The number of times I’ve seen people link to this thread while completely misunderstanding the context of it drives me nuts. The issue isn’t being able to export keys, it’s that KeepassXC was making it trivial to export keys in plaintext with no user warning/verification, which fundamentally undermines the biggest security advantage of passkeys - phishing resistance. In other words, if users can be easily talked through exporting their keys via a simple in-app flow that gives them no warning about the danger of what they’re doing, then they will do that and be scammed horribly by it.

The person who raised the issue was asking KeepasXC to come up with a better solution for exporting keys - originally he asked them to wait for the now standardized process that every passkey provider uses, but then they settled on showing the user an explicit warning about the danger of plaintext exports in the meantime.

If you choose to read the most hostile and uncharitable subtext into every word a person writes in public, you can misunderstand what he’s saying. Otherwise, this is a pretty cut-and-dry example of a person genuinely trying to support the interests of end users.

I agree, except that we are legally not allowed to control the software on our phones in lots of cases. Notifications, ads, upgrades, etc. are all controlled by the manufacturer and it’s illegal to override their software on the device you own.

Add to that that specific pieces of software are becoming increasingly necessary to function in society, and you start to see that it’s not really a matter of individual choice, anymore than people shopping at walmart can be blamed for buying processed, sugary foods when that’s 90% of what walmart stocks (And all they promote), and walmart is the only affordable option in their community.

Cities are centuries older than cars though. Cars are the new thing. And yet it’s true that cars are an obvious QoL improvement for anyone in a rural area, and no reasonable person is suggesting that people in rural areas shouldn’t drive cars.

The real issue is that Americans (among others) have decided they want all the convenience and amenities of living in a city (sewer, water, energy, convenient access to most goods and services, etc.), but they want to pretend they live in a rural area, with no density whatsoever. This has resulted in the suburban sprawl that is financially ruinous and requires cars to be able to go anywhere and do anything, which creates traffic, which we solve by building bigger roads and pushing things farther apart, creating more traffic.

Thus, the answer really is that if you want city amenities, you need to live in a city. It doesn’t have to be as dense as New York. Not Just Bikes just posted a great video about the smallish town of Bergen in Norway that is not a super dense urban hellscape, it is medium density with human-centric development.

repairable and upgradable*

I know it’s an absolutely banal nitpick, but I think it’s unfortunately a revelation in the current laptop market that ~90% of a laptop stays good for a really really long time, and the other 10% can be upgraded piecemeal as the need arises. Obviously this was never news to the Desktop world, but laptop manufacturers got away with claiming this was impossible for laptops in the name of efficiency and portability.

If you’re in any of these states:

• Alaska
• Arizona
• California
• Connecticut
• Florida
• Idaho
• Illinois
• Kansas
• Maine
• Maryland
• Massachusetts
• Nevada
• New Hampshire
• New Jersey
• New Mexico
• New York
• North Carolina
• Oregon
• Pennsylvania
• South Dakota
• Tennessee
• Texas
• Washington state
• Wisconsin
• Wyoming

You can use the IRS’ new Direct File service. It’s what we should’ve had ages ago, letting citizens file their taxes directly without a for-profit middle man. There are still a couple of scenarios they don’t support, since it’s still in development and is only in it’s second year of use, but in my experience it’s already competent and helpful.

And, as a bonus, you don’t have to give any money to Intuit/TurboTax to keep lobbying the government to make our tax code as arcane as possible so that people need their services to file taxes.

1. There was a serious lack of current kernel developers (which I don’t think there is)

Maybe not at the moment, but my understanding is that the pool of qualified C programmers is shrinking rapidly, because the old guard is all ageing out and there simply are not enough intermediate developers coding in C at the level that Kernel development requires.

Having a larger (and growing) pool of upcoming developers interested in systems programming and software excellence is one of the explicit stated reasons that Linus et al. considered Rust in the first place.

In what sense are they “siding” with the corporations? If anything, this seems like a step in the right direction, to add some modicum of open governance to the Chromium project in a fashion that is clearly not corpo-dominated.

Also, it’s not like this is the Linux Foundation saying “we only support Chromium”, after all they also run the Servo project.

Source? Like obviously none of us on this platform appreciate manifest v3, but it’s obvious that’s a corporate push, and exactly the thing this new organization might help mitigate.

On the other hand, the Chromium team has been pumping out all kinds of day-to-day platform improvements for the last 5 years at least. I’m thinking of CSS ergonomics and more robust HTML that make web devs less JS-dependent. The kinds of down-in-the-weeds work that gave us CSS grid, all the useful new CSS pseudoselectors, the command attribute for buttons, etc. etc.

I’m not a web maximalist, and I would love to see a simpler web/browser prosper, but I just don’t think it’s realistic.

I think anyone is welcome to try this, but the core ethos of the web is backwards compatibility. To my unending irritation, even non-standard behaviors/APIs like WebUSB have become critical for sites to function.

The last time we actually dropped a feature, it was Flash, and that took a decade and there is still tons of effectively dead/permanently lost content because of it.

Creating a browser that only implements a subset of the standards is fine for very niche usecases but I don’t expect it to ever overtake the major browsers. We’ll see how Ladybird fares as it’s compatibility increases.

Unfortunately, as much as I hate to admit it as someone who has left Chromium behind personally, Chromium is kind of the only choice. I think people outside the browser implementation world underestimate the sheer scale and complexity of the modern browser stack and what goes into maintaining compatibility with web standards, much less advancing them.

We’ve reached the point where Chromium is essentially the de-facto web standard because Chromium engineers do the lions’ share of feature testing and development, because Chromium receives the lions’ share of funding.

Igalia, an OSS consultancy that does a lot of fairly-funded independent browser development, has lots of material about this. For example, the recent chat between Igalia members and someone from Open Web Advocacy about what to do if the anitrust ruling against Google jeopardize’s Chromium’s funding, and the options are pretty dire.

Edit: After reading the article, I think this is a really good sign. Bringing together the immediate stakeholders in Chromium’s development and funding bodes well for the possibility of stewarding Chromium in a less Google-dependent, profit-motivated, ad-centric direction. There’s unfortunately a lot of uncertainty about how this will all shake out, but it’s possible that Chromium could become a truly independent project and move back in the direction of user value instead of user-hostile shareholder value.