It's the usual enshittification tactic. Make AI cheap so companies fire tech workers. Keep it cheap long enough that we all have established careers as McDonald's branch managers, then whack up the prices once they're locked in.
r00ty
joined 2 years ago
For mbin I managed to kill the attack of the scrapers only using cloudflare managed challenge for all except to fediverse post endpoints, from fediverse ua agents on certain get endpoints. Managed challenge on everything else.
So far, they've not gotten past it. But, a matter of time.
While I don't doubt that's part of the reason. I would assume ensuring only the microsoft key was used to create a trusted boot path to a clean windows install. At which point during the boot process these invasive anti-cheat engines take over and are then watching everything loading makes it a bit harder to cheat.
But I think there's a lot of hardware options available that could still remain invisible here. Maybe it makes software options close to impossible though. Not too sure, there's always inventive workarounds people come up with.
I always find it amusing the lengths people will go to, to cheat.. Just short of, learning to play the game better.
Yep. I entirely agree about the good points. I am just always weary about removing options like this, regardless of intention.
I'd be fine if for example I'm running my own wireguard implementation, I could choose the suite to use, not negotiate anything and ensure my client has the same configuration.
I'd probably not use it, but I like the option, and knowing that anyone that wants to try to break this now also needs to guess what options I'm running.
I only have one problem with this. When they say wireguard being crypto opinionated is a good thing. I am weary to agree with that statement entirely.
While it is good for stability (only one stack to support and get right, and to be secure and efficient) I do wonder about overall and future security. Saying "You must use this specific cipher suite because we think it's the best" is a bit of a dangerous road to take.
I say this just because Curve 25519 is considered a very secure elliptic curve, to the best of my very limited knowledge on this subject. But we had a certain dual elliptic curve pseudo random number generator was pushed as "best practice" (NIST backed) some time ago, which didn't turn out so well, even omitting possible conspiracy scenarios, it had known weaknesses even before it was recommended. [1]
Since then I've generally not been a huge fan of being given one option as "the right way" when it comes to cryptography. Even if it is the "best" it gives one target to try to find a weakness in, rather than many.
I say all this as a wireguard user, it's a great, fast and reliable VPN. I just have concerns when the choice of using other algorithms and especially putting my own chosen chain together is taken away. Because it puts the exact same target to break on every one of us, rather than having to work out how to break multiple methods and algorithms and multiple combinations.
I think it's a real shame because all three of those things you mention are useful. The problem is that once they become a buzzword, then everything needs to be done using that buzzword.
Cloud has been misused to hell and back, and I have no doubt AI will too.
I usually ignore these kind of trends. Just meet any required deadlines etc but don't engage too much. The vast majority will just disappear.
Specifically as a software developer I cannot see a good outcome from engaging with this trend either. It's going to go one of two ways.
1: It pans out sooner rather than later that AI wasn't the panacea they thought it was, and it either is forgotten about, or becomes a set of realized tools we use, but don't rely on.
2: They believe it can replace us all, and so they replace us all with freshly graduated vibe "programmers" and I don't have a job anyway.
I don't really see an upside to engaging with this in any kind of long term plan.
A lot of the large(ish) corporates are moving in this direction, including where I work. It's not unusual, I always liken large organizations to insects, just following where the others are going, and what they are doing. They don't really ever put much thought into their actions.
Well it's not a scam. It works exactly as advertised. But, just like in casinos, the house is always the winner.
I made a multi-threaded UK lottery simulator that draws 68 million lotteries per second on my machine. It shows the ROI on average is around 30% meaning the "house" (lottery company/government/charities) gets 70%. Here's the last line after 5.1billion draws:
Draws: 5,130,046,351. 3: 56,022,165, 4: 2,521,545, 5: 38,525 5+b 5,918 Jackpots: 113. Losses: 2,491,081,393. Cost £10,260,092,702, Winnings £3,058,100,000 ROI: 29.810%. 68,548,225.400 draws/s
Yes that means you will wait on average 45.4 million draws before you hit the jackpot.
In any case. You could implement the meme like the lottery and make money and I assure you, if you made the full info public people WOULD send you money and you'd keep the 70%..
Ahh, keyboard. How quaint!
Sure, but since per capita they can do pretty much a billion times more than me. Then, I think it should be "after them"
Well the posts to inbox are generally for incoming info. Yes, there's endpoints for fetching objects. But, they don't work for indexing, at least not on mbin/kbin. If you have a link, you can use activitypub to traverse upwards from that object to the root post. But you cannot iterate down to child comments from any point.
The purpose is that say I receive an "event" from your instance. You click like on a post I don't have on my instance. Then the like event has a link to the object for that on activitypub. If I fetch that object it will have a link to the comment, if I fetch the comment it will have the comment it was in reply to, or the post. It's not intended to be used to backfill.
So they do it the old fashioned way, traversing the human side links. Which is essentially what I lock down with the managed challenge. And this is all on the free tier too.