A private license? Doesn't that practically mean no one can copy it outside of the usecase of doing a Github pull request as prescribed by the Github licensing?

yeah especially for vibecoded apps.

What the heck is going on in the commits though, the messages are useless ("Update frontend (1 files)") and there's tons of "Initial commit — CryptIRC v0.3.0" commits.

The index.html is insane. 12.5k lines long, everything embedded in it

I think it would be a better approach to not pre-emptively burn oneself out with stress by viewing everything through a political lens at all times.

But everything that touches how society functions, what it values, how it is organized etc. is political.

There are several senses to "politics". You are right in that, in the general sense, politics is any collective negotiation of what matters to the group. There are objectively optimal ways to achieve a goal, but choosing what goals to pursue, and what benefits are worth what costs, and who they will affect, that is rather subjective and the realm of politics. In that sense politics is fundamental and valuable.

But in a more concrete sense, politics also refers to our tendency to join opposing teams or tribes and fight it out, more or less literally. In that sense, "everything is political" can mean viewing everything as a fight between groups, or worse, associating everything to the conflict between the two dominant groups. That is quite toxic.

Ah yes, “free” as in “paid.” Certainly you’re welcome to not participate.

Free as in "free" for >99% of participants, even successful ones, because they will have hundreds or thousands of participants but will only pay out to one of them no matter how many vulnerabilities are found.

Depending on industry, that payout can be less than a security audit. You only get a chance of getting paid. You don't even know if they gave the LLM the answers that you are supposed to recover.

> $25,000 to the first true universal jailbreak to clear all five questions.

Now, laws vary from place to place, but I'm pretty sure "a small chance to earn money after the work is completed" is not equivalent to "payment" in most jurisdictions.

I think its more the concept of https://en.wikipedia.org/wiki/Superforecaster stuff

https://arxiv.org/abs/2409.06203 the study

Instructions given from the twitter thread but are probably slop:

Samsung:

Menu → Settings → All Settings → General & Privacy → Terms & Privacy → Turn off "Viewing Information Services"

LG:

Settings → General → System → Additional Settings → Turn off "Live Plus"

Settings → Support → Privacy & Terms → User Agreements → Turn off "Viewing Information"

Roku TVs (TCL, Hisense, Philips, Insignia, Onn, Sharp, and others):

Settings → Privacy → Smart TV Experience → Turn off "Use Info from TV Inputs"

Settings → Privacy → Advertising → Turn off "Personalize Ads"

Sony:

Settings → All Settings → Turn off "Samba Interactive TV"

Vizio:

Settings → All Settings → Admin & Privacy → Turn off "Viewing Data"

Amazon:

Settings → Preferences → Privacy Settings → Turn off "Device Usage Data", "Collect App and Over-the-Air Usage", "Interest-Based Ads"

FWIW, I would not trust LG here to actually do nothing even after turning all the elements off, their GUI is especially "web"-like. Just leave it disconnected.

I don't understand why people can't just get a secondary device for accessing live streaming programs. There's numerous devices you can buy that do it.

TVs should not be connected to the internet. The incentive structures are just too bad against the user.

They'll probably start making them with sim card and modem at some point. I can picture it now on a future ebay listing: faraday cage for your tv - only 99.99!

How do you know the TV will not also screenshot the HDMI input? That’s what I would do if I were looking to further milk the rubes buying my tv.

The TV can take all the screenshots it wants in that scenario. It isn't connected to the Internet

It seems like they do? That’s why gp suggested disconnecting the Wi-Fi entirely.

I thought texas sued them all because they did it even after changing settings.

Those preferences get turned back on after firmware updates, which is yet another reason to disconnect them entirely

Do you have links to #2

Restic + rclone personally, with a wrapper script to glue things together nicely

What's the advantage of additionally using rclone vs. just restic?

Mostly because it allows decoupling authentication to a given remote, away from restic. easier to use `rclone:remote:folder` than needing to provide a remote + a separate set of env vars to authenticate with that remote.

Not an issue in most languages, but I'm using bash, so its more of a bother.

https://www.theguardian.com/australia-news/2024/nov/05/sessi... they moved more than their infra

> They also require a phone number even!

"You don’t need a mobile number or an email to make an account with Session." - https://getsession.org/faq#identity-protection

From your link, it explains that they have to Switzerland:

"The developer of Session, an encrypted messaging app, has moved operations to Switzerland as ‘being in Australia just threatened our credibility as a privacy tool’."

What else in particular are you talking about?

With the phone number, I may have not remembered correctly for this particular software. If I could edit my comment, I would add a note.

But when going to the FAQ link I remembered how bad this piece of software was especially promoting cryptocurrency. I would never want a messenger to promote crypto, such a "Signal"

Edit: used different quote from the article

> > What language was RollerCoaster Tycoon programmed in?

> It's 99% written in x86 assembler/machine code (yes, really!), with a small amount of C code used to interface to MS Windows and DirectX.

https://www.chrissawyergames.com/faq3.htm

Wow. It reminds me of those guys who run a marathon carrying a fridge. Impressive, but ...

Yeah but imagine that if it was writte in anything else it would never had made it to the shelves with the processor power back then.

Programs spend the vast amount of their cycles in a small sub-set of the code. There is generally very little to be gained by optimizing code that isn't in the small subset.

Maybe a max-age field for the package manifest? For things like programs that are expected to be finished, this can be infinity, but for things that are expected to move with a complex ecosysten, could set it to 6 months? Past that point, a prompt is shown to confirm the user wants to install a likely-depreciated package? That way people won't be accidentally exposed to issues from downstream package maintainers being rendered unable to maintain their packages

It's not only the age and CVEs but also the provenance. Those third party uploads could come from any rando and could be clean or could be packed with malware.

Such items should have a red banner: CAUTION, unofficial, use at your own risk. The other approach is like Docker hub has "docker official image" for popular ones.