> sometimes I think the people who hate America the most and want it to fail are Americans themselves.
That's because the US (and the UK) are about the only countries in this world that haven't had the entirety of their legal, economical and political system completely revamped at least once in the last 100 years - most countries average more than that.
At the same time, such a revamp is desperately needed - the issues with the status quo are reeking - and everyone knows that it is highly, highly unlikely to get that done by ordinary democratic means due to the sheer inertia of hundreds of years of fossilized bureaucracy and individual/party interests.
And that is why so many people tend to vote for whoever shouts "destroy the country" the loudest - and not just in the US (MAGA) or UK ("Reform"), but also in Germany (AfD), Spain (Vox) or Italy (Salvini/Meloni), where economic inequality and perspectivelessness has hit absurd levels. Let it all burn to ashes, burn everything, even if one goes down with the fire, eat the rich, and try to build something more sane this time.
Would like to add Vox is nowhere near the other's popularity, and has received substantial donations from... Hungary. A total of 6.5 million euros during the 2023 elections.
> That's because the US (and the UK) are about the only countries in this world that haven't had the entirety of their legal, economical and political system completely revamped at least once in the last 100 years - most countries average more than that.
I usually get downvoted when I make an observation along these lines, but I will go for it again -- IMO some of the reason Europe has pulled ahead in infrastructure and policy is because a couple world wars last century reduced much of it to rubble, including the systems of governance. The UK mostly escaped that, and the US escaped nearly all of it. Which is one reason we can still have a lot of old electrical infrastructure, for example, that is pushing 100 years old, and a Constitutional system 250 years old.
I think a major problem with the system in the US is the difficulty changing it. There is a balance, and a lot of room for differing opinions on how flexible it really ought to be, but I suspect there is broad agreement that it is too inflexible. We rely too much on changing interpretations rather than changing the fundamentals.
Perhaps we really do need to risk a second Constitutional Convention. Or we will end up with a worse alternative.
If Europe has "pulled ahead in infrastructure and policy" then why do they have nothing to show for it? They can't even protect their own sea lines of communication.
There are a lot of metrics, take your pick. But if you can't obtain reliable supplies of energy and other critical resources then none of the other metrics matter.
Taking down "bad" Google reviews is an entire industry these days [1].
And of course there are scammers on all sides - not just legitimately bad stores trying to whitewash their online presence, but also entire scammer rackets that extort legitimately good stores by flooding them with BS reviews [2].
> I hate this idea that doxxing is some kind if crime.
The thing is, up until the advent of the internet it basically didn't matter - although in some cases, e.g. the German left-wing terror group "RAF", rich people did end up getting v&, in some cases killed. But that was a rarity.
But now with the possibilities of modern technology? Being able to be active on the Internet without hiding behind a pseudonym is a rare privilege. Wrong political opinion? Some nutjob from the opposite side can and will send anything from "pizza pranks" to outright SWAT to your home (or your parents, or ex-wife, or anyone they can identify as being associated with you). And if you got money? Stalkers, thieves, robbers, scammers, you will get targeted.
> People are drawn to complexity like moths to a flame.
Not to complexity, but to abstraction. The more something is abstracted away, the more fungible "developers" become, to the eventual tune of Claude Code.
No one cares that trying to debug a modern application is as hellish as its performance, the KPI that executives go for is employment budget.
It might be really efficient when you "vibe" and don't know exactly what you want.
On serious projects, it feels like even Claude Code could be more efficient with simple technologies, providing near-instant build and debug.
With reduced abstractions and output looking like input, it can better understand how to fix things rather than trying to guess how to manipulate framework state or injecting hacks.
I don't know if Next.js, TanStack, etc are more abstract than Rails, Django, etc. They're undoubtedly more complex though. I also find it hard to believe that it's some sort of conspiracy by management to make developers more fungible. I've seen plenty of developers choose complexity with no outside pressure.
> The device uses FDE and they key is provided over the network during boot, in the laptop case after the user provides a password.
Sounds nice on paper, has issues in practice:
1. no internet (e.g. something like Iran)? Your device is effectively bricked.
2. heavily monitored internet (e.g. China, USA)? It's probably easy enough for the government to snoop your connection metadata and seize the physical server.
3. no security at all against hardware implants / base firmware modification. Secure Boot can cryptographically prove to the OS that your BIOS, your ACPI tables and your bootloader didn't get manipulated.
> no internet (e.g. something like Iran)? Your device is effectively bricked.
If your threat model is Iran and you want the device to boot with no internet then you memorize the long passphrase.
> heavily monitored internet (e.g. China, USA)? It's probably easy enough for the government to snoop your connection metadata and seize the physical server.
The server doesn't have to be in their jurisdiction. It can also use FDE itself and then the key for that is stored offline in an undisclosed location.
> no security at all against hardware implants / base firmware modification. Secure Boot can cryptographically prove to the OS that your BIOS, your ACPI tables and your bootloader didn't get manipulated.
If your BIOS or bootloader is compromised then so is your OS.
Well... they wouldn't be the first ones to black out the Internet either. And I'm not just talking about threats specific to oneself here because that is a much different threat model, but the effects of being collateral damage as well. Say, your country's leader says something that makes the US President cry - who's to say he doesn't order SpaceX to disable Starlink for your country? Or that Russia decides to invade yet another country and disables internet satellites [1]?
And it doesn't have to be politically related either, say that a natural disaster in your area takes out everything smarter than a toaster for days if not weeks [2].
> If your BIOS or bootloader is compromised then so is your OS.
well, that's the point of the TPM design and Secure Boot: that is not true any more. The OS can verify everything being executed prior to its startup back to a trusted root. You'd need 0-day exploits - while these are available including unpatchable hardware issues (iOS checkm8 [3]), they are incredibly rare and expensive.
> Say, your country's leader says something that makes the US President cry - who's to say he doesn't order SpaceX to disable Starlink for your country?
Then you tether to your phone or visit the local library or coffee shop and use the WiFi, or call into the system using an acoustic coupler on an analog phone line or find a radio or build a telegraph or stand on a tall hill and use flag semaphore in your country that has zero cell towers or libraries, because you only have to transfer a few hundred bytes of protocol overhead and 32 bytes of actual data.
At which point you could unlock your laptop, assuming it wasn't already on when you lost internet, but it still wouldn't have internet.
> The OS can verify everything being executed prior to its startup back to a trusted root.
Code that asks for the hashes and verifies them can do that, but that part of your OS was replaced with "return true;" by the attacker's compromised firmware.
That's premised on the attacker never having write access to the encrypted partition, which is the thing storing the FDE key on a remote system or removable media does better than a TPM. If the key is in a TPM and they can extract it using a TPM vulnerability or specialized equipment. Or boot up the system and unlock the partition by running the original signed boot chain, giving the attacker the opportunity to compromise the now-running OS using DMA attacks, cold-boot attacks, etc. Or they can stick it in a drawer without network access to receive updates until someone publishes a relevant vulnerability in the version of the OS that was on it when it was stolen.
Notice that if they can modify/replace the device without you noticing then they can leave you one that displays the same unlock screen as the original but sends any credentials you enter to the attacker. Once they've had physical access to the device you can't trust it. The main advantage of FDE is that they can't read what was on a powered off device they blatantly steal, and then the last thing you want is for the FDE key to be somewhere on the device that they could potentially extract instead of on a remote system or removable media that they don't have access to.
There is ossign.org, Certum offers a cheap certificate for FOSS [1], and Comodo offers relatively cheap (but still expensive) certs as well [2]. Not affiliated with either service, but these are the ones I remember last time I had to dig into this mess, so there might be even more services that I don't recall at the moment.
> Or like. Don’t live in the 2nd most expensive city in the country?
Well... multiple things here.
If you're in, say, finance, you can't just go and move to some flyover state and work remotely. You need to be around NYC (US), LON (UK) or FRA (EU).
If you work some service job, say you work retail, okay. But... imagine what happens to NYC when all the people doing the menial work keeping the city alive (have to) move away? Whoops, now everyone is going to drown in trash and feces!
It is vitally important for any city to have enough adequate housing for all levels of income, otherwise it falls apart.
I can't find the reference, but I saw a comment recently along the lines of, "If you live in a city where the people who provide you with services can't also afford to live in that city, you don't live in a city, you live in an amusement park."
If you're in finance, you earn enough to live in NYC
> imagine what happens to NYC when all the people doing the menial work keeping the city alive (have to) move away? Whoops, now everyone is going to drown in trash and feces!
That's not a "the poor middle class folks in NYC need help" story, that's a "the rich folks of NYC need folks to serve them" story. They're welcome to strategize however they like to incentivize people working there. Manipulative heartstring tug are not welcome however.
> But... imagine what happens to NYC when all the people doing the menial work keeping the city alive (have to) move away? Whoops, now everyone is going to drown in trash and feces!
Maybe after they have to look at piles of trash everywhere, the employers (I'm guessing that would be the city) will learn to pay them what they are worth.
> Honestly, this doesn't seem unreasonable to me. At some point, you have to cut off previous technologies because virtually everyone's moved to something better. You also can't buy tickets any more by snail mail with an enclosed check.
The problem is, in the end it leads to a society where you NEED a smartphone to enjoy basic human existence - and yes, access to cultural and sports events is a fundamental part of being a human.
That in turn almost always means: your smartphone must be either Apple or a blessed Google device. And that in turn means: no rooting (because most apps employ anti-root SDKs these days), no cheap AOSP phones, no AOSP forks like Graphene OS. And that is, frankly, dystopian when your existence as a human being depends on one of two far too rich American mega corporations. Oh and it needs to be a recent model too, because app developers just love to go the easy route and only support recent devices on recent OS versions.
And that's before we get into account bans (which particularly Google is infamous for), international sanctions like the one against the ICC justices, or pervasive 24/7 surveillance by advertising SDKs or operating systems themselves.
Each country has different regulations for amateur radio bands. In Germany for example, in the bands > 2 GHz maximum power is capped at 75W PEP [1], the US has vastly different limits [2]
I'm sorry, I thought it was very obvious that I was talking about ITAR export controls, not about destination country domestic regulation.
This is a clue from their webpage: "Not intended for radar applications. Core functionality needed for radar not included due to export control restrictions."
That's because the US (and the UK) are about the only countries in this world that haven't had the entirety of their legal, economical and political system completely revamped at least once in the last 100 years - most countries average more than that.
At the same time, such a revamp is desperately needed - the issues with the status quo are reeking - and everyone knows that it is highly, highly unlikely to get that done by ordinary democratic means due to the sheer inertia of hundreds of years of fossilized bureaucracy and individual/party interests.
And that is why so many people tend to vote for whoever shouts "destroy the country" the loudest - and not just in the US (MAGA) or UK ("Reform"), but also in Germany (AfD), Spain (Vox) or Italy (Salvini/Meloni), where economic inequality and perspectivelessness has hit absurd levels. Let it all burn to ashes, burn everything, even if one goes down with the fire, eat the rich, and try to build something more sane this time.
reply