Teams has annoyingly some lock in value for 365. Nobody should prefer Exchange Online over Exchange though, Microsoft is too unreliable of a service provider.
The funny thing is this "requirement" got pushed back nearly 20 years and still isn't actually required, but if they set this fee in 2008 it would've been done in 2008. In America you don't get it done by requiring it, you get it done by making it cost more if you don't do it.
ID should be something the government provides to everyone "for free" (for taxes already paid, by all taxpayers).
That way anyone and everyone should be expected to have an ID and depriving someone of that ID or their use of real ID could be made a crime similar to unlawful detainment.
What is it with America and laws being pushed off indefinitely? Do other countries have similar problems?
The system is interesting that the 2 branches of government responsible for doing things are often in a state of open conflict and the main job requirement of the judiciary seems to be an ability to maliciously misinterpret the law in a way which most benefits the group who appointed them.
It helps that this one was entirely pointless except for generating more contracts to hand to pals, like a lot of the stuff around that time—say, when they created Homeland Security rather than just beefing up existing structures that served similar purposes (easier to direct contracts to friends and companies you own large stakes in when you’re setting up a totally new department with an excuse to get all-new everything!)
Like this doesn’t actually matter, at all, for security purposes. Which is why nobody’s cared enough to make it go faster.
> What is it with America and laws being pushed off indefinitely?
For this specific regulation, it's illegal to prevent someone who passes physical security screening and has paid their fare from boarding a plane.
So, if FedGov didn't provide a mechanism that they could point to that technically doesn't require passengers to present ID to board domestic fights, then they're still technically compliant with the law.
That's why TSA hasn't been able to just say "Fuck you, you don't get to fly if you don't have a federally-issued internal passport.".
> For this specific regulation, it's illegal to prevent someone who passes physical security screening and has paid their fare from boarding a plane.
Cite? Not that I'm doubting, just never heard this mentioned during the last news cycle around REAL ID when it "went in to effect" months ago. I didn't really look in to it any further as I've had a compliant ID for long enough it expires next year plus a passport so it didn't affect me.
Gilmore v. Gonzales (2006) sort of dealt with this. Dude wanted to fly, refused to present ID, refused the heightened security check, was told he couldn't fly. He sued, it went to the Supreme Court. The Supreme Court ruled that because the heightened security check was an option, the claimant's freedom of movement was not restricted.
There's a bunch of case law about freedom of movement, which is pretty radically protected in the United States. Not only can the federal government not put up unreasonable impediments to interstate travel, individual states and even private companies can't, either. Since American's aren't required to have ID (interestingly, this might be more political than legal, I can't find any case law enshrining the right to not have ID, just a lot of public outcry and backpedaling any time it's suggested), requiring one to travel interstate would be a significant impediment.
In this case the problem is that the fed is the one who runs the TSA and created the Real ID rules, but the states are the ones that actually issue the IDs meeting those rules. The fed couldn't force the states to implement the rules and the states didn't want to spend money on something they didn't really care about.
Of course, they didn't really care about it because it's mostly just security theater and thus the fed was never going to start turning people away simply for not having a compliant ID (which is still true). If there were much more valid reasons for why everybody needs to have a Real ID then states would have put more effort into getting everybody to have one.
There's also the separate the issue that the Real ID rules are questionable and it's not always easy for someone to get a Real ID even if they want one.
In this particular case, it's because Americans have somewhat unusual deep-seated distrust of our own government, which has lead to pretty well-organized opposition to any federally mandated form of identification. Officially, the only two real semi-universal lists of American citizens available to the federal government are A) Social Security numbers (which aren't ID, they're just a unique identifier, and aren't legally mandated, just incentivized), and B) The Selective Service Registry, which IS legally mandated, but only for fighting age men. (Fun fact: this is why American men still need to register for the draft, despite the US not having a draft since Vietnam. This registration does not suggest that the US is any closer to re-instating the draft than any other country that eliminated their draft, as it would still take an act of congress, just as most countries can reinstate their draft with an act of parliament. The reason we have to register is that officially, the federal government otherwise has no idea who is even eligible to be drafted).
> What is it with America and laws being pushed off indefinitely? Do other countries have similar problems?
Well, it’s a big country that is really kind of like 50 different smaller countries that do a lot of important things in a common manner but also do a lot of other things in very different ways. It’s hard to get all 50 states to move in the same direction.
It basically is required, because without it they're treating you the same as if you showed up to the airport with no ID at all.
There's a manual verification process that has always existed for people who lost their ID before their flight, it used to be free, now you need to do that and pay $45 for it.
Requiring it would get it done, they just haven’t actually required it. They said it was required, but in reality you can still get through without one, with some additional screening. No surprise that this has not been very effective.
As a monopoly, Google should be barred from having standards positions and be legally required to build and support the web standards as determined by other parties.
The insanity that the web platform is just "whatever Google's whims are" remains insane and mercurial. The web platform should not be as inconsistent as Google's own product strategies, wonder if XSLT will get unkilled in a few months.
I kind of liked xhtml, though clearly it was not necessary for the web to be successful. I think the bigger issue is that W3C pursued this to the detriment of more important investments.
Reading over the minutes for the last W3C WG session before WHATWG was announced, the end result seems obvious. The eventual WHATWG folks were pushing for investment in web-as-an-app-platform and everyone else was focused on in retrospect very unimportant stuff.
“Hey, we need to be able to build applications.”
“Ok, but first we need compound documents.”
There was one group who thought they needed to build the web as Microsoft Word and another that wanted to create the platform on which Microsoft Word could be built.
> and another that wanted to create the platform on which Microsoft Word could be built.
Apparently they failed. The web version of Word is still far from having feature parity. Of course doc is one of those everything and the kitchen sink formats, so implementing it on top of a platform that was originally intended to share static documents is kind of a tall order.
The other key browser implementers are also part of WHATWG.
Who do you suppose should be in charge of web standards? I can’t imagine the train wreck of incompetence if standards were driven by bureaucrats instead of stakeholders.
Saying web users should define web standards is like saying laptop users should design CPUs. They lack the expertise to do this meaningfully.
Web authors? Maybe. WHATWG was created specifically because W3C wasn’t really listening to web authors though.
I don’t think there are a lot of scenarios where standards aren’t driven by implementers, though. USB, DRAM, WiFi, all this stuff is defined by implementers.
> WHATWG was created specifically because W3C wasn’t really listening to web authors though.
Rather: WHATWG was founded because the companies developing browsers (in particular Google) believed that what the W3C was working on for XHTML 2.0 was too academic, and went into a different direction than their (i.e. in particular Google's) vision for the web.
They only paid the salary of its chief editor (Ian Hickson) for a significant amount of time...
But that's not very relevant actually. The WHATWG is more like a private arbitrator, not like a court or parliament.
Their mission is to document browser features and coordinate them in such a way that implementation between browsers doesn't diverge too much. It's NOT their mission to decide which features will or will not be implemented or even to design new features. That's left to the browser vendors.
This is such a bizarre response to me saying Google was not part of the founding WHATWG group. It’s like you want to have an argument but don’t have anything to argue about.
“Oh, yeah? Well they paid Hickson’s salary. And the WHATWG doesn’t matter anyway. And also Google is really powerful.”
Um, ok.
WHATWG was founded in 2004 by Mozilla, Opera, and Apple. Google had no browser at that point and didn’t hire Ian Hickson until 2005.
Google is currently a WHATWG member and clearly wields a great deal of influence there. And yeah, the 4 trillion dollar internet giant is powerful. No argument there.
> Rather: WHATWG was founded because the companies developing browsers (in particular Google) believed that what the W3C was working on for XHTML 2.0 was too academic, and went into a different direction than their (i.e. in particular Google's) vision for the web.
Mozilla, Opera and Apple. Google didn't have a browser then, hadn't even made the main hires who would start developing Chrome yet and hixie was still at Opera.
Ask users what they want and they say "faster horses," not cars.
Users are a key information source but they don't know how to build a web engine, they don't know networks, and they don't know security; and therefore can't dictate the feature set.
And those implementers should make decisions, Google should be bound by the FTC to supporting their recommendations.
Honestly, what's really funny here is how absolutely horrified people are by the suggestion a single company which has a monopoly shouldn't also define the web platform. I really think anyone who has any sort of confusion about what I commented here to take a long, hard look at their worldview.
> And those implementers should make decisions, Google should be bound by the FTC to supporting their recommendations.
Is your proposal essentially that Mozilla defines web standards Google is legally bound to implement them?
> what's really funny here is how absolutely horrified people are by the suggestion
Not horrified, but asking what the alternative is. I don’t think you’ve actually got a sensible proposal.
Cooperation in the WHATWG is voluntary. Even if there were some workable proposal for how to drive web standards without Google having any decision making power, they could (and presumably would) decline to participate in any structure that mandated what they have to build in Chrome. Absent legal force, no one can make Google cede their investment in web standards.
We have the legal force to do this. Google has already been determined to be abusing their illegal monopoly they have with Chrome. The penalty phase is ongoing, but consider that even forcing Google to sell Chrome was originally considered as a possible penalty.
Requiring Google implement the standards as agreed by Apple, Mozilla, and Microsoft is not remotely outside the realm of the legal force that could be applied.
There’s something not quite right about saying one member of an oligopoly should be forced to follow the dictates of the other members of an oligopoly. I don’t feel like this actually solves anything.
I feel like Mozilla would end up being a Google proxy in this case as they fear losing their funding and Apple and Microsoft would be incentivized to abuse their position to force Google not to do the best thing for the public but the best thing for Apple and Microsoft.
I agree there's already a significant proxy risk with Mozilla (though Mozilla does consider many Google web proposals harmful today), but that is also no less true today, and in fact, today that means Google holds two votes not one.
I would again agree Microsoft and Apple will heavily endorse their own interests, Microsoft much more so in terms of enterprise requirements and Apple much more so in terms of privacy-concerned consumers. The advertising firm influence will be significantly dimished and that is a darn shame.
Yeah, that feels like State-sponsored formalizing of oligopolies into a cartels. We'd like it if they went in the complete opposite direction of less power, not more.
>what's really funny here is how absolutely horrified people are by the suggestion a single company which has a monopoly shouldn't also define the web platform
They don't. In general browser specs are defined via various standards groups like WHATWG. As far as I know there is no standard for what image formats must be supported on a web browser,[0] which is why in this one case any browser can decide to support an image format or not.
Which other parties? Because Mozilla's stance on JPEG XL and XSLT are identical to Google's. They don't want to create a maintenance burden for features that offer little benefit over existing options.
Didn't Mozilla basically say they would support it if Google does? Mozilla doesn't have the resources to maintain a feature that no one can actually use; they're barely managing to keep up with the latest standards as it is.
> maintain a feature that no one can actually use;
If only there was a way to detect which features a browser supports. Something maybe in the html, the css, javascript or the user agent. If only there was a way to do that, we would not be stuck in a world pretending that everything runs on IE6. /s
I made no such implication. Mozilla is certainly an other party, and their positions on standards hold water. They successfully argued for Web Assembly over Native Client, and have blocked other proposals such as HTML Import in the Web Components API. They are still a key member of the WHATWG.
The fact that Mozilla aligns with Google on both of these deprecations suggests the reasons are valid.
I personally see no reason for XSLT today. Outside of the novelty of theming RSS feeds, it sees very little use. And JPEG XL carries a large security surface area which neither company was comfortable including in its current shape. That may change based on adoption and availability of memory-safe decoders.
It means exactly what it says: "What other parties do you mean?". Key players are already in lockstep on this decision, so insisting that Google must submit to the other WHATWG members doesn't make any sense in an argument for restoring XSLT or JPEG XL.
You seem to be reading subtext into a statement that was put plainly.
>Google must submit to the other WHATWG members doesn't make any sense in an argument for restoring XSLT or JPEG XL.
The comment you replied to was speaking generally, not specifically to XSLT or JPEG XL. They obviously didn't say "Google should be barred from having standards positions" just in context of XSLT/JPEG XL, but they're totally cool with the Google monopoly with every other standard.
>You seem to be reading subtext into a statement that was put plainly.
Nah, I'm really not.
But I'm just farming downvotes, apparently, so nevermind. You win! yay
(It's fun that people are coming to a conversation over 24 hours old, however many levels deep, to downvote!)
Which is why Firefox is steadily losing market share.
If Mozilla wanted Firefox to succeed, they would stop playing "copy Chrome" and support all sorts of things that the community wants, like JpegXL, XSLT, RSS/Atom, Gemini (protocol, not AI), ActivityPub, etc.
With all due respect, this is a completely HN-brained take.
No significant number of users chooses their browser based on support for image codecs. Especially not when no relevant website will ever use them until Safari and Chrome support them.
And websites which already do not bother supporting Firefox very much will bother even less if said browser by-default refuses to allow them to make revenue. They may in fact go even further and put more effort into trying to block said users unless they use a different browser.
Despite whatever HN thinks, Firefox lost marketshare on the basis of:
A) heavy marketing campaigns by Google including backdoor auto-installations via. crapware installers like free antivirus, Java and Adobe, and targeted popups on the largest websites on the planet (which are primarily google properties). The Chrome marketing budget alone nearly surpasses Mozilla's entire budget and that's not even accounting for the value of the aforementioned self-advertising.
B) being a slower, heavier browser at the time, largely because the extension model that HN loved so much and fought the removal of was an architectural anchor, and beyond that, XUL/XPCOM extensions were frequently the cause of the most egregious examples of bad performance, bloat and brokenness in the first place.
C) being "what their cellphone uses" and Google being otherwise synonymous with the internet, like IE was in the late 1990s and early 2000s. Their competitors (Apple, Microsoft, Google) all own their own OS platforms and can squeeze alternative browsers out by merely being good enough or integrated enough not to switch for the average person.
I don't disagree with you, but given (A) how will Firefox ever compete?
One possible way is doing things that Google and Chrome don't (can't).
Catering to niche audiences (and winning those niches) gives people a reason to use it. Maybe one of the niches takes off. Catering to advanced users not necessarily a bad way to compete.
Being a feature-for-feature copy of Chrome is not a winning strategy (IMHO).
>Being a feature-for-feature copy of Chrome is not a winning strategy (IMHO).
Good thing they aren't? Firefox's detached video player feature is far superior to anything Chrome has that I'm aware of. Likewise for container tabs, Manifest V2 and anti-fingerprinting mode. And there are AI integrations that do make sense, like local-only AI translation & summaries, which could be a "niche feature" that people care about. But people complain about that stuff too.
And these aren't niche/advanced features? I'm using Firefox now, and did not know about them. If I'm using them, it is only accidentally or because they are the defaults.
But I'm agreeing with you! These features are important to you, an advanced user. The more advanced users for Firefox, the better.
For Firefox to win back significant share, they need to do more than embrace fringe scenarios that normal people don’t care about. They need some compelling reason to switch.
IE lost the lead to Firefox when IE basically just stopped development and stagnated. Firefox lost to Chrome when Firefox became too bloated and slow. Firefox simply will not win back that market until either Chrome screws up majorly or Firefox delivers some significant value that Google cannot immediately copy.
Nah, google paved the way forward with vital developments like WebGPU und import maps. I stopped using and supporting Firefox because they refused to improve the internet.
I'm using mine to develop 3D apps, which became way to cumbersome and eventually impossible since Firefox dragged its feet on inplementing important stuff.
Barred by who? There is no governing body who can do such a thing, currently. As it is, nothing stops any random person or organization from creating any new format.
This is a vacuous statement. No one is stopping me from using JPEG XL in the same sense that no one is stopping me from using DIMG10K, a format I just invented. But if I attempt to use either of these in my website today, Chrome will not render them.
In a very real sense Google is currently stopping web authors from using JPEG XL.
It's a meta-commentary about the death of critical thinking and the ease with which mindless mobs can be whipped.
From the jump, the article commits a logical error, suggesting that Google killed jpegxl because it favors avif, which is "homegrown". jpegxl, of course, was also written by Google, so this sentence isn't even internally consistent.
VP8 is in all major browsers due to WebRTC, and webp uses little more code than the VP8 keyframe decoder, so it also has baseline support and is unlikely to be deprecated any time soon. https://caniuse.com/?search=vp8
Similarly, AVIF uses little more code than the AV1 keyframe decoder, so since every browser supports AV1, every browser also supports AVIF.
I don't know much about webp other than you get about 50% savings in compression vs png/jpeg, but it does have some hard limits on sizes of images. It doesn't do well with webtoon reading formats (long strip format).
Otherwise, I love webp and use it for all my comics/manga.
Even nowadays, webp seems to be good specifically for its lossless mode. It seems to create files that are substantially more efficient even when compared with advanced png encoders. For comics, png should probably be used over jpeg, so webp is likely indeed an upgrade, aside from compatibility.
For photographs, jpeg has really been optimized without reducing compatibility, and also in another less compatible way (incompatible viewers can display it without erroring out, but the colors are wrong) and there's such an encoder in the JPEG XL repo.
It was mostly about compatibility but looks like photoshop supports it now so I guess I can now officially say I don't really care one way or the other.
Password managers are one of those things I am still stunned is staying popular for advice, even though it's nearly akin to "use one password for everything". I assume a big part of it is the affiliate deals subscription password managers have with infosec influencers.
There are absolutely valid use cases, but they are much fewer and further between than people claim.
It's quite different from use one password everywhere. My threat vector I wish to protect against that some random website I signup to will mismanage passwords and end up with them leaked, causing every website using that password to be compromised. Remembering hundreds of unique passwords is unreasonable, thus, password manager.
Considering the amount of times my email has ended up in a leaked dataset, and the only accounts I've ever had visibly compromised were ones I did not use a password manager for, this seams to be the correct mindset.
No. If a shitty service stores your password in plain and leaks it, this won't affect your other accounts, unless you reuse passwords.
I simply can't remember dozens of passwords, so a pw manager is the best I can do realistically. Yes, it's a single point of failure, but so is using the same pw everywhere.
It's completely the opposite of "use one password for everything". When you do that any single compromise of a website you have an account on means all your accounts are likely compromised. With a password manager you have a long random password for every single website, meaning a compromise is siloed to just that site.
Even if your password vault is stored on the cloud you're likely using a very secure passphrase for it that has 0 reuse anywhere else, so even if your password vault is stolen it's impossible to brute force.
For a hacker to comprise your password vault it would likely involve hacking your computer, which if you're keeping your software updated is a very difficult task these days without the target user's active help.
Depends on your threat model. I went all in on 1Password when I realized that realistically the most likely attack vector for me is phishing, which it absolutely protects against (won't be duped by a fake site and auto fill password).
It would be interesting to do a study (if one hasn't already been done) on whether password manager use reduces the number of compromises an individual has or not.
I think if used correctly they can be a net benefit, but the question is how many users actually use them correctly. Isn't the security they offer based on a user only having to remember a single complex and unique password for the manager, and then let it handle unique and complex passwords for everything else. The question is, however, how many users just set the password manager password to 'ImSecure123!' and use it to autofill the same old reused passwords they've always used?
This is why all the top/good password managers will alert you of: 1) password reuse between sites and 2) weak passwords. One can hope that the users will listen to those suggestions. In an organization, you can enforce compliance.
> even though it's nearly akin to "use one password for everything"
It's not at all akin to that.
Firstly, every respectable password manager requires multi-factor authentication to log in to. Someone finding out the password to your manager is almost never sufficient. They would probably need to find it out as well as gain physical access to a device of yours which has the manager installed.
Secondly, the whole issue of "use one password for everything" is that if one site gets hacked and they store passwords insecurely (or, indeed, if the people who run the site are themselves malicious), then someone can use that same password to access all of your other accounts. So you have to trust the security of every single site you make an account with.
Using a password manager doesn't have that problem, since each site is being provided with a different password. So then you don't have to trust any website, you only have to trust the password manager itself. And you don't have to use a big cloud-hosted one if you distrust them - there are many password managers that you can just run locally on your computer (though without the cloud benefits of backup / disaster recovery). You can also just use a notebook with a padlock or something - frankly it doesn't really matter how you track your passwords, as long as nobody can get to it but you, and you use a different password for everything, and you have some plan for disaster recovery. That's the idea.
One of the things Forgejo has been working on is federation, such that hopefully someday we can replicate the discoverability of GitHub without a central provider.
This was the part that mystified me. Love it or hate it, GitHub Actions is free. Alternative providers like Codeberg have much tighter limits on it, and it sounds unlikely the author's solution includes CI at all.
Let's just say unless you are buying Windows Enterprise the deployment method of this is basically unmanageable for businesses. Like... individuals need their own Microsoft accounts to buy it for their own PC sort of unmanageable.
There's a way to volume license HEVC but only for very specific enterprise categories, others just can't.
In almost every other way, Dell is probably the most manageable hardware OEM. Fantastic support for automatable, scripted driver and firmware updates, a very consistent and unified platform, easily hot-swappable parts, and a great on-site repair coverage.
I think what's happening here is not that HP and Dell don't want to pay the four cents a device, but as it reflects a 20% price increase in the license, they are "drawing a line" for the license company that increasing cost will cost them money, not make them money. I suspect if it works this problem will resolve itself next year, it just sucks for customers.
"and WAGO Corporation, the electrical component manufacturer"
Sucks to be any of the YouTubers influencers today telling everyone they should use WAGO connectors in all their walls.
Seriously though, impressive to trace the issue down this closely. I am at best an amateur DIY electrician, but I am always super careful about the quality of each connection.
The WAGO connectors typically used in home wiring have a transparent plastic shell which lets you see whether the wire made it all the way through the spring clip. The ones shown in the NTSB video had an opaque shell around the spring clip.
I don't see anything in the report that suggests the connector failed. It sounds like the installer failed. Trust me, they can screw up twist connections too :)
reply