Hacker News new | past | comments | ask | show | jobs | submit | eps's comments login

> Over half of US was apathetic and didn't vote.

Not true. Voter turnout was between 59% and 64%.


That is still terrible.

This is part of the strategy. The GOP has continually been disenfranchising voters.

Both parties engage in gerrymandering.


> The GOP has been....

> Both parties engage...

Seems weird to blame the GOP and then immediately point out that this is done by everyone.


They are talking about two different things.

One is gerrymandering, which is drawing district boundaries to build in an advantage for your party. Both parties do that.

The other is trying to disenfranchise people. The GOP have been the ones doing most of that.


How has the GOP been disenfranchising voters beyond gerrymandering?

And please don't say voter ID, nobody is disenfranchised by voter ID.



Reducing the number of polling places in districts that tend to not vote Republican causing very long lines for voting. When it takes hours standing in line, often outdoors in bad weather, it discourages voting. Add to that laws in many states that criminalize providing food or water to people in such lines and it is even more discouraging.

Prosecuting people for innocent mistakes while voting. E.g., Crystal Mason [1]. Or Hervis Rogers [2].

In the Rogers case he was convicted of burglary in 1995 and was in prison until being paroled in 2004. His parole ended in June 2020. He didn't know that he was ineligible to vote, and voted in the Democratic primary in March 2020. The Texas legislature did pass a bill in 2007 that required the Department of Criminal Justice to notify people who had been in custody of their voting rights situation, but Governor Perry vetoed it.

Texas attorney general Paxton had him arrested and prosecuted. Bail was set at $100000. Eventually the case was thrown out because the attorney general does not have the authority to unilaterally prosecute voter cases. He has to get approval from local country prosecutors.

In nearly all these cases the prosecutors are very disproportionately prosecuting minorities and women.

Same with processes to restore voting rights for felons. See Rick Scott's handling of petitions to restore voting rights in Florida [3].

> And please don't say voter ID, nobody is disenfranchised by voter ID.

There are in fact a lot of US adults without an ID that works for their state's voter ID laws and would have a hard time getting such an ID because of cost (monetary and/or time). Here's a relatively recent report on the number who lack ID [4].

Yes, I know that most state voter ID laws require there to be no cost or fee to obtain the ID from the state but there are often significant costs to obtain the documents required to apply for the ID. Furthermore the offices that can process the application are often far away from where the people without ID live, and only accept applications during limited weekday hours. That can mean having to take unpaid time off from work and finding a way to get to that office. In reality that all can add up to over a $100.

If it was actually about election security and not intended to disenfranchise legal voters the voter ID laws would include provisions to make it easy to obtain ID without those burdens described above.

Here's a link to a comment that contains a dozen links with a lot more detail [5].

EDIT: I missed a disenfranchisement tactic. Election officials should go through the voter rolls occasionally and purge people who they have good reason to doubt are still eligible. But that can be turned into a disenfranchisement tactic by doing that just before an election possibly without trying to notify the purged voters that they have been purged so that the purged voters who are still eligible don't find out until it is too late to get back on the rolls in time to vote.

[1] https://en.wikipedia.org/wiki/Crystal_Mason

[2] https://www.texastribune.org/2022/10/21/texas-voter-fraud-ca...

[3] https://www.heraldtribune.com/story/news/politics/elections/...

[4] https://cdce.umd.edu/sites/cdce.umd.edu/files/pubs/Voter%20I...

[5] https://news.ycombinator.com/item?id=42116609


Summaries for Russian troll accounts are like

   A thoughtful contrarian who frequently challenges popular
   narratives with economic and historical context.
Yeah, great.

> And the GPS sync thing amazes me.

If the watch was recently synced with the app to get current GPS ephemrides, it gets the lock within seconds. Otherwise, it may take much longer just like any other GPS device with outdated ephemerides.


Neither of your two statements coincides with my experience at all.

My garmin watch needed to be synced every time and it was always slow, and my garmin GPS on my motorcycle was the same. For example I once remember it trying and failing and eventually succeeding to sync during my walk from the tube through the parks to work one morning and then trying and failing and staying failed during my walk from work to the tube that evening. I was wearing the watch the entire day, so there was no possibility of it losing lock or whatever other than the obvious, which is it is just a really terrible device. Before I ditched it entirely I totally gave up on any gps functionality - it just was too high friction for too little payoff.

Secondly literally no other GPS device that I own has a noticeable “sync” or “lock” at all. They all use reasonable heuristics to get started and then improve their resolution as they go. If they ever lose GPS lock I don’t know about it except maybe a “map glitch” where I seem temporarily to be in the middle of a building instead of the street outside or whatever. The garmin takes ages, frequently fails to sync and sometimes also loses GPS lock while I’m doing an activity, and when it does that it ditches progress and pukes in the most inconvenient way possible.

I’m not in the middle of nowhere and there are no tall buildings near me. I am in London in zone 2 so there is exceptional coverage as you would expect.


... or expectations.

Zoho produces a lot of spam and regularly ends up on blocklists.

... Fahrenheit


Actually Celsius/Kelvin. Article is wrong.


Apparently quite a bit of debris made it to the ground -

> The locals here are pissed in Turks and Cacos. Huge dabris rained down everywhere

It's from the pilot at the reddit link above.

https://old.reddit.com/r/aviation/comments/1i34dki/starship_...


No pictures or reports of anything falling in the Caribbean. People just love adding to the drama, they will later backtrack and explain that by “rain down” they meant the light show.

It would be extremely unlikely due to the laws of physics, last time I checked they were still in effect.


Well, yeah, that's what the GP is suggesting.


While you are not too far into selling - a word of advice.

Switch to offering a year of free updates and charge a small fee after that.

Trust me. You will coverge to this scheme sooner or later, so do it now.

  -
Standalone Windows installer is a must.

Windows Store is still a deserted wasteland and is not a default choice for the vast majority of Windows users. You are losing a ton of users over this.

  -
ffmpeg and other dependencies need to be acknowledged for both ethical and technical reasons. The technical reason is that your app doesn't depend on OS-supplied codecs and doesn't require installing them separately. And ethical reasons I hope are obvious.


The problem with distributing standalone installers on Windows is that all non-popular apps are immediately regarded as malware by Windows Defender unless you go through the horrendous process of signing your app, which requires obtaining a certificate (which also requires forming a company that is not an LLC) and waiting more than a month while navigating multiple rounds of bureaucracy. I’ve done it for my app, and it was a terrible experience. Microsoft should study how Apple handles signing and notarization.

EDIT: spelling.


> signing your app, which requires obtaining a certificate (which also requires forming a company that is not an LLC) and waiting more than a month while navigating multiple rounds of bureaucracy.

This is not true, not as phrased.

A. You can get a cert issued in your personal name. Not an EV one, but still.

B. You are likely to already have a company if you are selling online.

C. It doesn't take "a month" even for an EV cert. Several days tops unless you go through Comodo, in which case you get what you pay for.

D. It is perfectly fine to distribute unsigned installers. They produce a warning on launch, granted, but contrary to the urban legend they are not getting instantly shit-canned by the Defender.


A. Indeed, that requirement only apply to EV cert (at least for the cert authority I used).

B. That's not always the case with indie developers.

C. Well, it took me. My cert authority was GlobalSign.

> but contrary to the urban legend they are not getting instantly shit-canned by the Defender.

That was not my experience. Try to download an unsigned binary using Edge and see what happens. From what I remember (I'm on macOS, mostly), they are "getting instantly shit-canned".


There is a new approach to doing code-signing called "trusted signing". Havent used it myself so can't comment on the benefits

https://www.advancedinstaller.com/trusted-signing-integratio...

https://learn.microsoft.com/en-us/azure/trusted-signing/over...


Who was your EV cert vendor?

I've recently used two different vendors, replied within minutes to each of their queries in hopes of expediting the process, but each time it took the better part of 2 months before I was in possession of a USB signing key.

This is for a Delaware C-corp, so it was about as vanilla as it could be for their side.


It used to be Digicert, but they hit the rock bottom and went straight below it after their merge with Symantec. Quadrupled their prices by forcing everyone on subscriptions, obnoxious sales people, sales phone calls, price negotiations, the whole shebang. However, their validation team is still the best.

It took some searching, but it turns out that they spun off their non-subscription certificate business under the name of GoGetSSL. This entity resells other vendors too, but if you get their "own" certificate, which is the cheapest of the bunch, the validation is done by Digicert. So, that's the answer for the time being.

Entrust, Globalsign, Certum are way more expensive, slow and bureaucratic. Comodo (or Sectigo, which is the same thing) are just utter crap. Their validation process is an India-outsourced torture. Never again. Not even for free.


They don't produce a warning on launch, but browsers will make it hard to open unsigned installers. Edge makes it especially hard. Chrome less so.


Just went through the code signing odyssey. It is a racket, but it did not take me a month. It took me a week and a half, including integration in to automated builds.


How do the automated builds work? When I tried this five years ago a hardware dongle needed to be connected to the build machine.


Yes, there is a self hosted GitHub runner for signing. The token is installed on a desktop in the office that runs this.


Azure trusted signing for the win. Only $9.99/month.


That is still more expensive than the $99 a year Apple charges, and you get al lot more than just signing for that price.


Never heard of this! What kind of certificate does it support (oddly enough, it doesn't say on the website). Do you have experience with the process?


Code signing cert. It works best as part of Github actions.


Can Azure sign MSIX application bundles with that subscription price?


> which also requires forming a company that is not an LLC

I always thought that an LLC was sufficient, what's the actual requirement if an LLC is not enough?


For an EV certificate, you need to have a government-registered business [0], though a record of Doing Business As should be sufficient. Where I live, that involves filling a form, paying a fee, and taking out a classified add for 3 weeks [1]. There are cheaper certificates, OV, that merely require a notary public's confirmation (which is what I did).

However, as the other post said, Windows will treat an EV certificate with very high trust and should not show SmartScreen. For OV signed software, it looks like [3] Microsoft will use some telemetry to assemble a trust score as people download and accept the risk of running the software, over days or weeks.

[0] https://support.ksoftware.net/support/solutions/articles/358... KSoftware is a sales partner for Sectigo. I used their service and later Sectigo directly, before last year's change to require FIPS hardware for managing the code signing certificate.

[1] https://www.cookcountyclerkil.gov/vital-records/business-not...

[2] https://support.ksoftware.net/support/solutions/articles/232...

[3] https://stackoverflow.com/a/65653792/504994


We got a certificate with a company that's the local equivalent of an LLC, and have seen certificates issued to private individuals. As far as I can tell it's up to the issuer who they support in their verification process. Many of them are pretty inflexible with somewhat arcane processes designed decades ago (with ancient websites portals to match), so your experience may vary

An additional detail is that there are two levels of code signing certificates, normal and EV (extended validation) certificate. EV certificates make windows completely drop the low-reputation screen and causes many antivirus solutions to trust you but are expensive and are a bit of a pain to get. Normal certificates are cheaper and comparatively easier to acquire, but only give partial benefits (less scary screen from Windows, some leeway from antivirus).


Like wongarsu described, there are two types of certificates. I got the more trusted one (EV certificate) which has higher requirement standards (one of which is to be a formed corporation that is not a sole proprietorship).


> Standalone Windows installer is a must.

100% agree! I've been using Windows for over 20 years and I haven't installed a single app through Windows Store.


Can you elaborate on the ethical reasons? I should mention that I'm not very smart.


FFmpeg's license has various requirements, including: "Give prominent notice with each copy of the Combined Work that the Library is used in it and that the Library and its use are covered by this License."


Ok, I guess I had guessed correctly. Though I was curious if I had missed something.


he is standing on shoulders of giants, itd be nice if they just got a simple thank you.


As far as I understand, windows store is no longer available on enterprise windows. So if you want to sell a business app, it is not even an option.


It's still there on the version of Windows 11 I use at my office.


It doesn't come as standard on Enterprise 11.

Source: I just installed Enterprise 11 on my desktop a week ago and I had to manually install Microsoft Store manually.


It’s gone on win10 at my office. With a «closed permanently» message.


can u elaborate more? why 1 year and small fee after?


Email the mods - hn@ycombinator.com


Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: