to cater to at least the millions of people who just started accessing the internet today, and the billions who don't/can't/won't put the effort in to learn those "Internet street smarts".
- Mainly the theory that, if you can’t use downloaders to download videos, then people will no longer see YT as the go-to platform for any video hosting and will consider alternatives.
And I call that a theory for a reason. Creators can still download their videos from YT Studio, I'm not sure how much importance there is on being able to download any video ever (and worst case scenario people could screen recording videos)
- > I'd love some case studies or anecdotes about the real-world threats that using an old devices exposes me to.
The Apple patch in the OP is in regards to a zero-interaction exploit that compromised the device to install spyware etc.
> Impact: Processing a malicious image file may result in memory corruption. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.
- I mean, it’s a legitimate concern. Google is bleeding so hard right now from Gen Z and especially Gen Alpha deciding to use ChatGPT first and foremost when asking questions that Google would’ve answered previously. Whether or not that means they should keep Chrome as a product is up for debate.
- > Make it require a difficult/obvious factory reset to enable, if you are concerned about someone being "tricked" into turning off the lockdown.
Is there also a way to make it obvious to the user that a device is running non-OEM software? For example, imagine someone intercepts a new device parcel, flashes spyware on it, then delivers it in similar/the same packaging unbeknownst to the end user. The same could be said for second-hand/used devices.
It's potentially possible the bootrom/uefi/etc bootup process shows some warning for x seconds on each boot that non-OEM software is loaded, but for that to happen you need to be locked out of being able to flash your own bootrom to the device.
- Things like maintaining a community’s cohesiveness (eg via restricting exterior cosmetic changes, requiring lawn maintenance, etc) are in the HOA contract in an effort to maintain/increase the community’s home values over time. And, of course, people can choose not to buy a home in a community like this if they don’t agree to the provisions of the HOA.
Even before the 2021 surge in home values, homes on city streets almost never saw as much growth in value (except for homes in the heart of metro areas where people will pay for location to work. On suburban city blocks, home values are often stagnant even in good markets)
- Typically there is a special tax assessment district when inside city limits - for example, my property in Georgia inside an HOA has a city millage of 0.003, but the streets of the community were indeed deeded to the city. On the other hand, if someone wants to build not actually inside city limits, of course they’ll need to pay for their own roads and utility maintenance since the county isn’t responsible for things like that.
- This is a lesson in capitalism. It’s so much more profitable to ignore small users bases when you can just tell them to “try switching to Chrome”.
I think you’re wrong about Safari itself being the reason chrome isn’t a 90%+ market owner; rather, it’s apple’s requirement that no other browser engine can exist on iOS.
- I was going to call this anecdotal evidence based on it never appearing in the top 100 (or so) Nielson rated TV shows for a year, based on the lists for 1984-1995 here[0].
However, it looks like PBS never signed up for Nielson until 2009, so we have limited/no public data on viewership of The Joy of Painting (or Sesame Street, etc for that matter).
http://www.thetvratingsguide.com/2020/02/tvrg-ratings-histor...
- Using a user account to do this is still considered risky since any automated API usage by a non-bot user is against TOS, and they have heuristics (maybe now ML-based heuristics) for banning accounts for 'things that "don't look like what our official client does"'[0].
- E2EE is definitely only possible in DMs (there's no chance for servers/guilds), but the cat is out of the bag in terms of user expectations on how DMs work.
So many users expect their entire decade+ history of DM contents, attachments included, to be available wherever they are and on any device, gated only by having their login/2fa or passkey. Switching to E2EE would be a major overhaul of that expectation, and it would be a huge task to train users to now keep their encryption key safe, backed up, and available across multiple devices.
Although, mostly unrelated, is that they absolutely are going to have to cull old attachments eventually. There are attachments sitting in their GCP buckets that haven't been accessed since 2015. I'm sure their storage bill is in at least a few million a month at this point, even if most is marked coldline.
- User bots (including hacked clients) are officially banned by the TOS, which addresses that concern.
The only acceptable API usage is via bots that server owners choose to invite. And while it might be legally OK (if the bot's own TOS says it), I promise no server owner is expecting an invited bot to slurp up every message for use in a data set, whether that be for academic purposes or a potential stalking/"dirt" database.
I highly doubt this is the most ethical instance of data collection.
- https://www.npr.org/2025/04/15/nx-s1-5355896/doge-nlrb-elon-...
Goes into pretty good detail about DOGE employees going out of their way to obscure their activity on NLRB's Azure account. Surely a plus for transparency in government.
> Within minutes after DOGE accessed the NLRB's systems, someone with an IP address in Russia started trying to log in, according to Berulis' disclosure. The attempts were "near real-time," according to the disclosure. Those attempts were blocked, but they were especially alarming. Whoever was attempting to log in was using one of the newly created DOGE accounts — and the person had the correct username and password, according to Berulis.
I know smaller companies might not have badging systems that can provide such analytics (or badging systems at all), but the Amazon anecdote smells fishy to say the least.