I am angry about it constantly, but to be fair, IRC is pretty awful. You need to selfhost a bouncer to get a halfway-usable experience. And Matrix is really really bad to use.

Discord should be a public utility! Servers should be servers!

all this abusing his authority to air his dirty laundry in public reminds me of someone else I used to know (who will not be named) who did this exact same type of shit, just under different circumstances

it just makes them look bad to everyone, but they're too narcissistic to see it

that is his middle name

the admins should change his username to crouton if he does come here lol

its so cool how much hes trying to be like "ohh... you're playing checkers while i'm playing 5d chess, 400 moves ahead" when hes unreservedly posting shit that wp engine lawyers will use in court to score another couple million off him. i simply can't comprehend it (other than remembering that silicon valley executive types have all pickled their brains with ketamine)

it's good that matt is following the legal advice any lawyer would give you: 'keep posting'

also if we're lucky, he might sign up here and yell at us

It should be said that licensing the WordPress trademark to other companies would obviously be a massive cash opportunity. But since the Foundation and Automattic are already so inextricably intertwined, and controlled by one person, it raises some serious, potentially even IRS-level questions of where that money would be going, exactly. (I’m not a lawyer or a tax expert. It’s just that using a nonprofit to help create a monopoly that funnels money to your own for-profit company, which doesn’t have to pay the nonprofit like the other businesses do because you run both of them, just sounds like the kind of thing federal agencies might be interested in.)

Yeah this looks a lot worse and shadier than whatever Mozilla is cooking with their Foundation / Corporation split lol. At least from what I understand from Mozilla's structure, the money seem to always end up in the Foundation (so the Corporation is just another front to fundraise), while here it's the opposite

Services like invidio.us, and the ActivityPub sphere, that allow breaking through into JS tracking-laden "web applications" with simple HTML and CSS are a demonstration of a possible future of a web without the useless cruft. Much to the chagrin of its gatekeepers.

Invidious is just fantastic, and I am saddened that Google is trying to strangle it. I browse the web with JavaScript completely disabled, so Invidious and yt-dlp are the only way I am able to watch YouTube videos at all.

Rapid, calendar-based release schedule really ruined it. New versions used to feel like real milestones...

i remember firefox 3 being a huge celebrated event. we are now on firefox 130.

thank u for sharing this post

thank u so much

will be doing so. i think the steve jobs email must be monitored so this will be funny

i believe, based on my legal experience (eight ace attorney games, and i've followed the lawsuits by this guy who cheats in donkey kong), that this is a patent issue, not a copyright one.

so, first, you need to know the patent being violated. i believe it to be this one: https://patents.google.com/patent/US20210349631A1/en

then you need to email steve jobs and tell him that this scummy outfit is misappropriating his invention.

I'm proud to say I actually know a few of those

I think not everything needs to be HTTPS; like I don't care if the NSA knows I'm reading web comics generally speaking. But the push for everything to be https is kind of more about the non technical users, who don't understand what should and shouldn't be.

You want them to be mistrustful of a non HTTPS site that asks them for payment or login information, because it's marginally harder to set up a phishing site with a valid cert (or it was...) Than it is to just make it straight HTTP so the browser doesn't say "yo dude this site's cert is a little fishy".

That and there were cases of people getting their login credentials stolen at the coffee shops because bad webmasters were not securing things they needed, and now most browsers won't even let that happen. So I think it is marginally better.

Oof yeah https in localhost fucking sucks lol. And funny you mention that since yesterday I did some python exercise in university where I basically made a very simple TLS server and a TLS client connecting to it exchanging raw data. It's supposedly an example of a "VPN" for my "Information Assurance and Security 2" course but I didn't see any VPN or IPsec shit in the sample code lol (professor still approved tho when I showed the code working). But it did need a self-signed cert in the server and the client specifically trusting that cert in its cafile= for ssl.create_default_context, which the lecture didn't hint at all, or try to disable the certificate verification in the sample code given (just learned right now I could've added CERT_NONE in the ssl context to disable cert verification, but eh :P)

i've seen projects be deployed to production with NODE_TLS_REJECT_UNAUTHORIZED=0, thus disabling certificate verification for any tls connection made by the application, because now we need https during local development which is a huge pain in the butt to set up.

dear god

i actually lean towards liking webp so i'm going sickos yes reading this

i don't think that's desirable. this is one esoteric browser setting i'm not willing to make concessions for.

u/emma I wonder if we actually need to use the browser's Referer for the (un)pin function. Wouldn't it be better if the user gets redirected to the forum's page always anyway so they can see clearly the effect of the pin?

There's a Medium article I read which is probably AI-written stating that "HTTP/1.2" was made in 2009 lol

2011

awwh

Both Basic and Digest access authentication are improved to provide a better native-looking browser-based experience than form-based authentication.

Oh how I wish we got Cookie-based authentication implemented straight in HTTP itself instead of having to use forms...

The spec has been updated with a new set of accepted headers - and in a break with past tradition, any header not in the list of accepted headers is to be rejected by a compliant server.

Wait that just breaks backwards compatibility with HTTP/1.1, how can this joke protocol be 1.2 lol

Actually perhaps we might not need compression for the response headers even, but some sort of ETag.. There'd be like a Headers-ETag for the unique value and Headers-ETag-Names (I'm not satisfied with this name but can't think of something better) for the list of redundant headers to not be repeated in subsequent requests

Anyway while it's cool to know that the HTTP/2 connection error code exists, I have zero clue on how to make nginx return it (or force it in a situation where it returns it) lol

https://github.com/search?q=repo%3Anginx%2Fnginx+HTTP_1_1_REQUIRED&type=code