> As a result of the company's partnership with OpenAI, Apple Intelligence includes an integration with ChatGPT, allowing Siri to determine when to send certain complex user requests to ChatGPT.
OpenAI does not power Apple Intelligence. Apple Intelligence will pass of queries to OpenAI (with explicit user permission) in certain circumstances where it feels OpenAI would have a better answer.
Not that I'm asking for an explanation. Just illustrating how much stuff there is to learn for the basic operation of "run this on your computer", even for an experienced developer. (I've been doing this for nearly 40 years.)
Cloudflare in 2014 blogged about how they work relentlessly to bring down bandwidth costs by peering aggressively where possible [2] (which apparently means $0 for unlimited bandwidth [3]). And where they can't / don't [4], egress is 5x (est) the ingress (one pays for the higher among the two), but this creates an opportunity for an arbitrage and give away DDoS protection for free.
This is pretty similar to Amazon's free-shipping offer for Prime customers despite it being one of the biggest loss makers to their retail business. Prime basically has since forced Amazon to bring down costs through building expensive and vast distribution & logistics network that spawns the globe. Doing so was a considerable drain on the resources in the short-run, but in the long run, it has become an unbreachable moat around its largest business.
Analysts like Ben Thompson (stratechery.com) and Matthew Eash (hhhypergrowth.com) have written in detail about Cloudflare's modus operandii over the years, with both agreeing that Cloudflare's model is so brilliantly disruptive that even Clayton Christensen would be proud of it.
This is why we still use services on VM's and open source containers. We can move our services anywhere, including selfhosting. AWS and Google offer some amazing solutions, but lock in ain't worth it if you can manage your own stack via serverless/vm solutions.
"What you think of Oracle, is even truer than you think it is. There has been no entity in human history with less complexity or nuance to it than Oracle."
this hanger has custom plastic parts. 3 years does not sound exaggerated. it's not 3 years of a full time job, but 3 years from concept to being ready for production sounds plausible.
If you don’t trust a communication channel, you could always do a Diffie-Hellman key exchange in the clients which lets you create a shared encrypted channel between two parties by sharing public keys. This works even if they are trying to monitor you.
It can work with simplex channels if you have the public key of the receiver. Both parties just need to know each other's public keys to create encrypted communication. After exchanging the public keys, it can be one-way communication.
I guess it wouldn't work for a one-to-many channel though, just individual one-to-one channels.
If you run binaries compiled by the author of the software it wouldn't matter that it is open source, so play store is out of the question. So then it must be open source and you must use distributor you trust: your distro maintainers and F-Droid.
Also you must trust that people did really take a look at the code.
> Therefore, no need to trust anybody, as long as the software is open-source.
Demonstrably untrue. You must trust that the contributors are trustworthy, they have implemented a strong security posture for their project, and that the code is reviewed by people who are trustworthy. Many open-source projects have been, and continue to be, compromised on a regular basis.
That's only the case if I am unable to review the code myself, before any update, I fully understand the code, and I am smart enough that the contributors are unable to pull a fast one on me.
Given that I'm not a cryptography expert, I have a limited number of hours in the day, and open-source supply chain attacks are typically obfuscated, I don't consider that to be a trivial statement.
You have 0 guarantee that the open source code is actually the code that runs on your device.
And you have 0 guarantee that the device itself is not compromised.
And you have 0 guarantee that the OS is not storing your data.
E2E on mobile devices is a security blanket with holes the size of the solar system.
