21
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 10 Mar 2025
21 points (100.0% liked)
TechTakes
1890 readers
70 users here now
Big brain tech dude got yet another clueless take over at HackerNews etc? Here's the place to vent. Orange site, VC foolishness, all welcome.
This is not debate club. Unless it’s amusing debate.
For actually-good tech, you want our NotAwfulTech community
founded 2 years ago
MODERATORS
exactly! and taking this shit seriously is why this overbearing shit sucks, especially when it’s theater or enforced for threats that aren’t realistic for your threat model. unlike some of these fuckers, we both actually intend to daily the devices we’re locking down.
oh I fucking hate this. it’s the same shit as forcing dark mode off/on as part of fingerprinting protection. not only is this the absolute wrong way to fix that shit, it’s pretty monstrous for anyone who needs dark mode or light mode to use their device in anything resembling comfort — your user may have a visual impairment or severe light sensitivity, and now they’re fucked cause the developers couldn’t accept a minor fingerprinting risk (and light/dark mode and smooth scrolling are both utterly minor, to be real)
motherfucker yes! the CA infrastructure is nowhere near usable for all cases and we all know it, but locking down the web and making development and self-hosting fucking annoying is the game for the browser vendors and Google in particular. to add to this: why the fuck is my browser acting like me not having a cert for localhost is a tragedy? why does the browser sandbox not allow certain shit unless I’m using https of all things to access localhost? where precisely is the fucking threat here? (I’m sure some well-paid security asshole at one of the browser vendors could snark a list of unlikely shit as reasons why local host needs to be treated as insecure with no toggle or dev tools option to treat it otherwise… and I just don’t give a fuck)
I’d love good secure boot! the one on PCs ain’t it at all, and unfortunately the secure ones tend to be used to lock out device owners from modifying what they own and implement shit like attestation that’s just there to violate your rights and make sure you’re not blocking ads, so unfortunately good secure boot might be incompatible with capitalism. for now though at least graphene seems to benefit from a secure secure boot chain that hasn’t been locked down yet?
100% correct