Apple makes this experience as seamless as I think it possibly can be. (As long as you use Safari...). All my passwords synced across all devices all the time, instantly available with faceID or or my fingerprint. Apply pay makes checking out of most online retailers as fast as using my fingerprint or double-clicking the side button on my phone. Passkeys generally starting to replace passwords on many major sites, making the process even faster.
That whole process in the top level comment is much faster, in practice, on my phone. Everything auto-fills (unless a site manages to fuck up their forms). I don’t typically have to type or manually copy anything, including 2fa tokens. Wait for the notification to ping, “fill from message” option, done.
I can often go through an entire sign-up, entering shipping, and payment, at a new site, without typing a single thing.
Well, yes (I also use Apple Pay when it’s available—best overall experience by a long shot) but it’s still quite fast and often involves no typing or copy-pasting.
I use 1password but opt out of this feature. Just as described in the article masterpassword creates a single source of failure so I don't personally want to put more eggs in that basket.
I keep my unimportant 2FA in 1Password and the really important one’s (e-mail, domains, etc) in a separate 2FA app.
If someone has pwned my 1Password I don’t really care if they log on to my Discord or order a limited amount of crap on Amazon because I am in much deeper shit at that point.
It depends on the set of credentials. Your primary email address, your access to 1Password, things of that nature can and should be stored in a 2FA app on another device. But the majority of 2FA codes for most websites are fine to be stored in your password manager. This way you can enable 2FA on every site you use, without the inconvenience, but you can reserve the extra security of a second device for services that would be critical failure points for you.
That, I don’t, but I only have those on work accounts anyway. None of my work stuff is set up to be as nice as my personal stuff, but that’s mostly outside my control.
Oh, wait: Steam has them I guess. Every so often (once every few months?) I have to type in one of their codes.
I did just check and I guess I could be doing this with non-sms codes if I added them to my password manager. If I had more than just Steam that used them, I’d do that.
I love the Apple ecosystem, however I always have a low level of dread that someday I will somehow offend them and be permanently blacklisted. This is the main reason I've drawn the line at using their password manager or email - I use separate email and separate password manager so that in a worst case situation I don't get locked out of everything.
Don't worry, Google actually did lock me out of everything a few years ago and when you have the pleasure of using their wonderful services you're literally given no information and have to google (hehe) around for a form to send in a picture of your drivers license to which you will never receive a reply, your google account will remain "fraud blocked" and in 4 days you will have switched your entire life over to Apple/IOS to never deal with no customer service google again.
Then 1 yr later a hn thread will remind you to try to log into your google SSO and.. bam it works. And you still have no idea why ALL of your g servces (domains, email, gphone, etc) were disconnected a year ago.
I used to think the same - custom email domain, passwords managed by myself, but:
1) I’ve never ever heard Apple lock someone out of their Apple ID. Maybe they are obligated to do it for law enforcement in US but even none of that. Meanwhile I’ve heard a ton of stories of Google locking people out of their accounts.
2) The convenience of using Safari, with 2FA and passkeys set via iCloud Keychain is too good to ignore. Literally 1 click (passkeys) or 2 clicks at most, authenticated with Face ID.
So I’m using this setup rn. You can set custom domains with your iCloud email too.
Not to be argumentative, just wondering, has there been a case related to iCloud access that Apple has ever blacklisted someone? Certainly, I've heard of Meta and other companies doing not, but don't recall Apple outside of security confirmation issues people are having.
If you have 2FA and lose all your 2FA methods, and didn’t preplan by making a recovery key and storing it in a safe place you can find again… you can be screwed. It’s not a blacklist, but the net result is the same.
I’m terrified of losing access to all my stuff because of forced 2FA I never signed up for. I get that it’s more secure, but it can be secure to the point of having unrecoverable data. All it would take is someone carelessly deciding to get a new phone number. I have a friend who recently talked about wanting to get a new number with his new phone. I asked about 2FA and he seemed to have no knowledge of it and said he didn’t have anything like that. He kept his number, but if he didn’t, I could see him easily getting locked out of his Apple account (which he has), and his bank.
Setting up a recovery key for an Apple ID is optional. You can still recover your Apple ID. Apple will ask for information that can identify you, like previous iPhone passwords etc. If you have hit your head to a wall and can’t remember literally anything afair you are asked to wait some <1 week amount of time before being able to access, to prevent account fraud. The process is so complex and evolving I’m probably wrong on many things, but the idea is: Apple ID isn’t a footgun for the user.
If you have recovery keys enabled, it’s a different story. Enabling screen clearly states that you can get locked out of your account without your recovery key. You can set up recovery accounts too, like those of your family members.
Apple blacklisted Parler in January 2020. Of course, they were an app store app, not a user, but they established the precedent that they ban for political views they don't like.
you don't, that's the whole apple strategy lock-in your average younger, non technical person so much that they find it 'an ick' to have to interact with an android user.
If you go all-in on an ecosystem there's going to be pain if you decide to jump to another ecosystem. You can avoid some of that by using 1Password (I'm sure there are others as well). It integrates just fine with iOS.
It doesn't, but I've used Apple stuff for going on 25 years now and it is doubtful I will care to move to something different any time soon, so it works for me.
Always the tradeoff with Apple is choice and flexibility versus a seamless and pleasant user experience.
Anyone else feels that the double clicking of the side button doesn't feel ergonomic? It doesn't feel right to me when doing it. I end up holding it like a gun, and then double clicking it, as in the default pose of holding a phone, my thumb is unable to double click.
agreed, but i almost feel like it's supposed to feel a little weird to avoid accidentally buying things. either way, if you want to make it easier, there's an option under settings > accessibility > side button. You can adjust the speed required to register a double or triple click.
Same for me, I honestly think people are just trying to find things to complain about. I've shopped in the Apple store many times and it's been quick and easy, no hassling by the employees.
People have different preferences, but I will never, ever, ever again in my life voluntarily commute hours every day in standstill traffic to a bland, lifeless corporate hellhole of an office to have disinterested polite banter with random people I have nothing in common with to do a job that is entirely based around sitting at my computer. Not when I can work comfortably in the peaceful surroundings of my own home office, decorated and set up exactly how a I want, or even at a local coffee shop (or halfway across the country while visiting family for a month), eat lunch with my wife, walk our dog mid-day, and spend my mornings and evenings peacefully getting household stuff done and relaxing.
The improvement to my quality of life that remote work has produced is so monumental that it's hard to even envision how I coped most days before.
This is good, but also many people do not have comfortable and peaceful homes with nice offices, partners, dogs, etc and basically never leaving their apartment or room in their apartment is a nightmare and socially isolating in a profound way.
True. Then again, maybe masking that problem with some relief from daily commutes to work is not really a great solution. Recent layoffs in the industry were a good reminder for me that it's easy to be overly emotionally tied to your work.
I think we just have to accept that some people like an office, depending on the office, the commute, their job, their personality, phase of life, and current circumstances.
I totally agree and everyone should be able to work in their preferred way. I'm very wary of any efforts to entice more people back into offices, though, as it's absolutely not being driven by a desire to offer more flexibility.
I'll be dragged kicking and screaming back into an office, and would only ever consider an in-person role as a stopgap measure while I job hunt.
That's fine, I think clearly the labor market is shifting toward people demanding more WFH.
I just also think its fine for a company to say "look, the way we work is [remote/office], and if you want to work a different way find a different company if that's a deal-breaker".
thats why god invented coffeeshops, libraries, coworking spaces. hell, my local Uni offers free wifi for guests for up to an hour, so I've gotten planted in some of their buildings and knocked out simple tasks
A well-tooled environment does not just spring out of an ether. Maintaining proper tooling in a distributed system often requires more work than the system itself. In a lot of cases, the business does not even consider this kind of time commitment, pushing the team to churn out features, and who eventually just bog down in insane complexity.
This strikes me as a, "poor carpenter blames his tools" situation. Obviously if a business does a bad job considering the needs of their engineers then the needs of their engineers won't be met, but that doesn't mean that the modern development environment is the problem.
This sounds like a symptom of you falling behind the technology curve more than a problem with the technology curve. Most people are achieving vastly more with newer tech than ever could have been done in the early 2000s. You've gotta be looking through some densely rose colored glasses if you think that that the web in the 2000s was just as powerful as the web of today.
I resisted learning a lot of it knowing that there will be a snap-back to simpler designs long-term, and it's happening now.
And when I tried, it went nowhere. After months of work on my side project with Electron, Typescript, and Vue, I was in the same place because every time I opened IntelliJ, it seemed all of my effort went into just having it build again.
Now I chose ArrowJS for my project, and it's been a delight. Look, I get it, but I would refrain from accusing the other person of laziness in this case.
I don't think there is laziness in falling behind the technology curve - the things that worked ten years ago still work today and if you're shipping code then what you're doing is working. But new technologies aren't overly complex and they generally make a developer's life easier, not harder, but they all come with a learning curve. And the landscape evolves quickly, so in order to leverage them you have to stay on top of it.
Your parent comment definitely came off as arrogant, but your reply doesn't come off any better. If it's objectively incorrect, then you can contribute to discussion by explaining how and why. A low effort drive-by dismissal isn't appropriate for HN.
This is anecdotal, but I have been in the industry > 10 years now and worked for a lot of employers. What they have required of me for the frontend has pretty much been the same more or less throughout. But recently, with the large amount of funding, companies have had a large blow up in payroll and a talent shortage. The talent shortage has resulted in some juniors getting hired that would not have gotten hired during the great recession. These juniors, on average, need to know a lot more now than back then due to the complex stack. This has resulted in a lot of breadth of knowledge but not a lot of depth. Over time , large teams of inexperienced people have turned what could be a simple frontend created by 1-2 developers in a large 15 developer behemoth that is difficult to maintain and keep secure. It is difficult to reason about for most newer developers so a lot of the time is spent handling edge case bugs instead of getting the job done. Usually their needs really aren't different. It's often just an intranet app or b2b. These don't have scaling needs and you can create reactive asynchronous websites without the complexity here and without reinventing the wheel. Sometimes, the complexity introduced by this complex stack is required (i.e. the app being created is complex). Everyone thinks their app is complex. It almost always is not complex, at least on the frontend, and it could have shipped earlier and with less bugs if the complex stack was not introduced.
I hear the argument being made, it just doesn't make any sense. We are using React to do things vanilla JS could do eyears ago. That doesn't mean React doesn't make doing those things easier. I like Svelte as well, but it likely wouldn't exist today without lessons learned from other frameworks like React.
I think you nailed it. In reality from a business standpoint, Reddit should have taken Selig's offer and bought out Apollo and built the main app around it and injected ads, maybe offered an overpriced subscription to minimize ads for premium users. I think nobody would have complained a bit.
Reddit balked at Selig's offer that he based on their API pricing (and he even halved it!). They poisoned the well before walking into that discussion, hence it was effectively off the table from the start. Negotiating for a lower buy-out would have been conceeding the point that the API price is severly inflated beyond the actual value of the users Selig served (and the cost to serve them).
There's also the fact that those complex solutions aren't engineered by a solo developer but by teams, typically even multiple teams each working on a compartmentalized piece of the whole thing.
That too. It's a lot easier to work on a complex project if you've got a large team working on it. Like the teams that the 10s of thousands of devs at your average FAANG company can staff.
Well, that and how most complex projects didn't start that way. A lot of the time, these things were built in a much simpler way, and dealing with increasing demand over the last decade or two caused them to balloon in complexity.
But now you have to subtract from the "plenty of people" those who are angered and disillusioned over Reddit's treatment of existing community mods and power users. You're whittling down the population of people who actually care about the subreddits they moderate and contribute to. So yeah, you could get them moderated, but the site would mostly go to garbage.
Reddit's triumph from the user perspective is that all of the content is driven by users, and those users are primarily made up of a small and passionate minority. The downfall of this fact from the business side is that Reddit as a company needs to appease those people because without their contributions, nobody would want to use the site.
It is true. Walking down the street, you gaze with more enjoyment at a garden someone took the time to make presentable and not so much the other property with the random weeds all over and perhaps an empty can.
