Neither broke web pages, honestly. XHTML requires a DTD named at the top of the document, and browsers will happily fall back to HTML 3, 4, or 5 as they can if there’s no DTD specified.
My interpretation of "break web pages" was serving XHTML with MIME type application/xhtml+xml, in which case browsers don't render anything when the XHTML isn't well-formed, which is really just a strict / validate-my-syntax mode you can opt into.
Uber violates this. At least as of a few years ago, there was no way to get notifications about driver arrival without also getting special offer and Uber Eats spam notifications periodically. Not only was there no opt-in consent, there was no way to turn them off without disabling the status updates.
It's particularly bad when apps with legitimate time-sensitive functionality do this.
I denied the app the ability to send any notifications on principle, and now it's very annoying to have to check the app to see the driver status. It makes things worse for both me and them and I use it less as a result.
At the point in time when I disabled notifications for the app, it did not. I tried that. Even after navigating dark patterns, digging into the menus, and turning those options off, I still received promotion notifications.
Perhaps they've fixed it since? I don't know because they've already burned my trust and they've done nothing to earn it back. Publicly acknowledging and apologizing for this would have been a way to start getting off my list of bad actors.
Even if they've made it possible to successfully turn those off deep in the menus now, whatever dreamed-up definition of "opted in" it's operating under is a tortured legalistic one that undermines the actual meaning and spirit of opting in.
I can sympathize. I don’t know about uber in particular but it gets quite tiring trying to find and follow these obscure settings.
And what’s worse is that the companies always seem to find a way to reset it to what they want quite frequently. One of their tricks is to reorganize permissions frequently so the ones that allow their spam to get through are always new.
I had to completely turn off notifications for Instagram because none of the provided settings appear to disable the almost-daily "for you" and "trending" notifications. Now I don't get notified when someone DMs me there, which has lead to me missing important messages.
Same. And I used to work there, and I raised it with them. They have all their career incentives aligned to getting people to see spammy notifications. I was powerless.
The problem with the user hostility is that, in the long term, people don't use it.
As a web dev I see so many things that are lights-on-nobody-home about Meta. The Meta app on my phone generates numerous notifications, when I get one that says a game that looks really cool is 50% off, clicking on it doesn't send me to the landing page in the their app store, it sends me to the senseless home page of the app which seems to have the message "move on folks, nothing to see here"
The Instagram web application fails to load the first time I load it on my computer and I have to always reload. On either Facebook or Instagram I am always getting harassed by OnlyFans models that want me to engage with them... on the same platform where I engage with my sister-in-law.
When they say they are "careless people" I wonder if they are not just careless about sexual harassment and genocide but careless about making money because we're in a postcapitalist hell where Zuck could care less for making money for his shareholders but rather gets a squee from sitting behind Trump at his inauguration and hires people with $100M packages not because he wants them to work with him but because he doesn't want them to work with someone else.
I went through a couple rounds of trying to raise specifically this issue with support before simply uninstalling the app out of principle. They had their chance and burned it.
1. your profile icon (bottom right) > hamburger menu (top right) > Notifications > Posts, stories, and comments > turn off ‘Posts suggested for you’ and ‘Notes’
2. on the same screen, set ‘First posts and stories’ to ‘From people I follow’
3. back out to Notifications > Live and reels > turn off ‘Recently uploaded reels’ and ‘Reels suggested for you’
This works for me, but if you’re still getting notifications you don’t want, you’ll have to figure out what category/type they fall under and turn that off.
Yes, unfortunately, they have changed their permissions structure a few times, and each time I have had to go back in and re-configure it so that the ads don't show up. It's quite annoying, they seem to be doing everything they can to follow the letter of the law while disobeying its spirit.
I discovered this a few months ago - it's worth spending the 60 seconds to update these settings to get rid of Uber's terrible promotion notifications!
It's interesting that 600MB can be perceived as both trivial (e.g. on a fiber connection this is a matter of seconds) and excruciating (e.g. on a rural satellite line this could be 15-20+ minutes).
can't find what you're talking about. Per ChatGPT, "In iOS, there is no universal path like Account > Settings > Communication > Marketing Preferences across the system. That type of menu usually appears within individual apps or websites, not in iPhone’s system-wide Settings."
So does "Too Good To Go". Missed a pickup notification because I didn't remember having angrily turned off all notifications one day, since they don't have any more fine-grained option.
I let their support know, but they don't care. I guess as long as it still brings in more additional sales than it costs in lost users, it works for them.
This is something I like better on Android: As far as I remember, separate "notification channels" are mandatory there, and deactivating a given one is possible purely from the OS notification UI, without having to dig through inconsistent and hidden in-app options.
I definitely get unmutable notifications on Android from my first-party phone manufacturer bloatware apps, which is the equivalent here. Would I like to see the new Themes in the Theme Marketplace?
Pretty sure I've had marketing notifications on third party apps I couldn't disable without losing functionality, too. Separate notification channels might be mandatory in theory, but even if so, the Play Store is worse at policing that kind of thing in practice than Apple.
That doesn’t solve the main problem mentioned above: that some notifications from some apps are useful, but they don’t let you fine tune which notifications are permitted and which are disabled: you either get everything, including the marketing / adware notifications, or nothing at all.
It's still fundamentally down to app to properly use those multiple channels even on Android; if they want to, they can shove ads down the main channel instead.
This is one of those cases where ultimately the app stores need to have a rule about it, and actively enforce it with hefty penalties for non-compliance.
Curiously I have the opposite problem with Too Good To Go - they never give me notifications of available things I might be interested in, even though I've set that I want them.
This is on Android though, so perhaps an ecosystem difference?
I uninstall even if I do not have alternatives, I install/delete Uber every time I use it. When I need a ride with them I install it, when the ride is over I tip the driver and delete the app. Every single time, no exceptions
For many, and hopefully increasingly more and more of us, time and attention can be more valuable than money.
Manipulating our behavior to develop familiarity with a product by seeding the habit of using it as an ad-clicking serf and nurturing that habit by drawing it out across a series of days as the means of acquiring security for our tools and information is a coercive and corrosive exchange.
It's designed to seem like such a small thing that it's benign, as if attention is worth infinitely less than money. By changing us, forming new and often bad habits, and extracting ongoing attention interest payments without us noticing, the cost can end up being far greater.
Missing vertical taskbar is probably the most egregious omission, but it's not so much they took it away as it is they created versions of a number of Windows Explorer components in a higher-level technology without implementing half the features and shipping it with 50x the number of bugs. I at least weekly (and often daily) run into issues with taskbar icons overlapping one another, menus not coming up when clicked, the tray icons breaking, etc.
Same story with navigating the file system--the new implementation has a multitude of issues, including getting into a state where clicking files to select them only works below a certain invisible horizontal line in the window, windows not refreshing when files have been added/removed, trying to rename a file you just copied being an exercise in frustration with the view refreshing and exiting the rename state 5 - 10 seconds after the copy, the address bar breaking in about a dozen different ways... it's really frustrating software that's a full few tiers down from the quality standard set by Windows 10 and previous versions.
It's gotten slightly better since the initial Windows 11 release, but it still feels like pre-release quality software. I was hoping they'd get it up to release quality and add the important features back by the sunset of Windows 10, but it looks like Microsoft really doesn't care about the quality of the experience of using their UI.
If it were only missing the vertical taskbar as a design decision that would be one thing, but instead it's the very obvious tip of an iceberg of lack of user focus, care, quality, resourcing, and skill. They don't add it back because they know in their current state they're not going to do it well, and the money's in dreaming up new ways of force-feeding trash "news" and promotions anyway, not in helping you get things done and providing a well-functioning tool and bicycle for the mind. What if someone put the taskbar on the left side of the screen, it interfered with them seeing the clickbait brainrot of the widgets "feature", and Microsoft didn't get its average $.0003 for each interaction?
Similarly to making so many of the playlists "made for you", they've completely ruined the "radio" feature. You used to be able to select the radio option on a song, artist, or playlist and get a playlist of songs that seemed to be a good mix of musically similar and being liked by people who liked the selected starting point.
Starting at some point around 2 years ago (it seems they A-B tested this for a while because it went back and forth), the radio option became so highly customized to your user account that most songs it plays will be ones you've heard a billion times, even songs that aren't remotely similar in any way other than that you like them.
And the playlist radio option, which was the most powerful one for discovery, has been completely removed.
I used the radio option for years to discover new music, and I really loved it. Now I feel a twinge of sadness mixed with rage when my memories of the good days get me to open Spotify and I remember what it's become.
The tests must reveal what is easily deduced: most, nearly all people do not enjoy much variety. They want to think they do, but their actions prove otherwise.
This sucks for you and me but is Spotify giving the masses what they actually enjoy.
Many years ago my most listened song (on ripped CDs in iTunes) had a few thousand plays because I turned off my headphones (analogue wireless!) while I had a track on repeat, only actually planning to listen to it a second time, and went on holiday for a week.
> There is separate, but not directly related news that Jason Bahl has left WP Engine to work for Automattic and will be making WPGraphQL a canonical community plugin. We expect others will follow as well.
Anything to prop up their position and throw the company they are attacking under the bus. What a jerk.
The support notice got deleted[1]. The plugin developer got banned. Blocking access from certain ip. Shady or problematic hosting term[2]. I think hosting your code on wordpress.org is considered dangerous.
The diff contains two (identical) changes that aren't just ripping out upgrade notices for the pro version: Two functions that stop callbacks from accessing $_POST now also stop them from accessing $_REQUEST, which also contains everything in $_POST. Also confirmed by WP Engine's update notice[1].
I honestly don't see why anyone would treat this as a security issue. Everything involved is PHP code that can do whatever it wants, not in any kind of sandbox.
Edit: And even if it were this update doesn't fix the problem. POST variables can still be accessed:
Though, Automattic posted publicly that there was a vulnerability shortly after filing the CVE, while simultaneously blocking WPEngine from being able to push a fix to it because they'd cut off access to wp.org
I can’t find the actual number because Automattic’s tweet[1] announcing it has been deleted, but it’s the one mentioned in the ACF 6.3.8 release notes[2]. The authors of ACF can’t upload that version to wordpress.org themselves because Matt banned them from there before making the announcement.
ETA: Matt says[3] it’s a different vulnerability. Anybody willing to break out the almighty diff?
Far beyond the time wasted, they're an invasion of privacy.