I read it as you're not allowed to discard the more reliable source.
You are not allowed to discard the more reliable source, but you're excused from, and basically forbidden from, asking for more info or for info from third parties.
Readit Newsjdashg commented on System76 on Age Verification Laws blog.system76.com/post/sy... · Posted by u/LorenDB
jdashg commented on System76 on Age Verification Laws blog.system76.com/post/sy... · Posted by u/LorenDB
Rather than age verification, this is what we should be doing instead:
Don't let phone manufacturers lock the bootloader on phones. Let the device owner lock it with a password if they decide to. Someone will make a child-friendly OS if there is demand. Tech-savvy parents should be able to install that on their kid's phone and then lock the bootloader.
What about non-tech-savvy parents?
There should be a toggle in the phone's settings to enable/disable app installation with a password, like sudo. This will let parents control what apps get installed/uninstalled on their kid's device.
But what about apps or online services that adults also use?
Apps and online services can add a password-protected toggle in their user account settings that enables child mode. Parents can take their child's phone, enable it, and set the password.
----
All it takes is some password-protected toggles. They will work better than every remote verification scheme.
The only problem with this solution is that it does not help certain governments build their global mass surveillence and propaganda apparatus, and tech companies can't collect more of your personal info to sell, and they can't make your devices obsolete whenever they want.
We all demand Windows but without ads, but that doesn't cause the market to spit one out. The OS market isn't a healthy market, and government is stepping in here in part because of that market failure to provide a satisfactory solution here.
jdashg commented on California's Digital Age Assurance Act, and FOSS runxiyu.org/comp/ab1043/... · Posted by u/todsacerdoti
What a crappy law.
> Section 1798.500(e)(1) states:
“Covered application store” means a publicly available internet website, software application, online service, or platform that distributes and facilitates the download of applications from third-party developers to users of a computer, a mobile device, or any other general purpose computing that can access a covered application store or can download an application.
So… DNS servers are “covered application stores”, right? As is PyPI or GitHub or any other such service. S3 and such, too — lots of facilitating going on.
And I’m wondering… lots of things are general purpose computers. Are servers covered? How about embedded systems? Lots of embedded systems are quite general purpose.
edit: Yikes, whoever wrote the text of the law seems to have failed to think at all.
> (b) (1) A developer shall request a signal with respect to a particular user from an operating system provider or a covered application store when the application is downloaded and launched.
The developer shall request? Not the application? So if I write an application and you download it and run it on an operating system, then I need to personally ask your OS how old you are? This makes no sense.
> (2) (A) A developer that receives a signal pursuant to this title shall be deemed to have actual knowledge of the age range of the user to whom that signal pertains across all platforms of the application and points of access of the application even if the developer willfully disregards the signal.
Did they forget to make this conditional on getting g the right answer? If I develop an application used by a 12-year-old and the OS says the user is 18+ (which surely will happen all the time even if no one lies because computers have multiple users), and the OS answers my query, then courts are directed to deem that I have actual knowledge that the user is under 13? Excuse me?
2A just says that if the e.g. client request headers say the age bracket, the server (dev) can trust the reported age, but also shall not ignore it on purpose. No "just ignore the do-not-track flag" escape hatch here. "A bartender can't willfully refuse to check someone's ID if they are presented with it."
For incorrect OS answers, keep reading. 3B covers what happens if there's clear and convincing evidence that the age covered in 2A is inaccurate. (Reported profile birthday, for instance) This is "if someone shows a bartender a valid drinking-age ID but says they're celebrating their 17th birthday, this can't be ignored".
jdashg commented on Dan Simmons, author of Hyperion, has died dignitymemorial.com/obitu... · Posted by u/throw0101a
The Hyperion Cantos is a masterpiece which every scifi fan ought to have read, but I would like to recommend a lesser known title of Simmons for readers who have read at least some works of Charles Dickens (self-explanatory) and Wilkie Collins (such as The Woman in White or The Moonstone).
Simmons wrote Drood (2009), which takes these two classical authors and places them in a mystery novel. What struck me as particularly masterful is that Simmons managed to write his prose in such a way that as a reader you soon forget that this book was not written in the 1800s — his tone and style match that of Dickens and Collins so convincingly.
I read Hyperion and I found it... alright, just not my thing. Maybe it is indeed a masterpiece but "that every fan of sci-fi ought to have read" oversells it. I honestly can't conscion the time to read the rest of the Cantos versus other things on my reading list. Quality does not alone compel consumption! :)
jdashg commented on Trump's global tariffs struck down by US Supreme Court bbc.com/news/live/c0l9r67... · Posted by u/blackguardx
jdashg commented on Corporations Don't Have to Maximize Profits (2015) nytimes.com/roomfordebate... · Posted by u/speckx
This is true in a narrow legal sense, but when directors are given incentives to maximise share prices in the short term, the business culture says that is their duty to do so, that is what they will do.
It's also true in a moral sense though. Choosing "defect" rather than "cooperate" shall not be excused by game theory rationalization, appeal to popularity, or "just following orders".
> If you know in your heart of hearts that you didn’t put the work in, you’re undermining the social contract between you and your reader.
There's been a lot of social contract undermining lately. Does anyone please know about something that can be done to try and revert back? Social contract of "F you. I got mine" isn't very appealing to me, but that seems to be the current approach.
We literally have to be willing to get taken advantage of sometimes, and we have to come down hard on the "don't hate the player, hate the game" f-you-got-mine assholes.
It is not weakness, but strength, to make yourself (reasonably!) vulnerable to being taken advantage of. It is not strength, but weakness, to let bad behavior happen around you. You don't have to do everything, but you have to do something, or nothing changes.
We gotta spend less time explaining away (and tacitly excusing) bad behavior as unfortunate game theory, and more time coming down hard on people who violate trust.
Ante trust gladly, but come down hard on defectors.
And the GPU API cycle of life and death continues!
I was an only-half-joking champion of ditching vertex attrib bindings when we were drafting WebGPU and WGSL, because it's a really nice simplification, but it was felt that would be too much of a departure from existing APIs. (Spending too many of our "Innovation Tokens" on something that would cause dev friction in the beginning)
In WGSL we tried (for a while?) to build language features as "sugar" when we could. You don't have to guess what order or scope a `for` loop uses when we just spec how it desugars into a simpler, more explicit (but more verbose) core form/dialect of the language.
That said, this powerpoint-driven-development flex knocks this back a whole seriousness and earnestness tier and a half: > My prototype API fits in one screen: 150 lines of code. The blog post is titled “No Graphics API”. That’s obviously an impossible goal today, but we got close enough. WebGPU has a smaller feature set and features a ~2700 line API (Emscripten C header).
Try to zoom out on the API and fit those *160* lines on one screen! My browser gives up at 30%, and I am still only seeing 127. This is just dishonesty, and we do not need more of this kind of puffery in the world.
And yeah, it's shorter because it is a toy PoC, even if one I enjoyed seeing someone else's take on it. Among other things, the author pretty dishonestly elides the number of lines the enums would take up. (A texture/data format enum on one line? That's one whole additional Pinocchio right there!)
I took WebGPU.webidl and did a quick pass through removing some of the biggest misses of this API (queries, timers, device loss, errors in general, shader introspection, feature detection) and some of the irrelevant parts (anything touching canvas, external textures), and immediately got it down to 241 declarations.
This kind of dishonest puffery holds back an otherwise interesting article.
Did you played in this era ?
- If you were too good on some server, you'd get banned.
- If the admin doesn't know well cheating, he could tolerate something that was obvious cheating.
- Cheaters could just change server often.
It used to be easy to just ban peoples yes, and it was as easy to switch servers.
Plus on most competitive game today, you have custom lobbies, which do exactly what you want, and there is a reason why only a minority of players uses it.
I did indeed play in the era LanceH is talking about, and I agree with them! We had many thriving communities with no serious cheating problems because of community moderation.
Yes, there were poorly moderated servers, but you could simply leave and try a different community until you found one that clicked for you. When you require equal moderation everywhere, you throw the baby out with the bath water.
jdashg commented on CSS Unit Might Be a Combination oddbird.net/2025/09/23/ty... · Posted by u/speckx
Doing lot's of WebGL, I'm still surprised we don't have a way to describe things in native screen pixels, but rely on a mix of dpr [1] and using 4 corners of a DOM object [2] to calculate true size in relation to CSS pixels. Works great across all platforms, but still doesn't give true pixels in certain combinations of screen DPI and resolution. I understand why web has to be this way, but it still baffles me that such a basic thing is so hard.
[1] https://developer.mozilla.org/en-US/docs/Web/API/Window/devi...
Well unfortunately, the device pixel size of something does actually depend not just on the css size and dpr scaling, but also on position and iirc even potentially what else is on the page due to think like border and thin line dilation. Unfortunately that's just how css layout works in practice, due to pixel snapping and dealing with ambiguities in how to render thin or generally non-integer-sized elements.
There are two approaches these days though: https://developer.mozilla.org/en-US/docs/Web/API/WebGL_API/W...