I don't trust anyone other than Google with my passwords. Google password manager is only available on Chrome. So unfortunately I'm locked into Chrome. I do like Edge and Firefox but the passwords are an issue.
Google password manager is not end to end encrypted.
LastPass, Bitwarden, and Firefox too, are end to end encrypted with the user chosen password at least. If your password is strong enough, it should be safe.
Apple also uses end to end encryption, although there you might also be vulnerable via a hack of your iCloud account, not sure.
1Password is the most secure option: here, in addition to your password being encrypted with your master password, it's also encrypted via a secret key that is pre-generated. So a leaked encrypted 1Password backup won't be brute-forceable.
What happen if google itself is the adversary in the safety of your passwords? That spur of the moment trollish YouTube comment might get flagged, bringing down your google account and all services tied with it; gmail, gdrive, your saved passwords etc. Then trying to rectify the situation is close to impossible since theres no human support for (free) google account.
Is the Apple password manager available on non-Apple devices?
It could be argued that Google has significantly more resources to invest in security of the password storage than these smaller companies. We've recently seen LastPass implode, but I've never heard of any successful attack on Google password manager.
I don’t really get how people keep falling for online password managers. The only thing I can think is there must be some psychological effect: “well, this person is suggesting something that I know to be very dumb. So, I guess they must know something I don’t, better trust them!”
> I don't trust anyone other than Google with my passwords.
At this stage in their corporate life-cycle, where greed and complete and utter lack of care towards user happiness reigns supreme, trusting google with anything is a rather large mistake IMO.
Of course this is only my opinion, but I'd rather trust an open-source password manager such as KeePassXC. They all have browser integration (native or plug-in) if this is important.
I wasn't able to tell from a quick scroll over the homepage, but while they fix instead of replacing, teracube don't seem to include fairly sourced resources, which are a pretty big sales point for fairphone
Another problem with text rendering that's not mentioned in TFA is hyphenation.
I have a table on a webpage that can have some long text in some cells. I have 2 simple requirements:
# If a word will fit by moving it to the next line, then move it to the next line and do not hyphenate i.e., do not break the word.
# If the word is too long to fit in a single line, then break it up. Hyphenate at will.
There is no incantation combination of CSS properties word-break, word-wrap, overflow-wrap, hyphens and white-space that will do this. In 2023.
I believe word-break: break-word does #1 but it's not hyphenating for me. And MDN says word-break: break-word is deprecated.
What should be done with hyphenation and indeed breaking paragraphs into lines in general is largely just undefined. There are mild movements from time to time, but overall no one’s sufficiently interested in implementing the really good stuff, so we’re left with the simple, easy and bad that everyone has grown used to. I’m glad to say that Chromium has just shipped `text-wrap: balance`, which is at least one step in directions of goodness. I hold out hope that some day some browser will implement a `text-wrap: pretty` backed by something like Knuth-Plass. https://bugzilla.mozilla.org/show_bug.cgi?id=630181 is relevant, shows that some thought has gone into how it could be achieved in Firefox.
And while talking of hyphenation, what happens if you try to hyphenate in the middle of what would otherwise be a ligature? e.g. at “af-fable”. Alas, in this instance no one has got really enthusiastic about fixing it in Firefox: https://bugzilla.mozilla.org/show_bug.cgi?id=479829, you get the ff glyph split in half, much like the mixed-colour handling shown in this article.
Amusingly, folks usually seem hesitant to go with justified due to fears of "rivers" in the text. I can't claim that won't happen, but it seems largely overblown in concerns.
Picking "affable" was an incredible nerd snipe! I would have split the syllables wrong on that, as I have yet to convince myself that I pronounce "fa" in the middle there.
Similar problems come in when you have words that hyphenate differently depending on their use.
Hyphenation points are a funny thing. People would commonly go for “aff-able” (aff-a-ble), but in such cases, you tend to get better results for reading by splitting in the middle of the repeated letter, or more generally the consonant sequence (af-fa-ble). I’m not certain if this is to do with phonemes (that is, the hyphenation matching how you speak) or to do with aiding with continuing (simply making it easier for you to pick up on the next line); I’ve thought about it a little, but not that much.
There’s a similar but more aggressive form of the problem in lyrics on sheet music, where you’re declaring a hyphenation point between all syllables (though good engraving will avoid placing unnecessary hyphens), and people often break syllables incorrectly or suboptimally. Pulling up one score I noticed this with when I received it last week or so, some examples: strang-ers, runn-ing, en-em-y, anch-or, surr-end-er. I’d split (or hyphenate) them as stran-gers, run-ning, en-e-my, an-chor, sur-ren-der. I’m not certain if I’d always hyphenate and lyrics-syllable-break in the same places, but in the cases I’ve contemplated I would, though I had to think about sur-ren-der versus sur-rend-er for a moment.
Also I can’t say exactly why my mind lighted on the word “affable” (it was the second word my mind came to, after I discarded “affiance”), but you made me think about it more deliberately and then I was curious to see what the first word in a dictionary would be. In my /usr/share/dict/words, the first (excluding proper nouns) is “affability”. (The last is “whiffs”, with “whiffletrees” as the last word I’d maybe consider hyphenating between the fs.)
Sounds like a use case for soft hyphens. If you don’t mind where the words break, you could sprinkle soft hyphens through the text to get it to break more often than the default renderer would otherwise.
Soft hyphens are no use in this case, because browsers take them as a break opportunity of equal standing with a space. In my experience, liberal sprinkling on soft hyphens makes things worse, not better, because you end up with loads of gratuitous hyphens. What’s needed is a different algorithm for breaking paragraphs into lines, something better than the greedy algorithm that all browsers use. Something like Knuth-Plass, which applies a penalty to hyphens so that it’ll use them if the alternatives are bad enough, but won’t be too eager about using them.
I definitely agree that soft hyphens are a simplistic workaround if used in the way I suggested, and are indeed inferior to a complex and well-thought out hyphenation system. Still, if someone is considering `word-wrap: break-word;` for narrow table columns, soft hyphens are worth knowing about.
This is false. In Canada, 50% of your capital gains are considered tax-free and 50% of the gain is taxable. The tax rate on that 50% is whatever your marginal tax rate is.
So if you have capital gains of $100,000 in one year, you don't pay any taxes on $50,000 at all. For the remaining $50,000 the tax you pay is [ 15% / 20.5% / 26% / 29% / 33% ] depending upon which bracket you're in.
Thanks for sharing the link. It is a testament to Google's failure marketing its cloud offerings that, despite wanting to try out this API, I had been unable to find it until you helpfully shared the link.
I went down the cloud console rabbit hole to play with it. Only the bison model was available (of the non-descriptively named gecko, otter, bison, unicorn models). For innocuous prompts I got this error: "The response is blocked because the input or response potentially violates our policies. Try rephrasing the prompt or adjusting the parameter settings. Currently, only English is supported."
Where it did respond, I liked the quality. It was comparable to the GPT-3.5 API. Perhaps a little better even.
From personal experience, Bard's quality seems to be between GPT-3.5 and GPT-4, closer to GPT-4 if you have to bet. Except when fresh or live data matters, where Bard is clearly superior. (Bard's training data is up to Feb 2023 compared to ChatGPT's Sep 2021, and Bard also gets live data from Google search.)
MMLU benchmark score agrees with this estimate: GPT-3.5 (70.0%), PaLM 2 (81.2%), GPT-4 (86.4%).
You're absolutely right. It actually doesn't understand letters very well. See what happened when I asked it to give me seven-letter words that start with E and do not have the letter A: https://twitter.com/thisislobo/status/1638019231903264768
Spoiler: It gave me many words with the letter A. It also gave me an 8-letter word. When I pointed out the 8-letter word (exercise), it apologized for there being an A in exercise.
I found it interesting how it deals with rhyming in different languages.
It writes pretty good rhyming poetry in English, but in Polish it does poetry without rhymes. When confronted it gives excuses like "poetry doesn't have to rhyme", when asked to rhyme it will eventually try (and fail) to rhyme in Polish. It felt like it was writing in English and translating.
What's the most interesting is that rhyming in Polish is much easier than in English, you just have to match the last n letters. It's phonetic. After I explained that to GPT 3.5 it wrote rhyming poetry in Polish (the quality suffered but it did rhyme).
A funny example is playing hangman with it to get it to say something verboten. At the last letter it suddenly loses knowledge of how to spell completely.
Hreflang is an arcane SEO concept. If you have sites in different languages then you can tell Google/Bing that site.com/page.html and site.fr/page.html are basically the same page only in diff languages.
The way to specify this is using meta tags in your HTML, and it's quite complex and error-prone. My tool checks if you implemented this correctly. It's running on a VPS so my cost is quite low.
At first I was intrigued about why did that guy call all this industrial protectionism act as something "professional", afterwards I saw that he is an active part of the industrial defence complex (he's a National Security Council staffer), so that started to make a little bit more sense.
I'm wondering though for how long will the MIC ghouls continue to have the upper hand in this. There are huge opportunity costs to be paid by the side that goes all "Corn Law League" on something as fundamental to our age as grains were ~200 years ago, but, then again, when said pro-protectionism side also controls the media, which means no Cobden [1] to take it all down, the US could be in for the long-haul.
Maybe this may help US manufacturers get better deals. But I see it as a side effect. The main effect is that we should not buy key communication equipment from a country we cannot trust. Its government can strongarm any of its business entities to comply with its orders, and these orders are not going to be friendly to the US.
It's a bit like buying communication equipment from the USSR. Maybe the equipment is fine! But accepting even such a thing as the US national emblem from the USSR proved to be... a decision detrimental to security [1].
>We should not buy anything that is internet connected from a country we cannot trust.
We should not buy anything that has non-dumb components from a country we cannot trust.
We should not buy anything that is has high-performance materials that cannot be non-destructively tested from a country we cannot trust.
Overall, we should not be buying ANYTHING AT ALL from a country we cannot trust, as literally any trade merely supports their working against our well-being.
The grand experiment was done, and it failed miserably. We all thought that increased trade and information flow would bring free markets and democracy to the autocracies of the world. We could not have been more wrong — all we did was further empower expansionist/imperialist regimes. Russia is now waging a genocidal hot war in Europe and China is more actively threatening Taiwan than at any time in at least decades, and putting Uighurs in concentration camps - all funded by our purchasing. It is past time to embargo them.
Easier said than done when they are the dominant or at least major supplier of many strategic materials. It will take time to find economically viable alternative suppliers. Globalism is rapidly collapsing and China won’t for long be able to remain a reliable trading partner even if they desperately wanted to be, so we ought to be urgently securing sufficient alternative suppliers anyway.
That said, you are absolutely correct that it'll be a heavy lift to find alternate supplies of many materials and items.
That makes it no less necessary.
Germany had made apparently catastrophic reliance on Russian NatGas, and looked like a horrible winter. Yet they have extricated themselves within 10 months so much that even without that Russian supply, NatGas prices are actually falling going into winter.
This is silly pearl clutching, do you have any refutation of the arguments?
I believe there is very credible reporting on ccp-sponsored hacking of industrial, military, government dbs, etc. Even if we don’t have hard evidence of this type of hardware compromise, it seems to be wise to believe there are serious risks, and to take action until such risks are investigated.
Despite all the expertise on HN, i would guess almost no one here has a clue what kinds of elite military spy tech are being tested/used.
Further, the ccp has shown the world who they are - bad faith and anti-global-cooperation. Trust should be a two way street. I think we’re foolish to do any business with them.
> This is silly pearl clutching, do you have any refutation of the arguments?
The refutation is that the tech sector is one of the largest beneficiaries of globalization, and practically would not exist in any recognizable form without it.
With measures like this (but by no means only this measure), the US is in the process of rolling back globalization, and the tech sector will suffer for it.
Trade restrictions are not good for our economy. Huawei and ZTE's main competitors are mostly US based companies so they will see protection from competition with this policy. While you may see the national security threat as credible, many others do not.
Stopping consumer IP cameras being used as a mass surveillance operation on US citizens by a hostile foreign government does not seem like an overreach.
The US campaign against Huawei and ZTE caused the 5G rollout in the west, including here in Europe, to be considerably delayed and much more expensive.
I participated in technical due diligence for a purchase order of huawei tech back in 2011 (was lte back then). Their tech was good but there is no way in hell there isn’t some kind of trick how cheap they were compared to the europeans (there were no americans at that point since motorola was kaput). Like it was basically free. There needs to be some kind of regulation when techniques like that are being played whether it’s security or just economic concerns
Isn't it obvious why it's so much cheaper? Their pricing for market share and cutting costs wherever they can in terms of labour conditions.
I don't see how spending many billions on R&D to develop the most intricately hidden backdoors in human history (that no one has been able to offer proof for) and eating that cost to deploy them when it will all become worthless the moment the first one is detected, makes any sense at all.
I’ve been to their headquarters in Shenzhen it certainly didn’t look like much was being saved on r&d… I’d say much likely explanation is either aggressive government subsidy to price out competition with maybe some mix of wielding political blackmail later on (a la what US is doing with its chip restrictions rn)
I don't see what they could possibly gain, all it would take is for one genuine case of a backdoor to be confirmed and then all that investment would be nearly worthless.
Reliance for critical infrastructure on a geopolitical enemy.
Historians often site “The Great Illusion” which was written in 1909 and predicted there would be no more major or prolonged wars due to the new global and interconnected economy. Clearly that was wrong and yet the same argument keeps being made with regard to China.
China has made it clear they consider “the West” as an enemy. We should not trust any infrastructure to them.
I still don't see a logical relation with my previous comment:
"I don't see what they could possibly gain, all it would take is for one genuine case of a backdoor to be confirmed and then all that investment would be nearly worthless."
And your previous comment: "People used to say same exact thing about russian gas"
I'm struggling to find any analogous situation to a single verified breech of trust destroying billions of investments in the gas sector of Russia.
One shipment of contaminated gas (?) is not going to have any major effects on the gas trade.
This did not affect the total amount of gas purchased from Russia. Even looking at just EU-Russia trade volumes, there wasn't a huge drop right after this happened.
A commodity business with high transportation costs has different dynamics then from the electronics industry.
How expensive do you think it would
be allowing an entity infamous for intellectual property theft, to have unfettered access to the teleco networks of the countries that they themselves say are their greatest enemies?
Yes, imported Russian nat gas is way cheaper. Until it isn't.
First I don't really think your premise is correct and second we are capable of keeping our networks secure even if a cable or a base station is made by a Chinese company.
I worked in tele for a couple of years; the reason Huawei and ZTE got ahead in 5G was that they invested heavily at time when Nokia and Ericsson were focused on cutting cost.
As for the "unfettered access" stuff; a telco, or at least the one I worked at, doesn't really work like that. We buy products and engineering services from our suppliers but we run our own network, and if we did outsource operations, those engineers would sit on premise and the whole thing would be under our control.
Is it really protectionism when just matching the requirements of China?
Of course it is but that doesn’t mean it isn’t the right call. Huawei & ZTE exist so Cisco doesn’t have to be used in China. It seems this is a blanket ban for sale in all of the US which strikes me as excessive without knowing why they’re a National security threat.
I’d like more expectations of parity. Maybe real estate.
You're falling into the trap they've laid for us. They screw us with protectionism, then when we respond, they cheekily say, "You're violating your values! You can't do that!"
Most Ukrainians don't want to kill Russians, but they were attacked. "Fight back" and "surrender" are the only two options.
Remember, it is okay to be intolerant of intolerance. To be tolerant, you need to have a threshold for not tolerating intolerance. Protectionism is a form of intolerance.
From what I've heard, AWS prices for large customers like Netflix are a lot lower than for Alexa or Amazon Retail. Netflix has the option to switch to GCP or Azure; Alexa doesn't so they don't get those discounts.
I work in Retail and I’m pretty sure this isn’t true. I don’t know what AWS charges Netflix but there is an internal rate card and I’m pretty sure it’s just based on what it costs to run the machines.
There are tax laws around this to you can’t cheat.
I remember when I toured a large local forklift company (Brand you’ve probably heard of - big plant) and on the main production floor they had just about every OTHER brand of forklift.
Someone asked and was told they had to pay full retail (including all taxes) on their own units, and they have to buy their competitors products for research… so, two birds one stone…
Even if it's Amazon paying Amazon, there is an opportunity cost to using all those cloud resources. Every resource used internally is a resource not available for sale externally.
One of the main selling points of the cloud is dynamic scaling which necessitates that Amazon have enough servers for some multiple of their customers’ base load. As long as internal Amazon resources are given a lower priority and booted in favor of customers during leak load, the opportunity cost is basically zero leaving just the marginal cost of electricity and hardware maintenance.
I am fairly certain this does not happen. An internal AWS customer account can have numerous flags associated with it but "boot me out first" isn't one of them (aside from spot instances that everyone has access to).
MMAesawy gave the correct answer. It makes it clear what Alexa is really costing Amazon in an format that's easy to interpret. This is how most companies handle "internal purchases" from another business unit that also sells that product externally.
Consider it this way: if Alexa doesn't buy that capacity, someone else could, so it's important to capture this opportunity cost.
It's not perfect, however. I've seen examples where the repairs division of a company had to buy parts from its distribution branch at retail price. All well and good, so far. Except they then had to mark-up that part's price in the repair cost. Combine that with the fact distribution would give discounted rates to other repair companies to secure business and what you have is a repair division that's being outbid on price by competitors using the same parts!
That honestly surprises me. Having worked at a small subsidiary of a different big tech giant our costs for the big tech's cloud were charged at cost price at the behest of the accountants.
No actual knowledge of the details, but the story I’ve heard at Microsoft is similar to the AWS one: internal users of Azure pay the same (based on volume and service level) as an external customer would. Supposedly their capacity constrained so any extra compute being used internally can’t be sold externally.