Pika

I forsee in the future Microsoft implementing a core electron service, one electron instance that is persistant and just runs, but sandboxes every app that calls it. so instead of an electron instance per app, its just an electron instance that has sandboxed pages that are only managable by the parent process.

it would still be pretty bloaty but, since core structure should only be present in the parent process, hopefully it would be less bloaty

In the US companies(where the company is located last I knew) are legally mandated to report specific things such as CSAM and other things if they come across it.

What the issue should be isn’t the fact that they are reporting it, the issue should be they have the capability to see it in the first place to be able to report it.

This isn’t me defending CSAM or anything like that but, in a decent storage system, google shouldn’t be able to even see what you have, let alone what the images actually are.

I like that you used the term significantly here, because usually the question is use will disappear, which it never will. Being said? open usage of image generation isn’t going to go away, and the same is likely to be said about casual ai chat bots. I do think that eventually when the bubble pops and investors realize that they are blindly tossing money into what is essentially a paper shredder most commercial usage of it will nosedive.

This effect is generally rather rapid, once one major company decides to drop it, usually it starts to snowball. Being said, with less commercial avenues of it, non-commercial projects that use cloud based services for it will likely have their prices increased to make up for the difference, so you may see /some/ non-commercial projects go down if the models aren’t being self hosted, but I don’t think it’s going anywhere

You mentioned it already seems to be decreasing as well? I might agree with that. It’s reached the point where the everyday consumer is saying “well this is cool, and makes it easier, but I don’t know how well I can trust this” and we also have some locations (such as the US) starting to put restrictions making it harder to copyright the outputs, which lowers a lot of its value in a commercial sector, but at the same time, we have big companies still going all in on it. So this concerns me.

I’m not PC but, one benefit of using a central server for syncthing is an always on backup that doesn’t require another client device to be on, it also allows for easier creation of new shares.

For example, with syncthing you can set the “servers” client device to auto approve/accept any shares that are to trusted devices, then when you get a new device, instead of needing to add that device to every device you share on the syncthing network, you only need to add that device to the server and then you can have your other clients connect to the servers share instead of device to device. It’s easier. You can also configure the shares on the server to use encryption by default too, since you don’t really ever need to actually see the files on the server since it’s basically a install and forget style client.

As an example of what I mean:

I have 10 different devices that run syncthing, 9 clients and a “server” client. these clients are not always on at the same time, and as such when I change a file, the files can become desynced and cause issues with conflicts. By having a centralized server, as long as the server is on(it always is) and client itself is online, it’s going to always sync. I don’t need to worry about file conflicts between my clients as the server should always have the newest file.

Then for example say my phone died. Instead of needing to readd every seperate client that the phone needs to share with to the new device, I only need to add the phone as a trusted source on the “server” client via the webui -> click share to that device on every share the phone needs, and then remap the shares to the proper directories on the mobile device. this is vs having to add every device to the phone, and the phone to every device it needs access to ontop of reconfiguring all the shares. It’s simpler, but fair warning does cause a single point of failure if the server goes offline.

yea I have the machine backed up in case this happens. I have noticed that its a mess UI wise. But ipfire doesn’t seem to be stable. every few months it’ll randomly kill itself which will take everything on the network down until i manually restart the machine and then force tell it a new DNS server. It’s something I’ve never managed to resolve on the machine, and I don’t seem to have that issue with my test network with OPNsense.

I’m in the process of switching from ipfire to opnsense myself.

I hate how bloaty opnsense is at first glance but it has so much more control so once I copy my current config I’ll be leaving ipfire in the dust.

I have never thought of doing this. That’s now going on my server.

that sucks, at least they called you instead of you walking in for the job after moving already and them being like “oh you didn’t actually get the job”

I would take that as a solid win in my books. Sr level pay, but lower level work? Sucks that it’s likely more customer facing but, that’s still a W then if they had done everything right.

Worked at one of my jobs for 8 years. Around the 4th year mark they made some decision to add a higher paid training oriented role into it that was essentially meant as a manager role, but you had no actual underlings because your goal was to go area by area and supervise or say where they could possibly do better. I was told I was the perfect fit, and honestly I love training and helping people so it was right up my alley.

I officially trained for the position for almost a year, got the credentials needed for the position and even extra permissions system side to be able to run the position, fully expecting that I was going to be getting the position. Then suddenly radio silence, the training sessions stopped with no followup, I stopped getting invites to meetings.

I eventually asked “hey what is going on” and they said “oh parent company decided that we weren’t good enough to actually get that role”. So much time wasted for getting that position. The only real positive (and why I feel it was a “switch” as well) that came out of it is that they never actually took away the additional security permissions I was given, so I was the only one with my title to have basically full access to anything system side so any issue that came up I no longer had to escalate to a management level or rely on finding someone to have to escalate for me.

Yeah, I had never heard of it, I generally stray away from video based mediums, but I am a little surprised I didn’t come across articles for it, I can only assume that none of the creators I followed covered it.

Although it was kind of funny to see the beginning of that second video, him still trying to do damage control, it looked for a second like he was going to agree that he had screwed up that install because he said it was 100% his fault and then he Backtracked and said that it wasn’t his fault and I’m like so close lol.

I have never seen that page before, but that’s hilarious. I somewhat hope that he did that as a demonstration of, hey, someone may do this because it’s hard for me to wrap my head around someone who uses a computer for a living, doing something like that.

Being said, I think that prompt went above and beyond what was needed. At some point you just need to let the user touch the hot stove top… It stated what it was going to do, stated that it was going to be potentially dangerous and unlikely what the user wanted, and then reiterated that it was core essential packages needed for it to run… I don’t know what else they could do there. I would definitely be against adding further restrictions though. If he was willing to type that in, I don’t know what would stop him from doing that, to be honest, Maybe a…" I acknowledge this would break my system…" instead of it being yes-do as I say. But I don’t know.

Being said hard agree there is zero reason that a package like steam should be able to uninstall your desktop., That was definitely a bug or a misconfiguration with the steam package. That was unexcusable. I just think they gave more than enough information of what that would do and he did it anyway.

I firmly agree at some point the ends don’t justify the means and Android has definitely got to that point with unsigned packages prior to making this change., And I don’t think the ends justify the means to implement such a system. And I definitely think there is ulterior motives for implementing it.

I had thought about it when i was thinking of getting an EV prior. The answer is “yes”, technically, but I didn’t find it cost effective to do so. I don’t own the building, or pay power utility, its bundled in my rent, and whatever power solution I installed would need to run roughly 150-200 ft feet across a lawn and part of an active driveway to get to my designated parking area(I had considered over or under but that also adds cost). Said parking area has already been designated as non-negotiable as the closer parking is strictly for the landlord’s wife who has mobility issues(fully valid). On top of that I have been instructed to not put a constant load on the outdoor outlet, it according to them has high wear on it and they are worried about the risk of putting something constant on it because it used to run as an input for a generator that ran higher than what the line was actually rated for(old building, was before the requirement of a bypass switch, they used to just kill the main breaker before turning the generator on to prevent backfeed, more dangerous but it was how it was done) and almost burned it out, so any solution would be either rewiring the outdoor outlet line from the fusebox on, or installing a dedicated charger line for it and then running it across prior distance. (which I had at one point thought about)

technically possible, but I don’t think it’s cost effective to do something like that, especially considering even if given permission, it’s for a property I don’t own and don’t know how long I would be living here.

Yea the argument stated works better for rooted environments than rootless environments or sideloading.

In a non-root scenario, you would need to specify a few permissions to give a keylogger that amount of access. I think that a big issue is people not understanding that there is a difference between a rooted device or root installed app, and a sideloaded application.

Just because you have a non-google device or a rooted device != you have a compromised device. Applications aren’t going to magically install running as root, every rom worth their salt keeps it a clear isolation between the layers, and some roms don’t even allow you to use the root environment after installing it.

In your standard google phone install? A keylogger wouldn’t be able to be installed without enabling an accessibility permission. It’s not like you can just “oops I just sideloaded a keylogger haha silly me” like described. Both google installed and side loaded applications would require prompting a warning page that very clearly states it allows logging of the screen for the logging part of it to work.

Lets be real though, currently they already have to blow through 4 other warnings about installing unsigned APK and enabled the browser or file manager to be able to install applications. It’s almost certain if they are that far deep/commited, they are going to call the scammer back if the scammer left a number.

Yes this might allow for a time delay where the scammers number could be disabled if reported by enough people, or someone else to be like “yo this is a scam” if they mentioned it but, I don’t think this is as secure as they are saying it will be. The target audience for this is very unlikely to be thwarted by a time delay. Plus, the scammer will make some excuse about how the warning is just a safety percaucion and doesn’t need to be followed as this is a normal usage of the toggle, and then have them call back after the delay is done.

For clarification: the target audience doesn’t know about the scam, and all they care about is that someone is seemingly willing to assist with an issue or problem they have. Said person knows the solution and they just have to wait for the timer to be done to be able to do said solution. They have no reason of telling others about it (unless they were complaining about googles time delay) as they already got someone who is seemingly able to assist.

Honestly, having to have the user type “I agree that I have verified the application i am trying to install is genuine and not a fraudulent app” or a listbox of checkmarks to toggle in order to enable it would be far more efficient for this case.

Hell take the example image the article on the dev page has and make it into toggles instead and it would work far better than a timer does.

yea those charts can be deceiving at times though , charge finder said I had one within 35 minutes I looked at what it was, the station it said is the old town house, and that’s been disabled/damaged(the charger not the building) due to vandalism since mid covid and was never fixed. The other option shown is the high-school but it’s restricted to students and Staff only and is parking pass enforced. I could likely abuse it via visitor pass, but that’s still 40 minutes to get there, time spent charging and then 40 minutes back. They had a town vote to install a community one a few years back at a town meeting but, there wasn’t enough local support for it to get on the official vote.

Being said, it must be nice having the luxury of charging it at home. I don’t have such luxury. If I could I would have jumped on an EV for my last car when I had to upgrade 5 or 6 years ago

not PC but, I mean I can tell you the state I live in the closest EV charger is an hour away if that helps your data set on infrastructure knowledge. That’s my primary reason I have no current interest in EV. I firmly agree infrastructure is not there at this time for it in this state. Maybe in the future it will but until I can easily charge my car either at work or without an hour detour it’s a hard not happening for me.

being said, it has gotten better over the last few years so maybe soon?

I don’t think these can either, they don’t list attack or defensive capabilities on the feature list that I saw, I assume this is just an over glorified video camera that can follow the intruder around.

they don’t learn either cause they dove head first into AI right after.

According to the page, it seems they wanna use their own servers for it.

I’m curious how well their own servers will handle that load, like sure they are used to web traffic but, there is a pretty big difference between downloading files and searches, and an always on VPN. I would expect traffic load to be way higher with the vpn. Granted the monthly cap will mean most will likely just only turn it on when needed like how samsungs free vpn was operated, but still.