Well at least you can switch your crypto mining toothbrush with AI infused one that will analyze movements of your hands and once sold to insurance brokers conclude you have an old injury and are a risky driver raising your insurance premiums.
Current model massage chairs are marketed as having AI (which I think actually just means they have pressure sensors which they use to detect your height/weight... but who knows these days?)
> My favorite way to do data fetching is as close to the place where I am using the data.
React made it possible up until this change.
Well, yes, but we are nowadays in a situation where every component interacts directly with the state, or makes calls to the API (eg with the overuse of query), going against one of the architecture principles of react. It's like we're not building components, we're building component sized micro-ui.
The problem goes way beyond any singular ecosystem and extends to the most basic standards as well.
For me one of the most confusing things about this topic is the use of "Unauthorized" in 402 [1], when the dictionary definition is about not having permission and authority to do an action [2].
So in my projects I usually use:
- 402 - Unidentified (identification) ou Unauthenticated (Authentic identity)
If you’re looking to reduce confusion, I’d avoid using HTTP status codes in non-standard ways. Yeah it’s unfortunate that HTTP calls 401 “unauthorized”, but it has the meaning of “unauthenticated” everywhere else (e.g. “you have failed to prove who you are”), but basically all devs are familiar with this wart. 402 is “payment required”, using that for errors that should be 401 or 403 according to the HTTP spec is more confusing than just using 401 and 403 in spec compliant ways.
You can sort of convolute a reason why 401 Unauthorized is valid, based on the fact that most systems which control access to resources have a (often implicit) policy that users for whom the identity is not known are not allowed to access anything.
Therefore the request is unauthorized because the server wasn't able to authenticate the user. But that's still not consistent with 403 though, so it's not very satisfying.
But this also speaks to one of the nubs of the terminology issue. "Actors" are authenticated, "Actions" are authorized.
Yeah, I think if they were renaming these response codes today, they’d name them something more like “401 Not Authenticated” and “403 Not Authorized”, but it’s too late for that. And I personally think you can say that either an actor or an action is “not authenticated.”
Ah I see. If you mean you’re using 401 for “couldn’t authenticate this request”, and 403 for “you lack permissions to be allowed to do this”, then yeah, that’s standard, spec compliant usage.
From the news article I understood that this was an experimental setting, where participants were asked to perform actions in order to prevent data sharing with apple. From the news article I also interpreted that it is indeed "possible" (in the technical sense), but zero of the participants managed to get it right.
Being a software engineer / computer researcher / highly technical person (which puts them / us in a technical competent bubble), it might have been an actual surprise that zero participants managed to perform the task successfully. Add to that that they might have sourced participants from the student community in a technical university, and I don't see why their surprise is "theatrical"
Edit: As expected, quoting the original article: "The participants were recruited using the following methods: (1) posts on the university’s official LinkedIn page and (...)
Participants represented a wide variety of educational and professional backgrounds, including Computer Science
and IT, Architecture, Business Administration, Art and Design, Industrial Engineering, Economics, Research and Development, and unemployed participants (...)"
It must be hard to see another company make profits from a product you have the IP of. However, availability of Redis in major cloud providers is also a reason for Redis' success.
And is it really a good idea to put your entire business strategy relying on hosting an OSS solution, when container technologies are more relevant than ever, and when you have major players who can leverage economies of scale against you?
Hosting is a DevOps service, not a Software service. It's appealing because of the SaaS economies, but I think OSS companies should try to be a bit more innovative if they want to monetise open source solutions and their assets...
Didn’t Redis Labs do the exact same thing? They took redis which was free and made it commercial?
And now they complain about AWS? Fwiw - I think an earlier post had pointed out that from the commit history AWS had been contributing significant code back to the open source.
This might be a controversial opinion, but with the current Russian invasion of Ukraine and tensions between East/West, forking a project like Nginx to be maintained by a Russian company, by a person living in Russia, raises additional questions, especially considering how security critical nginx is when it comes to accessing all traffic of services. I'm thinking here as well about the case of Pavel Durov and his struggles with Russian government.
From the post it seems their intention are good, and towards better secured software, and against business interfering with security. But the part where they say "I no longer able to control which changes are made in nginx within F5" might be a good thing. Should a single person have that much control over a critical piece of infrastructure?
The same argument based on the “Russia vs the global west” narrative can be leveled perfectly accurately against western-citizen maintained software.
Everyday Russian developers are no more or less involved in their country’s empire-building than everyday American developers are in theirs (lest we forget about the 12(!) foreign countries in which US forces are currently invading). “Russian” is not synonymous with “suspect”; or, if indeed it is, perhaps “American” should be, too.
To the best of my knowledge, Finnish government hasn't made any attempts at interfering with software development built in Finland, or spying on software users. The same cannot be said of Russia.
I'm not saying Russian people cannot make safe and secure software, just saying that people living in Russia have historically been targets of pressure.
* and to be honest, the USA and China do not have the cleanest of records either.
I found Bruno after Insomnia adopted the Postman strategy of being cloud first, with a disastrous migration - I momentarily lost all my local projects after an update.
I've been using it for a while and I really like the offline first + git collaboration aspect of it. Only missing Websockets functionality at the moment.
> Do either of the following: (1) Provide Apple a stand-by letter of credit in the amount of €1,000,000 from a financial institution (...) (2) be a member of good standing in the Apple Developer Program for two continuous years or more, and have an app that had more than one million first annual installs on iOS in the EU in the prior calendar year.
It’s certainly not easy and apple is playing the malicious compliance game here. But it’s not impossible for a (even pre-product) startup to raise a $1M line of credit from a bank through some creative financing shenanigans without locking up too much working capital or otherwise.
> startup to raise a $1M line of credit from a bank through some creative financing shenanigans
The whole point of that $1M is to send send the message "stay out". It's like a rattle snake shaking it's tail. Basically anyone doing this has to treat that money as throw away money since Apple may keep that money for whatever reason, including criticizing them on current/future TOS policy changes.
You're not giving Apple $1M. You're merely giving them a letter from a bank saying "We're $TrustworthyBank and we trust creativeSlumber enough to be willing to give them a $1M loan whenever they want, according to such and such terms".
By giving that letter to Apple, you're just telling Apple "I could give you $1M but I'm not going to, instead take this letter that says that I could give you $1M if you wanted to."
No it specifically says, "Do either of the following:".
You can either have the letter of credit or be a known quantity. Presumably it you launch your marketplace and it goes well, after 2 years you don't need the letter of credit.
Considering I can install any app on the PC, this comparison doesn’t make sense. AFAIK Apple still reviews and gatekeeps any app. Even from other app stores.
Clearly to ensure not everyone opens a store just to publish their single app that would otherwise not make it on the app store due to its content. The same reason they won't allow stores that only host first party apps. Both of these rules are made to stop this.
Either apple found a clever way to comply to DMA without actually doing so or we'll soon be hearing from EU and apple will backtrack as it did with PWAs and Epic account.
I am trying to figure out the advantage. The way it is implemented now the App Store wouldn’t be fully independent anyways and still bound to review processes.
> The way it is implemented now the App Store wouldn’t be fully independent anyways and still bound to review processes.
This is entirely the point many people are up in arms about - the implementation is the problem, not the concept of alternate app stores as such.
There is nothing in most people's definition of a generic "app marketplace" that involves the steps Apple are demanding at present (stand by letter of credit for a million dollars etc).
If it was implemented fairly (and IMHO in the original spirit of the EU legislation), its pretty obvious what the advantages would be; being able to compete with Apple to offer lower fees and thus hopefully attract developers and sales.
Most outside observers with a reasonable understanding of the facts and a capacity for independent thought do not think this process is fair or implemented in the spirit of the legislation at all. Apple have made the process about as difficult as they could get away with while still appearing to follow the rules to secure their existing app store moat as best they could.
But for what? You still need to submit your app through the Apple review process. If this was true Sideloading I’d understand but the way it is now I don’t see any advantage.