I wish more companies would try to serve tiny shops at the same time they serve multi million euro companies. The requirements for the two are very different, as is the support and customer care requirement. Integrating directly with Adyen as a small business is like running a kubernetes cluster on AWS to host your blog, except they'll have even less time for customer support to spend on your tickets when things don't go right.
Platforms like Stripe where anyone can sign up at any time drive up prices because the amount of low-profit companies needs to be offset by the companies making more. Great for small startups but a bad deal for major companies.
Stripe has also been criticised for forcing growing companies into enterprise plans the moment they hit certain growth numbers. That's one way to keep the business profitable, but it's not necessary if you only take on businesses that are already profitable enough dedicate a sales team onto.
Once you hit a certain processing threshold, stripe underwrites you. The benefit is some people get better deals or get to skirt by rules just by being immaterial.
Separately: Once you hit a certain threshold, you get an account rep and can ask for IC+ billing. This is sometimes better than the blended/sticker rate.
And furthermore, once you're really big enough, you can negotiate down Stripe's markup on the interchange. (As with any big enterprise contract).
Aside from one or two very bad Bluetooth and WiFi bugs (the worst ones usually being device-specific driver bugs), Android's OS itself actually doesn't have a huge external attack surface. Even if you do break in, the SELinux security mechanisms are a major pain to break through, especially with many devices running model-specific configurations.
The real risk of running old Android versions is that apps can escalate privileges or even get root access because of sandbox bypasses. As long as the pre-existing apps on there are updated against vulnerabilities, it's not easy to break into these things.
If it were, enabling ADB access on these things wouldn't be such a big deal, after all!
The mere concept of having Facebook install a camera into your home should be enough for anyone not to want these devices in their homes (with stock firmware). The hardware is very nice but the software cannot be trusted.
With enough encryption, obfuscation, and security-through-obscurity, you can make it extremely difficult to obtain those keys.
Companies like Microsoft, Nintendo, and Sony ship consoles that are the target of a very motivated black market/cheating industry, and it usually takes years before any serious leaks surface.
Well yeah but those are more hardened and also the keys alone is generally not enough because they are asymmetric. So the private part is kept somewhere on some HSM.
> Note that Cosmos 2546 was launched in May 2020 and so cannot be responsible for the interference events that occurred in 2019. Moreover, Cosmos 2546 was not over Europe during some interference events after May 2020. But during all events on the 75 days shown in Table 1 there was at least one EKS satellite above a 35∘ elevation angle with respect to every reference station that observed the interference. Thus, it is highly probable that the EKS constellation is collectively responsible for the wide-area transient GNSS interference events noted since 2019.
> Whether code was typed by hand is beside the point. What matters is who is responsible for it once it enters the browser. Ladybird is becoming a browser for real users. The people introducing changes to it must be the people who decide those changes belong in the project, and who will answer for the consequences.
It probably accelerated the decision, but I don't think that's all of it. I think they're moving in the WebKit/Safari direction: open for you to look at, but not really an open source project.
WebKit does allow outside contributions, though that example is perhaps not the most illustrative as it is from an Igalia employee. Igalia maintains substantial parts of WebKit and at this point has to be the #2 contributor other than Apple themselves.
That's not really right, though the license is still Open Source compliant. Linux was practising an open, patches-welcome developement style before the forges existed, on its mailing list. This did indeed contrast with how eg. the FSF was running its projects, though even in those the door wasn't shut as hard on people wanting to contribute as Ladybird's now is, I think. Then Eric Raymond wrote "The Cathedral and the Bazaar" specifically to talk up Linux's patches-welcome development model, and to move the emphasis away from (just) licensing terms and source accessibility, to openness to patches. Netscape then launched the Mozilla Project specifically on the CatB model. In response to the surge of momentum, the "Open Source" label was created basically as a brand name for the CatB perspective. After all this, "doing it as open source" was established as a clear mental category in people's heads, and the forges popped up as low-friction SaaS solutions for something that people already wanted to do, and by then were often already doing. (In the process helping to make Web-based SaaS a well-established concept and business model in people's heads, something with ironic consequences.) So Ladybird's current development model is much more clearly in line with the Free Software philosophy than the Open Source philosophy. To be clear, that's not the only disagreement or difference of emphasis between "Free Software" and "Open Source": most obvioulsy, Ladybird's BSD license is a failing in the FSF's view of things, just not enough of a failing make Ladybird not Free Software. But it is a real one.
"The Cathedral and Bazaar" is orthogonal to open source. Its argument is that open source is most valuable when paired with the bazaar model, not that the cathedral model cannot be considered open.
The open source definition was created in that mind. It does not state or imply open development or a community are requirements.
CatB and Open Source aren't coaxial, but there wasn't a very clean separation between them either: https://www.free-soft.org/literature/papers/esr/cathedral-ba...https://web.archive.org/web/20021001164015/http://www.openso... . "[T]he same pragmatic, business-case grounds that motivated Netscape" was CatB. Even now OSI doesn't emphasise any separation: https://opensource.org/about . You are correct: the Open Source Definition does not mandate an open development model. However that's probably at least in a small part because, well, how would one craft a legal requirement for open development in a software license that wasn't either unenforceable or very burdensome and abusable? It's also quite definitely because the expectation was that forks and/or the threat of forks would in practice enforce a certain level of open development on OSD-compatibly-licensed software: this was in fact what ended up happening to GCC at least once https://en.wikipedia.org/wiki/GNU_Compiler_Collection#EGCS_f... . If software projects all largely go the way Ladybird is going now, and stay that way, then it's a crushing (though not total) defeat for what the Open Source movement promoted and what it hoped to achieve; but sure, to be clear, Ladybird remains OSD-compliant. (Not total because at least the source remains available, without paying or signing anything, for bug-hunting.)
I think I didn't put the emphasis right in my comment above. The code is still fully open source, but the project that produces the code isn't. It's not dissimilar to other projects producing open source software.
This is the first time I've seen a project with this much history in community contributions close down, though. I suspect AI will cause more projects to follow in Ladybird's footsteps.
This just proves that Go URL formatting was a mistake. IPv6 addresses existing long before Go decided on how they should be formatting strings. Python has a similar problem with parts of its standard library.
This is what happens when language and standard library designers ignore a spec like IPv6 for a couple of decades.
Looks like South Korea is taking a page out of its northern neighbour's book.
Will this impact software exported out of Korea? I can't imagine Samsung will gain any popularity if their phones come prepackaged with AI censorship tools. It massively backfired when Apple planned to do it on iPhones.
In a great many cases when it came to academic measurement regarding any geological event or phenomenon, the US has historically been at the forefront and shared data with its allies. Very few of those countries have their own measurement systems set up because the US already has them ready to go anyway.
When the second wave of Trump idiocy hit academic institutions by forcing foreign institutions to sign a document indicating they "do not support DEI", this caused some major trouble. Public institutions gave in to the Americans' demands because there was no way to gather the information necessary to finish research in a reasonable time frame.
I think it's time Europe treated the USA the way they want to be treated, as an outsider and a potential threat, and that it's time to stop seeing them as a partner when it comes to science. We need our own measurements, our own instruments, our own satellites, our own databases, and we need to invest now.
Unfortunately, anti-intellectualism isn't just on the rise in the USA. Plus, now now that many countries are struggling with the increased fuel prices thanks to the USA's invasion of Iran, it's hard to find money to invest in science that a worrying amount of people choose to ignore/pretend doesn't exist because it doesn't suit their personal interests.
I receive emails that need immediate attention and texts that can wait a day or two. The only urgency attached to these communication methods is the urgency you assign them.
The limited communication options and the frankly weird choices for what to include and what not to include (no email, WhatsApp and Uber are included?) make this a very weird product in my opinion.
The same can be said about any computer that runs macOS or Windows. Being able to run your own software doesn't have to be a vulnerability per se.
The reflashing interface being available over Bluetooth is weird but you will need physical access to pair with the speaker AFAIK
Edit: I was wrong, this is a BTLE endpoint that works without pairing. In that case, this is a ridiculous vulnerability. I hope they'll patch it in a way that doesn't take away the ability to run your own software.
Platforms like Stripe where anyone can sign up at any time drive up prices because the amount of low-profit companies needs to be offset by the companies making more. Great for small startups but a bad deal for major companies.
Stripe has also been criticised for forcing growing companies into enterprise plans the moment they hit certain growth numbers. That's one way to keep the business profitable, but it's not necessary if you only take on businesses that are already profitable enough dedicate a sales team onto.
reply