(PGP public key) https://posteo.de/keys/marius.g@posteo.com
(Fingerprint) 6033 C2CB FD7B FEDE FBE0 AB0C 2E3A B23D 4AC1 BD69
- I had to use it a couple times recently in Firefox on Android, and it's a nice thing to have.
The UX is not polished, and not responsive. No indicator that translation is happening, then the interface disappears for the translation to materialize, with multisecond delays. All understandable if the model is churning my mobile CPU, but it needs a clear visual insicator that something happening
- Not only idiots. They bank on laziness. One time you enable something by mistake then you might not spend the time to find the well hidden option to disable it.
Which reminds me, anyone know the precise location where one would disable Google's Gemini on their account?
- I think that moderation should be pushed to the individual user to avoid censorship, but not in the form it's currently implemented by all these platforms.
To give an example on how I think moderation should work. If I follow you and you follow me on some nonexistent platform Y. You see the content I upvote, and I can see the content you upvote. So we'd start with block all by default, with transparency of why something is in one's list.
I pitched a P2P platform like this years ago to NLNet (taking heavy inspiration from I2P's Syndie app, minus the funky UX), though I didn't manage to get any funding due to missing clout as a public developer; to lead such an effort.
- Google Meet comes by default on some Samsung TV, cannot be deleted, or disabled, and neither can the microphone permission be remove from it.
Smart TVs, more like Spy TVs today.
- There is also Mailvelope, a browser plugin, that simplifies PGP encryption across web email clients.
- > I wish the client stored it decrypted once received.
Me too. I already have my systems with fulldisk encryption, I need the communication to be end encrypted.
Email clients (like Thunderbird) keeping emails stored encrypted, just makes it harder for these tools to search, label and automate stuff around content.
- > Tor browser team doesn't want to for simple reason: fingerprinting.
I don't understand this given reason. If they package in uBlock origin across their desktop and android browser. Then everybody will have uBlock origin so the same fingerprint. If the reasons are different subscriptions lists that users might enable/disable, sure that's fingerprintable, just make a disclaimer about that if users want to modify the default lists.
- And significantly faster to access onion websites than go through exit nodes, which are probably saturated most of the time.
Reddit over their onion website is very snappy, and compared to accessing reddit over VPN it shows fewer issues with loading images/videos and less likely to be blocked off.
It would be nice if more websites were available as onion addresses (and I2P as well).
edit: also if the Tor browser (desktop and mobile) would ship with ublock origin bundled, that would further improve the experience (Brave browser Tor window compared to the Tor browser is a night and day difference)
- No, it's still pretty cool, easy to use with low operational complexity in low volume read-mostly projects: CMSs, blogs, ecommerce platforms.
- Thanks for the perspective. I actually think the complex parts you mention are relatively easy nowadays.
If I were to implement it today I would probably use a centralized authorization service "authentication gateway" with something like forward_auth in Caddy to "tag along" configuration data with the request (teams, instance landing page etc. including encrypted database configuration storage, encoded as a JWT) https://caddyserver.com/docs/caddyfile/directives/forward_au...
I think the hard part is having enough discipline within a team to mostly work with backwards-compatible database changes, the automation to make that seamless, and the will to be proactive with the possibilities of this setup.
- Has anyone here, that's built SaaS software, tried to use a one database per customer approach?
It's been in my mind for a while, as an easy way to isolate customer data, make migrations easier and build monitoring for per customer resource usage.
Haven't seen this approach used in practice yet, and didn't get the chance to architect new SaaS products in the last few years and try it out long term.
- > which can just technically run it on their servers without too much modifications or release the modifications and still compete against the original AGPL party
Sounds like you want "monopoly as a license" :)
Big companies will rather ignore your project than use an AGPL licensed product. For them it's just not worth the hassle.
Maybe 1 out a 1 billion software is so revolutionary that licenses be damned. But maybe we should temper our expectations a bit around the software we build!
- I don't mind the idea of contributing back with fixes on a sources available project. Especially in the context of work.
It does however make it unlikely for me to pick and use the project in the first place.
And definitely not a fan of living through the "era" of open source term washing, post truth, tech influencers and their echo chambers.
DHH says Y, now dozens of impressionable Xs will start parroting the same thing.
- > The rules just keep growing faster than the AI bubble.
No they aren't.
What you have, and of interest to digital companies are.
GDPR (2016), for all operating in the EU. You get the gist of it in an afternoon.
The AI guideline (2024), also readable in an afternoon, and it mostly has provision that make life harder for those in law enforcement, and healthcare tech.
DMA (2022), only affects the select few at the top Google, Apple, Facebook, etc.
Show me where these bubbling "inscrutable" regulations, that push business away, are.
- > And if the US doesn't jump to your aid?
Pretty banal answer, countries will "just" fight.
Even without NATO, the EU countries already have a defensive pact.
Which as a sidenote is why the dismantlement of EU looks like appealing proposition to both Russia, and the US (for different reasons).
The US would make such a war easier, and fewer lives would be lost, given it's tech, and intelligence network. With or without the US, Russia would lose such a war.
Only way nukes play into it is if a shithead like Putin says "fuck it", seals himself in the bunker and hits the nukes. But then we are all cooked, whichever country does that, since mutual assured destruction comes into play.
In terms of political and societal effects, really interesting question worth pondering about. How would the other NATO member countries retaliate if the US wouldn't join in defense. That would be a big betrayal, so I hope that at the very least all US assets are seized, and US companies nationalized across the EU.
- He's not right either because he makes large vague claims. If we want to discuss it on clear subjects.
The "free" Europe has, and always will, thank the US for their help during WW2.
The US didn't protect us until now, because there was nothing they had to protect us from. US pulled it's allied NATO members into war in Iraq, if we're tallying things up.
With the invasion of Ukraine by Russia, both the EU and the US came to aid because a sovereign, close to EU, nation is invaded. No one was forced to do so. It's a matter of adhering to principles, that in theory are, shared by the "western" countries.
Realistically the US would have to jump to our aid if Russia's attempts outreach their Ukraine war. But that is because that's part of the deal we all made when becoming members of NATO.
And in terms of "subsidizing". That's the most outlandish claim, the US military industrial complex is so large for a reason. It's due to benefitting directly from the international government contracts, the technology it's building and selling (let's leave aside the shady and corrupt aspects of it for this topic)
The small amount of investment spent on military by European NATO members is a fair claim, but let's not kid ourselves, the grander scope of such spending will, and is going, towards US military tech. In a sense having higher spending is all about pushing more money to the US.
- I don't know the legislation and contract law pertains to funding, and why EU companies need to move to the US to get investor funds (and can't be funded internationally while retaining EU status).
What I can tell you from my experience in seeking out venture/angel/seed funding opportunities in the EU is that many (most) that turn up on search results don't have a "pitch us" form and more of a "we'll find you if we want to fund you". There are also incubators, a la YCombinator, that provide only mentorship and no funding (ie. I would need to quit my job and sustain myself to build a startup).
- A comment that's vague, inflammatory, confrontational, and not at all related to the parent comment.
What I've found surprising is that the __proto__ string is a fixed set from the strings sampling set. Whereas I'd have expected the function to return random strings in the range given.
But maybe that's my biased expectation being introduced to property-based testing with random values. It also feels like a stretch to call this a property-based test, because what is the property "setters and getters that work"? Cause I expect that from all my classes.