There should be only one correct interpretation of that according to CommonMark. Software is faulty for sure and a lot of the these "markdown converters" are pre-AI slop code but at least there is a carefully written spec now.
(That dude who coined the name Markdown is being a dick about other people finishing his abandoned idea is another issue and not the fault of CommonMark.)
Why is this a problem? To me it sounds like a it would be an advantage because you have everything you need to render it already built into the software.
Rendering is trivial. The issue is standards, and the DOM. No-one can write a Markdown implementation for the core of any major web browser in a form that is simultaneously acceptable to both their technical and political governance.
Best you’ll get is a plugin. Strictly arm’s reach. Translation only.
I'm not quite sure I understand what you are saying. Is the essence of what you are saying that it is hard to agree on a spec for the Markdown (and how it is translated to HTML or directly to DOM?) Or that this represents a technical challenge I don't understand?
I have a Framework 13 running an AMD AI 300 Series with Fedora as my personal laptop and an MBP M2 Pro as my work machine.
I would say that the Framework is fine for battery life when you’re using it but loses like 20-30% of battery per day in sleep mode vs like 1% per day for the MBP.
The workaround I use now is to set the FW to hibernate after 30 minutes of sleep so it’s not dead when I decide to use it again after a few days.
The downside of this is that waking up takes a couple of minutes and so I still tend to use the MBP if I need to do something quick and don’t want to wait for the hibernate tax.
I really wanted to switch to the Proton stack and even tried it for a couple weeks but the search in Proton Mail is so bad I couldn’t use it for even simple things like finding my airline tickets. I had to switch back to Google Workspace.
It doesn’t seem like Proton even really cares about the how bad their mail search is and is more focused on releasing new products.
> search in Proton Mail is so bad I couldn’t use it for even simple things like finding my airline tickets.
Not sure if it's related but
Proton does not hold your unencrypted email body content
consequently only you do once you are logged in. Thus you can't have server side search on your email content, only on email title. What you can have though is client side full-text search on body content. For that you have to enable it via the search box, details https://proton.me/support/search-message-content
It's not perfect but obviously it's a LOT more than searching only on titles.
Protons email encryption is mostly snakeoil and marketing. Their guarantees of strict encryption at rest is really only relevant to a certain class of people with a very specific threat model. Everyone else that uses the service is just leaking plain text email with everyone they converse with who uses a service that does not offer the same encryption guarantees.
So basically they sacrifice a usable search function for a security service that isn't relevant to 99% of people and isn't even effective half the time.
FUD much? Snakeoil would be false claims. There are plenty of problems with Proton but AFAIK not genuinely encrypting customer data is not one of them. If you do have examples please do share.
Marketing that might not address the average user who still get in touch with people relying on surveillance capitalism like GMail address sure but bundling both as one is dishonest IMHO.
Outlook online (I have M365 business basic) search sucks just as much. It finds really recent emails and ones from years ago but nothing in between for some reason.
The desktop outlook (the real one, not the 'new' one which is just the web version) is much better of course as it searches locally but it's only on windows. And thunderbird doesn't work great with M365.
But anyway my point is even supposedly premium services screw this up.
>> The desktop outlook (the real one, not the 'new' one which is just the web version) is much better of course as it searches locally but it's only on windows.
I am very confused by the MicroSoft product branding, but on MacOS there is a "proper" application: "Microsoft Outlook for Mac". As I understand this is called the "New Outlook" which is a native, non-Electron version. As it is not Electron based it is only 2.6GB (/s).
Anyways.. the search capabilities are insanely bad for searches outside of your current mailbox. It might be related to handling of large result sets where it just provides a limited set of random hits as opposed to a set with the most recent hits. When you provide from-to dates (from a hideously complicated "advanced" menu) the results seem a bit better.
edit/addition: on MacOS, Outlook supposedly uses the native "Spotlight" search engine. MacOS spotlight, when used from the Finder, actually does a really good job in finding the E-mail .eml files from the file system and, when clicked, they open up in Outlook.
> I am very confused by the MicroSoft product branding
Have a look at Word. The app, the web version, the Teams versions. Try editing in one and then opening in another - they aren’t even compatible. It’s such a nasty swamp.
Yes Mac is the exception. They still have a real app there. On windows they're discontinuing the real app for an electron one (or Webview2 as they call that)
It's unfortunately just a webview to their cloud outlook. If you have an account that's not with Microsoft they will pull your entire mailbox into their cloud (though they don't charge for it). Just pulling directly from another mailserver is something they don't care about.
I'm surprised the search is so bad on Mac too. But spotlight has degraded a lot. When it first arrived in tiger it was great but when I was last on Mac 3 years ago it was indeed pretty bad.
I use the bridge and a real mail client with proton and the search is fine. You can even hook the bridge into tailscale, so it works across my devices with a real mail client also (e.g phones tablets etc).
The app. With MS365 I get terrible search results. And worse, my work email has access to some shared accounts which I can’t access from Apple mail as 2FA will only work for the primary account.
I am using paid version of Proton Mail and search is working in thunderbird connected to their IMAP/SMTP bridge just alright. But web interface may suck, I did not use the web for a long time.
The web search feature isnt great.
With the bridge youre unecrypting the emails and letting Thunderbird have full access so its as good as whatever Thunderbird (or other programs) have implemented.
Proton websearch is by default email title, sender/receiver only. You can enable full body search but Proton will download your emails to your browser so the search is local. They dont support server-side body search. If you have thousands of emails, youll need to download those first.
this is a soft case of "you're using it wrong/didn't read what proton mail is" they physically cannot offer you this functionality even if they really wanted to. Although you can enable message body search and it has to be indexed on your client (which takes a long time and is a pretty bad UX - but there is no alternative).
Instead (and this is the suggested way) you can link it to an email client which stores emails on device unencrypted using proton mail bridge. They could pre-load all content in your browser, but again it's pretty bad UX and you would sit there wondering why the search takes 1-2 minutes on a fresh window session if it was on "by default". You *can* use automatic tagging for assisted search (like "if contains flight, add flight tag") though if you want to continue exclusively using the web app(s).
But there is a pretty valid concern here: why don't the native iOS and android apps have an email index?! I guess they don't want to be caught "storing" your emails unencrypted? I don't know - should really be an option.
I've been a happy infomaniak customer for many years. They only had 1 or 2 outtages that lasted more than 1 day during all this time.
They are on my watch list however. The CEO is pro-surveillance, but was forced to back down due to the outrage of their customers, but he seems to be ethically quite questionable. But for the moment, I think they do a good job, but they should change their CEO to someone who unquestionably is against surveillance.
The issue will be very context specific. In other words to (reasonably) answer the question, we'd have to judge each application individually.
For one example, say you were making voting-booth software. You really don't want a (hidden) timestamp attached to each vote (much less an incrementing id) because that would break voter confidentiality.
More generally, it's more a underlying principle of data management. Not leaking ancillary data is easier to justify than "sure we leak the date and time of the record creation, but we can't think of a reason why that matters."
Personally I think the biggest issue are "clever" programmers who treat the uuid as data and start displaying the date and time. This leads to complications ("that which is displayed, the customer wants to change"). It's only a matter of time before someone declares the date "wrong" and it must be "fixed". Not to mention time zone or daylight savings conversions.
Well you're leaking user data. I'm sure you can imagine situations where "the defendant created an account on this site on this date" could come up. And the user could have created that account not knowing that the creation date is public, because it's not listed anywhere in the publicly viewable part of the profile other than the UUID in the URL.
Hacker news is also doing fine, even though I can just click your profile and see you joined in october 2024. It doesn't matter for every use case.
But there are cases where it matters. Using UUIDv7 for identifiers means you need to carefully consider the security and privacy implications every time you create a new table identified by a UUID, and you'll possibly end up with some tables where you use v4 and some where you use v7. Worst case, you'll end up with painful migrations from v7 to v4 as security review identifies timestamped identifiers as a security concern.
The whole point though is that the ID itself leaks info, even if the profile is not public. There are many cases where you reference an object as a foreign key, even if you can't see the entire record of that foreign key.
If your system (pseudo-) random number generator (RNG) is compromised to derive a portion of its entropy from things that are knowable by knowing the time when the function ran, then the search space for cracking keys created around the same time can be shrunken considerably.
This doesn’t even rely on your system’s built-in RNG being low quality. It could be audited and known to avoid such issues but you could have a compromised compiler or OS that injects a doctored RNG.
E.g, if your service users have timestamp as part of the key and this data is visible to other users, you would know when that account was created. This could be an issue.
There was a HN comment about competitors tracking how many new signups are happening and increasing the discounts/sales push based on that. Something like this.
In a business I once worked for, one of the users of the online ordering system represented over 50% of the business' income, something you wouldn't necessarily want them to know.
However, because the online ordering system assigned order numbers sequentially, it would have been trivial for that company to determine how important their business was.
For example, over the course of a month, they could order something at the start of the month and something at the end of the month. That would give them the total number of orders in that period. They already know how many orders they have placed during the month, so company_orders / total_orders = percentage_of_business
It doesn't even have to be accurate, just an approximation. I don't know if they figured out that they could do that but it wouldn't surprise me if they had.
This is also something that depends heavily on regulations. In my home country, invoice numbers have to be sequential by law, although you can restart the numbering every year.
Yes, even if it's not a legal requirement it's definitely best practice to have sequential invoice numbers. I thought about this at the time but these numbers aren't invoice numbers, only order numbers.
A sequence per "series", where a series can be a fiscal year, a department or category, etc. But I am not sure if you can have one series per customer, I only find conflicting information.
You can have more details here, in the section "Complete invoice":
That's happening everywhere. You can order industrial parts from a Fortune 500 and check some of the numbers on it too, if they're not careful about it.
Apart from all the other answers here: an external entity knowing the relative creation time for two different accounts, or just that the two accounts were created close in time to each other can represent a meaningful information leak.
Depends on the data. If you use a primary key in data about a person that shouldn't include their age (e.g. to remove age-based discrimination) then you are leaking an imperfect proxy to their age.
I would love to feel sorry, but seems you’re technically capable of preventing this (unlike most people), just chose “convenience.”
Well, this is the downside of “convenience.”
If you manage to recover your belongings, I hope you stop preaching around how living in a normal apartment in society is good and everyone should accept the risk of home invasion instead of living in an underground bunker with biometric access controls and armed security.
living in an apartment sucks for security. You can't really own a gun and practice castle doctrine. Your landlord has a key to your home and can lock you out at any time, or can go through your mail.
There are other options like living in your own property, living in an RV, etc. that are better if you are worried about security.
If I was living in an apartment, I wouldn't be stashing all of my money under my mattress. I wouldn't run a business out of my apartment such that I would lose all of my equipment if I got evicted.
Similarly, I wouldn't do anything of importance on an apple computer. I wouldn't stash cryptocurrency on it, I wouldn't save my bank account details on it, I wouldn't run an important business that depends on their platforms. Because you're just renting and your lord can change the keys tomorrow.
Where do you live? You are implicitly assuming a rented property. Where I live you can buy a flat. however, even assuming rented, its not that bad, atleast here in the UK.
> our landlord has a key to your home and can lock you out at any time
Illegal to do without notice and permission. You can change the locks as long as you change them back or pay for cost of doing so when you leave.
> I wouldn't run a business out of my apartment such that I would lose all of my equipment if I got evicted.
Eviction requires a legal process that takes months.
> I wouldn't run an important business that depends on their platforms.
That implies no one should develop software for Apple, MS or Google platforms.
> You can't really own a gun and practice castle doctrine. Your landlord has a key to your home and can lock you out at any time, or can go through your mail.
None of this is true in the US.
Castle doctrine applies to your domicile, and is not based on property ownership. If you have a lease, it is your home as far as CD is concerned. WRT gun restriction rules for rental properties, they vary by state, but in states where they can be prohibited, it would require a clause in the lease for a landlord to prohibit a tenant from having them (and these are nearly unheard of in practice because of enforceability issues). And that still would not affect their legality in a defensive shooting.
Landlords usually require written notice to enter the premises, in advance, and cannot "lock you out at any time" without going through an eviction process if you have a lease.
Landlords opening your mail is a federal crime. Mail can only be opened by the named recipient, it's not based on who owns the address of a building it's delivered to.
>Landlords usually require written notice to enter the premises, in advance, and cannot "lock you out at any time" without going through an eviction process if you have a lease.
Sure, in the same way that landlords aren't able to unfairly keep security deposits - they can and often do do it because it takes a lot of time and effort to attempt to get recompense after the fact, and the consequences even in that case are not significant enough to disincentivize them.
Apartments can ban pets, I don't see why they would have a problem banning weapons. If you want to be a gun owner, you basically have to live in a gun-friendly county of a gun-friendly state and only carry in the minority of gun-friendly private spaces that allow them.
It's like how we have 5th ammendment rights, but they don't apply 100 miles from the border, which just happens to include 90% of the population and the entire state of florida. We have rights that are de-facto illegal to practice due to the way they're implemented.
In the last apartment I was in, my mail went directly through my landlord and I was dependent on them to filter it by apartment room number.
Almost every landlord I've had has thrown out mail they've received after I've left. So if I order something and it ends up taking 2 months to get to my apartment, and I leave after the first month, I don't have access to that mail. They just throw it out.
The landlord, at the end of the day, holds all of the keys. They can change the locks. Even if it's illegal, are you going to go to court while homeless and without access to all of your possessions? My last apartment had an app that allowed them to remotely change the lock code.
My takeaway is that it is totally impractical to run a buisness out of an apartment. When you rent, you're a basically a peasant. You don't have a permanent mailing address, you don't have real security, you have no incentive to improve the property, and you are just paying out the ass for someone else's mortgage. For anything serious, it's better to live in an RV and get a P.O. box.
A lot of people seem to be pushing some weird "anti-environmental" when the simple reality is that all energy costs
I cannot understate the impact of Russian Energy being cut off. Right now we're paying roughly twice as much than we used to for compressed natural gas brought via tanker ships from the us. I genuinely believe that the war in Ukraine is mostly about energy dependence on Russia and Ukraine losing its transfer fees through their old pipelines
> I cannot understate the impact of Russian Energy being cut off.
It's an interesting fact that Western Germany imported Russian gas since the early 1960s, throughout the cold war and in complete opposition to US interests. German Wikipedia has a nice overview: https://de.wikipedia.org/wiki/Geschichte_der_deutschen_Gasve...
It's just one piece of the puzzle. The cost for Co2 certificates is a more major reason. Starting 2027, hedge funds can buy these certificates which will be the nail in the coffin. It's basically Bitcoin on steroids with the difference that people buy Bitcoin out of free will, while the industry is forced to buy these certificates which get more scarce over time.
Anyone can already buy those certificates - but as its an artificial market where rules can be changed politically it's actually way more resistant to such things than regular markets, so if those hedge funds feel like they want to lose some billions they can certainly do that. There is a large enough stockpile of certificates + leeway when to submit them that any short term market squeeze will just be dealt with politically.
This argument, namely that politics can lower the price (by emitting extra certificates) when it gets too high, contradicts the whole reason for the mechanism in the first place: They claim a free market can find the right price better than politicians. But then they interfer anyway?
The price will rise much larger than a dumb, fixed increase-schedule would. Because the "market" wants it's profit.
It's the loss of Germany's last nuclear plants in 2023[1]. For a country supposedly aiming for net zero the shutdown of their nuclear infrastructure was a huge "own goal". Really sad to see.
Mostly just that it's easy for an American (or at least, myself circa several years ago) to assume that the overwhelmingly vast majority of Muslims live in middle eastern countries, and when I first learned that Indonesia was the world's largest Muslim majority country it proved that mental heuristic to be entirely inaccurate.
I suppose it shouldn't be too surprising though, I mean Christianity sure as hell got around too.
> Mostly just that it's easy for an American (or at least, myself circa several years ago) to assume that the overwhelmingly vast majority of Muslims live in middle eastern countries, and when I first learned that Indonesia was the world's largest Muslim majority country it proved that mental heuristic to be entirely inaccurate.
I live in Australia, and when I was growing up I thought the same, even though Indonesia are a very close neighbour of ours. Indonesia is featured quite a bit in our local news these days, and that together with lots of Aussie tourists in Indonesia, plus lots of Indonesian students studying here, has made us a little more knowledgeable about our neighbours.
The top five countries in the world by Muslim population are not in the Middle East/North Africa region: Indonesia, Pakistan, India, Bangladesh, Nigeria.
That's so weird. What do they teach in American schools? Apparently not even basic geography? The fact that Indonesia was Muslim is something I learned very early on - certainly before high school.
> What do they teach in American schools? Apparently not even basic geography?
This doesn’t fall under the category of basic geography. I can guarantee you that the majority of people you attended school with would not be able to locate Indonesia on a map, much less tell you about the religions practiced there.
TBH, without going into overmuch detail, I wouldn't generalize from my educational experience to the American educational system as a whole. I think it was better in a lot of ways, and worse in a few ways, than what most people would have received, and I wouldn't be surprised if there were some particular holes in my knowledge due to taking part in multiple curricula from different institutions.
I checked them for a few nations where I had solid on-the-ground knowledge, and the ranks and full-profile descriptions are straight up false. Usually propaganda involves lying by omission or hyperbole. In this case, it is just wrong.
It is a little bit wild that 3/5 all came from the same country. Without the partition of ‘47 - India would have by far the largest group of about 600M a full a third of the global Muslims and also at the same time be only a minority in that hypothetical country with 1.1B Hindus
