If they control the app they can read what they want anyways. If they are the end then E2EE doesn't matter.
Since doing so allowed them to see other data. Then they can use it for making offers that are as low as possible.
Basically it raises their bargaining power. They know how much you make now and will use that to scale their offer.
Capitalists will minimize costs. It is their job.
everyone knows that writing assembly is a fool's errand
I think this is misrepresenting the advice. I would argue the following:
- Writing your whole program in assembly typically won't result in faster code than C or Rust. This is because well-written, readable, maintainable assembly will usually be slower than what a compiler produces. Even if you try to be fairly clever the compiler will almost always do a better job unless you are taking the time to carefully profile every line that you write.
- The compiler will evolve over time, your hand-written assembly will not. So even if your assembly is faster initially you will need to revisit it as hardware evolves.
- Obviously you will need different assembly for every instruction set.
I don't think anyone ever said "don't try to optimize small sections of code you won't beat the compiler". Of course you can beat the compiler. But it will require significant upfront and maintenance cost to beat the compiler over time. That cost isn't worth it for 99.9% of code. But when applied judiciously it can be used for improvements where it matters.
The conclusion should be start by writing everything in a high level language. Then optimize your algorithms and eliminate performance bugs. Then once you have eliminated the low-hanging fruit consider spending the time to profile and optimize your hottest code in assembly.
I regularly consider doing this. Obviously it is great from a privacy perspective. But I hate dealing with cash, especially change. With cards I just have one thing in my wallet and it just works forever. My bank account is automatically charged at the end of the month. With cash I need to keep refilling my wallet and carry around annoying change.
I would love to have something digital but also private (like Monero). But so far I have been picking convenience over privacy.
This is sort of a scam though. Credit cards give rewards, but then charge the business for the processing fees. So the business needs to raise prices to cover the fees. So really no one is getting that 2% except for the card network. And if you don't use a card you lose 2%.
It is basically a protection racket. "It would be a shame if you didn't use our credit card and had to pay 2% more everywhere"
Yes, I know it is complicated. Handling cash also costs non-trivial amounts. I know that the EU has limits on fees (and that is why basically no credit cards have rewards there). I also know that some businesses see the fee as more of a marketing costs because higher spenders tend to use cards and people tend to spend more on cards.
Yeah, the nice thing about per-app is that you can configure it for each app separately. But I'll be honest that isn't something that I regularly do. If I am voice chatting with friends that will usually be a superset of what I want to send to a game's voice chat.
Instead of system wide PTT per-app you may consider some software that mutes your mic for all apps as PTT, then just leave the mic "active" per-app.
I don't know if a tool that will do this but on my mouse I have configured a mic mute toggle. So I push to start and stop. However technically I don't think there is any restriction to setting up PTT via this mechanism.
This is my dream. However I think my target market is smaller and less willing to pay (personal rather than business). However maintenance is low effort and I want the product for myself. So even if it doesn't make much or anything I think I will be happy to run it forever.
The ultimate dream would be to make enough to be able to employ someone else part time, so that there could be business continuity if I wasn't able to run it anymore.
There is definitely isolation. In theory (if containers worked perfectly as intended) a container can't see any processes from the host, sees different filesystems, possibly a different network interface and basically everything else. There are some things that are shared like CPU, Memory and disk space but these can also be limited by the host.
But yes, in practice the Linux kernel is wildly complex and these interfaces don't work quite as well as intended. You get bugs in permission checks and even memory corruption and code execution vulnerabilities. This results in unintended ways for code to break out of containers.
So in theory the isolation is quite strong, but in practice you shouldn't rely on it for security critical isolation.
where you have decent trust in the software you’re running.
I generally say that containers and traditional UNIX users are good enough isolation for "mostly trusted" software. Basically I know that they aren't going to actively try to escalate their privilege but may contain bugs that would cause problems without any isolation.
Of course it always depends on your risk. If you are handing sensitive user data and run lots of different services on the same host you may start to worry about remote code execution vulnerabilities and will be interested in stronger isolation so that a RCE in any one service doesn't allow escalation to access all data being processed by other services on the host.
Allowing showing different domains than the actual click target is wildly reckless and should be punishable.
"Oh but our poor advertisers want to use click tracking and it is too hard to set up on their main domain". Oh boo hoo, I'm sure if it is important to them they will figure it out.