I don't understand why this would change any opinion on Bitwarden. Bitwarden offers an API and OneCLI calls the Bitwarden API. How does a 3rd party calling Bitwarden's API say anything about Bitwarden?
Edit: I can see on Bitwarden's site they also call out their support for OneCLI, so I suppose that looks like Bitwarden saying they approve of and recommend OneCLI. But I see recommending an open source solution as a lot less problematic than recommending any other random private startup solution.
How? Reading this it seems like only verified developers can skip this process. Most Fdroid developers won't be verified. I don't see where it says Fdroid would be exempt from this requirement. Would Fdroid be a verified developer?
The turfing with this topic is strong and needs to be called out. Reliable sources are crucial now more than ever. We cannot tolerate and promote botnets once they are uncovered.
The life of the owner of archive.is is directly threatened by the people they are ineffectively attacking back, so I'm not sure I can really blame them.
archive.org outright removes large numbers of pages, including political content; archive.is has edited a handful of pages to redact the doxxing of the archive.is owners.
True. archive.org complies with removal requests from site owners [1]. The problem is that the content most worth preserving is exactly the content people try hardest to get taken down. If archive.is goes down, and between the FBI subpoena and the Wikipedia ban the pressure is real, archive.org becomes the de facto monopoly in web archival. A monopoly that honors takedown requests is not a reliable record of history.
also, archive.org only verifies the current owner of the domain for takedowns. So if a site was hosting content, that content was archived the site then shut down and someone else acquired the domain, the new owner could request the removal of the old content.
The editing they do in self preservation is understandable, and far less wrong than having to kowtow to political pressure and private influence; archive.org is great, but unreliable in ways that archive.is et al are not. They're both very useful, in complementary ways.
I even think what archive.is did to their detractor was understandable - in poor taste, definitely black hat, don't do stuff like that, immature as hell, but hey, I get the human impulse that led to the bad decision, and I'm not gonna base whether I use the site or not on that.
Love it, what a great throwback, especially with the OST.
In Firefox is there a way to play this without FF popping up the search box on every key press? Maybe there's a way for the JS to override the default FF search functionality?
Found that this is a Firefox setting, maybe it's not (no longer) defaulted to on.
"Search for text when you start typing"
I have to say, I do like this setting enabled, but can see how it conflicts with the page. And let's be fair, how much time and I saving over having to press Ctrl+F when I want to search a page?
Maybe it's mostly from AI, maybe it's mostly general economic cutbacks. I also feel like these "wrapper" style SaaS products are the first ones companies are dropping when they are looking to cut costs, and I think a lot of companies are looking to cut costs. I do agree with the overall conclusion either way, that System of Record products/companies are the most likely to survive. There are a lot of SaaS companies with questionable long-term businesses who are getting hit, but that was bound to happen.
The stocks of a lot of these SaaS companies were priced on the expectation that they could become the next IBM: become entrenched with the customer and then hike prices until their eyes bleed.
A lot of companies have been too smart for that, and a lot of SaaS offerings are too small to be truly entrenched. Arguably the investment horizon is too short (IBM took decades getting to that point).
The only real vendors who managed to become the next IBM are the cloud providers.
I think it's a combination of budgeting, upward price pressure from the SaaS companies themselves, plus bringing things in-house through vibe coding, but there's another factor that I think is harming existing SaaS products. Many of them are becoming legacy solutions with AI bolted on top so they don't really feel that effective or next-level. The underlying tech might even be a generation older too - but the SaaS value-add is providing support, scaling, etc to maintain whatever some old tech that's still a requirement. At some point someone looks at all of these interconnected systems and just says 'start over'.
Vibe coding might not be supplanting all SaaS solutions but it's definitely shaking out "last-gen" solutions.
Analytical systems. I see a lot of add-on services that will add intelligence/analytics/etc and companies try them out to solve some issue they have and bounce off them frequently due to growing costs. I can only assume as mentioned that over time these are also easier for companies to in-house vibe-code as well, I just haven't seen a ton of that yet, but people are definitely trying which still shrinks the available pie.
I'm not sure when this policy was introduced, but fairly recently Jellyfin released a pretty major update that introduced a lot of bugs and performance issues. I've been watching their issue tracker as they work through them and have noticed it's flooded with LLM generated PRs and obviously LLM generated PR comments/descriptions/replies. A lot of the LLM generated PRs are a mishmash of 2-8 different issues all jumbled into a single PR.
I can see how frustrating it is to wade through those and they are distracting and taking time away from them actually getting things fixed up.
We've had these thoughts for a while, especially relating to clients, but that is exactly what prompted this - a huge number of pure-vibe-coded "fixes performance" PRs that have been a nightmare to wade through.
I have lately taken to this approach when I raise bugs:
1. Fully human-written explanation of the issue with all the info I can add
2. As an attachment to the bug (not a PR), explicitly noted as such, an AI slop fix and a note that it makes my symptom go away.
I've been on the receiving end of one bug report in this format and I thought it was pretty helpful. Even though the AI fix was garbage, the fact that the patch made the bug go away was useful signal.
The open for anyone PR model might be at risk now. How can maintainers be expected to review unlimited slop coming in. I can see a lot of open source just giving up on allowing community contribution. Or maybe only allowing trusted members to contribute after they have demonstrated more than passing interest in the project.
It has been at risk for a long time, now it is in doubt.
Think of a scenario like
Attacker floods you with tons of AI slop to make your overloaded and at risk of making mistakes. These entries should have just enough basis in reality to avoid summary rejection.
Then the attacker puts in useful batch of code that fixes issues and injects a tricky security flaw.
If there's not a lot going on the second part is hard to pull off. But if you ruin the SnR it becomes more likely.
KISS looks nice and I'll give it a try. This reminds me a lot of Kvaesitso launcher also on F-Droid, although KISS looks a little more minimal. They seem to have a similar focus though. If KISS is a little too bare-bones, but you want something still fairly minimal, I found Kvaesitso to be a good balance.
The main purpose of these launchers for me is to avoid using my phone mindlessly. I won't just see an app and open it for no reason. I need to make a decision that I want to use an app on my phone.
It's probably fair to assume that most of their other camera models are affected by the same or similar issues. It looks like they pump out quite a few models that I image have similar firmware.
This page[1] lists the C200 as last having a firmware update in October, but also lists the latest version as 1.4.4 while the article lists 1.4.2. It seems like they have pushed other updated in this time, but not these security fixes.
I looked at some older Zyxel products and came to the same conclusion a while back. There's a whole industry of labeling generic hardware as being part of someone's else ecosystem
it's a stretch to call it generic hardware, all of cheap cameras use similar hardware, but every few months there is a new version of chip which you need to adjust to. It's challenging to find an exact chip if you want to, because they get out of date faster than JS frameworks
Edit: I can see on Bitwarden's site they also call out their support for OneCLI, so I suppose that looks like Bitwarden saying they approve of and recommend OneCLI. But I see recommending an open source solution as a lot less problematic than recommending any other random private startup solution.