What? Emacs is in fact a digital anarchism - complete opposite of religion. It's Kropotkin¹ with parentheses - mutual aid through package sharing, no central authority (even RMS can't dictate your config), and every user autonomously creating their own means of production. The 'religion' rhetoric is just subversive humor disguising a radical experiment in computational self-governance.
Where IDEs impose hierarchical workflows, Emacs says 'no gods, no masters, only defun' It's not a cathedral or a bazaar - it's an infinite commune where every buffer is a consensus decision you make with yourself.
——
¹ - Peter Kropotkin was a Russian aristocrat who said "fuck nobility" and became one of anarchism's main theorists.
Why isn't it front-page news on HN rather than being flagged? Is it just because Musk's "DOGE" is in the title? I think it's pretty significant that a number of agencies have handed root access to people who shouldn't have it and have made changes that could have significant unintended consequences. This is could end up being a case study in why you don't allow unfettered access even when ordered by the incoming regime (be it POTUS or CEO) because there be dragons and the new people don't know where they are yet.
LOL... wow! I thought the "national cyberattack" and the root override/hijacking was far more relevant than the connection with the organization which shall not be named which is nominally led by he who shall not be named.
It's very sad and a stark commentary on the current state of Hacker News that a post by Bruce Schneier on cyber security is still flagged over an hour after it was posted.
The flagging system has good intentions, but seems like it was designed assuming good faith behavior from users. It does not appear to be resistant to partisan brigading.
I think it's working as intended in terms of HN not being a place for partisan issues and discussion in the vast majority of cases. There's literally an automatic downvoting of submissions where the comment to vote ratio is too high. It's not the type of discussion HN wants or is intended for.
This is one of the unspoken assumptions of online communities, that will cease to be true, and lead to the implosion or imposition of rules on HN, which will lead to its fracturing.
There is no running away from certain conversations, especially when your information ecosystem is intentionally made partisan. The flavor of american political discourse is architechtured to achieve very clear rhetorical and emotional goals.
At best, HN can choose how it wants to handle the schism. For that everyone needs to realize it is coming.
> In the span of just weeks, the US government has experienced what may be the most consequential security breach in its history
Which is a ridiculous level of hyperbole and just factually not even close to accurate. Solarwinds, the 2014 OPM breach, snowden leaks, chelsea manning leaks, the DNC email leak, moonlight maze - there's a massive list of real, consequential security incidents that are nowhere nearly as bad as Elon and whatever his dumb team are doing.
The key words being "may be." The fact is that a bunch of kids working for an essentially unofficial department of the government were given root access to all sorts of systems with no oversight. We simply have no idea how deep the damage goes.
You seem to have a different definition of hyperbole to most people. I think everyone here understands the security implications of physical access to a server, the protocols that are usually put in place surrounding that and the reasons for them being there. The servers gave been compromised. We know that. To downplay the dangers of that surely makes someone guilty of the kind of misrepresentation that you're concerned about
There are so, so many posts on HN about this and they're getting flagged, I would guess, because people can see this content on literally any corporate news site or a million different subreddits, and there's not much value to it being on HN specifically, and the conversation around these topics is never interesting or productive. I flag it because for these reasons, and also I'm ridiculously tired of seeing 6 different posts about Trump and Elon every single day.
How many people on all those subreddits know what root access means, how many journalists havea technical understanding of what is possible with the access given to the DOGE team? How does that compare to the demographic on Hacker News?
There are any number of places people can talk about this but the same is true of literally anything that gets discussed here. What value does HN ever add? What's ever the benefit of sharing something here?
Personally speaking this is the number one place I want to see these conversations happen because I have a deep respect for the technical understanding of my peers here. It's disturbing that at such an important juncture in history so many people are jumping up to say "go elsewhere, there's nothing of value for you here."
Knowledge about the technical concepts means nothing if we're not getting real, meaningful information about what's actually happening. It's all rampant and unfounded speculation at this point.
No, common security practice would be to consider your servers compromised if an unvetted outside entity gained physical access to them. If this happened at your workplace you know that you would assume the worst because you would have no other choice. Everybody here understands that and so do you.
This is Bruce Schneier, talking about the event in the most technical, calm and even handed manner around.
I have been looking for such a post since last week!
And this is hacker news, the exact site that is absolutely about this. We haven't even gotten to the part where people see the actual code that has been slung around here.
Probably related to soliciting donations (See "Businesses that are prone to abuse by fraudulent actors" on that Stripe link)
A lot of payment processors do not like it when individuals (versus certified nonprofits) take donations. Because, well, it is more prone to fraud. It's a really easy way to cash out stolen credit card numbers. The systems are set up for a transaction, not a one way transfer of funds.
"taking the wife out on date night" sounds like the kind of thing a regular nonprofit wouldn't be able to solicit donations for. I have no reason to believe that the OP is not representing that honestly or abusing it, but Stripe is not going to care.
The first linked website (https://www.barnhardt.biz/) says (if I'm understanding it correctly) some pretty unkind things about the Pope regarding to his conciliatory attitude towards homosexuality.
Stripe's page says that their prohibited categories include "Businesses that engage in, encourage, promote or celebrate unlawful violence toward any group based on ... sexual orientation..." among other things.
Practically/realistically, there's also some content in the podcast that's going to make payment processors nervous. Even if made with best intentions, legal departments will worry eventually someone is going to end up sued or worse, and the company will be named. Even algorithmic filters are likely to class this as fringe/conspiracy. So regardless of what rule they're pointing at to cut the account, they may really just want to cut the risk regardless.
For context, some random excerpts from barely a skim that jump out and are going to raise eyebrows:
203: "we attack the topic of In Vitro Fertilization and break down how this grotesque process"
195: "part of what made the fires in Hawaii worse than they needed to be: the deeply-seated paganism of the natives who worship the volcanoes"
191: "it’s possible that “they/them” pronouns are favored among trans because of the demonic they/them legion possessing such poor souls"
187: suggests extracting and storing your own blood and taking methylene blue?
I don't have all the context, and generally I do support the author's right to expression, so I'm trying to be objective and kind here. But candidly, I'd have difficult to overcome personal reservations about partnering in business with (and in Stripe's case, since they take fees: profiting from) the content here.
I don't mean to offend anyone, just seems like an elephant in the room worth noting.
Stripe is a minimal to no vetting payment processor. A real merchant account will require contracts and pre-vetting that includes a review of your payment processing history and suitability to the rules of the card networks in question.
People blame the payment processors, and they can certainly be opaque sometimes. But perhaps fairer to lay most of the blame on the fraudsters.
I’m sure Stripe would love the revenue from this enterprise, but they can’t have it without making KYC as complex as banks and losing a lot of their value prop.
Are you producing podcasts individually for each person, and some subset of those people who receive a custom podcast tip you?
Are you charging money for your podcast to all listeners, and some subset of those people who pay for your podcast tip you?
If either of those is true, then your podcast production is a goods or service, and you should present that evidence to Stripe as they may have overlooked it. If you're just broadcasting the podcast and asking for donations, that's not going to qualify as "a monetary transaction in exchange for goods or services delivered to the buyer", since your goods/services are delivered regardless of whether transactions exist.
From a selfish bank standpoint, ask "How would a chargeback be evaluated for validity?". How will the bank's processes handle someone charging back their tip jar donation because you unknowingly say something upsetting on the next episode about their favorite hobby? Whether or not they grant the chargeback, you will end up terminating services with that bank.
I suspect this is why Patreon is constantly rotating card processors every few months: the banking chargeback system often refuses to cope with "payment without promise", unless it's a 501(c)(3) non-profit in which case the bank is paid in the form of tax breaks to deal with all this.
This also suggests that "Who is your payment processor?" is probably a trade secret for all existing tipjar/donation platforms.
Paying you for podcasts is legitimate when it's connected. You'd be fine if you did something like "support me by getting a lossless FLAC download here" and use Stripe or by providing your Venmo for peer-to-peer money transfer. But Stripe won't work well if you want to take contributions disconnected from service. i.e. there has to be a transaction for them to accept you.
The reason for this is apparent if you flip roles. It's an anti-chargeback mechanism.
It's probably because the actual payment/donation is not directly connected to the podcast production, but rather you perform the work elsewhere, and then ask people to go tip you. Other than in your head(s), there's no actual connections between the work and the payment.
You can't reasonably expect Stripe to just take your word for it, at the scale that they operate.
Do people get access to these things without sending you money?
edit: You can request to get paid EXTRA for a good or service you provide (a tip). You cannot request to get paid (in any way) while not providing a specific good or service in return.
So if I sell digital certificates -- a PDF that says someone donated to my little media side-hustle -- it would be all good? See that's the problem: nobody will tell me what I can do to come into compliance. And as for the banks: I have been paying my taxes for years and the bank connected to this account has zero issues with what I do and are happy to deposit checks made out to my DBA (and then charge me a fee for having a business checking account).
My recommendation to you would be to use a different platform that is designed for this exact purpose. Buy me a coffee comes to mind right off the top of my head but I know that there are sure to be others. Stripe is good for straight up e-commerce but it does not work well for your use case. I think the characterization of likening stripe to PayPal is way off base. When it comes down to using a platform like stripe for monetization of services and goods it really is important to rtfm. Good luck to you out there!
Make a few podcasts a month that are “members only“. You can make the links unlisted publicly, then just don’t get annoyed when they are shared for everyone by some nice member :)
Anyone who gives you money gets a membership, it’ll be minimum of $1, but it’ll be a “pick your own price” deal.
Honestly though, you could just use a better processor that isn’t such a behemoth that they hate their customers.
If the PDF only confirmation of payment it might be too similar to a receipt. I'd instead send the user a digital assets "In exchange for the $X I'm sending you a hand-drawn limited edition picture of my cat".
That said I know several companies that for years have used Paypal's donate button to run their whole company. It's seems arbitrary.
Sure, they pay $2 for a "digital sticker" or something.
> bank connected to this account has zero issues with what I do
Stripe is an intermediary and I would guess this has to do with anti-laundering rules. Your bank doesn't need to engage in this because they have access to everything you do with your money and has more ways to catch/stop you.
It’s not your bank, it’s payment networks and stripe’s partner banks. Visa and MC are notorious for being the de-facto arbiter of allowed businesses, they have extensive yet vague guidelines on what is allowed due to porn stuff a long time ago and their partners try their best to read the tea leaves to see if what they do is fine.
If they are making editorial/values based judgement on who they allow to process payments on their platform then it seems they cannot be immune under the common carrier defense and are liable for being sued for refusing to do business with lawful entities, no?
No, Visa and Mastercard aren't common carrier and they don't need a defense. Like any other business in America they can choose not to serve you for any reason or no reason at all (so long as it isn't the illegal discrimination of a protected class)
To be fair he's just gotten old and doesn't have his wits about him as even his writing sucks now. The NA podcast still merits the occasional listen, but Curry went evangelical and their community has become full of that particular breed of "patriot" that I don't like to associate with. I don't think they do either, but the irony (given their anti-advertising model) is that these types of folks pay their bills, so now they're stuck keeping them happy.
the show used to be good fun. general banter, silly conspiracy stuff. it started sucking well before Trump and then the election made it so much worse.
haven't listened in years but somehow i ended up with JCD as a connection on LinkedIn, so every time I log on there's some no agenda hot take in the feed somewhere.
Yeah I used to listen to them quite a bit back in the day but in the lead up to the 2016 election they became insufferable. There was one Clinton story in particular they kept bringing up so I went through their show notes to the source and sure enough they were mischaracterizing everything about it. I emailed John pointing this out and he emailed back with one of the most dismissive replies I've ever gotten.
"this is an excellent deep analysis that I credit the show for."
Wow, thanks John, I'm glad I have the show to credit for doing some basic analysis.
I called him out on having a chemistry degree but not understanding how the prospects of using hydrogen in steelmaking isn't some hippy-dippy, NWO bullshit, but actually a really awesome thing to work toward. Got the equivalent of a shrug and he told me to start my own podcast.
I think they mainly have an issue with idiots and hypocrites. They are fans of RFK Jr, Tulsi Gabbard, and lots of others; they also slam lots of republicans as well (for being hypocritical idiots).
The concepts of "Trump being a uniform piece of shit" and "Trump being the target of a weaponized judicial system" aren't mutually exclusive but he can't seem to reconcile that fact. I like to think it's because he has an appreciation for Trump's genuine skill at showmanship, but I tire of it.
There is inarguable value in the twice weekly media roundup that they do, so long as they stick with mainstream sources and stay away from silly medical blogs and Cuban ex-CIA guys. No one is perfect I suppose.
FWIW I don't think either of them are any sort of bigots, but sometimes old school chauvinists and maybe xenophobic in a way that makes you groan but not particularly offensive. I hear way worse daily on my university campus. It's the criticisms that they shy away from that make people irritated, I think.
How much of an "advantage" is it for manufacturing to solder the RAM chip(s) to the motherboard? Would it really take a lot more time and expense to install RAM that can be replaced/upgraded? This is the one thing that I wish I could upgrade on a lot of machines.
It would be far easier to force phone and camera manufacturers to “embed” a fingerprint in the photo than to measure every sensor.
Also these fingerprints in reality are very flaky and the higher the quality of the sensor the less of a fingerprint there is to work with.
The fingerprints are also dependent on specific operating conditions which can change with firmware and operating parameters (e.g. digital zoom / cropping) as well as environmental conditions such as light levels and even temperature.
Most phones do that for you anyhow. Unless there are serious defects in the sensor that would probably mean it would fail QA even for bargain bin phones the amount of “AI” post processing that phones do these days is probably sufficient to erase any sensor fingerprint.
Even with DSLRs and RAW files you often don’t get a RAW output from the sensor all of them do their own “color science” magic and other alterations like denoising too even on the rawest of the RAW settings.
RAW files today just mean that the files are uncompressed or the least compressed since there might be some compression/downsampling happening at readout anyhow and that you get a ton of metadata that can be used by a photo editing app to better work with the image.
The file, but not the image. Also easily removable, although companies have been clearly encouraged to make this difficult in mainstream software and to set maximal defaults. Probably doesn't take much encouragement, because the more metadata, the more automagic.
