I can understand that way of thinking, but

• you’re at risk of becoming dependent, and not building the understanding you’ll need to make something that matters
• many things start out as hobby projects that end up mattering after all

Computers have become more complicated than when he learned to code and was “typing in programs from computer magazines.” Vibe coding, he said, is a great way for people to “get computers to do something that maybe they couldn’t do otherwise.”

But the equivalent would be to take tutorials, examples and small open source projects and tinkering with them, rather than asking a machine to do it for you, no? I guess we’ll have to see how this affects young / beginner programmers going forward. I’d rather be careful than just hoping it all works out fine.

Selhosting and a vpn are optional depending on your use case; the app works with niether to help users try it out and get started. Like all secure messaging apps, its better to selfhost given the option.

I’d say self-hosting is done for control over your data, not security. A typical end user will not know how to self-host, how to pick a privacy-respecting VPN, let alone secure their system. If your aim is to get to that same level of security, then I feel like the current direction is flawed, at least from what I took away from the readme.

Or, in other words, “self-hosting is more secure given the option” sounds kind of like “writing your own software is more secure”.

This project is aiming to create the most secure and private chat app. It will heavily depend on how you use it. Here are some reccomended security optimizations/advice to keep your data secure and private:

• Use a self-hosted instance of the app.
• Use a VPN to protect your data from being intercepted.
• Only connect to trusted peers.
• Validate public key hashes.
• You and your peer should use a secure device/os/browser with the latest updates.
• use general security practices like not sharing sensitive information, not clicking on suspicious links, etc.

These recommendations are bizarre.

• Is it really P2P if you need to a host your own instance?
• Use a VPN? So a company can now track you instead of the ISP?
• If it’s aiming to be safe, then why not share sensitive information?

If you want secure and private, then I would first look at Session.

And of course, that response cost you one wish credit.

most of the the Arch cult forget to mention that

The “Arch cult’s” holy book, the ArchWiki, states the following pretty clearly:

Warning: AUR packages are user-produced content. These PKGBUILDs are completely unofficial and have not been thoroughly vetted. Any use of the provided files is at your own risk.

Mention of one’s use of the AUR for their needs doesn’t need to come with a disclaimer.
People who don’t read or don’t use their brain are going to keep not doing so, regardless.

To add to what you’re saying: To be fair, most of the lawsuit I don’t really agree with, but maybe it’s just laying it on thick.

Part of the argument is them trying to separate the Steam “Store” from the Steam “Gaming Platform”, and in many ways that’s obviously not possible. But they say that because of Steam’s monopolistic-ish position, publishers can’t not be on the “gaming platform”, because it’s where most people want their games, or else they’ll lose out of a large chunk of money. (And without it, these games likely would not be made in the first place.) Thus Steam can force these unfair terms on developers.

There was also this portion on discounts that was quite revealing:

20. For example, Valve has set up visibility in its Steam Store to focus on games that are nominally “on sale” to gamers. Knowing that the best way to reach their audience is through discounting, game publishers must artificially inflate their list prices so they have headroom for discounting. But the “sale” price is not consistently available, and therefore some gamers pay an artificially inflated list price for the game. These supracompetitive prices increase Valve’s cut, force gamers to overpay, and prevent publishers from setting the most efficient game prices they could in the first place. Even worse, these supracompetitive prices are transmitted across the broader market by the contractual restraints discussed above.

They’re admitting to inflating games’ prices, so they can then offer a fake discount that’s closer to the actual price they actually wanted the game to be. And then they complain when Valve doesn’t let them list a game on sale for an extended period of time, just so they can essentially scam people. (Probably, once again, standard in the industry and elsewhere, but I feel like that’s gotta be banned by EU pro-consumer laws.)

The EU can and should force Steam to get rid of the MFN clause. All Valve needs to do is to let competing stores price games cheaper than on Steam. (So long as Steam services are not involved with that off-Steam purchase.)

There’s still plenty of benefits Steam provides to customers that many may choose it over a different store even if they could get the game for cheaper. And Steam also provides developers with tools that make Steam worth it, like Steam networking and cloud saves. As Gabe Newell famously said about piracy, but I believe this applies in this case too, it’s simply a service problem.

And this was only mentioned in a footnote in the complaint document, though I saw it many times when browsing through the earlier lawsuit documents. Interestingly, this sounds like it should already be illegal in the EU, as per the Wikipedia link you gave.

How clear is the wording? Is it possible to find the text of the terms / agreement / contract online? Or is it covered by an NDA?

This is true! Vintage Story does it, for example. They’re doing okay from what I can tell, but it’s more of an exception. It’s pretty clear that they are losing out on potential customers. Notably, you also lose out on regional pricing, which is pretty difficult to set up yourself. If you’re creating games for a living, you don’t have much of a choice about whether you put your game on Steam.

Because we are talking about someone using AI for most if not all tasks that involve thinking and/or creativity, as if it was any other tool.

First of all, it’s hypothetical. If only for the fact that using a wheelchair in real-life actually greatly increases difficulty getting around. The point is that if you don’t lose your muscles, they get weaker. Happens with anyone that has an accident that causes them to be unable to use their muscles for a prolonged amount of time. See also: Astronauts needing to exercise while in space or back on earth because they’ve not had to use many of their muscles as much due to lack of gravity.

That’s not true, it makes me more efficient!

ChatGPT, write a thoughtful response to this article that proves that AI makes people smarter. Make it multiple paragraphs. Find a way to include Microsoft requiring all its programmers to use Copilot (or else they get fired) in a positive way.

Also please give me a summary of your response, because I don’t want to bother reading it all.

Fair point, but many photos are not edited to the point of fundamentally changing them. I wouldn’t call a touched up wedding photo a “fake”.

edit: I guess I was distracting from the point. Yes, “AI” already implies “fake”. Guess if someone were to look for “how to spot fake photos” this would help them find this video?

TL;DW:

• Check the “residual noise”
• Parallel lines should converge to a single point (vanishing point)
• Connect shadows to what casts them, extend the lines, they should meet at the light source

As opposed to fake photoshopped photos, I suppose?

That probably counts as a privileged page, as in something uBlock Origin can’t access or modify.

Mozilla has probably been running another “experiment”, meaning not every user is affected. In the past they claimed it’s not advertisements because they are “continually looking for more ways to say thanks for using Firefox”. (Bullshit.) If you go to Settings > Home, you disable anything you don’t want to see, or just set your home page to a blank page, period.

JavaScript is already sandboxed. You can only execute functions where there is an actual API defined by the browser to do so, for example Date.getTime(). There is / should be no way to get, say, your device ID. (With the exception of unpatched exploits that allow executing arbitrary code. But keep in mind browsers are likely one of the if not the most security tested software.)

What you linked to here appears to specific to Google Tag Manager in a way that I don’t fully understand, but is not related to how websites usually execute JavaScript code.

Can you link to a source that confirms this information can be collected with JavaScript (with browser comparison, ideally)? That seems outrageous if it was actually possible.

What is meant by “sensitive information” here? Browsers can’t just willy-nilly access your local files or something like that. The one thing I can think of is using JavaScript to collect information that can be used to identify you. (Is that “sensitive”? I’d put that in “identifying information”.) My honest suggestion is to keep using NoScript and just allow as few domains as possible. The next best option is to stop using websites that break without JavaScript when there’s no reason why they’d need it.

I can imagine there being a plugin that spoofs some common ways that allow sites to identify you cross-sessions / browser / websites without your consent, but blocking JavaScript (by default) is likely one of the best ways to reduce the amount of information collected about you. When you do find such a plugin, check out one of the “browser fingerprint” testing sites to see how unique your fingerprint is.

(That is, if I even understood the request properly in regards to the “sensitive information” bit.)