"the bulk of users is either too stupid or unwilling to invest even the tiniest amount of effort into their privacy."
I don't feel the need to pull my punches.
This is the most deluded, idiotic response I've seen on hacker news in a long time.
It seems unlikely that the average person (or even a non-techie person of above average intelligence - e.g. a doctor) will be able to set up matrix in a way that is more secure than just installing signal. Your security relies not just on you but on the weakest node in your network. Getting good security might require trade-offs. Your all or nothing mindset will not achieve it. The saying "Perfect is the enemy of done" comes to mind. Perfect security (or what you purpose) is not one of the options in a secure system that has to exist in the real world.
Please remove your head from it's dark cavernous home.
You can't attack others like this on HN, so we've banned the account.
If you don't want to be banned, you're welcome to email hn@ycombinator.com and give us reason to believe that you'll follow the rules in the future. They're here: https://news.ycombinator.com/newsguidelines.html.
the average person doesn't use signal they use phones, whatsapp and facebook. You can use the public matrix node and i can use my own node and we can talk. No setup needed. If they care they can buy a hosted matrix service package like this https://element.io/pricing with their own instance run by people who probably know what they are doing.
In before "but it's not free as in no cost". That's why big corps will always fuck over the normies. As it stands, one cannot use the internet without either giving away their privacy or learning a lot about computers and how they work and how to use them.
The majority chose the "i don't care, give me shiny app" route. and they fucked us all over by doing so. There's no right to easy privacy friendly computing. There's only the harsh reality that behind friendly blue and rainbow colored companies sit people that will sell a digital recreation of yourself to anyone who cares to pay and give you a few gigs of free e-mail space and a shiny app for it.
to prove a point here, use a browser without adblocking and other extensions like chrome for a week and look at how they are targeting you. That's what they do to anyone without the willingness to fight it with technical knowledge. And that sadly is the majority.
There is no reasonable way to do this. The only conversion of PDFs that makes sense in the general case is to rasterize them to images of some arbitrary DPI. Then, you could simply insert these images into an HTML document.
This is more-or-less what we do in our application when we want to present a PDF for review or perform drawing on top of PDFs in contexts where we cannot rely on PDF libraries for whatever reason.
I'm too old and tired to try to be clever on the front end any more. TailwindCSS is the right answer for big projects and for small. Yes it can get bloated but i'm willing to take that trade off if it means I don't have to do any more css.
Huh, my opinion is that it’s potentially the right fit more middle-sized projects, but neither big nor small ones.
For small projects, you’re wasting time with a massive abstraction layer when you could be writing a small set of easy styles in plain CSS. You don’t need the weight and complexity of a sizeable framework.
And for big projects, it’s technical lock-in and additional maintenance overhead that absolutely doesn’t work if you’re trying to coordinate a microfrontend environment for example.
For small projects you don't have to create any boilerplate styles, resets, and the like...you just start writing code. A lot of frontend frameworks that are popular these days have CLI options to set up Tailwind out of the box at the same time you bootstrap the rest of the files.
For large projects, maintenance is easier because you don't have to relearn the CSS architecture each time you (or more importantly, someone else) comes back to work on something after a few months. If you're doing microfrontends, just import the same config file?
Maybe if you have a particularly bad trip but everyone seems to have these horror stories and yet no one is one e.g. it's like the teacher saying about how the kid who leant too far back on his chair fell over and cracked his head open
Huh? Obviously if you dismiss all of the bad anecdotes and none of the good ones, you’re only going to have good anecdotes
My mom’s brother went into psychosis during an acid trip and eventually schizophrenia. He killed himself when he was 24.
I think hallucinagens are fun recreationally and clearly have the potential for positive therapeutic use, but let’s not pretend that it’s always positive, especially in uncontrolled settings.
I've taken acid with three people who I later found out suffered from schizophrenia, and in all three cases they had had psychotic episodes years before I had met them. The first of these three definitely went from normal-seeming to more and more intense over the course of taking acid with them - he even drew his own version of the famous schizophrenic cats in doodles on people's doors at university.
These anecdotes are always sad, but you have no way of confirming whether they took a normal sized dose of actual LSD, or whether they took a shitload of some unknown research chemical. Also, as you wrote, set and setting are important and those are not described.
Even in the realm of unverifiable anecdotes, there is still a difference between a first party anecdote and a third-party anecdote. In the first party anecdote I only have to put my trust in one person, where in a third party anecdote I have to trust 2-to-infinity people.
For whatever reason, negative anecdotes seem to be overwhelmingly third person, at the very least all the ones in this thread have been.
> negative anecdotes seem to be overwhelmingly third person
Based on the anecdotes in this thread, I'm getting the impression that when you have a really bad trip, you don't make it back to tell the story in the first person. The only people left to tell are the observers.
The observers also have not made it to this thread. They would be second party. We are hearing from people who have heard from observers. At least two links of trust necessary.
It reminds me of something I read here the other week, one third of Americans know someone who died of coronavirus. So telling stories about what happened to a friend works as a sort of "probability amplifier": it only takes one event for a lot of people to have a happened-to-a-friend story.
And that's before we even take into account the risk of mistelling that increases with second-hand information.
I know this isn't your point, but I actually did lean too far back in a chair and crack my head open on the table behind me. I had to go to the ER and get sutures.
How much did you need to understand about TCP/IP when you got AOL? Very little.
And what happened when you got online? You could communicate online, suddenly reaching millions and then billions of humans. So learning just a little bit about IP (let's be real, you didn't need to know shit about TCP)
Compare that to a VPN or Tor. What do you need to understand to use it, and what is the payoff for knowing it? It's nowhere near the same situation as IP and the beginning of consumer internet.
I don't think it is comparable. In my opinion it would be comparable to if e-mail required you to be on the same server as your friends or you couldn't e-mail them OR to have compatible servers that could communicate across different protocols, which is a run to the bottom just as in e-mail where adding new security and removing legacy is near impossible.
> to have compatible servers that could communicate across different protocols, which is a run to the bottom just as in e-mail where adding new security and removing legacy is near impossible.
TLS was not in the original email RFC. Such a high percentage of email servers use it now that some have started refusing to communicate with ones that don't. And long before 100.0% of email servers support TLS, you can still use it whenever it's supported by the servers of the sender and recipient.
The DNS RFCs contain a specification for zone transfers, i.e. requesting all the DNS records in the zone instead of any given one. Some people don't like the idea of anybody being able to download their entire zone, and it was always a silly way to sync zones between DNS servers as opposed to using e.g. rsync, so most DNS servers on the internet refuse to do it and a lot of DNS server software doesn't even implement it. But the people still using it internally for whatever silly reason can carry on doing so indefinitely without hurting anybody else.
Nobody cares about the legacy cruft that nobody they care about uses. What having central control gets you is the ability to decree from the tower that something some people are still using shall be removed for everyone everywhere. That can be more of a bug than a feature.
The biggest actual problem with protocol ossification is stupid network middleboxes that manipulate or drop traffic and then break on protocol changes they don't understand. The way to fix this is for future protocols to be encrypted so the middleboxes can't mess with it.
In this case centralization is the usability, just like AOL centralized internet access options for users? Maybe you're unfamiliar with AOL in the beginning but it was largely a walled garden that happened to have a web browser.
Why? You download a single program, run it, it unlocks forbidden content. There is nothing in this flow that people way below average already can't do.
Using a VPN given to you by a service provider from whom you are trying to hide your IP seems to not achieve the goal.
Letting users select their own VPN before using your service is too much friction. The advantage of Tor is that it's run by multiple parties and does not need any interactive setup.
That was rather good and highlights in 3 minutes the significant problems with his stylish yet incoherent films.
They’re convincing on an emotional level in the way that a speech from a politician or a well crafted advert is - by appealing to secret desires, fears and aspirations rather than persuading with the truth.
In the last 10 years have a lot of Scottish, Irish or Black people been murdered by UK police officers? 20 years? 30?
I'm sure you can think of a few examples, but the idea that the UK is equally as racist as the US is laughable.
To be clear: I am not saying that racism doesn't exist in the UK or that it isn't a problem - but the kind of false equivalence you put forward doesn't really advance the conversation.
It doesn't quite fall under your "10/20/30", but a lot of Irish and Northern Irish people were killed in The Troubles by British soldiers - a major event which many remember vividly.
> In the last 10 years have a lot of Scottish, Irish or Black people been murdered by UK police officers? 20 years? 30?
How many people of any colour or ethnicity have been killed by UK police in the last 10, 20, 30 years? It doesn't happen very often, principally because they're not routinely armed.
> I'm sure you can think of a few examples, but the idea that the UK is equally as racist as the US is laughable.
In some ways, sure. But in other ways, the UK is behind the US: the UK has (and has had) no Black generals, admirals, or supreme court judges, for example.
"the bulk of users is either too stupid or unwilling to invest even the tiniest amount of effort into their privacy."
I don't feel the need to pull my punches.
This is the most deluded, idiotic response I've seen on hacker news in a long time.
It seems unlikely that the average person (or even a non-techie person of above average intelligence - e.g. a doctor) will be able to set up matrix in a way that is more secure than just installing signal. Your security relies not just on you but on the weakest node in your network. Getting good security might require trade-offs. Your all or nothing mindset will not achieve it. The saying "Perfect is the enemy of done" comes to mind. Perfect security (or what you purpose) is not one of the options in a secure system that has to exist in the real world.
Please remove your head from it's dark cavernous home.
Love, Me