I think the bigger use case is being able to (backoff) retry failing API calls to 3rd party services. AFAIUI the new tasks package doesnt offer this in v1 which is a deal breaker for my project, at least.
For me I think it works well as is because my use case is sending several different emails after POST'ing to a view, which, there is no need to make the user wait for in my case, as they don't care about the status of the mail delivery.
But I realize there are many other usecases too that will need proper workers.
Got it. I was going to say it sounds like less than a fiasco but I see this is in context of someone criticizing the Replit CEO for a specific action so now I get it. Apologies for being dense. It's a reminder that people leading companies are just people. And if we have a purity test on everyone we better be prepared to have a purity test on ourselves. And not just in our own eyes but in the eyes of everyone else. And that's where it quickly falls apart.
There's a lot of resistance to this because people can see this is the big pill they want you to swallow. Then smaller ones can follow.
You might need digital ID recorded to buy a house. Then a car. Then eventually pretty much anything.
Any legislation allowing the State to link systems via digital ID would be unremarkable and not newsworthy, but the end result could be the Panopticon we are all dreading, or perhaps a toolkit for more hardline governments in the future.
For now, you can sign a Petition [1] against the introduction of Digital ID.
In the future, you may need to submit digital ID before signing such a petition (rather than the current email address validation).
Imagine what a tool that could be for identifying dissenters and undesirables.
“Meet Sustainability Goals: Waymo’s fully electric fleet helps organizations advance their sustainability targets”
Taking a private taxi to commute to work or school is easily the worst thing you can do environmentally in a city. Doesn’t really matter that you’re not burning dinosaur juice.
Especially when I'm guessing a lot of these "urban tech worker" commutes are mostly on surface streets or congested highways barely moving any faster. In my experience cycling to work I am actually faster on the bike than when I take the car. This is mostly due to filtering to the front of the intersection effectively eliminating any and all effects of rush hour traffic. Another huge factor is I can also park the bike directly in front of the door to the building, no having to walk from a designated parking or drop off zone.
While I agree that it’s kinda unpleasant to get all sweaty before work, many larger corporations have offices (usually with gyms) have locker rooms and showers to support bikers. While I’m able to take transit, many of my coworkers do bike+shower at the office for commuting.
The bike is in fact the more appropriate transport for moving a 200lb person than a 5000lb vehicle. Literally 95% of the energy being consumed is just to move the damned vehicle around, not to do anything productive with it.
Showering uses hot water and you also must change clothes, which also require cleaning. If you are doing this twice per day in addition to someone using some other means of transportation there is a non trivial energy cost involved.
If the car propulsion is non fossil fuel based then the car wins because you are using much less water.
I shower once a day regardless. I combine my bike commute on the way in with train or bus depending on the route I feel like. No sweat that way. The ride back I will do on a bike and take a shower after. Gets the cardio requirement done at the same time as the commute so it's a two birds one stone thing.
Showering does use hot water, but, it's maybe 20-30 litres, and you're heating up by what 25-30 K ? That's just not very much energy, and since we want heat we can go via a heat pump to do less work, whereas that's not an option for the car.
I did some envelope guesses and I can't see how this can come out for the car.
What I do is bike to and from the train station on the way in, saves me a 15 min walk on either end and no sweat at all biking at easy pace for a few mins especially when its so cool in the morning. On the way back I will bike the whole way for the fitness benefit and shower when I get home as usual after work. Once you are in shape though, which happens surprisingly quickly with regular riding, you won't really sweat from ~30 mins easy pace rides.
If you don't have a train or bus along the way, ebikes can also save you sweat. You don't even need to pedal at all.
That doesn't seem right. Taking your own car, which you park at both ends of the trip, is clearly worse from a vehicle utilization and land use standpoint. A Waymo that takes a dozen trips a day and never parks on the street seems obviously superior.
I think the point is it's green washing. True sustainability is public transit, or biking or walking. This is just a line item got a company to blast as sustainability in marketing. This will let Waymo absorb some money from green washing slush funds.
The waymo carries no passengers when it's driving to pick up its next customer. So, its average occupancy (<1) is somehow even worse than that of a car used exclusively by one person.
This is incorrect, because you have used the wrong denominator. The average occupancy of a private car is approximately zero. Most of the time, it just sits there empty.
Again, this is not correct. Parked cars absolutely "participate in traffic" by making the other things in the city further apart and less convenient to reach without cars, and cars parked on the curb are taking up an entire lane of the street, which is half the street in many cases, or in some places like Manhattan the parking lanes are 2/3rds of the street.
the more people use it, the more likely there will be someone nearby to pick up next. and this issue is not exclusive to waymos, it applies to taxis in general.
- Bars, pubs and other public establishments have to pay around 200€/month in order to show football on their TVs while the household package goes between 10 and 30€/month.
- The official app, with over 10 million downloads, asks you for microphone and GPS permissions.
- La Liga remotely activates the microphone and tries to detect if the sound matches with that of a football match. In addition, it uses the geolocation of the phone to locate exactly where the establishment is located. That way they can locate bars and other establishments where football is being pirated or showed without paying for the bar package.
Still amazes me this just sort of went by and no one really seemed bothered. Absolutely insane.
> - Bars, pubs and other public establishments have to pay around 200€/month in order to show football on their TVs while the household package goes between 10 and 30€/month.
This is common in Europe in general, also for copyrighted music. If your establishment wants to play recorded music, even just playing the radio or Spotify on the background, a copyright royalty fee has to be paid.
Applies to all venues and events. Bars, restaurants, grocery shops, barbers, sports events, concerts, taxis, lounges, everything with an audience.
I don't want to say it's the same everywhere in the EU, but I have always assumed it's a common concept in most western countries at least.
In most EU countries private copying levies are paid to the copyright mafia any time you purchase a hard drive, printer or even a blank cassette. Because you know, you might copy something using it.
This is common in many countries around the world.
I’m sure the prices have gone up since that comment, but 200€/month actually seems very reasonable for a commercial bar that shows sporting events. That’s let’s than 7€/day and would be more than covered by the first group of people walking in the door and buying a round of drinks.
I don’t approve of the microphone activation spying stuff or the ridiculous internet blocking. However it’s also kind of bizarre that it reached this point when the monthly fees for bar owners were such a trivial amount.
There are also things like 'interland breaks' or vacation periods when there is no football for two or more consecutive weeks, but the fee still needs to be payed.
It's not the same everywhere in the EU, but here in Poland as an establishment owner you have to pay this fee to an agency that purports to represent the musicians. As you describe eg. Spotify in background.
This agency pays out proportionately to registered licensed musicians, but the proportions are calculated in some ridiculous way that doesn't really factor in who's music is played. It means that the only folks who get reasonable payouts from this agency are, like, stars and old hits authors. The ones who's music gets played a lot in radio and other places. Winners take all.
The reality is that a lot of that cash is really for some chums who's job it is to be controllers.
AFAIK the entire scheme is a result of that one and only legacy industry that needs to protect it's interests: football and sports in venues, and maybe music clubs. In practice it means you rarely see TVs in bars the way you do in the US.
Private corporations acting like police, engaging in illegal wiretapping and eavesdropping at massive scales to detect and punish crimes as defined by themselves.
Often it’s not. Back when Sony put a Windows rootkit on autorun on music CDs just in case someone wanted to rip a FLAC, that was a felony violation of the CFAA in the US. The big difference is consent. If I use your app to watch a game and the conditions of using your app include giving you microphone access, that’s legal. If you breach my phone to turn on the mic and listen to me, that’s illegal.
So if someone for example, adds a statement to T&C that as a payment for use of software, the user consents to collecting of a sequence of pressed keys (including 16-digit numbers) and selling them on the black market to whoever is interested, it becomes legal?
Calling something like that "consent" when it's the only (legal) way to obtain specific services is extremely dubious. A much more rigorous definition of "consent" is generally enforced in cases where the ruling class doesn't gain by having such consent.
I agree it’s dubious. In the US cases have happened in which onerous requirements in shrink-wrap agreements were thrown out. I have no idea about Spain, but I’m betting asking for that permission in the phone app and getting it approved by the user is legally sufficient to at least make the company comfortable doing so. It may be a bold legal stance they’ll regret later, but if I took a guess I’d say this will get controlled by legislation rather than a court unless the country just wants to slide further into corporate control.
Legally, you mean? Because I'd say most reasonable people would say a literal wire on your phone is pretty personal. Location is PID too if they store the data at all
The escape hatch with all personal data processing is "legitimate interest". Consent is a big part of it, but an industry with sufficiently deep legal pockets would likely go down the route of "legitimate interest" if cornered.
I'm not a legal professional. I just work next to this stuff.
That's not what legitimate interest is supposed to mean though.
Legitimate interest is about collection of data necessary to operate your service.
Listening to detect if someone in a user's surrounding is showing a match without license has nothing to do with the function of the application. There's no legitimate interest there.
It is perverted. Legitimate Interest includes hovering up all your data and shuffle it of to 100+ data brokers who 'legitimately' are interested in that data.
I think a lot would depend on whether they do any kind of on-device processing to determine whether the audio is likely to be a football match or not. I think they could successfully argue that data processed on your phone and not shared with them is processed by you, and then they could argue that the data that is shared falls under legitimate interests and would be proportionate, and pass a balancing test.
Are we sure ? I'm not disputing it, but is geo location alone as a data point covered GDPR ?
I'll have to look that up, but as someone else said it's only enforced at EU member state level, however there is another central oversight to ensure it's enforced.
Not if you have no possible way to identify the person to whom it is related (this includes server logs etc). Theoretically, an event sent to a server with some GPS co-ordinates, with no metadata and no logs stored on the server at all could perhaps be found not to be personally identifiable.
This is almost certainly a thought experiment though, the amount of engineering effort required to ensure no logs of any kind could result in deriving the IP address of the user would be high, and they’re probably not doing it (even if they are actually not sending any identifying information directly).
You might also find that you have to take special care to avoid creating circumstances that allow inference of personal information. For example, sampling every night at 11pm, you’re very likely to be able to determine an address or approximate location of the subscribers home.
The LALIGA Official App on Android requires permissions to access Personal Information and Device or other IDs to provide services, send notifications, and facilitate registration. It may also involve location data and audio features, though these are not explicitly listed in the permissions. The app also shares your data with third parties and uses your email for the LALIGA Ecosystem.
Specific Permissions and Uses
Personal Information:
The app collects your personal data, such as your email, to allow you to log in, register for services, and provide you with content and information about your favorite teams.
Device or other IDs:
This type of ID is used to facilitate your registration and access to the app.
Location Data:
The app may use your phone's location to identify establishments showing football matches, potentially for a piracy detection feature.
Audio/Microphone Access:
In the past, La Liga has used the official app to remotely activate the microphone to detect audio from football matches, particularly in bars.
It feels like you perhaps didn't understand my comment. I'm not saying that LALIGA couldn't identify you if they wanted. They certainly could (and probably do).
What I'm saying is that it is possible to build a system where the app dispatches some kind of event to a server which does not have any identifying information associated with it.
It is always possible. Even if you do not need any permissions to access the AndroidID, nobody forces you, the app seller, to use it.
I have worked as an enterprise integratation architect in highly regulated environments. Sometimes you reuse interfaces that give you tons of info you are not supposed to have access to. You sign contracts that you will never look at this (dump it at the interface layer). This is acceptible in compliance.
Chances that in this case the app does not hover up all it can? 0%
It’s not about “the app”. The app can have two or two million datapoints locally.
What matters in terms of processing is how much of it gets sent to LALIGA (or their provider).
On a separate note, I am surprised you think you can just promise not to look at something. You can’t, it’s not “acceptable in compliance”, and I’m not even sure what that means—there’s no body that certifies GDPR compliance.
It is acceptible. I have sat many times through compliance meetings and negotiations. I would think compliance officers of very large enterprises know their game.
Yes. Personal data under GDPR is "any information which are related to an identified or identifiable natural person". If it's data about a specific person, it's personal data, it's a very straightforward definition. Businesses need either informed consent or legitimate interest to store or process it.
No, the bar pays something like 10x the price of a normal subscription to be able to publicly show live Sports as a draw for their customers.
In UK/Ireland you can easily identify if the venue in question is paying for the commercial package as it will intermittently display a pint glass symbol in a bottom corner of the screen. Indeed, Sky investigators, who do spot checks, use it to quickly ensure that the pub has a valid pub contract and not a residential contract.
La Liga are presumably muxing infrasonic audio into their residential streams to try and:
(a) watermark the residential account(s) used to provide the streaming services so they can prosecute the providers
(b) Detect commercial usage of residential accounts used in piracy to prosecute the venues, by listening out via the App.
They could presumably get around GDPR by virtue of the fact they're only listening and recording audio out of human audible range, and only for identification of copyright infringement as per the TOS of the La Liga App.
Presumably then La Liga investigates the bar in-person. Or waits until X reports have occurred over Y duration and THEN have someone investigate in-person.
>In UK/Ireland you can easily identify if the venue in question is paying for the commercial package as it will intermittently display a pint glass symbol in a bottom corner of the screen. Indeed, Sky investigators, who do spot checks, use it to quickly ensure that the pub has a valid pub contract and not a residential contract.
Aside from the changing pint glass color and level, the Sky set top box / decoder, will also overlay the subscription ID at random intervals and locations.
I don't know if Sky does it, but Foxtel in Australia, in addition to the pint glass watermark, have a separate set of channels for public venues, which have different ad breaks/content to residential subscriptions. (https://www.foxtelmedia.com.au/foxtel-media-network/fox-venu...)
I assume the pint glass pops up at intervals that the investigators would know and the general public would not, so you'd need some kind of central service with someone watching the commercial stream and showing/hiding the pint glass at the right intervals. In which case it would make more sense to operate a central service just pirating the commercial stream, which I'm sure does happen and does get shut down.
A pub near us got quoted near £1500 a month just for one service, you have to have 3 separate ones to watch all the games. Risking a fine might be cheaper than paying that for some
I would never agree to this. But it doesn't strike me as particularly unethical, either. So long as both parties understand what they're agreeing to, this seems perfectly fine.
If, for example, the NFL ever did this, I would just not watch.
I'm not sure about other sports, but for the MLB, there are some very strange policies that make it difficult to watch games even if you want to pay for it, mostly stemming from the local broadcasters of the games. Even if you sign up for the subscription service to stream games, they'll "black out" the games that they expect you to be able to watch by getting a cable subscription, which not only is ridiculous (since one on of the main selling points for streaming is to not have to pay for a bundle of things you mostly don't want to be able to get the few things you do), but it assumes that people will never be traveling and unable to watch the games locally even if they do normally have access to it. My dad frequently travels for work, and he pays for the streaming service mostly to be able to watch Phillies games despite living in the Boston area, but the blackout rules mean that he can't even watch the Red Sox games with the streaming service if he's traveling outside of Boston. He also can't watch the Phillies games when they play the Red Sox in Boston, which is mostly fine, but it's still a little weird since he'll be have to watch the Red Sox broadcast (and therefore their commentators) rather than the Phillies one he's used to seeing for their games. The games that are given special slots on ESPN also tend to be blacked out for everyone, so that also causes issues for people wanting to stream them even if it's not a local game. The whole model seems to be more about trying to railroad people in paying for a less convenient, more expensive product even when they actively want to pay for something that's actually available but artificially limited. I don't get why anyone would be surprised that people just turn to "piracy" when things work like this.
Why doesn't he just save himself the time, money and hassle and just watch the highlights or highlight clips.
I understand why the NFL is going the stream route given how popular it is already. They can afford to inconvenience people. But MLB has been stagnant or declining for so long. You'd think they'd make their content more accessible to grow the fan base.
I think he enjoys having the entire game on in the background. He's partially switched over to listening to the radio broadcasts for games, which apparently are often provided online as well (which makes sense, given nothing really needs to change in terms of how they make money to provide it online instead of via a radio station).
What's weird to me is that the MLB does seem to genuinely be trying to make changes in terms of gameplay to try to keep relevant (especially around reviews for on-field calls, but also in terms of some of the changes in recent years that were controversial but seem to have produced meaningful results in reversing some of the creep in how long it takes for games to finish), and my understanding is that they basically were the first major sports league in the US to invest in streaming technology, to the point where I remember reading that the NHL app (and maybe some of the others) were originally developed and maintained by MLB's programmers as well. I'm not sure how they've managed to fall so far behind in terms of streaming experience; the most apparent difference is that the baseball season is over ten times as many games, which presumably could have some sort of effect on things, but my naive expectation would be that it would incentive having a stable infrastructure for this even more. Maybe it's just a matter of them being able to get away with blocking some games because there are still so many others that don't get blocked during the rest of the season? With only 16 games in a regular season, blocking even one of them might just be something viewers are less willing to put up with.
> I'm not sure how they've managed to fall so far behind in terms of streaming experience
It's because they need to keep the broadcasters and the teams happy and broadcasters want to have exclusive content. In some markets, teams want local blackouts to help get butts in seats.
Yes, regulation, with its whole screen occupying cookie permission modals is truly the way. Or, even better, collectivism-under which we’re all so poor there are no professional sports!
The whole copyright institution seems pretty unethical to me. It's wild that someone can own the royalties to a particular piece of content for 70+ years after the original creator dies (at least that's the law in the US, I assume similar elsewhere), and that the creator can unilaterally name his price for licenses to that content (you can't even know if you want the content without first paying for a license to consume it) and then if you want to put the content into a different format (for example, if you own an HD Blu-Ray and want to put it on a hard drive) you effectively have to pay for a _new license_ for the same content. This is just scratching the surface of the ethical bankruptcy associated with intellectual property.
Several years ago the UK government started being defacto run via Whatsapp. I was absolutely furious about this, but seemed to be in a tiny minority of people who cared about it!
Our PM at the time of covid "lost" his Whatsapp backups, and his replacement also had problems getting access to Whatsapp messages. How convenient.
If you worked in a regulated industry this would be instant dismissal. For the UK govt its business as usual.
I'm certain that people will take an emotional reaction to what you've written, but I just want to be the first to say that I think you're right.
"Whatsapp" is the new "talking to the person in the corridor" or "having a quick chat down the pub", it's not the new email, and having them leak is ironically the most accountability we've seen.
I'll use an example of someone I support generally now: Tony Blair was accused of having backroom discussions regarding the invasion of Iraq and secret meetings away from even his cabinet[0]. Since we only have hearsay of what went on, it's very difficult to hold him accountable for this.
From what I read, huge decisions were taken over whatsapp, particularly with regard to Covid policy. This wasn't "go for a pint, have a chat" type work.
If it was up to me, using whatsapp for ANY govt business should be an instant sackable offence. I don't conduct my company business on whatsapp. I conduct it on mainly slack and email. Its not hard.
Actually the entire theme of Yes Minister, one of the best parodies of how the government is run is that not a single important decision or discussion is had in a public forum. Many episodes involve burying particularly incriminating official records.
Not only that when learning business one comment made was
Decisions are not made in meetings they are made in discussions before the meetings. Going into a meeting and thinking that your comments will change things is being naive.
From that the thing to be learnt is that you have to have off the record meetings first to convince the powers that be.
Now at least some of these meetings are recorded via WhatsApp and leaks before they never were.
Also see how IBM and Oracle get business - they take the senior C level managers out to lunch or golf and persuade them. They don't bother talking to the people who could evaluate if it was a good deal technically.
Technically speaking WhatsApp is roughly second place on secure messaging behind Signal.
So while there are massive issues wrt. compliance and giving a US company control over all of this from a purely security choice they could have done way worse and still f*up compliance.
In the US, it's Signal. In the UK, it was WhatsApp.
When researchers dumped 100% of Signal's users in the USA, because its contact discovery API has no rate limiting, they found a huge portion of Signal's US userbase has Washington D.C. area codes.
"Signal; Washington D.C. numbers are more than twice as likely
to be registered with Signal than for any other area in the US" https://encrypto.de/papers/HWSDS21.pdf
Meanwhile, in Scotland since the pandemic, Nicola Sturgeon ran her government with an entirely parallel communication network on WhatsApp, explicitly to prevent her government's discussions and decisions from being discoverable by FoI requests.
There was daily deletion of messages. It was drummed into people by Sturgeon's head civil servant, Ken "Plausible Deniability" Thompson: https://archive.is/jK6Bd
> Thomson was head of the Covid co-ordination directorate of the Scottish government and wrote: “Just to remind you (seriously), this is discoverable under FOI [freedom of information]. Know where the “clear chat” button is…”. He later added: “Plausible deniability are my middle names. Now clear it again!”
The beltway people working as public servants are (supposed to be) using the TeleMessage fork of Signal. Specifically designed to archive messages for the public record. That is the reason for the increased representation of federal workers.
I don't really mind someone foreign having access to what is being said, as much as I mind public servants not being able to be held accountable because all of the discussions are encrypted.
If you’re thinking about foreigners in this context being some random person on WhatsApp in the US, that’s one thing.
You really might want to consider however that ‘foreign’ in this case could be anybody from a Russian FSB agent in Moscow, to a pro Project 2025 CIA agent.
It’s not a good idea for a minister in a gov’t to have their ideas spammed to people accidentally or (by hostile action) intentionally that are not within that same gov’t.
Regardless of ‘good’ or ‘bad’, if anything else it’s an operational risk due to misaligned incentives that the voters are really dumb to not make a bigger deal about.
It may seem like it's "convenient", but whatsapp is truly a nightmare when you try to move it literally anywhere in any way. Huge backups, needing to transfer phone numbers, having to restore from backups, having and moving those backups in the first place, the way it's designed in that regard is the most inconvenient for a platform that doesn't even necessarily provide more security or anything for that to be worth it at all, particularly for people who don't even seek that kind of security or even know about it and just use it for "texting and stuff". Not to defend that or say that it isn't just a convenient excuse (it can be for sure), but just to say that whatsapp is possibly the most annoying app in that regard. It's such a pain in the ass I'd rather store all of that in the cloud. (Which ironically whatsapp pretty much just does anyway if it backs up to google drive, it just makes it the most inconvenient it could be)
The short term problem is, that the government are responsible for sacking themselves in the short term - and those clowns just refused to, which is not the case for the current government who are replacements for the clowns who the electorate firmly sacked at their first opportunity.
So re your comment: 'For the UK govt its business as usual', not really.
You do not have to like the government of the day, but don't fall into the trap of believing that they are all the same.
The US gov started using Signal before Trump and they were backing up Signal chat logs (which it seems the UK wasn't doing with WhatsApp?). It was just controversial which vendor the prior US gov had chosen to handle the backups (an Israeli tech firm) and how it was used by the executive branch. But they were ultimately following transparency/archiving rules.
I never saw any reporting after those Signal chat stories came out. At the time it was reported that they had a period of time to make sure conversation were archived properly. It would be interesting to know if that actually happened.
reply