Readit News logoReadit News
bloomca commented on SSL certificate requirements are becoming obnoxious   chrislockard.net/posts/ss... · Posted by u/unl0ckd
romaniv · a day ago
The web today is a rotting carcass with various middlemen maggots crawling all over it and gorging themselves on the decay. The only real discussion to be had is what to replace it with and how to design the new protocols to avoid the same issues.
bloomca · a day ago
What do you think is better? The web is indeed questionable, but it is literally the best we have, it is still reasonably simple to deploy a web app.

Desktop app development gets increasingly hostile and OSes introduce more and more TCC modals, you pretty much need a certificate to codesign an app if you sideload (and app stores have a lot of hassle involved), mobile clients had it bad for a while (and just announced that Android will require a dev certificate for sideloading as well).

edit: also another comment is correct, the reason it is like that is because it has the most eyes on it. In the past it was on desktop apps, which made them worse

bloomca commented on Google will allow only apps from verified developers to be installed on Android   9to5google.com/2025/08/25... · Posted by u/kotaKat
wvenable · 2 days ago
I predict Windows will end up going this route before Google backtracks on it.

This is the future; partially fuelled by malware, partially fuelled by the desire for platform control, and partially fuelled by government regulation.

bloomca · 2 days ago
Microsoft has way too much of legacy software people use, banning it all overnight will not go well at all. They understand that as well.

They tried to pull a similar move with WinRT/UWP, but nobody wanted it, so now you can continue with Win32.

They would love to do so, but legacy compatibility is a major business advantage.

bloomca commented on Google will allow only apps from verified developers to be installed on Android   9to5google.com/2025/08/25... · Posted by u/kotaKat
bloomca · 2 days ago
This is how macOS works, without a signature they will tell you they can't guarantee it doesn't have malware and you need to go to settings and choose to run anyway (and most people don't even know about it).

Microsoft would love to do that too, but it just has too much of legacy software to introduce such a major hurdle.

bloomca commented on Y Combinator files brief supporting Epic Games, says store fees stifle startups   macrumors.com/2025/08/21/... · Posted by u/greenburger
labcomputer · 2 days ago
Well, some of the permissions include things like “allow the app to track the user for advertising purposes”. There isn’t a technical way to enforce that with virtualization and sandboxing.

You can enforce it by booting misbehaving apps from the app store... but that only works if there’s one app store.

bloomca · 2 days ago
I _believe_ on macOS, if they revoke your certificate (the one you used to sign the app), the app moves into the "We can't verify that this app is free of malware" category, so in theory they can still do that.

But it is a nuclear option, and it would be a big deal if they did so for something "minor".

bloomca commented on Y Combinator files brief supporting Epic Games, says store fees stifle startups   macrumors.com/2025/08/21/... · Posted by u/greenburger
matheusmoreira · 2 days ago
> But people should also be able to get apps from whatever store they want.

This the answer. The app store monopoly doesn't really matter, the real tyranny is needing Apple's cryptographic blessing to run software on our own computers. This should be literally illegal. Restore our computer freedom and their app store rent seeking becomes irrelevant.

bloomca · 2 days ago
It's not just about that. I am sure if the court would force them to allow sideloading, they'll make sure to never promote your app if you decide to offer both options to the users.
bloomca commented on Y Combinator files brief supporting Epic Games, says store fees stifle startups   macrumors.com/2025/08/21/... · Posted by u/greenburger
zdw · 2 days ago
"much worse for customers" is relative. While in no ways perfect, Apple's walled garden gets rid of a huge amount of the enshittification found on other platforms, and makes it so that downloading a random app is relatively safe and unlikely to nuke your phone, steal your data, etc. Yes all the "allow access to location/photos/etc." are annoying, but at least the user has some level of control and consent.

I do agree that requiring specific platforms is a problem - we don't want a return to the IE6 or Flash-dominated eras where people who weren't on Windows were treated like sub-humans.

bloomca · 2 days ago
"Allow access" is pretty orthogonal, I don't know how it all works in mobile OSes, but I assume everything is virtualized there, so you can't just access whatever you want without user granting a permission (e.g. through a file picker system component).

You can also ship sandboxed apps on Desktop without the store (although I am not sure on how hard it is to auto-update them, usually stores handle that part), at least on Windows and macOS.

Stores handle storing the apps themselves and distributing updates, that part of the cost is real, plus they do manually review submissions (to some degree), but 30% is insane for that.

bloomca commented on Y Combinator files brief supporting Epic Games, says store fees stifle startups   macrumors.com/2025/08/21/... · Posted by u/greenburger
rootusrootus · 3 days ago
If there was more than a duopoly in smartphones, I'd say Apple should be able to have whatever horrible app policy they want, so long as it is clearly communicated to everyone including customers. Let the market decide.

But that's not where we are. I think it makes sense to treat both Apple and Google as de facto monopolies with respect to the smartphone market, and impose some regulation on what they have to allow and how much they can charge for it.

bloomca · 2 days ago
Is it allowed to charge more in storefronts which take these cuts? Why nobody does that?

What about Steam? Can a publisher sell a game for ~$45 in their store and $60 in Steam, or is it against some TOC?

bloomca commented on Is 4chan the perfect Pirate Bay poster child to justify wider UK site-blocking?   torrentfreak.com/uk-govt-... · Posted by u/gloxkiqcza
everdrive · 3 days ago
The free internet might be gone in the next decade. Probably time to buy a few hard drives and do some archiving. I don't just mean piracy. Articles, blogs, anything you find precious.
bloomca · 3 days ago
I think about the same. Right now we are at the normalizing the ID verification stage and banning specific content in certain countries/states, once we are desensitized, VPNs will come next, and then some government solution to track everything you do online.

They can go after hostings as well and everybody can take down a lot of things out of fear.

bloomca commented on Fundamental Flaw of Hustle Culture   brodzinski.com/2025/08/ai... · Posted by u/flail
GCA10 · 13 days ago
Wall Street and the big corporate law firms of NYC/DC have been championing extreme hours since the 1980s. Maybe earlier. So it's interesting to see the short- and long-term effects of this on people's lives.

Informal assessment here, re: how these versions of "hustle culture" have played out. First, people who can last a long time do make a lot of money. Second, the wipe-out rate is pronounced but not catastrophic. Yes, there's sometimes a price to pay in terms of bad marriages, early heart attacks, etc. but it's not so pervasive that everyone who chases all-out success comes up short. You can win at this game.

Third -- and this perhaps OPs best area for questioning: When you work 90-hour weeks, your judgment about picking the right projects goes to hell. You're the greyhound going round the track as fast as you can, chasing the rabbit that you'll never catch. Your rabbit-value assessment system doesn't exist. You just keep running toward whatever someone else points you toward. On Wall Street, a lot of marathon hours are spent trying to close deals that won't close. Or that turn out to have been identifiable mistakes/misguided obsessions.

I was chatting earlier this year with a former Big Law attorney who spent a frenzied year after Hurricane Katrina drafting blizzards of legal filings so that big insurers could dodge claims. Her work was valued enough that she (and her firm) got paid a lot and maybe even did landmark work. Nearly 20 years later, is that the career badge that you'll always feel good about?

bloomca · 13 days ago
> Nearly 20 years later, is that the career badge that you'll always feel good about?

Well, if the result work has negative connotations, you wouldn't even mention it (especially after 20 years). However, as you said:

> enough that she (and her firm) got paid a lot and maybe even did landmark work

At the end of the day, that's what mostly matters. Sure, some people believe in what they are doing and put insane hours, but most just do it for money. And if they manage to get a lot, then yeah, it was all justified.

---

> Second, the wipe-out rate is pronounced but not catastrophic

I agree with this -- people who are deeply invested in their projects are often already do the second shift. So if you are motivated enough, that's kind of the same, plus people can be in a position where they have no external obligations (often when they are young).

It is bad long-term, but for a relatively short term for many it is a decent gamble.

bloomca commented on Claude Sonnet 4 now supports 1M tokens of context   anthropic.com/news/1m-con... · Posted by u/adocomplete
wiremine · 15 days ago
> Having spent a couple of weeks on Claude Code recently, I arrived to the conclusion that the net value for me from agentic AI is actually negative.

> For me it’s meant a huge increase in productivity, at least 3X.

How do we reconcile these two comments? I think that's a core question of the industry right now.

My take, as a CTO, is this: we're giving people new tools, and very little training on the techniques that make those tools effective.

It's sort of like we're dropping trucks and airplanes on a generation that only knows walking and bicycles.

If you've never driven a truck before, you're going to crash a few times. Then it's easy to say "See, I told you, this new fangled truck is rubbish."

Those who practice with the truck are going to get the hang of it, and figure out two things:

1. How to drive the truck effectively, and

2. When NOT to use the truck... when talking or the bike is actually the better way to go.

We need to shift the conversation to techniques, and away from the tools. Until we do that, we're going to be forever comparing apples to oranges and talking around each other.

bloomca · 15 days ago
> 2. When NOT to use the truck... when talking or the bike is actually the better way to go.

Some people write racing car code, where a truck just doesn't bring much value. Some people go into more uncharted territories, where there are no roads (so the truck will not only slow you down, it will bring a bunch of dead weight).

If the road is straight, AI is wildly good. In fact, it is probably _too_ good; but it can easily miss a turn and it will take a minute to get it on track.

I am curious if we'll able to fine tune LLMs to assist with less known paths.

b

u/bloomca

KarmaCake day1701October 19, 2016
About
Software developer (mostly front-end). Also, Node.js, Python and Go for side-projects on the backend side.

seva.zaikov@gmail.com

https://github.com/Bloomca https://blog.bloomca.me/posts https://twitter.com/blooomca

View Original