It's the "blue bubble" problem: remember all those stories about kids being bullied and ostracized for having "having green bubbles and not blue bubbles" in iMessage? Know how it really doesn't make any sense, because there are plenty of other, arguably better messaging services to use other than the basic messaging service that comes with the phone?

You can't see it because you're an adult. You don't have the social pressure to be on these services.

Kids, and especially teenagers, do. Which means that Apple has an insanely high usage rate among American teenagers due to "blue bubbles" and social pressure to use them.

Does any of this really make sense? No, of course not, fads never really make sense. But the social pressure among teenagers to use these services is very real.

Look, it doesn't matter what you or your boss think or how productive you are. Our infrastructure simply isn't built to support a work-from-home model, it's designed to have a certain number of people commuting into certain cities and then commuting back home to suburbs. Remove that, and cities start to die, but also, towns don't have the infrastructure to support more people in them constantly.

Work from home is going to go away because government is going to make it go away, just wait. Cities need the tax income they make from business offices. They're not going to just allow it to go away. Our cities and towns are designed around people working in offices. Getting rid of that would involve completely rethinking how our society works, and that's just not going to happen.

It doesn't matter if you could work from home or if you're just as productive at home, you're still going to have to go back into the office, because that's just the way our society is built. Cities can survive for a bit without going back to that model, but not indefinitely, and eventually, they have the political power to get everyone back in the office, one way or another.

As far as I can tell that's the only selling point that "Blue Sky" has: it implements its own, brand new federated social media system that's invite only, so Blue Sky users can have their own quiet little playground.

Otherwise it's just a less featured version of Mastodon where federation doesn't even work yet.

I don't know that I'd say they don't care, as much as backwards compatibility can be hard. In some cases, they literally don't care, but semantic versioning is supposed to help with that, meaning that you may not be able to go from 1.x to 2.x, but you should be able to go from 1.1.x to 1.2.x without breaking changes, and the 1.x branch can continue to receive updates/fixes without worrying about what 2.x does. In fact, log4j sort of worked like that: the 2.x branch broke backwards compatibility, so 1.x was kept around for a while.

But for an example of what I mean by "backwards compatibility can be hard," let's look at log4shell itself. The basic issue is that if user input is logged, it can potentially trigger a JNDI lookup, and a JNDI lookup can potentially be used to download arbitrary Java code and execute it. Why? Well, because of a feature in log4j2 called lookups, one of which is a JNDI lookup. The fix they went with was to default that to off, because JNDI isn't used that often.

But that's essentially a breaking change. JNDI is essentially Java's method of configuring Java apps, which means that turning it off could potentially break logging configurations. Why?

Well, let's get into the real reason log4shell exists: lookups. Lookups could be executed in log messages. This sort of makes sense, because it meant you could log things like environment variables by directly referring to them. But what if you attempted to do something like:

log("User {} said {}", username, message);

When do lookups happen? After the message variables were substituted in.

So if a user said something that contained a JNDI lookup then their message would be substituted into the log message, and THEN lookups would be expanded.

The eventual "fix" log4j2 implemented was to disallow lookups in logged message entirely, which is also a breaking change. (Then again, I don't think it was ever clearly documented that lookups can happen in log messages at all.)

Incidentally, you can't even enter a non-JNDI log4j2 lookup into a Slashdot comment - it triggers CloudFlare's security protections.

Did it? I ask because it's not like PAX is immune to the same market forces that are causing companies to stop doing conventions and instead doing more online keynotes.

I think Apple showed that you don't need conventions to get press with their iPhone announcements. You can just announce you're going to hold a keynote, invite some press, and they'll show up and repeat what you told them to the world. Every time Apple does one of their keynotes, we get a day of Slashdot stories regurgitating every bullet point.

Can you think of the last time you heard of a major announcement coming out of PAX? Can you think of the last time you even heard anything about PAX? I can: it was when the people who made PAX, who the ESA had hired to run E3 this year, ended up cancelling it instead.

Your average gamer just doesn't need a "people's E3" and arguably never did. Want to demo games? Download the demo, even consoles can download games now. Want to see trailers? Live stream a presentation? Guess what, both can be done via the web now.

There's just no reason to bother with conventions any more. The large publishers didn't just pull out of E3, they also stopped attending PAX, and at about the same time.

Problem: the independent board on its own doesn't have the power to do that. It has three votes, while the commercial side also has three votes: Altman, Brockman, and Sutskever. The vote that would be required to allow them to fire Altman and demote Brockman is Sutskever's.

The much more likely explanation is that Sutskever wanted Altman gone (they've had conflict in the past) but didn't realize how badly that would damage OpenAI. Now everything's blown up in his face and he's in damage control.

Trivially, because Google didn't make up a new standard. They used the Signal Protocol to implement E2EE over RCS. RCS is, in a way, "email but for phone numbers," it's just a method of sending a message to a phone and having the phone receive it immediately.

Nothing prevents Apple from using any of the numerous Signal Protocol libraries out there to implement E2EE over RCS themselves.

"That is part of RCS" - ah, weasel words.

RCS is, at its core, a system for routing arbitrary binary messages between phones. It provides a standard baseline set of unencrypted messages that enable basic core behavior, but ultimately, it's like HTTP.

What you're saying is basically "what part of the HTTP protocol supports encryption" and then answer is, technically, none of it, because HTTPS is HTTP over TLS. It would be like refusing to implement HTTPS because it's "not part of the HTTP standard" which is, technically, true. But it is a standard and it is part of the wider set of standards that make up "the web."

Google uses the Signal Protocol to implement E2EE over RCS. Apple can too, it's an open protocol. It's just not, technically, "part of RCS," because it's outside the scope of RCS.

Which is especially hilarious, because that means the "best and most secure way" to communicate just randomly sometimes sends data in the clear, and you have no way to control it, because "it just works."

It's especially funny when you realize RCS supports end-to-end encryption (via the Signal protocol), while iMessage "supports" end-to-end encryption but does it by having Apple hold on to the keys. You can find entire iMessage dumps in court cases all the time, because all the police have to do is ask Apple for a copy and Apple will happily provide them.

That's an interesting comparison considering that Microsoft Word's format is also an open standard at this point. If what you want to do is interoperate with people using Microsoft Word, and you do it by implementing a standard Microsoft Word doesn't use instead of the one it does, you're not really interoperating, are you?

There are a bunch of additional standards - fully open, published standards - on top of the base RCS standard required to make it a useful messaging platform. Apple isn't implementing them. Just the bare minimum required to be "compatible."

It always amazes me how many people uncritically accept Apple's "privacy" advertising when it falls apart the instant you look at it.

Do people forget "the Fappening" when people were able to just access celebrity iCloud photo albums because Apple didn't properly secure them? The recent news that Apple's "MAC address randomization," designed to "protect against tracking," didn't bother with the "randomization" part?

Apple has made it quite clear, if you bother to listen: they don't care about your privacy. In fact, Apple wants to monitor everything you do on "their" devices. They just want to ensure third parties have to pay them in order to get access to that data, and they sell that as "privacy." And people just lap it right up.

But Apple is yet again refusing to implement the standards that make RCS functional as a messaging platform, and implementing only the very base features. So it'll "support RCS" but you still won't be able to do any of the useful things you can do between Android phones when messaging an iPhone from Android.

Apple routines does the opposite of "embrace, extend, extinguish" where they "embrace" a standard, implement only the very bare minimums, point to that as a reason why you shouldn't use the standard, and then points everyone to their own walled garden as the solution to the problems they created in the first place.

Netflix has Googled themselves into a classic chicken and egg problem. I don't trust them not to cancel shows on cliffhangers, so I don't watch shows until I know that they'll run to completion, and I'm not alone, so new shows don't gain an audiences (because critical masses are waiting to ensure they don't just get canceled), so they end up being canceled.

And, much like Google, Netflix needs to go a long way to regain trust, because they've canceled shows they had renewed. You can't trust Netflix if they say a show is getting a second season until they release the second season, much like you can't trust Google when they say that they'll keep a service running.

Plus, it's cheaper this way: I don't need a Netflix subscription to not watch Netflix shows because I assume they'll be canceled before they end.

Why on earth would you trust the IRS on that? And how much would it cost to go after that money? Any attempt to collect it will go to court for years anyway. The supposed "uncollected taxes" are the IRS claiming that people filed forms wrong. There's no proof of that. The IRS has been claiming for years that they need more money to extract more money from citizens. Why would you believe them?

I have no idea what you're talking about, and I'm sure you don't either. Why would the government be like a kitchen table? What metaphor are you trying to go for here?

Debt is debt. It's money owed. A liability. You're right in that the US has an easy "escape hatch" for escaping debt in that it can just print itself more dollars. But that route leads to hyperinflation and a destroyed economy.

You want to ensure that our economy crashes? Make the US inhospitable as a place to run a business. Business tax in the US is already too high; if you chase off the people who run the economy, you will utterly destroy the US.

The only way out is to cut costs and start paying off our debt. Most of what the federal government spends money on is wasted anyway. There's no reason to "make the 1% pay their bills" (by which you really mean "tax hikes") when you can balance the budget simply by cutting unnecessary expenses.