The majority of technologies that power the internet were developed in the 80s and refined in the 90s. Everything since then is built as a layer of abstraction on top of those core technologies.
Also, the development and evolution of these open technologies relies on human interest and attention, and that attention can be diminished, even starved, by free, closed offerings.
Evil plan step 1: make a free closed alternative and make it better than everything else. Discord for chat, Facebook for forums and chat/email, etc.
Step 2: wait a few years, or a decade or more. The world will largely forget how to use the open alternatives. Instant messengers, forums, chat services, just give them a decade to die out. Privately hosted communities, either move to Facebook, pay for commercial anti-spam support, spend massive volunteer hours, or drown in spam.
Step 3: monetize your now-captive audience. What else are they going to use? Tools and apps from the 2000s?
We are facing a very real possibility of the end of the web browser as we know it. Google owns the chromium engine. Mozilla is on ever more precarious footing. It’s become logistically impossible to build competing products except for tech giant. Even then everybody else gave up and went with chromium.
And Mozilla is largely funded by Google. We all just hope they don’t pull the rug from them but I have no faith that our inept, slow government would stop that from happening before it’s too late.
Almost certainly the entire reason Google is funding Mozilla is to try and stave off antitrust lawsuits.
The official reason is so that Big G is the default search engine on every install.
But that may very well just be a smokescreen.
I think this reason is stupid. Why can’t there be a duopoly in the browser market like in the phone market? Even if there is no firefox, there will still be safari on its own engine
I think the phone market should also be broken up.
The reason a doupoly is bad in any market is that it’s essentially next to no choice for the consumer, and the businesses can force changes to the market that are anti-consumer with little reprocussion. In any given market the minimum number of legitimate competitors necessary for meaningful competition will be different, but even three is too few in the web browser game, especially when the market shares look like this.
controlled opposition lenin quote
That’s why I’m rooting for Ladybird.
I appreciate you making me aware of such an amazing project.
But nntpd is still out there. Rebuilding Usenet will suck. But it’s not impossible. Start from the net2 sites again.
Old mail RFCs included an instant message channel. I’m sure I saw code in either sendmail or uw-imap for it too.
I like the fediverse, but the old ways are still valid for their particular payload.
for chat there’s IRC or bit more modern XMPP.
aka Enshittification
An example of the flip side? Something built on the newest technology from the bottom up?
The key word is “majority”. I think IPFS will gain more popularity moving forward especially if fascism and censorship continue to rise.
And IPFS is not build on 90s tech?
Also compared to TOR, IPFS has 0 censorship resiliance.
I was a bit exmited for IPFS for a moment, but th more i tried it and thought about it, the less I saw a reason to use it.
Former process engineer in an aluminum factory. Aluminum foil is only shiny on one side and duller on the other for process reasons, not for any “turn this part towards baking, etc” reasons.
It’s just easier to double it on itself and machine it to double thickness than it is to hit single thickness precision, especially given how much more tensile strength it gives it.
Also, our QA lab did all kinds of tests on it to settle arguments. The amount of heat reflected/absorbed between the two sides is trivially small. But if you like one side better you should wrap it that way, for sure!
The amount of heat reflected/absorbed between the two sides is trivially small.
Your particular choice of wording here makes me very curious: Do you mean that there really was a measurable difference (which was trivially small)?
Yup, the lab could tell a difference! Shiney side (so mill roller facing, as opposed to the dull side which faces the other layer of aluminum) was marginally more reflective, but I believe (and a former coworker also remembered it as) it was less than a tenth of a percent (<0.1% for the visual folks)
Anyone who says it affects cooking time or something is mistaken, I’d wager.
Now that’s the kind of industry secrets I opened this thread for.
Today I learned numbers are visuals but words are not. Wtf dude!
Yup, the lab could tell a difference!
Awesome!
Jokes on you.
I baked my casserole with the shiny side up and pulled it out at 59 minutes and 55 seconds, when it was supposed to go for an hour.
So take that Dull Side!
Such men are dangerous!
Welcome to the Dull Side.
I mean, maybe if you bake a stone cold potato that was in the fridge and then cook it for two hours? But even then we’re probably talking about a handful of minutes at the most.
Any info on surface roughness? I’m thinking shiny side would be smoother and therefore less sticky, though I don’t know how much the passivation layer would affect it. Probably no where close to making a difference at the end of the day, but I’m curious.
It was a fair few years ago, but yeah, the oxidation on it will be so much smoother than the delta in surface roughness that I doubt it’d make much difference. Lemme reach out to a metallurgist from there and see what he thinks!
Reynolds wrap literally has this as a faq on their website because so many people think it.
This is all I found on their site about it, which aligns but isn’t as much detail as I hoped
With standard and heavy duty foil, it’s perfectly fine to place your food on either side so you can decide if you prefer to have the shiny or dull side facing out.
Matte side isn’t non stick?
Correct. Just a manufacturing decision. It looks a lot more different than it actually is.
Update: sorry to be an OP who didn’t deliver. My buddy never made the measurement. I’m hoping he will. Sorry everyone!
Okay, my buddy is gonna take foil tomorrow and run it over the profilometer (?) tomorrow and see. I’ll report back with more numbers and less hand waving when I have it
I’m an engineer in a totally different industry but I want to know what the numbers are
If the Internet has taught me anything, they’re 42 and 69.
I’ll be here to read those numbers
There is no financial motive for software to work well. The people who sign the check for it almost never have to use it.
If they do a bad enough job they’ll create a niche for a competitor to fill.
That’s a dream. The googles and such just buy them out and shut them down. There is always a bigger fish that spends more money preserving the status quo than making a product.
That’s why a lot of us are here after all.
I would love to see exactly how many people dropped Adobe after the latest drama, I would bet it would look exactly like the Netflix micro dip after shutting down password sharing.
No one that works in the industry is going to drop Adobe, because there’s no other functional alternative that offers an even remotely similar feature set. A lot of the files I get from clients are .ai (Illustrator) or .indd (InDesign) files, and I have to use the appropriate programs to open them, and the most up-to-date versions of those programs, or else I end up missing parts of their files.
Users that are 100%, fully independent don’t have to worry about any of that. But those people are rare.
I have a laptop where half the keyboard doesn’t work and the mouse gave out, but my full paid Acrobat works, so I keep it.
I mean that describes most things. For example, if I worked for a dentist to make oral braces for people, that doesn’t mean I myself am going to ever need or use them.
No… the decision maker on the purchase is the user in that case. For software, the decision maker is almost always someone who won’t use it. Like ticket tracking software. The people filing the tickets, and the people responding are not the people who decided which ticket tracking software to buy.
That’s where you need people like me who give a fuck about nothing but customer experience and if my employer manages to make a buck, good for them. My employer is generally just a middle man who siphons money out of both our pockets. And makes me fill out a second, useless timesheet while you’re paying me to work.
Jokes on me though because I’ve been out of work for 3 months, so take my suggestion of fuck your employer with a grain of salt.
I mean, no? If you are at a SaaS company the software working well is the most important aspect. Loss of quality leads to loss of subscribers.
Subscribers? 90 some odd % of SaaS is sold to businesses, not individuals.
And if the business needs aren’t met, said businesses will go to another SaaS company that promises them a better, brighter future.
The user might not be the subscriber, but the user being less productive because the software is getting in their way, will irritate the subscriber.
I know a SaaS company that put thousands upon thousands of engineering hours into making small (and sometimes large) optimizations over their overall crappy architecture so their enterprise customers (and I’m talking ~6 out of the top 10 largest companies in one industry in the US) wouldn’t leave them for a solution that doesn’t freeze up for all users in a company when one user runs a report. Each company ran in a silo of their own, but for the bigger ones… I’m not going to give exact numbers, but if you give every user a total of half an hour of unnecessary delays per day, that’s like 500 hours of wasted time per day per 1000 employees. Said employees were performing extremely overpriced services, so 500 hours of wasted time per day might be something like 100k income lost per day. Not an insignificant number even for billion dollar companies.
I’ve since left the company for greener pastures and I hear the new management sucks, but the old one for sure knew that they were going to lose their huge ass clients over performance issues and bugs.
The key phrase was work well. You are saying they have a motive for it to work. Like not freeze up. I am saying they have no motive for it to work well. As in be user friendly or efficient or easy to use.
Ok, well really splitting hairs on what “working well” means but ok. Why do UX designers exist? I mean if you have a bad UI that takes a user 10 min to do something that can be done in 10 seconds in another solution, you lose. Time is money. Anyone who has ever been in magament knows it’s all about cost vs output. If a call center employee can handle 2x more cases with another solution due to a better UX, they will move to that.
You are saying efficiency doesn’t matter, which is just %100 false. A more efficient solution makes/saves more money. It saves time, which is also money and improves agility of the team. How can you say with a straight face that a business doesn’t care about efficiency of it’s workers…
Because I have worked with software for 30 years. When the employee is salaried, thier time costs nothing. I will say I have no experience with call centers. So those may be an exception. I believe the majority of computer use jobs are salary though.
Ugh, wrong again. Time is money. People have limited bandwidth and output, you want to get at much output as you can for the salary spend while realizing each person has a finite output. You keep saying things like “time costs nothing” and “quality doesn’t matter” which are just completely wrong and if true would upend the industry.
Also I’ve been in software for just over 20, the last 4 of those as a CTO. Since you seem to keep bringing up your credentials for some reason.
It still worked - you could use the software with occasional hiccups, it’s not like there was data loss or anything. It just didn’t work WELL.
Yah, clients are subscribers
Okay then the users aren’t subscribers, thier boss or the boss above that are. And that person doesn’t really care how hard it is to use. They care about the presentation they gave to other leadership about all the great features the software has. And if they drop it now, they look like a fool, so deal with it.
They do care, %100 they care. If you take longer to do task X because the SaaS solution crashes or is unavailable, or causes issues in finance, or a dozen other things then the company will very much care. I literally work at a SaaS company and hear complaints from clients. Money is all that matters, if your solution isn’t as good at making/saving them money as another solution, you get dropped. And reliability is a big part of that. A solution that frequently has issues is not a money-making/saving system that can be relied on.
It’s not about looking like a fool; it’s about what your P&L looks like. That’s what actually matters. Say you made a nice slide deck about product X and got buy-in. Walking that back is MUCH easier to do than having to justify a hit to your P&L.
What experience do you have to be making these claims?
I have 30 years of work experience on both sides of the equation with companies of varying size. Once a company gets to somewhere between 500 and 1000 employees, the 2nd level managment starts to attract professionally ambitious people who prioritize thier career over the work to a more a more extreme degree. They never walk anything back. Every few years they will often replace a solution (even a working one) so that they can take credit for a major change. Anyway, you get enough of these and they start to back each other and squeeze out anyone who cares about the work. I have been told in one position that it doesn’t matter if you are right, you don’t say anything negative about person X’s plan. And many other people from other companies and such have echoed that over the years. Now small companies often avoid this. But most software targets the big companies for the big paydays. Of the ones I have worked at, some even openly admitted that financially they couldn’t justify fixing a user issue over a new feature that might sell more product because the user issues don’t often lead to churn, where as new features often seal a deal.
You seem to be basing how the entire industry works on some people you’ve encountered who want to climb the ladder. Again, when you stand in front of a board and have to justify your EBITDA, it doesn’t matter how good your PowerPoint slide was. They don’t have to walk it back, the P&L is numbers, they have to justify those numbers or deal with not hitting budget. A company runs off numbers not initiatives people want to push.
You seem to be ignoring the fact that you have to report metrics to investors. Spend, rev, output, etc. And a poor SaaS solution that has poor quality negatively impacts those numbers. Numbers don’t lie, no matter how much spin you put on them. You say you have 30 years of experience both consuming and delivering SaaS solutions but seem to ignore that you have defended your P&L and your performance, all numbers, not office politics. Investors only care about money, dollars and cents, numbers. So what happens when solution X that Bob pushed and no one can talk bad about tanks your topline, or your EBITDA? Then what? You tell the board not to say anything bad about it? That just doesn’t make sense.
Found the Sonos employee.
Sonos has pissed me off. After the latest update, the app cannot locate the speakers in any of my rooms. The TV speakers still work with a signal from the TV, but the speakers in all other rooms basically cannot be used.
I’ve factory reset them, set them up in the app, and as soon as that is done, they disappear from the app again.
They worked fine for years, then this bullshit. I’m researching a home theater setup that doesn’t use Sonos and am planning on selling it all once I’ve found replacements.
It feels like I don’t own the very expensive hardware that I have bought. I guess since they are software controlled, I really dont.
Depends on business model. Saas - quality is very important. Non-profit insurance/bureaucratic type - they’ll burn millions to hire plenty of QA then treat them like shit, ignore them, and push trash software all day
Quality is meaningless in SaaS. Only features matter.
False. Have a 70% up time and let me know how many clients you have left.
Uptime isn’t quality. Perf and reliability are easily faked with the right metrics. It’s trival to be considered working on PowerPoint without working well for the user
Uptime indicates reliability. Reliability is a factor of quality. A quality product has a high uptime. What good is a solution that doesn’t work 20% of the time? That’s exactly how you lose clients. Why do SLAs cover topics like five 9s uptime if they don’t matter and can be faked? This makes no sense.
You said quality doesn’t matter, only features. Ok, what happens when those features only work 10% of the time? It doesn’t matter as long as it has the feature? This is nonsense. I mean why does QA even exist then, what is the point of wasting spend on a team that only worries about quality, they are literally called Quality Assurance. Why do companies have those if quality doesn’t matter, why not just hire more eng to pump out features. Again, this makes no sense. Anyone who works in software would know the role of QA and why it’s important. You claim to work in tech, but seem to not understand the value of QA which makes me suspicious, that or you’ve just been a frontline dev and never had to worry about these aspects of management and the entire SDLC. I mean why is tracking defects a norm in software dev if quality doesn’t matter? Your whole stance just makes no sense.
It’s trival to be considered working on PowerPoint without working well for the user
No it’s not trival. What if “not working well” means you can’t save or type? Not working well means not working as intended, which means it does not satisfy the need that it was built to fill. You can have the feature to save, but if it only works half the time then according to you that’s fine. You might lose your work, but the feature is there, who cares about the quality of the feature… If it only saves sometimes or corrupts your file, those are just quality issues that no one cares about, they are “trivial?”
See, you just set the bar so low. Being able to save isn’t working well, it’s just working. And I have held the title of QA in the past. It is in part how I know these things. And in the last 5 years or so, companies have been laying off QAs and telling devs to do the job. Real QA is hard. If it really mattered you would have multiple QA people per dev. But the ratio is always the other way. A QA can’t test the new feature and make sure ALL the old ones still work at the rate a dev can turn out code. Even keeping up on features 1 to 1 would be really challenging. We have automation to try and keep up with the old features, but that needs to be maintained as well. QA is always a case of good enough. And just like at Boeing, managment will discourage QAs from reporting everything they find that is wrong. Because they don’t want a paper trail of them closing the ticket as won’t be fixed. I’ve been to QA conferences and listened to plenty of seasoned QAs talk about the art of knowing what to report and what not to. And how to focus effort on what management will actually ok to get fixed. It’s a whole art for a reason. I was encouraged to shift out of that profession because my skills would get much better pay, and more stable jobs, in dev ops. And my job is sufficiently obscure to most management that I can actually care about the users of what I write more. But also I get to see more metrics that show how the software fails it’s users while still selling. I have even been asked to produce metrics that would misrepresent the how well the software works for use in upper level meetings. And I have heard many others say the same. Some have said that is even a requirement to be a principle engineer in bigger companies. Which is why I won’t take those jobs. The “good enough” I am witness/part of is bad enough, I don’t want to increase it anymore.
I’m setting a new low sure, and you’re moving the goal posts. What “well” means is incredibly subjective.
You worked in QA, cool, and I’ve manage the entire R&D org of a nation wide company, including all of QA.
Your saying that since companies don’t invest in it enough it doesn’t matter at all? Why do they even invest at all then, if it truly doesn’t matter.
Yes a QA can test old features and keep up with new ones. WTF, have you never heard of a regression test suite? And you worked in QA? ok. Maybe acknowledging AQA is an entire field might solve that already solved problem.
You did a whole lot of complaining and non relevant stories but never answered any questions I’ve been asking you across multiple comments…
Yeah no. Performance, reliability, uptime are huge.
Uptime isn’t quality. Perf and reliability are easily faked with the right metrics. It’s trival to be considered working on PowerPoint without working well for the user.
Uptime is quality. It’s why uptime is in SLAs. A quality product isn’t down half the time.
Opinions like that are why software quality sucks. And why using software is so painful for most people. “I have to use a stroller to set my phone number on the UI.” “Sure, but uptime if 5 9’s, so it’s quality software”.
Lol, saying uptime is needed for quality of why software quality sucks? What? Uptime is part of quality, it is not the sole determination of quality. You seem to be purposefully misunderstanding that concept.
I don’t really get this point. Of course there’s a financial motive for a lot of software to work well. There are many niches of software that are competitive, so there’s a very clear incentive to make your product work better than the competition.
Of course there are cases in which there’s a de-facto monopoly or customers are locked in to a particular offering for whatever reason, but it’s not like that applies to all software.
Software just has to be good enough that people put up with it. Once you get users on the system, you make it difficult to move your data out which acts as a lock in mechanism. The company that can make a minimally usable product that people are willing to put up with will typically beat one making a really good product that takes longer to get to market.
When the buyer isn’t the user (which is most of the time), no there isn’t. Competitors try to win with great sounding features and other marketing BS because that is all the director will see. The users are then left with the product that has all the bells and whistles, but is terrible at doing what actually needs to be done. And the competition is the same, so they don’t really have much choice. Bell’s and whistles are cheaper than making it work well.
So you’re talking about SaaS / business tooling then? Again though, that’s just one of many segments of software, which was my point.
Also, even in that market it’s just not true to say that there’s no incentive for it to work well. If some new business tool gets deployed and the workforce has problems with it to the point of measurable inefficiency, of course that can lead to a different tool being chosen. It’s even pretty common practice for large companies to reach out to previous users of a given product through consultancy networks or whatever to assess viability before committing to anything.
Nor necessarily SaaS, but yes business tooling. Which is the vast majority of software if you include software businesses buy and make thier customers use. The incentive is for it to work, not for it to work well. The person who signed off on the purchase either will never know how bad it is because they don’t use it and are insulated by other staff from feedback, or because they are incentivesed to downplay and ignore complaints to make thier decision look good at their level in the company.
If you value your privacy and you have a choice between using a browser to access a service vs installing their app, use the browser.
Online services can get much more information about you through an app vs the browser. Browsers are generally locked down more. Apps in general have access to much more information from your device.
Department lead.
The website team is small, but incredibly effective. Everything works. Everything is mobile friendly, responsive, fast. It’s a way better experience.
I love my app developers, but they’re always behind. Not their own fault. Mobile development is complicated. There’s so many screen sizes, iOS vs Android differences, platform permissions, etc.
The big reason for us to push the App on people was to get more brand awareness on the App Store. But the website is so much more better.
You literally can use it as a web app right into your phone and get a better experience.
And it’ll be such a dark day when I have to dissolve the App team (and hopefully convince them into web dev)
Why not a responsive web app packaged into native viewer app? Depending on your utilization of native components of cause.
My team had the same issues you described so we build the web responsive and made that the “Apps” on the App Store + Google Play. There is still a tiny native components that hook into the web so you still need those native developers knowhow, but yes they will have to switch in large to web based development.
Less maintenance, more devs for the main product, faster progress, fewer headaches with Apple and Google tooling.
Edit: forgot to app that our customers loved that more features are available now on the “Apps” and that things work the same between devices
But where is has the compromise happened? The Kotlin/Flutter/swift code written? The database? not being sarcastic just unaware.
This is the main reason why I quit Facebook and other services. Anytime you access them from mobile via a web browser it corners you into a “download our app” page. Facebook started doing it with messenger and I knew I had to get out.
I’m not giving Zuckerberg that level of access to my data.
The interview is a vibe check first and foremost. If you vibe with the team we will overlook other things in your application. If you made it to interview, we already think you’re good enough so don’t stress trying to impress or apologize.
Managers are mostly people who get tired of watching other people do things badly and decide to try to do better. You don’t need a special degree or any magic to be a good manager, you should like people though.
Everyone is faking it to some degree.
people are generally ok. put them in a situation where they can climb over other people to advance and watch the rot begin.
so, while people are generally ok, corporate people are generally not.
Or any business, not even corporate.
You see the same crap in SMB.
Super Mario Bros?
Small/Medium-sized Business
Personality, presence and confidence
Natural self confidence, but NOT an arrogant selfish confidence.
Some people naturally have confidence and presence and some people need to build it as a skill.
I know guys and gals with little to no knowledge or skill build up careers because they just knew how to talk and connect to people.
I also know guys and gals with years of education and degrees but have little to no way of politely or easily getting along with people.
The use of chatgpt for writing is so widespread in higher ed, it will cause serious problems to those students when entering the workforce.
Lots of fancy stuff is written about how we just have to change the way we teach!, and how we can use chatgpt in lessons! blablabla, but it’s all ignorant of the fact that some things need to be learnt by doing them, and students can’t understand how they hurt their own learning, because they don’t know what they don’t know.
I bet AI detection is going to get a lot better over time.
I wonder if there’s going to be retrospective testing of theses as time goes on.
Could really damage some careers down the line.
Edit: guys, retrospective testing means it was done later (i.e. with a more up to date AI detector).
Once a detector is good, you can train a model to adjust its outputs to cause false negatives from the detector. Then the cycle repeats. It’s a cat and mouse game basically.
The only proper way I see is a system that is based ob cryptographic signatures. This ia easier said than done ofc.
Yeah but if your wrote your thesis in 2024, and the detector is run on it in 2026…
You’re probably busted.
It’s not like you’ll re-write your thesis with every major ChatGPT release.
Are you expecting that the for-profit college will go back and retroactively rescind degrees? What’s the end-game for re-running the thesis?
It could be a new level added to the peer review of work. Nothing to do with the university. Just “other professionals”.
A thesis isn’t just an exam, it’s a real scientific paper.
And usually claims is contents as fact, which can be referenced by others as fact.
And absolutely should be open to scrutiny so long as it is relevant.
Great points. Note: I’m not arguing against it as a concept. I’m just skeptical that it’ll happen, and even if it did, there wouldn’t likely be terrible consequences for the accused, especially as that’s what science is… new facts change the outcome vs choosing an outcome and matching facts to it.
It likely won’t be done at scale, but let’s say you are wildly successful and are now in line for a high-value position, where vetting is common. Might look pretty bad if you fabricated your whole thesis. Recently, Bill Ackman basically bullied several schools into firing their head administrators on the pretense of not citing sources correctly in their thesis papers.
There are a lot of entry level jobs that basically assume new employees know nothing, anyway. Seems like this will just further devalue degrees and emphasize work experience for hiring.
When I was a kid people said the same about typing, homework has to be handwrittena because no boss will ever accept a typed report.
We had the same when media studies became a lesson, everyone freaking out that kids learning to watch TV is stupid but of course that’s not what they’re getting taught - media literacy turned our to be a hugely important subject even for those that don’t go on to work in the huge and ever growing media sector.
Teaching kids to use AI tools effectively is the same, you hear it and imagine ‘they put homework prompt into chatGPT and hand in the output’ it’s the same as imagining media studies as being nothing more than watching TV. AI is going to be an ever more present and useful tool in our lives so kids need to learn how to leverage and utilize it or they’ll be at a huge disadvantage.
You can’t hold back time by denying your kid a full education, they need to know how to effectively use the tools everyone else will be using.
A lot of the “generic” or “store brand” packaged foods are literally the same exact product as the name brands, only in different boxes/bags
Where this isn’t true, it’s extremely effective propaganda
I’m not so sure about food, but for many mass market products it is indeed true that the same manufacturer can be engaged to make the same product under different branding. The difference then comes down to the corners cut to meet the client’s pricing. Crappier boxes, thinner bags, packing material, and quality inspection. Assuming the core ingredients are not compromised in some way.
I can tell the difference between generic and real cocoa pebbles. Fuck cocoa krispies too.
I would like that… Saving on a smaller package for chips and cereal sounds great, most of it is air anyways.
No you dont. I have worked in 2 groceries stores, the bags with less air get way more crushed and broken while stocking. Having bigger bags with a lot of air keeps the chips integrity in tact.
That’s true to a point. 50% gas by fill level is ridiculous though.
What is the company’s incentive to make the package bigger than it needs to be?
Shipping costs come two fold… Weight and number of pallets. Weight change is negligible here, but the amount of air they need to ship will increase. They are incentivized to reduce it to a minimum to save on shelf, storage, and distribution costs.
They’re also incentivized to keep the same size packaging (both for logistical and public perveption reasons) and ship less product in those packages. People are willing to pay $6 for a big bag of chips, despite the big bag weighing 150g less than the normal bag 5 years ago.
They don’t get paid by the gram, they get paid by the bag. A bigger bag looks more impressive, and thus can be sold for more. Same for those tall skinny beverage cans. They look bigger than the regular cans, but are actually 25ml smaller, and yet go for a similar price.
This will continue until the price per gram is what people look for (emphasis on this at the point of sale would help), or the mass of each product is standardized. 50g, 100g, 200g, 350g, 500g, 750g, and whole kg sizes only, none of this 489g nonsense.
I don’t agree with the can example. Those are physically smaller and lack meaningful slack fill.
Your points stand for the first purchase. After that people will know the proportion of chip to air, and be annoyed by it. If they could do a bag smaller with minimal chip breakage and less air they would both succeed at getting more bags out per pallet and be lauded for not cheating people by selling air.
The slack fill is functional, and I don’t see much incentive to over do it.
The one example I’m familiar with is a name brand ice cream company that produces the store brand ice cream too…in that case the recipe is different, cheaper ingredients to cut costs to the bare minimum. But using the machines for a higher volume saves money.
I’m sure ‘same exact item’ does happen too but just ‘same manufacturer’ doesn’t mean exactly the same item.
here in Canada, generic cereal is NOT the same as name brand.
Butter. I read somewhere sometime ago in a galaxy far far away that there is only a handful of US butter manufacturers which make all the butter for all the brands. Just different packaging. I have 0 proof or evidence and going entirely off memory of prolly a reddit post 10 years ago so google it and lmk if it’s true.
I’d expect that to be damn near all of them because most stores don’t run their own production companies
The quality of education at college and university is in free fall.
I went to college before the internet was ever considered a valid source for any material. But using the internet made research extremely easy if I could determine the book source for reference.
I went back to college right around that time the internet just became the default source for everything. It was staggering how little information was expected to be known. The implicit ubiquitous access to information was a staggering foundational shift.
US universities are pro football teams with a sideline in education.
I fear too many universities are businesses designed to fund seminars; and students graduating are whether an afterthought or an actual negative for them.
It was related to me that, because they want to keep their customers, one can solve any problem at uni - grades, minor victimless crimes, etc - simply by offering to take more courses. The only problem money can’t solve is the one where the student has no more money, and it’s over quickly after that (saw that one happen).
lol education? you mean terrorist chanting camps.
Yep it only took 1000 allu akbars to get my mechanical engineering degree 🤡
Was it ever good?
Everywhere? or in what country/place?
In Quebec/Canada at least. Haven’t teach in another country but I fear it’s similar.
What is causing that? Anything I can do to offset that when my children will be old enough for it to be a problem?
Polystyrene is about as recyclable as any other type of plastic
IT, more specifically user support.
Let’s talk passwords. You should have a different password for every site and service, over 16 character long, without any words, or common misspellings, using capital, lowercase, number and special characters throughout. MyPassword1! is terrible. Q#$bnks)lPoVzz7e? is better. Good luck remembering them all, also change them all every 30 days, so here are my secrets.
1: write your password down somewhere, and obfuscate it. If an attacker has physical access to your desk, your password probably isn’t going to help much. 2: We honestly don’t expect you to follow those passwords rules. I suggest breaking your passwords down into 3 security zones. First zone, bullshit accounts. Go ahead and share this one. Use it for everything that does not have access to your money or PII (Personally Identifiable Information). Second zone, secure accounts, use this password for your money and PII accounts, only use it on trusted sites.Third, reset accounts. Any account that can reset and unlock your other accounts should have a very strong and unique password, and 2FA.
Big industry secret, your passwords can get scraped pretty easily today, 2FA is the barest level of actual security you can get. Set it up. I know it’s a pain, but it’s really all we’ve got right now.
Or, just use a password manager and simplify your life. Reusing any password is bad practice, even if the account doesn’t seem important. Every account really should have a randomly generated unique password. A password manager solves all of these problems.
I’ve been using a password manager for years, and.I’d be lost without it, but honestly I think this is a temporary solution. What I want to see is a no password future, and just use the code given by your MFA app. Forget having a password at all. Interestingly Microsoft has been pushing for this and you can already drop passwords for personal 365 stuff I think.
That’s what Passkeys are aiming to do.
Until the password manager gets compromised, or you lose access to your PW manager. In that case, you’ll really wish you had implemented “Zone 3” of my plan.
Good luck remembering them all, also change them all every 30 days, so here are my secrets.
Password expiry hasn’t been considered best practice for a long time (must be at least a decade now?) largely because of the other points you mentioned; it leads to weak easily memorable passwords written somewhere easily accessible. Even when it was considered good 30 days would have been an unusually short time.
Current advice is to change passwords whenever there’s a chance it’s been compromised, not on a schedule.
well, the only solution for that is to use a password generator based on length and complexity. I have used it once and am considering using it for all my accounts with each its own password. I live in a safe place so having them written down is not really an issue.
For absolutely best security, you would change your password to a new, extremely long, randomly generated character string every time you logged in. What the best security options are, and what users are willing/able to put up with has a very small, if any overlap.
As for writing them down, my advice is to obfuscate them. Apply your own secret code to the password, hide it in a poem, get creative. Once an attacker is at your desk, they pretty much own your shit. At that level, the only thing your password is providing is privacy, not security.
Your security is only as good as the weakest link, which is usually people. If your password policy encourages users to stick a note to their screen then your weakest link is anyone in the office deciding to take a selfie or joining a call with their camera on. Best practices balance security with what users are actually willing to do.
Is using a password manager for your phone recommended or no?
As long as your phone is secure, and the manager only stores data locally, I’d say yes. I would still encourage you to have any “reset capable” accounts secured with a strong password and 2FA that is not in your PW manager.
As with all things IT, there is a tradeoff between comfort/usability and security.
Is there one password manager that is better than another? Thanks for answering.
I can’t really endorse any one over the others. We use LastPass at my workplace, but they were compromised recently. I didn’t use the service though, still reset my passwords just in case.
I would look for a manager that has a policy of transparency. Breaches happen, they are a fact of life. Both the systems being used, and the people using them are not infallible. I would be more comfortable with a service that notified me immediately when they were breached, and provided easy resolution. When LastPass was breached, they were extremely open about it, and notified their users. Plus, if you use a PW manager, it’s pretty easy to go back in all your services and update the passwords, since you have a list of them and a random PW generator easily accessible. It probably took most people less than an hour to recover.
Bitwarden is free and easy to use. They also encrypt more metadata to prevent the kind of breach that lastpass recently had (see https://community.bitwarden.com/t/lastpass-breach-and-implications-for-bitwarden/47214).
“Oops! That page doesn’t exist or is private.”
It still seems to be working fine for me, so I’m not sure what happened.
Yeah I had LastPass but obviously want to change
Yes, as long as your master password is strong and you again enable mfa
Thank you, I do.
This is a method I heard once for remembering random passwords that I thought was clever.
Create your own alphabet of words (or random characters). A is for Apple, B is for Boy, C is for Cat…etc.
For every letter in the URL, you use the word from your alphabet. Ex:
F = Fog, A = Apple, C = Cat, E = Egg, B = Boy, O = Off, O = Off, K = Kite
Next, you need a number if you didn’t use one in your alphabet.
Facebook is 8 letters long so I might use 8. Or only letters repeated once. Or maybe you use the whole URL. Up to you, but you do it the same way for every site. You create a patter that you follow and can remember, rather than remembering every password.
Need a symbol? Assign that to the top level domain. In my example, .com = # .edu = ? .org = * etc
Put it all together and my example password would be “8FogAppleCatEggBoyOffOffKite#”.
A password for google.com might be ‘6GolfOffOffGolfLogEgg#’.
Obviously, you don’t have to do it this exact way with the alphabet, number, and symbol. The idea is that you create a set of rules that you remember and follow. If you write down “A = Apple B = Boy…” and someone finds it, it won’t be instantly obvious that it is meant for passwords.
This is terrible. If someone gets a couple of your passwords it’s pretty easy to work out the patterns and gain access to your other accounts.
Don’t complicate it. Use a password manager. I know none of my passwords and that’s how it should be.
I Guess we already have a couple of his passwords … Good job man, Sorry whats your name ?
For someone to work it out, they would have to be targeting you specifically. I would imagine that is not as common as, eg, using a database of leaked passwords to automatically try as many username-password combinations as possible. I don’t think it’s a great pattern either, but it’s probably better than what most people would do to get easy-to-remember passwords. If you string it with other patterns that are easy for you to memorize you could get a password that is decently safe in total.
Don’t complicate it. Use a password manager. I know none of my passwords and that’s how it should be.
A password manager isn’t really any less complicated. You’ve just out-sourced the complexity to someone else. How have you actually vetted your password manager and what’s your backup plan for when they fuck up?
When Dashlane reports a breach. I change my passwords.
So no vetting at all presumably since you didn’t mention it? So how do you know that Dashlane is safer than a password scheme that might be guessed by someone after they’ve already compromised a couple of your passwords?
Dashlane is pretty big and I’ve not seen any negative reports from security researchers. They offer bug bounties for people that do find vulnerabilities etc.
I believe the consensus is that password managers are better than any human password scheme. I could host my own manager but then there are more vectors for an attack, and why reinvent the wheel.
Not bad, but I could see that creating passwords that are too long for some systems, and it would be vulnerable to dictionary attacks. Also, what would you do when the site requires a password reset?
Maybe do your strat, but only do every other, or every 3rd letter as a short word, and use a Caesar cipher, incrementing the cipher once each time you have to reset? Sounds kinda fun, but I don’t think most sane people would do that… Open to ideas though.
I’ve come across several sites with abhorrently short password limits, as low as 12.
Worse, 2 of them accepted the longer password, but only saves the first n characters, so you can’t log in even with the correct password, untill you figure out the exact max length and truncate it manually.
Even worse, one of those sites was a school authentication site, but it accepted the full password online and only truncated the password on the work computer login. That took me an entire period to suss out.
You just gave me a flashback to a system I encountered as a student where my password got truncated, so I couldn’t log in. I had to ask the teacher what to do, expecting her to have access to a reset or something, but she just told me what my password was. It was like 3 and a half words, clearly truncated and stored in plain text.
I personally just use a pw manager. If I used them system myself, the alphabet words would probably be strings of characters that aren’t real words and I’d probably salt them too. But yeah I imagine you could run into size limits, which is a problem.
I just wanted to share a pw strategy that seemed interesting. I used a simple pattern to make the concept easier to understand.
Have . and ; and / in the middle of your passwords. If a site is compromised and email + passwords are taken, these are usually stored in a csv file. If someone attempts to delimit the csv data, these characters can split you password into multiple cells.
Anyone with the barest of skills will have escaped any of these characters.
True. But it will eliminate a percentage of the script kiddies.
Yeah, no. Computers don’t care if a password is complex or not. It can’t read “words”. That complexity stuff was introduced because humans think like humans, and wanted to force people to use words not easily found in a dictionary. Security is about password length, so +@#£h&1g/?!:h&£( is equally as vulnerable to a brute force attack as abcdefgh1234567 because of how modern encryption works, it I length that counts.
It is good advice to use a formula to build memorable passwords. I like a simple sentence you can type them without thinking about, as this also won’t appear in a dictionary (avoid famous movie quotes, use something meaningful to you).
Fact is complex passwords created a new security risk; the written down password. Also, frequent forced password changes made it worse. Most businesses only ask staff to change passwords every 3 to 6 months these days. And web sites.never asks you to change your password.
The dirty (not so secret) secret is that, the biggest risk to security is not how complex your password is, but how easy it is to trick people into just giving away access to their accounts.
These days MFA is what makes logon credentials safer and passkeys are slowly proving that passwords themselves are not worth it for most systems.
tl;dr - complex passwords are a throwback and not better than long memorable ones like 1Verycrappycode!
This is full of terrible advice. Password rotation is an outdated practice.
Don’t ever reuse passwords with “zones”, just use a password manager to generate long and secure passwords for every account. Then enable MFA wherever possible, and Passkeys where they have been implemented.
Then have a recovery method for the password manager stored in a secure place.
How do passwords get scraped?
Shitty sites that store PWs in plain text, or they get compromised and the password is figured out from the hash. Probably the most common way right now is phishing, and with AI/LLM it’s pretty easy to do spearphishing attacks on a large scale. The target enters their password on a seemingly legit site, but it’s actually an attacker’s site that logs the PW. There are lots of ways to get a password, and password-only authentication is considered pretty weak, even with a “strong” password.
Soylent Green is people.
Nice try FBI
Nice of you to think the FBI gives a shit investigating corporate malfeasance.
It’s more likely to be a sb like me who just gathers stuff like that for future use in (maybe) questionable way.
Fractional-reserve banking. Most people have no idea what it is, probably a good thing. You could argue that it’s not a “secret”, but most people aren’t aware of it regardless. I don’t think most people would be fond of grinding for $15 an hour if they knew banks could just lend money they don’t actually have. https://en.wikipedia.org/wiki/Fractional-reserve_banking
The IRS has what is called a first time abatement of penalties. So if this is the first time in a 3 year span you owe you can have the penalties (not interest) waived.
With the exception of at large buildings in dense city centers, just about everywhere else, utilities enter a building at just some point on the back, out in the open. This includes utilities that feed alarms and security cameras.
While some places will have systems in place for situations where these outside connections have been severed, like independently operated cameras on an intranet, cellular data backup for alarms, electrical generators, etc., most places don’t, so successfully circumventing their security is just a matter of cutting all the cables on the back of their building at the same time, and then being gone before they notice
I’m not an expert on modern alarm systems but it seems that it is very common and fairly inexpensive to have cellular data backup. Not every system has it, but many do. In that case cutting the main connection will likely result in someone appearing on site fairly quickly.
Many cameras also have some form of local buffering. So even if you are gone before someone does show up you still may find yourself recorded.
But at the end of the day just put a bag over your head and you can be gone by the time anyone shows up without leaving a meaningful trace. Other than the very top-end system security systems just keep the honest people honest.
This is dependent on where you live though. In the Netherlands most utilities are buried under ground and enter buildings subterranean.
But they are not buried particularly deeply. If you have drawings, or just some sense of where the meter boxes are in a particular set of houses, you can make quick work of them with a spade and ten minutes or so.
And that’s why you want a camera on your front yard.
