what do people use discord for exactly?

Too much.

It’s a chat platform geared towards gamers, with voice chat, screen sharing, and streaming options… that’s been coopted by vloggers… but most unsettlingly, it’s being used for customer support and documentation.

A lot of knowledge bases are buried in the walled garden of servers, and a labyrinth of chat rooms.

The ecodesign requirements will include:

* resistance to accidental drops or scratches and protection from dust and water

* sufficiently durable batteries which can withstand at least 800 charge and discharge cycles while retaining at least 80% of their initial capacity

* rules on disassembly and repair, including obligations for producers to make critical spare parts available within 5-10 working days, and for 7 years after the end of sales of the product model on the EU market

* availability of operating system upgrades for longer periods (at least 5 years from the date of the end of placement on the market of the last unit of a product model)

* non-discriminatory access for professional repairers to any software or firmware needed for the replacement

Finally! 🎉

Customer replaceable batteries would be nice too — those 800 cycles are not all that much — but I guess it’s a tradeoff for dust and water resistance increases with wireless charging and possibly no ports.

Nonsense, it still refuses requests as usual:

Sometimes, it doesn’t even propose a viable alternative (like, evacuate the building first):

The article sounds like it lifted the headline from some comment I’ve seen:

The comparison to 𝕏 doesn’t seem fair:

You can self-verify by setting your domain as your username. We highly encourage official organizations and individuals to do this

Additionally, through our Trusted Verifiers feature, select independent organizations can verify accounts directly.

https://bsky.social/about/blog/04-21-2025-verification

It seems like both the data server (PDS) and the data aggregator (AppView) have been released:

https://github.com/bluesky-social/pds

What am I missing?

From Ladybird’s website:

No code from other browsers. We’re building a new engine, based on web standards.

Except… Chromium is the living standard for the web. They’ll have the same problem as Firefox, playing catch-up to whatever happens in Chromium.

Right now, the viable browsing experience is a combination of browsers:

• Chromium derived - latest compatibility
• Firefox with extensions - daily driver
• Tor Browser - actual chance of privacy

And a VPN and/or Pi-hole.

one-time payment

Is Canva going to keep that? In the purchase announcement, they stated that their plan was to add the features of Affinity to Canva, which only has a subscription option.

rely on creative software by Adobe or other companies, for which there is no comparable alternative with Linux support

Corel has comparable features with a single purchase option. Too bad they removed the Linux version.

As for alternatives, Krita, Inkscape, or Blender, are not a 1:1 equivalent, but include features that Adobe is missing. When I used to do visual stuff, they were a good set of tools to complement an Adobe subscription.

How does Affinity compare to that?

If we’re talking takedown-resistance, we may need to enter the dark web realm:

• Tor hidden sites are inherently hard to pinpoint
• ZeroNet was an interesting project, seems to be abandoned
• I2P is like Tor on steroids, can publish all sorts of services
• IPFS is a decentralized P2P storage system (best/worst known for NFTs)
• FreeNet Hyphanet is a 25+ years old distributed content system with limited support for services
• FreeNet is… honestly, haven’t seen a working example, but it sounds interesting?
• Matrix… if they manage to get things under control
• Nostr is a censorship-resistant distributed messaging system

Hosting distribution and localization varies, but they all have features to make it hard to pinpoint host and/or client locations.

There are many community networks out there, but they require more dedication and funding than simply paying an ISP, for a worse service. It’s a hard sell to the average doomscroller.

The EFF scaled down their efforts for OpenWireless.org after it became obvious that they’d have to support hundreds of different hardware models, and ultimately abandoned the project.

A couple decades ago, Fon tried to build a mixed community-commercial network with their own standardized hardware, but even the commercial incentive was not enough to keep it afloat in the long run. Some of the hardware got repurposed for community projects, but most of the best placed hotspots ended up in the trash, replaced by municipal and ISP networks.

In many places, fiber is a no-go. Like, in my city there was a large move to get fiber to most houses over a decade ago, but after the first deployment of a handful of ISPs, the city stopped giving permits for additional deployments: lease from one of the existing ISPs, or you’re SOL.

The bright side is, that you run it in a container. Beware of privileged mode, don’t give it unnecessary mounts or networks, and there’s very little some malicious code can do.

If you’re using it for a build system, tough luck but you need to manage the keys to avoid TOFU, and ideally pull from your own registry.

Never, EVER, do anything security related while sleep deprived, drunk, high, having sex, or all of the above.

After that… no, don’t trust. Zero trust.

There are basic hygiene measures to run anything related to any exploit — including “just” PoCs — depending on how risky a total pwn would be:

• container
• VM
• separate machine
• airgapped
• airgapped in a faraday cage (tinfoil works wonders to kill WiFi, a cheap DVB stick turned SDR is great for making sure).

Reading through the code is nice, and should be done anyway from an educational point of view… but even when “sure”, basic hygiene still applies.

Keeping tokens in one VM (or a few), while running the exploit in another, is also a good idea. Stuff like ”Windows → WSL2 → Docker", works wonders (but beware of VSCode’s pass-through containers). Bonus points if passkeys and a fingerprint reader get involved. Extra bonus points for logging out before testing (if it asks to unlock any passkey… well, don’t), then logging out again afterwards.

What I’m not so sure about, is deleting the siphoned data without alerting the potential victims. Everyone kind of failed at security, but still. A heads up to rotate all keys, would be nice.

Not sure if they’ve edited it, but right now it reads:

the historian George Dyson envisioned the internet as a sentient being that would one day reach artificial general intelligence (AGI)

[…]

Inside China, such a network of large-scale AGI systems could autonomously improve repression

The whole piece looks like written by, or with the use of, some LLM.

Other than that, there are two valid points that could be made:

• Massive application of AI to city-wide surveillance, with zero regards for privacy, could provide an AI agent system with enough compute power to self-train in realtime.
• DeepSeek is plausibly a Trojan horse, trained with a repression based bias, if not directly with hidden malware features.

The near future will see a soft “AI war” in the form of publishing models — to be used as agent cores — with different ideological biases.

what is gone, exactly?

By adding support for alternate stores, the monopoly argument is gone: everyone can build their own store now. Meaning, everyone with a store can kick out anyone else, and tell them to just build their own.

comply with their own ToS

…which they can change at any moment, but don’t really need to; most ToS include clauses about refusing service without having to explain why. If you ever agree to a ToS, better make sure they’re even supposed to notify you if they ever decide to cut you off.

LLMs use a tokenizer stage to convert input data into NN inputs, then a de-tokenizer at the output.

Those tokens are not limited to “human language”, they can as well be positions, orientations, directions, movements, etc. “Body language”, or the flight pattern of a bee, are as tokenizable as any other input data.

The concepts a dolphin language may have, no matter what they are, could then be described in a human language, and/or matched to human words for the same description.

How to make cheap products in China:

• Use the same production line (same tooling)
• Use less skilled, cheaper workers, producing lower quality
• Replace materials with lower quality ones
• Skip materials where they aren’t seen
• Reduce requirements for the quality check

Brands, and the fear of losing the investment put into establishing one, is the only thing keeping people in check. When brands stop caring about quality, they lower it. When manufacturers want to differentiate themselves from scammers, they establish a brand 🤷

Read the case, the whole thing started because Google banned Epic from the Play store, and the only reason for it to become a case, was the monopolistic position. That’s gone now, they’re free to refuse service to whoever they want, whenever they want, for no reason at all… and if you don’t agree, go sue them, they’ll show you the precedent followed by the door.

This group has been studying dolphins since 1985 using a non-invasive approach to track a specific community of Atlantic spotted dolphins. The WDP creates video and audio recordings of dolphins, along with correlating notes on their behaviors.

Just the 40 years, for that specific group of dolphins.

Tesla is going to fall hard for a very simple combination of reason:

• It’s a meme stock, with 0% dividends and the P/E of a startup despite being 20 years old.
• It’s not going to miraculously start making money, when the worldwide sentiment is to let it burn (sometimes literally).

Considering the Elon an oppressor or not, has nothing to do with it. Personally, I’m saddened by the fate of SpaceX engineers once the Elon loses the virtual backing that those fantasy TSLA shares are giving him.

I do like Balatro and want to play it on my phone, but if I want to do that I have to buy another license, which I can’t even do because I don’t run Google Play Services

Spoiler: you can use the LÖVE loader to run the “PC version” of Balatro on Android, since it’s all written in Lua.