Google is doing this because they have incentives to do so. They want to block malicious actors like attack their platforms.

Other companies want to lock down their own apps because they don’t think users should be permitted to do anything other than use their apps exactly as they want.

I don’t like it as a user, but I also see the reason why companies want this by being on the security side of software.

This is the future of the Big Tech Internet if we’re not careful. Attestation to be able to use communications and other websites.

I used to work in Amazon (left after 10 years because it wore me down), but it wasn’t that compartmentalized.

I’m sure there were some teams that were like that but I could easily find another team, open a ticket, get a response and see their on calls investigate the issue. It was often times possible to look at their service metrics and source code to see if I could find the problem myself.

Support just can’t share that info because they don’t know what is considered a trade secret or internal detail vs what is public.

No, it’s electrical code. Standard outlets can’t be used to supply power because it means you have a plug that has exposed wires commonly called suicide wires. While these balconey top solar likely use grid following so it has to detect a grid voltage, the electrical code doesn’t consider it AFAIK. This rule is for safety and because it would only power half your house because there’s only one leg per 110 outlet.

Different Operating Systems call it different things. Windows calls it Alternate. Even if it was only used when the primary was down, DNS doesn’t provide any sort of guidance or standard on when to switch between primary and secondary. Is one query timeout enough to switch? How often do you reattempt to the first DNS server? When do you switch back? With individual queries, you can timeout and hit another NS server, but that’s a lot easier at an individual level than to infer a global system state from one query timing out.

And what do you set that secondary DNS entry to? Operating systems may use both, so you need the secondary to point to a pi hole or else you’re letting ads through randomly.

Past vulnerabilities doesn’t mean there is active mpdern vulnerabilities especially ones in widely tested operating systems that’s exploited by as many apps as people claim are listening when security researchers also regularly reverse engineer and analyze the source code of popular apps to figure out what they’re doing. You can decompile Android apps pretty easily to see what they’re doing. Some are obfuscated so it takes some effort.

Its one thing to claim there’s some a system level bypass for the icon that the NSA uses to spy on its enemies, it’s another thing to claim that it’s being exploited on a wide scale by a tech companies on different apps, iOS and Android, multiple versions/devices.

The reality is that we leak tons of info through other mediums that are easier and cheaper to collect than through microphones.

Here’s a good reason why you should run an ad blocker. Block the Google Analytics script from loading entirely.

Google Analytics gives you insights on what pages people visit, how long they spend, what kind of browsers and devices they use. That can give them data on what pages are important to customers and what screen sizes to support

I’d rather they self host this data vs use Google Analytics, but there are benefits.

They started charging money for Docker Desktop for companies and they have been adding pull limits on Docker Hub.

The laptops are manufactured in Taiwan. There’s so much unpredictability in the tariffs so they’re delaying until it settles down. Tariffs are going to impact US companies and US residents.

I stopped using it to pay because then I’d have to set up a PIN, and then type in the PIN every time I want to use it

This shocked me when I went from my Galaxy Watch 3 to a Galaxy Watch 6. I used to only have to put a PIN when I wanted to pay, but now it’s anything on the watch?

Because of that, I also disabled the payment app.

but completely backwards in thinking that an undocumented bluetooth backdoor is worse than the worst vulnerability found since the invention of the internet

Right HeartBleed was way worse than this, not on the same level. I wasn’t claiming the opposite.

I was responding to the comment that appeared to suggest they were on the same level.

No way they’re on the same level. Heartbleed allowed for remote memory reads. This requires you to have access to change the firmware and just gives you some more APIs to control the WiFi system and possibly bypass firmware verification.

In this context, SKU refers to a variant of this product. That is the correct acronym as I understand

Which stops malicious usage, but doesn’t stop cases where web pages over use pushState as users move around instead of replaceState. I’ve seen maps that would add to the history every time a user moves around the map.