“The Knowledge Layer for AI
The AI platform that puts your company's knowledge to work, powering enterprise search, AI agents, and workflow automation. All in a single file you own.”
I think something like this: Imagine a tool for querying remote grpc endpoints - you would point at some endpoint to query it / explore it, and the tool would request the proto schema files from a potentially untrusted source - something you would not expect to be that unsafe and trigger an rce.
Well, in this attack, you're using the vulenerable dev to modify their code to run a protobuf schema that's vulnerable; so then it can inject that vulnerability to the client code, and then you're exfilitrating 10's of users (the dev who ran this code isnt very popular).
It would make a difference in dense cities like San Francisco where many people park on the street. A lot of people would have to give up their cars.
Meanwhile, in rural areas and many suburbs, it would be pointless paperwork, because everyone has a big enough driveway for their cars and nobody parks on the street at night.
So it seems like it would be difficult to get enough people in favor to do it state-wide in California? Wherever it would actually force people to do something, it would be unpopular.
Your city/rural distinction is insightful. I think it can be taken into account relatively easily. Name explicitly the cities/locations were the requirement would apply. Possibly based on some objective criteria like population density.
Not sure about the legal frameworks in the US but that’s exactly how it works in most places in the UK. Cities have restrictions for on-street parking (metered, permitted, illegal) whereas the towns and villages don’t (unless they also bring in bylaws to help with congestion).
In the US it varies a lot based on what state you're in. Some states give the cities a wide latitude for such policies, but some states (notably 'red' ones where the state government is likely to be conservative and the cities are likely to be liberal) do not grant cities the flexibility to make ordinances like this.
there is middleground: tax / fines, whatever you name them. It will be free if you filled the paperwork, and it start out cheap, while gradually increase yearly. Can be different depending on the density or how heavy traffic an area is. However you should improve the public transport at the same time too.
> A lot of people would have to give up their cars.
You don't have to give up the car, you just park it farther away from the dense and crowded downtown and use some other personal transportation (scooter, bike) for the last mile trip.
In a city with a properly-designed transit system you wouldn't need a car at all.
I think it is quite telling how car ownership is viewed here: it it something you "have to" "give up". Car use has been normalized to such a point that it is viewed as a necessity, almost a God-given right, rather than just another mode of transport to get you from A to B.
Even in bike-heavy and transit-heavy cities you'll be hard-pressed to find trips which are impossible to do by car. Sure, it might not be the cheapest or most convenient option, but (outside of small pedestrian zones) completely banning cars is practically unheard of. On the other hand, there are plenty of suburbs where public transit basically doesn't exist, and any kind of bike infrastructure is met with hostility. For all intents and purposes, you can't live there without a car. That doesn't exactly sound like freedom to me.
> In a city with a properly-designed transit system you wouldn't need a car at all.
That's the wrong argument. People stay in traffic for hours, being frustrated about the waste of time. Yet, when asked why they wouldn't take public transport, you hear a bunch of dumb arguments why public transport is shit.
I experience this all of the time in my city. Public transport is awesome and you get around just as fast as with a car (given there is no traffic, which rarely happens). Yet, people complain about how bad public transport is and how unreliable. But if you point out that car traffic is just as unreliable and slower, then they take their freedom-card. That's some cognitive dissonance, if nothing else.
I wouldn't give a shit about these people. It's just so damn funny to see that - unless public transport is immediate teleportation - it never is good enough for them -- even if it's objectively faster a lot of times. Public transport will never good enough for these negative Nellie's.
I take the subway all the time in SF but usually won’t take buses because they rattle, feel like the cheapest afterthought, are cramped, and make me feel poor. The quality of the experience matters too.
> Meanwhile, in rural areas and many suburbs, it would be pointless paperwork, because everyone has a big enough driveway for their cars and nobody parks on the street at night.
... which is exactly why it can have a huge impact! The default American suburban street is insanely wide due to the assumption that people will need on-street parking. Get rid of the unused on-street parking spaces and you immediately increase a suburb's density by something like 5%-10%.
Just think how much the municipality would save in road maintenance by basically halving the amount of road surface! And it's also a 10% reduction in water/sewer line length, a 10% reduction in area which needs to be covered by emergency services, a 10% reduction in commute distance, and so on.
As an added bonus: the smaller streets will disincentivize speeding, so it'll directly make the neighborhood safer as well.
Of course this won't immediately fix existing neighborhoods, but it'd at least open up the possibility of building right-sized ones in the future.
Are most web users inconvenienced at all? People on Hacker News aren't typical, which probably results in installing more privacy-preserving technologies that trigger captchas.
i suggest talking to people about their experiences with tech. i've been surprised how much they've soured on it. and how aware they are regarding issues like privacy, effect on mental health, predatory business models etc. show them the wikipedia page for enshittification and they'll go 'oh so that's the word for it!". also i have VMs running completely vanilla browsers, connected directly to clearnet. and i still get captchas or outright blocks by normal websites like clothing retailers. the internet is a disaster for everyone at the moment
The people of Hackers News aren't typical and usually have the latest and greatest when it comes to computer hardware and the latest software. Unlike everyone else on earth that doesn't care about such things and often runs old hardware and software and so encounter, and are blocked by, cloudflare's computational paywalls more often than a bleeding edge tech user would imagine.
It seems like person receiving the report is already in that position. Should everyone make reports themselves?
Let's say you start with a report someone else wrote. It seems like you still need to read it and understand what it's telling you. Sometimes plotting all the points helps, or drilling down and looking at the raw data.
> Vendors shouldn't sell unlocked devices to kids.
This part is neither necessary nor sufficient.
Put aside the Orwellian premise of "devices are locked by default". People keep making the analogy to things like cigarettes, but if a kid wants a steady supply of cigarettes then they need a steady supplier. If they want an "unlocked device" they just need money and Craigslist, once. It doesn't matter what you make Walmart do and it correspondingly doesn't make any sense to involve them.
If your kids have enough unsupervised money to buy electronics then you're either fine with them being unsupervised or you already have bigger problems than a used laptop.
Kids having $20-30 means you're fine with them being unsupervised? Computers and smartphones are incredibly cheap.
In person, we expect stores won't sell cigarettes to kids. We should simply expect companies won't provide age restricted services to kids. The liability and requirements should be on those companies.
If they're able to get a burner phone unsupervised then I think they could also pay an adult to do the face scan for them or borrow your ID from your purse to authenticate an account. What level of security would you need to totally prevent that kind of thing? Unless it checks your age every time you log in with biometrics I don't see it.
(Of course adding any level of friction will deter some kids, but needing to get a whole new device other than the one their parents gave them is already a lot of friction, isn't it?)
We could e.g. try saying it's sufficient that the user makes ongoing credit cards payments as a proof of age. Or sure maybe you need to verify with every purchase, which is how e.g. alcohol works.
Don't currently take payments for your business model? Probably what you're doing is anticompetitive and we shouldn't allow it anyway.
What service? The social media regulations I recall seeing have a size threshold, so hobbyists don't seem relevant. For something like porn, after having actually thought about it some, I don't really see how we've decided that anonymous porn isn't blatantly public indecency, so frankly I don't see how hobbyists openly sharing their work with anyone without knowing who they're giving it to wouldn't be committing a crime.
> I don't really see how we've decided that anonymous porn isn't blatantly public indecency
That one seems pretty obvious. The point of public indecency laws is so that your family can go to McDonald's and not encounter some couple fornicating on the table. Whereas if you go to a private house where someone lives with a reputation for not being very selective about who they take their clothes off in front of, that's not a public establishment.
A privately owned PC connecting to a privately owned server is a private connection, not a public place. It's something you get by going there. You're not required to go to the frat house.
A private business that serves the general public is a public establishment though, even if it's run out of your home. The criteria is whether you restrict access to some private group, not whether it is a privately owned space. I'm not seeing how a server that responds to any traffic without any selectivity (KYC, basically) is not analogous.
It doesn't matter if you're not required to go to the frat house. It matters whether the frat house lets the public in while exhibiting their fornication, or has filters at the door.
I'm not seeing how that affects my framing. Yes, it is more difficult. That sounds like a problem for businesses that want to offer restricted services online, and we should ensure it stays their problem, not everyone else's.
What for?
I use family link for my kids devices. It works good enough.
Everything else seems way too intrusive.
Apple is horrible in this regard. Their solutions never really work.
A joint venture for an (optional) cross-platform family app would be more than enough.
This, plus a (voluntary) content rating that's offered via an API (could even be simple meta data on a webpage).
Done.
the major players need to allow me to elect one of them as my family manager, and control permissions across ecosystems, from my management portal. i should be able to freely swap apple, google, microsoft, facebook, or a startup as my management and permissions tool.
instead I have a disparate management account and portal for every service on the planet. roblox, fortnite, facebook all want to appear to "make it easy" as if they hold the delusional belief that their management portal is the only one I have to manage. then add a spouse that also wants to change or tinker a setting.
if any law is going to get passed: it should be that any company over a certain size, who adds parental controls, needs to expose them externally to 3rd party management software.
reply