> You could, of course, sell or wind down your company, which would solve all problems outlined here. But this is not an option for most entrepreneurs.
For a software business, you could presumably:
- Incorporate a company in your country of choice
- Transfer subscribers from German company to new foreign company (depending on payments provider, this can be a massive effort, for example, not a simple form field in Stripe).
- If new company incorporated in a country you want to live in, use it to obtain an investor Visa
- German company now has 0 in revenue, wind it down and leave.
> German company now has 0 in revenue, wind it down and leave.
You forgot about employees. If German employment law is anything like the Dutch one, then it means you can't wind down the company while you have employees. They may refuse to leave. Firing them may be subject to government approval, who may also refuse.
It's because the government essentially takes over the employees, buy paying non-employment money. You deciding that some people don't work for you anymore creates costs for those people and also for the community.
It's sensible, to prevent… well, exactly this kind of situation: taking away people's livelihoods as part of a tax dodge is an abuse of power. The power of being an employer comes with responsibility.
If the company's dissolving for legitimate reasons (e.g. there's no longer a market for the services), then that's one thing – but "I've had the company send all its customers to a competitor, also owned by me" is an extremely obvious loophole to work around employee protections, and it's correct that it should be closed.
It's not dumb. You're not allowed to close a business in the US until you check a lot of boxes, too. You have to show you don't have outstanding debts and so on. The banks won't let you do that because it's an easy way to escape debt. That's exactly why bankruptcy is an extended legal process.
If an employee is guaranteed X months salary upon notice of layoff in the contract, that's debt you have to resolve before you legally close. If you have a 5 year lease agreement for the property, that's also debt you have to resolve. It's exactly the same idea.
You're confusing "winding a business down" with "bankruptcy" in the US.
As long as you follow the law, there is no government "approval" of a dissolution. You notify shareholders and creditors, then resolve any outstanding payments, then dissolve.
You haven't said anything new. "As long as you follow the law" is basically what I described. You're taking the requirements of clearing your debts and burying them under a phrase, and then claiming you're saying something different.
In part, "following the law" means "clearing any outstanding debts."
You seem to have ignored the important distinction - there is no government approval needed.
Even if you have outstanding debts, you can still dissolve the LLC. Of course creditors can cause trouble for doing that, but there is no government approval in the process.
In every state in the US I'm aware of, you must file for a certificate of dissolution with the state department. You can't do so unless you're in "good standing". In effect, you're not allowed to complete the dissolution until the state permits it.
a quick check says it isn't. you only have to consider the notice period which depends on how long people have been working there. which means you can't wind down in a hurry but there is no right to refuse to leave nor any refusal from government.
Better do it properly. Western countries have tax departments that can make your life a living hell if you do it wrong. If you have enough resources to be subject to an exit tax, I highly recommend paying for proper tax advice.
This is fraud and you'll end up in jail. Your company is not "you". You are a shareholder but as a CEO, you should do what's best for the "company" and what you described is criminal activity to bankrupt the company.
It's not bankruptcy if the company has no liabilities. You're allowed to wind down a profitable company because you can't be bothered running it any more.
A question of legality might come from German authorities determining if this is solely to avoid tax, which is open-ended. It might be hard for them to make this argument if you can prove you transferred operations to country X to maximize company's growth, access local talent, closer proximity to customers etc.
Regardless, anther commenter pointed out that the exit tax applies to all companies that you own regardless of location. In that case, the approach isn't feasible.
Also it goes without saying, seek your own legal advice rather than trusting random comments on the internet.
> You're allowed to wind down a profitable company
I can't speak for all jurisdiction but on one that I worked in, this is not legal. This might be more defensible if the company really is just you but not if it has employees and can operate with a different CEO than you.
I guess if you have a limited liability company but in some countries at least you don't have such duty when running a one person or a small partnership shop.
> The FDA approval comes based on trial data submitted by the pharmaceutical company, so it's worth noting that published peer-reviewed reports are yet to be published. Peer-reviewed publications often follow regulatory approvals, not precede them, which is common in the field of ophthalmology and dermatology.
Does anyone know the reason that data is published after approval rather than before? Seems illogical at face value, but I'm obviously missing something.
It’s because the publishing process takes more time than the FDA review process.
Once the pivotal trial reads out, companies usually submit within a month or two to the FDA. Much of the submission dossier (trial design, product description) can be written ahead of time, so it’s really the results that need to be drafted.
The FDA can approve in as little as 3-4 months for an accelerated approval, but it can take up to 12 months.
Compare that with a paper being written and reviewed across multiple authors (3-6 months if you’re lucky), then submitting to multiple journals for review and feedback (6 months), then final submission and peer review (1-2 months), then any additional edits (1 month), then final slating for publication after article is type set, all figures are sized, article laid out and final version (1-2 months).
So all in the FDA takes less time (3-12 months) than publishing (12-17 months).
Short answer: FDA is totally toothless these days after decades of industry lobbying and Republican budget cuts. The industry has decided how they want things to work.
And you're thinking this ability to bypass scrutiny must lead to problems.
Correct. When liabilities grow too big, the company will spin off the liabilities to a shell company without means to pay for damages caused.
(this is called a "Texas two-step" bankruptcy)
Please spend 30 seconds to search whether the fda budget has actually been cut over time (hint: it hasn’t)
The fda budget much like every other agency has grown incredibly in the last 50 years ( <1bnin 1992 to >6bn today). You can look at more recent numbers and see it’s still rising. When you hear cuts I’m spending it’s often cuts in proposed increases in spending which are often double digits. So you can grow an agency 10% a year for decades and then a single slow down or reversion to levels from just a year or two ago is seen as drastic cuts that will result in poison into our water.
You're not wrong about funding, but OP is correct about industry influence.
It varies a little by division/subject matter, but they basically have to run everything by industry and are subject to FOIAs and public shaming by senators and representatives beholden to industry.
Source: long-term partner of FDA employee, though this stuff is pretty widely understood.
Those FOIAs are requested by politicians owned by industry in an effort by industry to scrape whatever leverage they can. FOIAs themselves are not problematic, obviously, but their application isn't limited to do-gooders.
You can educate yourself on the FDA process, including public access to all the FDA documentation, including meeting minutes and sponsorship slides. It’s all there on fda.gov
But instead of doing that you’ve decided to just write this comment instead and post something that looks quite silly for those that have taken the first approach.
When you navigate to the Clinical Trials section[1], the "View Clinical Trials Guidance Document" link[2] currently stalls, and then gives a 403 error page that says "Page Not Found". All of the information is not there on fda.gov, and whoever's in charge is doing a very sloppy job.
The claim that “the industry has decided how they want things to work” is laughable.
The numerous “not approved” decisions makes that plainly obvious. Not to mention all the times FDA has said “you have to do X to get approved” and the company happily complies despite it delaying sales by several quarters.
To the question at hand “why do publications come after FDA approval”, the FDA has access to all the data (actually more) before publication, so the publication is irrelevant to approval.
> Not to mention all the times FDA has said “you have to do X to get approved” and the company happily complies despite it delaying sales by several quarters.
The company happily complies?
Or just does it begrudgingly because not doing it delays sales a few more quarters if not indefinitely?
I'm not sure where you're getting the idea from that a company would happily do anything additional. It's a cost of doing business. Let's not pretend they're angels, they're in it for the money not the greater good.
And if that last statement needs a rationale, tell me who is doing the work to find the next antibiotic or any other non chronic disease medication
I took issue with the happy part because it's a regulator not a customer kindly asking for a change.
Even if the cost of the change are very high, getting it approved is probably worthwhile. To say that they would do so happily implies that there's a motive beyond getting approval.
Based on these comments, maybe my interpretation was just off
I'm pretty sure any certain path to approval makes the company happy. Ecstatic, even. They get to move the drug from the liabilities to the asset column of their ledger.
>Short answer: FDA is totally toothless these days after decades of industry lobbying and Republican budget cuts.
The funny thing about short answers is that they're often partly or wholly full of shit and don't describe the underlying reality. For example, see how different things get when you look at actual information instead of pulling ideological talking points out of your ass without knowing what the hell is even the case? (A common thing on this site among so many self-described highly intelligent people)
This is the FDA's actual funding history over the last 3 decades (page 6 of the PDF), showing a steadily increasing budget across both Republican and Democrat admins. Curiously, some of its bigger budget increases coincided with the first Trump administration even. https://sgp.fas.org/crs/misc/R44576.pdf
> after decades of industry lobbying and Republican budget cuts
If only the Democrats had been in power in that period. And if only lobbying weren't something that was impossible to prevent by a neutral third party paid for by taxes to do exactly that.
AI: I'll get right on it! But before I do, have you had dinner yet? KFC's new finger-licking MEGA feast will bust your hunger for only $19.95. Click here to order.
They only observed an area of sky approximately the size of "three full moons"
> By using the data from the James Webb Space Telescope’s 6.5‑meter (21-ft) mirror, scientists at UC Santa Barbara have surveyed 0.54 square degrees of sky, which is equivalent to the area of three full moons when viewed from Earth. Charting nearly 800,000 galaxies, the COSMOS-Web dataset covers almost 98% of cosmic history.
1. User logged into FB or IG app. The app runs in background, and listens for incoming traffic on specific ports.
2. User visits website on the phone's browser, say something-embarassing.com, which happens to have a Meta Pixel embedded. From the article, Meta Pixel is embedded on over 5.8 million websites. Even in In-Cognito mode, they will still get tracked.
3. Website might ask for user's consent depending on location. The article doesn't elaborate, presumably this is the cookie banner that many people automatically accept to get on with their browsing?
4. > The Meta Pixel script sends the _fbp cookie (containing browsing info) to the native Instagram or Facebook app via WebRTC (STUN) SDP Munging.
You won't see this in your browser's dev tools.
5. Through the logged-in app, Meta can now associate the "anonymous" browser activity with the logged-in user. The app relays _fbp info and user id info to Meta's servers.
Also noteworthy:
> This web-to-app ID sharing method bypasses typical privacy protections such as clearing cookies, Incognito Mode and Android's permission controls. Worse, it opens the door for potentially malicious apps eavesdropping on users’ web activity.
> On or around May 17th, Meta Pixel added a new method to their script that sends the _fbp cookie using WebRTC TURN instead of STUN. The new TURN method avoids SDP Munging, which Chrome developers publicly announced to disable following our disclosure. As of June 2, 2025, we have not observed the Facebook or Instagram applications actively listening on these new ports.
So main application for WebRTC is de-anonymisation of users (for example getting their local IP address). Why it is not hidden behind permission I don't understand.
The main application for WebRTC is peer to peer data transfer.
I think you can make the argument that it should be behind a permission prompt these days but it's difficult. What would the permission prompt actually say, in easy to understand layman's terms? "This web site would like to transfer data from your computer to another computer in a way that could potentially identify you"? How many users are going to be able to make an informed choice after reading that?
If users don't understand, they click whatever. If the website really needs it to operate, it will explain why before requesting, just like apps do now.
Always aim for a little more knowledgeable users than you think they are.
And specifically, if you're on something-sensitive.com in a private browsing session, it would give you the choice of giving no optional permissions. That choice is better than no choice at all, especially in a world where Meta can be subpoenaed for this tracking data by actors who may be acting unconstitutionally without sufficient oversight.
That feels pretty useless. You might as well do what happens today: enable it by default and allow knowledgable power users to disable it. If it's disabled, show a message to the user explaining why it's needed.
it does exist in `about:config`, which could be made as a UI setting instead:
`media.peerconnectin.enabled`.
on cromite[1], a hardened chromium fork, there is such a setting, both in the settings page, as well as when you click on the lock icon in the address bar.
I think very few people would argue that cookie consent banners in the form in which they are the norm are a good thing just like permission prompts for microphone access are.
Browser functionality needs a hard segmentation into disparate categories like "pages" and "apps". For example, Pages that you're merely intending to view don't need WebRTC (or really any sort of network access beyond the originating site, and even this is questionable). And you'd only give something App functionality if it was from a trustable source and the intent was to use it as general software. This would go a long way to solving the other fingerprinting security vulnerabilities, because Pages don't need to be using functionality like Canvas, USB, etc.
It's only "profitable" if people don't bounce at being asked to trust a random news article, or something-embarassing.com, with their personal information. Same as why native Android apps don't just ask for every single permission. People in general do care about their security, they just lack tools to effectively protect it.
When enrolling Yubikeys and similar devices, Firefox sometimes warns "This website requires extra information about your security device which might affect your privacy. Do you want to give this information? Refusing might cause the process to fail."
I wouldn't understand that. Is it getting a manufacturer address to block some devices? Does it use a key to encrypt something? Which "security device? /dev/urandom?
I see that non-technical users can be confused by too much information, but when you omit this even knowledgeable users can't make an informed decision.
1- You'd be in a page where you'll be enrolling your YubiKey or WebAuthn device. You'll be having your key at hand, or recently plugged in.
2- Your device's LED would be flashing, and you'll be pressing to the button on your device.
3- The warning will pop-up at that moment, asking that question to you. This means the website probably querying for something like the serial number of your key, which increases the security, but reduces your privacy.
With the context at hand, you'd understand that instantly, because the place you are and the thing you're doing perfectly completes the picture, and you're in control of every step during the procedure.
Exactly. You need to infer that, it isn't stated directly.
Same like you need to guess, that "Unable to connect" means connection refused, while "We can’t connect to the server at a" means the DNS request failed. Or does it mean no route to host? Network is unreachable?
I would argue, that (sometimes) the user would be fine to distinguish whether he wants to approve something, but can't because both dialogs state the same wishy-washy message. Even non-technical users (might) eventually learn the proper terms, but they can't if they only get shown meaningless statements.
> Exactly. You need to infer that, it isn't stated directly.
I don't care. The site is doing something unusual. It's evident, it's enough to take a second look and think about it.
> Same like you need to guess, that "Unable to connect" means...
Again, as a layman, I don't care. As a sysadmin, I don't worry, because I can look into in three seconds flat. Also, Unable to Connect comes with its reasons in parantheses all the time.
> I don't care. The site is doing something unusual. It's evident, it's enough to take a second look and think about it.
Is it enough to do an informed decision?
> Again, as a layman, I don't care.
You do care, whether you mistyped or the network is down. I agree that you probably don't care to distinguish between "network unreachable" and "no route to host" though.
> As a sysadmin
True, but that information was already there and was thrown away.
With my layman hat, yes it is. I'll think about a trade-off between site's importance in my life, trustworthiness of the body behind the site, and my privacy.
> You do care, whether you mistyped or the network is down.
No I don't. Because it's easy to check for a typo, and then it's easy enough to investigate like layman. e.g.: Try going to Google, check for your (wireless) connection from your taskbar, every OS shows a "!" when internet is unreachable, and so on...
> but that information was already there and was thrown away.
Sometimes starting with a truncated but accurate info allows a way faster start. Precision and accuracy are different things, and accuracy is more important than precision.
Let's be clear here. Meta/other sites are abusing the technology TURN/WebRTC for a purpose it was never intended for, way beyond the comfortable confines of innocent hackery, and we all know it.
That's asshole behavior, and worth naming, shaming, and ostracizing over.
> That's asshole behavior, and worth naming, shaming, and ostracizing over.
These exploits are being developed, distributed and orchestrated by Meta. The ”millions of websites” are just hummus recipe content farms using their ad SDKs, and are downstream Zuck in every meaningful interpretation of the term.
Meta has been named and shamed for decades. Shame only works in a society where bad actors are punished by the masses of people that constitute Meta’s products. Doesn’t mean we should stop, only that it’s not enough.
More than that, talking about TURN or WebRTC is really missing the issue. If you lock everything down so that no one can do anything you wouldn't want a malicious actor to be able to do, then no one can do anything.
The real issue is, why are we putting up with having these apps on our devices? Why do we have laws that prohibit you from e.g. using a third party app from a trusted party or with published source code in order to access the Facebook service, instead of the untrustworthy official app which is evidently actual malware?
What laws are you referring to other than Terms of Service which are entirely artificial constructs whisked into existence by service/platform providers? Which will, admittedly, be as draconian and onesided as the courts will allow.
Agree on your first point at a practical level, but from the normative standpoint, it's unforgivable to cross those streams. At the point we're talking about with a service provider desperately wanting to leak IP info for marketability applications of an underlying dataset and using completely unrelated to the task at hand technical primitives to do it, you very clearly have the device doing something the end user doesn't want or intend. The problem is that FAANG have turned the concept of general computing on it's head by making every bloody handset a playground for the programmer with no easily grokkable interface to the user to curtail the worst behavior of technically savvy bad actors. A connection to a TURN server or use of parts of the RTC stack should explain to the user they are about to engage programming intended for real-time communication when it's happening not just once at the beginning when most users would just accept it and ignore it from then on.
10 or so TURN call making notifications in a context where synchronous RTC isn't involved should make it obvious that something nefarious is going on, and would actually give the user insight into what is running on the phone. Something modern devs seem to be allergic to, because it would cause them to have to confront the sketchiness of what they are implementing instead of being transparent with the principle of least surprise.
Modern businesses though would crumble under such a model because they want to hide as much about what they are doing as possible from the customer base/competitors/regulators.
>
> What laws are you referring to other than Terms of Service which are entirely artificial constructs whisked into existence by service/platform providers? Which will, admittedly, be as draconian and onesided as the courts will allow.
There are two main ones.
The first is the CFAA, which by its terms would turn those ToS violations into a serious felony, if violations of the ToS means your access is "unauthorized". Courts have been variously skeptical of that interpretation because of its obvious absurdity, but when it's megacorp vs. small business or open source project, you're often not even getting into court because the party trying to interoperate immediately folds. Especially when the penalties are that scary. It's also a worthless piece of legislation because the actual bad things people do after actual unauthorized access are all separately illegal, so the penalty for unauthorized access by itself should be no more than a minor misdemeanor, and then it makes no sense as a federal law because that sort of thing isn't worth a federal prosecutor's time. Which implies we should just get rid of it.
The other one, and this one gets you twice, is DMCA 1201. It's nominally about circumventing DRM but its actual purpose is that Hollywood wants to monopolize the playback devices, which is exactly the thing we're talking about. Someone wants to make an app where you can watch videos on any streaming service you subscribe to and make recommendations (but the recommendations might be to content on YouTube or another non-Hollywood service), or block ads etc. The content providers use the law to prevent this by sticking some DRM on the stream to make it illegal for a third party app to decrypt it. Facebook can do the same thing by claiming that other users' posts are "copyrighted works".
And then the same law is used by the phone platforms to lock users out of competing platforms and app stores. You want to make your competing phone platform and have it run existing Android apps, or use microG instead of Google Play, but now Netflix is broken and so is your bank app so normal people won't put up with that and the competition is thwarted. Then Facebook goes to the now-monopoly Google Play Store and has "unauthorized" third party Facebook readers removed.
These things should be illegal the other way around. Adversarial interoperability should be a right and thwarting it should be a crime, i.e. an antitrust violation.
> The problem is that FAANG have turned the concept of general computing on it's head by making every bloody handset a playground for the programmer with no easily grokkable interface to the user to curtail the worst behavior of technically savvy bad actors.
But how do you suppose that happened? Why isn't there a popular Android fork which runs all the same apps but provides a better permissions model or greater visibility into what apps are doing?
>Why isn't there a popular Android fork which runs all the same apps but provides a better permissions model or greater visibility into what apps are doing?
Besides every possible attempt being DoA because Google is intent on monopolizing the space with their TOS and OEM terms? There isn't a fork because it can't be Android if you do that sort of thing, and if you tried to it'd be you vs. Google. Nevermind the bloody rats nest of intentional one-sided architecture decisions done to ensure the modern smartphone is first and foremost a consumption device instead of a usable and configurable tool, which includes things like regulations around the base and processor, lawful interception/MITM capability, and meddling, as you mentioned, in the name of DMCA 1201.
Though there's an even more subtle reason why, too, and it's the lack of accessible system developer documentation, capability to write custom firmware, and architecture documentation. It's all NDA locked IP, and completely blobbed.
The will is there amongst people to support things, but the legal power edifice has constructed intentional info asymmetries in order to keep the majority of the population under some semblance of controlled behavior through the shaping of the legal landscape and incentive structures.
> The will is there amongst people to support things, but the legal power edifice has constructed intentional info asymmetries in order to keep the majority of the population under some semblance of controlled behavior through the shaping of the legal landscape and incentive structures.
Exactly. We have bad laws and therefore bad outcomes. To get better outcomes we need better laws.
There are already permissions dialogs for using the camera/microphone. I don't think it'd be absurd to implicitly grant WebRTC permissions alongside that.
>The website wants to connect to another computer|another app on your computer.
"website wants to connect to another computer" basically describes all websites. Do you really expect the average user to understand the difference? The exploit is also non-trivial either. SDP and TURN aren't privacy risks in and of themselves. They only pose risks when the server is set to localhost and with a cooperating app.
Pardon my ignorance, but modern browsers won't even load assets or iframes over plain http within an SSL page. So under normal circumstances you cannot open so much as an iframe to "localhost" from an https url unless you've configured https locally. Regardless of crossdomain perms. Wouldn't you want to require a special security permission from an app that was trying to setup a local server, AND require confirmation from a browser that was trying to connect to a local server?
HTTP isn't allowed on secure pages because the security of HTTP is known to be non-existent. WebRTC uses datagram TLS, which is approximately on par with HTTPS.
The thing that's happening here isn't really a problem with WebRTC. Compare this to having an app on your phone that listens on an arbitrary port and spits out a unique tracking ID to anything that connects. Does it matter if the connection is made using HTTP or HTTPS or WebRTC or something else? Not really. The actual problem is that you installed malware on your phone.
But that says nothing about the danger of identifying you.
> Most users probably will click "No"
Strong disagree. When I'm loading google.com is my computer not connecting to another computer? From a layman's perspective this is the basis of the internet doing what it does. Not to mention, the vast majority of users say yes to pretty much any permission prompt you put in front of them.
The existing killer app for WebRTC is video chat without installing an app, which is huge.
Other P2P uses are very cool and interesting as well - abusing it for fingerprinting is just that, abusing a user-positive feature and twisting it for identification, just like a million other browser features.
The technique doesn't actually rely on webrtc though, does it? Not showing up in the default view of chrome's network inspector obfuscates it a bit, but it's not like there aren't other ways to do what they're achieving here.
Because the decision makers don't care about privacy, they only want you to think that you have privacy, thus enabling even more spying.
One solution is to not use the apps and websites from companies that are known to abuse WebRTC or something else.
This is not unique to WebRTC. The same result could be achieved by sending a http request to localhost. The only difference in this case is that using WebRTC doesn't log a http request
Not totally following but it sounds like you are saying one of the things they have been doing involves abusing mandated GDPR cookie notices to secretly track people?
Yes? The cookie in question is First Party, which means you’ve consented to permitting only that party to track you using it, and not permitting its use for wider behavioral tracking across websites.
However, the locally hosted FB/Yandex listener receives all of these first party cookies, from all parties, and the OPs implication is (I think) that now these non-correlateable-by-consent first party cookies can be or are being used to track you across all sites that use them.
Not only did you only consent to the one party using it, but the browser has robust protections in place to ensure that these cookies are only usable by that party. This “hack” gets around the restriction completely, leveraging a local service to aggregate all the cookies across sites.
This is why things involving cookies for permission to do things were really poison pills. As long as there is a cookie to be tracked, any at all, you have the data exfil/tracking problem. Only thing that changes is where the aggregation happens.
Luckily, GDPR isn't about cookies, it's about processing personal information.
Doesn't matter if you use cookies, localstorage, or carrier pigeon.
The older EU 'cookie directive' only mentions cookies as an example of storage in a footnote. The regulative is actually about any storage on the users computer.
Marketers would like you to believe that the stupid banners are about cookies. They're not - they're about processing your personal information.
IANAL, but it's not GDPR-conformant consent in any way. Consent needs to be informed, unambiguous, and freely given to be valid and should be easy to reject. The only way for this to be valid would be a consent form with something like:
Allow Meta tracking to connect the Facebook or Instagram app on your device to associate visits to this website with your Meta account. Yes/No (With No selected as a default.)
I am pretty sure that this is a grave violation of the GDPR.
That's probably already part of the consent form websites pop up listing 200 different trackers. If you permit data sharing with Facebook/IG/Meta in the consent form, you're consenting to tracking in general, not just cookie-based tracking.
"No" doesn't even need to be selected as a default, as long as you don't use dark patterns. Making the user manually click yes or no is perfectly valid (as long as you don't make "yes" easier than "no", so if you add an "allow all" button there should be an equally prominent "deny all" button).
The intent of these laws is just so obtuse and unclear! And beyond that complying is technically impossible to implement but you could only understand that if you were a rocket scientist PhD computer science wizkid making $$$$k in California which isn't that much in such a high cost of living area donchaknow. /sardonic
The cookie preference pop-up is a cookie. To track your preference, they need a cookie. We legally mandated a cookie. They're using the cookie regardless. But no one will call them on it until a critical mass is reached to get cases in a sufficiently large number of jurisdictions to curtail the behavior.
A reminder that it's possible to use tools like XPL-EX to circumvent those attempts. Also ad blocking via adaway would do the trick here I assume, as it should block Meta Pixel tracking. Overall, awful approach.
> I was excited about this vision. Too often, an engineer tries to write one huge TLA+ spec for the whole system. It's too complex and detailed, so it's not much easier to understand ...
Does he manage his own automated browsers? I suppose this could simply be a wrapper for something like Scrapfly (or Scraping Bee or Zen Rows or many others), with some custom JS injected to remove banners.
I signed up on my phone and tested in the playground.
It will fit perfectly into my workflow. I'm building a hyper-local directory site.
Getting good images for businesses is hard, so I'll use this to grab an image of their site as a place holder.
I can also add it to my AI workflow where I pass a website to OpenAI Assistant to extract data. OpenAI s not as robust with URLs as it is with images or PDFs. Often it won't visit then URL.
I can use this to get an image or pdf, pass it on and ask for the data back. OpenAI is better with files than URLs in my experience.
I'm a big fan of YouTube anti-scammer vigilantes. They bait scammers, expose their tactics, humorously waste their time, or even manage a counter attack.
I believe these guys can be a big part of the solution. YouTube creates a financial incentive for individuals to go down this route, and apart from being entertaining to viewers, it broadens awareness of scammer tactics, which hopefully means more people detect scams early.
I wish these guys success and hope to see more anti-scam YouTubers appear.
> YouTube creates a financial incentive for individuals to go down this route
No, YouTube creates a financial incentive for individuals to produce videos where they seem to do this. The problem of this is obvious, and if, as you hope, more of this content appears, there will not be enough people to check them all and keep them honest.
> It turns out that BEVs (battery electric vehicles) reduce the amount of brake dust by 83%, according to a new analysis by EIT Urban Mobility (a body of the European Union) and Transport for London. The study looked primarily at London, Milan and Barcelona.
> The primary reason for this is the use of regenerative braking, meaning that electric vehicles can slow down without rubbing friction brakes. Other vehicles that use regenerative braking reduced brake emissions too, with Hybrids reducing them by 10-48%, and PHEVs by 66%.
Technically not cleaning the air as the title says, but still a major improvement.
There was a study [0] in Paris that demonstrates a signifiant positive benefit/risk ration of bicycling even in polluted air: the effect on physical and psychic health benefits largely outweighs (sometimes to x30) the risk of accidents and pollution disease.
My city attempts to promote cycling, but hasn't bothered to first take care of the problem with people heating their homes with solid fuels like coal dust and whatnot.
It's frustrating, because cycling during the heating season is not only unpleasant, but also unhealthy.
Some diesel engines can clean the air, but only if the air coming in is very polluted. They'll catch and burn particulates, and they'll chemically scrub NOx. This only applies if the air outside is very polluted, though
> You could, of course, sell or wind down your company, which would solve all problems outlined here. But this is not an option for most entrepreneurs.
For a software business, you could presumably:
- Incorporate a company in your country of choice
- Transfer subscribers from German company to new foreign company (depending on payments provider, this can be a massive effort, for example, not a simple form field in Stripe).
- If new company incorporated in a country you want to live in, use it to obtain an investor Visa
- German company now has 0 in revenue, wind it down and leave.