> I hate this idea that doxxing is some kind if crime.
The thing is, up until the advent of the internet it basically didn't matter - although in some cases, e.g. the German left-wing terror group "RAF", rich people did end up getting v&, in some cases killed. But that was a rarity.
But now with the possibilities of modern technology? Being able to be active on the Internet without hiding behind a pseudonym is a rare privilege. Wrong political opinion? Some nutjob from the opposite side can and will send anything from "pizza pranks" to outright SWAT to your home (or your parents, or ex-wife, or anyone they can identify as being associated with you). And if you got money? Stalkers, thieves, robbers, scammers, you will get targeted.
> People are drawn to complexity like moths to a flame.
Not to complexity, but to abstraction. The more something is abstracted away, the more fungible "developers" become, to the eventual tune of Claude Code.
No one cares that trying to debug a modern application is as hellish as its performance, the KPI that executives go for is employment budget.
It might be really efficient when you "vibe" and don't know exactly what you want.
On serious projects, it feels like even Claude Code could be more efficient with simple technologies, providing near-instant build and debug.
With reduced abstractions and output looking like input, it can better understand how to fix things rather than trying to guess how to manipulate framework state or injecting hacks.
I don't know if Next.js, TanStack, etc are more abstract than Rails, Django, etc. They're undoubtedly more complex though. I also find it hard to believe that it's some sort of conspiracy by management to make developers more fungible. I've seen plenty of developers choose complexity with no outside pressure.
> The device uses FDE and they key is provided over the network during boot, in the laptop case after the user provides a password.
Sounds nice on paper, has issues in practice:
1. no internet (e.g. something like Iran)? Your device is effectively bricked.
2. heavily monitored internet (e.g. China, USA)? It's probably easy enough for the government to snoop your connection metadata and seize the physical server.
3. no security at all against hardware implants / base firmware modification. Secure Boot can cryptographically prove to the OS that your BIOS, your ACPI tables and your bootloader didn't get manipulated.
> no internet (e.g. something like Iran)? Your device is effectively bricked.
If your threat model is Iran and you want the device to boot with no internet then you memorize the long passphrase.
> heavily monitored internet (e.g. China, USA)? It's probably easy enough for the government to snoop your connection metadata and seize the physical server.
The server doesn't have to be in their jurisdiction. It can also use FDE itself and then the key for that is stored offline in an undisclosed location.
> no security at all against hardware implants / base firmware modification. Secure Boot can cryptographically prove to the OS that your BIOS, your ACPI tables and your bootloader didn't get manipulated.
If your BIOS or bootloader is compromised then so is your OS.
Well... they wouldn't be the first ones to black out the Internet either. And I'm not just talking about threats specific to oneself here because that is a much different threat model, but the effects of being collateral damage as well. Say, your country's leader says something that makes the US President cry - who's to say he doesn't order SpaceX to disable Starlink for your country? Or that Russia decides to invade yet another country and disables internet satellites [1]?
And it doesn't have to be politically related either, say that a natural disaster in your area takes out everything smarter than a toaster for days if not weeks [2].
> If your BIOS or bootloader is compromised then so is your OS.
well, that's the point of the TPM design and Secure Boot: that is not true any more. The OS can verify everything being executed prior to its startup back to a trusted root. You'd need 0-day exploits - while these are available including unpatchable hardware issues (iOS checkm8 [3]), they are incredibly rare and expensive.
> Say, your country's leader says something that makes the US President cry - who's to say he doesn't order SpaceX to disable Starlink for your country?
Then you tether to your phone or visit the local library or coffee shop and use the WiFi, or call into the system using an acoustic coupler on an analog phone line or find a radio or build a telegraph or stand on a tall hill and use flag semaphore in your country that has zero cell towers or libraries, because you only have to transfer a few hundred bytes of protocol overhead and 32 bytes of actual data.
At which point you could unlock your laptop, assuming it wasn't already on when you lost internet, but it still wouldn't have internet.
> The OS can verify everything being executed prior to its startup back to a trusted root.
Code that asks for the hashes and verifies them can do that, but that part of your OS was replaced with "return true;" by the attacker's compromised firmware.
There is ossign.org, Certum offers a cheap certificate for FOSS [1], and Comodo offers relatively cheap (but still expensive) certs as well [2]. Not affiliated with either service, but these are the ones I remember last time I had to dig into this mess, so there might be even more services that I don't recall at the moment.
> Or like. Don’t live in the 2nd most expensive city in the country?
Well... multiple things here.
If you're in, say, finance, you can't just go and move to some flyover state and work remotely. You need to be around NYC (US), LON (UK) or FRA (EU).
If you work some service job, say you work retail, okay. But... imagine what happens to NYC when all the people doing the menial work keeping the city alive (have to) move away? Whoops, now everyone is going to drown in trash and feces!
It is vitally important for any city to have enough adequate housing for all levels of income, otherwise it falls apart.
I can't find the reference, but I saw a comment recently along the lines of, "If you live in a city where the people who provide you with services can't also afford to live in that city, you don't live in a city, you live in an amusement park."
If you're in finance, you earn enough to live in NYC
> imagine what happens to NYC when all the people doing the menial work keeping the city alive (have to) move away? Whoops, now everyone is going to drown in trash and feces!
That's not a "the poor middle class folks in NYC need help" story, that's a "the rich folks of NYC need folks to serve them" story. They're welcome to strategize however they like to incentivize people working there. Manipulative heartstring tug are not welcome however.
> But... imagine what happens to NYC when all the people doing the menial work keeping the city alive (have to) move away? Whoops, now everyone is going to drown in trash and feces!
Maybe after they have to look at piles of trash everywhere, the employers (I'm guessing that would be the city) will learn to pay them what they are worth.
> Honestly, this doesn't seem unreasonable to me. At some point, you have to cut off previous technologies because virtually everyone's moved to something better. You also can't buy tickets any more by snail mail with an enclosed check.
The problem is, in the end it leads to a society where you NEED a smartphone to enjoy basic human existence - and yes, access to cultural and sports events is a fundamental part of being a human.
That in turn almost always means: your smartphone must be either Apple or a blessed Google device. And that in turn means: no rooting (because most apps employ anti-root SDKs these days), no cheap AOSP phones, no AOSP forks like Graphene OS. And that is, frankly, dystopian when your existence as a human being depends on one of two far too rich American mega corporations. Oh and it needs to be a recent model too, because app developers just love to go the easy route and only support recent devices on recent OS versions.
And that's before we get into account bans (which particularly Google is infamous for), international sanctions like the one against the ICC justices, or pervasive 24/7 surveillance by advertising SDKs or operating systems themselves.
Each country has different regulations for amateur radio bands. In Germany for example, in the bands > 2 GHz maximum power is capped at 75W PEP [1], the US has vastly different limits [2]
I'm sorry, I thought it was very obvious that I was talking about ITAR export controls, not about destination country domestic regulation.
This is a clue from their webpage: "Not intended for radar applications. Core functionality needed for radar not included due to export control restrictions."
> The target launch price is probably ~$399 (dependent on the tariff landscape over the next month). For that you get the QuadRF tile, an included Raspberry Pi 5, the custom case, tripod, USB-C power supply, cables, and a pre-loaded SD card with a ton of cool SDR applications.
Meanwhile... the RPi alone will probably make up 299 dollars of that price tag [1].
It is not a good time to design hardware that needs RAM. Arrest and imprison Sam Altman.
The thing is, up until the advent of the internet it basically didn't matter - although in some cases, e.g. the German left-wing terror group "RAF", rich people did end up getting v&, in some cases killed. But that was a rarity.
But now with the possibilities of modern technology? Being able to be active on the Internet without hiding behind a pseudonym is a rare privilege. Wrong political opinion? Some nutjob from the opposite side can and will send anything from "pizza pranks" to outright SWAT to your home (or your parents, or ex-wife, or anyone they can identify as being associated with you). And if you got money? Stalkers, thieves, robbers, scammers, you will get targeted.
reply