Recent comments in /f/technology

twovests wrote

The onboarding is confusing and alienating to me, and while I'm someone with a high tolerance for that, it makes it hard to recommend it to other folks.

Then there's the performance of the element client. It drains battery and uses a lot of CPU on every device I use it on.

And despite being "e2ee", I only use it for public channels, which make the hurdles of e2ee meaningless (even if channels I were on didn't all have bridges to discords and/or ircs).

I still don't have a mental model for how to do identity/key management with it. Every time I use it, I just make a new account. I understand why keys can't be tied to a username/password, but I would want to at least be able to maintain a consistent identity without having to think about it.

5

hollyhoppet wrote

yes, but irc was really not easy to use for people who weren't the most tech literate, and the alternative those people used before discord was skype (bleeugh).

ideally there would be an easy-to-use, not-for-profit option but we don't really live in a system where projects like that can get enough development resources to solve the usability issues irc and matrix face.

perhaps even an update to the irc standard or something would have been cool.

so like yeah, discord sucks but it does enable more people to connect in an irc-like fashion than irc did. it's a mixed bag.

6

cowloom wrote

all this abusing his authority to air his dirty laundry in public reminds me of someone else I used to know (who will not be named) who did this exact same type of shit, just under different circumstances

it just makes them look bad to everyone, but they're too narcissistic to see it

4

neku OP wrote

its so cool how much hes trying to be like "ohh... you're playing checkers while i'm playing 5d chess, 400 moves ahead" when hes unreservedly posting shit that wp engine lawyers will use in court to score another couple million off him. i simply can't comprehend it (other than remembering that silicon valley executive types have all pickled their brains with ketamine)

7

nitori wrote

It should be said that licensing the WordPress trademark to other companies would obviously be a massive cash opportunity. But since the Foundation and Automattic are already so inextricably intertwined, and controlled by one person, it raises some serious, potentially even IRS-level questions of where that money would be going, exactly. (I’m not a lawyer or a tax expert. It’s just that using a nonprofit to help create a monopoly that funnels money to your own for-profit company, which doesn’t have to pay the nonprofit like the other businesses do because you run both of them, just sounds like the kind of thing federal agencies might be interested in.)

Yeah this looks a lot worse and shadier than whatever Mozilla is cooking with their Foundation / Corporation split lol. At least from what I understand from Mozilla's structure, the money seem to always end up in the Foundation (so the Corporation is just another front to fundraise), while here it's the opposite

7

cowloom wrote

Services like invidio.us, and the ActivityPub sphere, that allow breaking through into JS tracking-laden "web applications" with simple HTML and CSS are a demonstration of a possible future of a web without the useless cruft. Much to the chagrin of its gatekeepers.

Invidious is just fantastic, and I am saddened that Google is trying to strangle it. I browse the web with JavaScript completely disabled, so Invidious and yt-dlp are the only way I am able to watch YouTube videos at all.

2

emma wrote

i believe, based on my legal experience (eight ace attorney games, and i've followed the lawsuits by this guy who cheats in donkey kong), that this is a patent issue, not a copyright one.

so, first, you need to know the patent being violated. i believe it to be this one: https://patents.google.com/patent/US20210349631A1/en

then you need to email steve jobs and tell him that this scummy outfit is misappropriating his invention.

3

flabberghaster wrote

I think not everything needs to be HTTPS; like I don't care if the NSA knows I'm reading web comics generally speaking. But the push for everything to be https is kind of more about the non technical users, who don't understand what should and shouldn't be.

You want them to be mistrustful of a non HTTPS site that asks them for payment or login information, because it's marginally harder to set up a phishing site with a valid cert (or it was...) Than it is to just make it straight HTTP so the browser doesn't say "yo dude this site's cert is a little fishy".

That and there were cases of people getting their login credentials stolen at the coffee shops because bad webmasters were not securing things they needed, and now most browsers won't even let that happen. So I think it is marginally better.

4

nitori OP wrote (edited )

Oof yeah https in localhost fucking sucks lol. And funny you mention that since yesterday I did some python exercise in university where I basically made a very simple TLS server and a TLS client connecting to it exchanging raw data. It's supposedly an example of a "VPN" for my "Information Assurance and Security 2" course but I didn't see any VPN or IPsec shit in the sample code lol (professor still approved tho when I showed the code working). But it did need a self-signed cert in the server and the client specifically trusting that cert in its cafile= for ssl.create_default_context, which the lecture didn't hint at all, or try to disable the certificate verification in the sample code given (just learned right now I could've added CERT_NONE in the ssl context to disable cert verification, but eh :P)

4