It doesn’t change directions during war. It always faces the olive branch, to show a commitment to uphold peace during peacetime, and a hope to return to peace during wartime. But the arrows are always held, as a symbol of the capacity for force when necessary. Maybe it used to switch sides? But it has always faced the olive branch since at least the end of WW2.

That “it has always faced the branch” thing is a large part of why the branch being absent is so jarring. Now it’s just facing… An empty foot? And it is extremely concerning, because it shows a marked shift in imagery from the regime. They’re not just posting dog whistles and pretending they don’t know… They’re actively abandoning established symbolic images in favor of more aggressive ones.

Sorta like how people complain about bots scraping Lemmy, even though federation already exists as a standardized protocol for distributing data. Like any scraper who wanted to efficiently scrape Lemmy would just spin up their own instance and let federation do the scraping for them. It would even have the added benefit that they could set their server to ignore delete requests, so deleted posts/comments wouldn’t get automatically removed from their server. And then they could scrape as much as they wanted without impacting anyone else.

But they don’t want to do that, because it would require the smallest modicum of forethought. They don’t care that scrapers are trashing the Internet and causing massive bandwidth issues for hosters. They just want the data, and they want it now. All of those “bots are flooding my server and eating all my bandwidth, so legitimate users can’t actually access the site” complaints are for other people.

Is it though? I’ve been saying for a while that direct device verification is the way to go. It would allow for systems that maintain privacy, while also allowing lawmakers to say they’re protecting kids (and enabling parental controls by default, which is important when many are basically tech illiterate). But that wouldn’t help the big tech companies harvest your data, which is why they haven’t lobbied for it. Instead, lawmakers have been pushing the worst form of age verification, which requires all kinds of privacy violations every time you want to jork it.

Lots of the criticisms will eventually start sounding like seatbelt law opponents. Lots of “it should be optional, if you want to do it that’s fine but don’t force me to, I feel safer without it, it’s each individual’s responsibility and shouldn’t be mandated, etc” types of arguments.

The problem with the current implementation is that it isn’t done privately. There are several ways to do secure and private age verifications, where your device never passes your browsing history off to the government, and the individual sites never get your personal info. But lawmakers have been lobbied by companies who want to insert themselves as the age verifiers to skim your data. So the current laws being passed are written in such a way that they’ll result in massive privacy violations.

If opponents truly wanted to prevent privacy violations, they would be devising ways to get lawmakers on board with secure age verification. That way the laws would actually reflect best practices, and wouldn’t just result in less privacy. But they’re still trapped in the knee jerk “but my privacy” reactions, which shuts down any further discussion and leaves the door wide open for lobbyists to write and pass whatever legislation they want.

Step 1: Make a small, basic app. Include lots of in-app purchases for no reason.
Step 2: Use dirty money to buy those in-app purchases.
Step 3: Receive washed money from the App Store, minus the ~20% commission that the store takes.
Step 4: That’s it. You’re done. You’ve successfully laundered money in the App Store.

Do you think the EU is immune to money laundering? Because that’s what KYC laws are meant to prevent. The EU absolutely has KYC laws to prevent money laundering.

My (admittedly limited) understanding is that the ID requirements aren’t entirely their fault. Know Your Customer laws have started requiring things like IDs, so it’s likely that lawmakers are to blame for that gripe.

Still happens in the US, sadly. The EU forced them to allow sideloading, but the US version of iOS still tries to prevent it.

You’re correct. Pihole works at the DNS level. Since YouTube hosts their ads on the same servers that host their videos, blocking the ads with DNS would also block the videos. Which I guess it technically works to block YT ads, but that’s a little like saying “set a man on fire and he’ll be warm for the rest of his life.”

I agree with you on that. My original point was simply that expecting every single parent to run their own blocking isn’t feasible, nor effective under real world situations.

And a proxy site doesn’t require installing third party software.

I’ve been saying for a while that we should start presenting lawmakers with secure ways to do age verification, instead of relying on lobbyists to do it. Lawmakers will inevitably pass these kinds of things, so at least make sure the groundwork is there for it to be done securely instead of just bitching about it when Meta lobbies to be the third-party age verification system.

Have the government set up a database with every single name, DOB, ID number (SSN, for the Americans), and a password that the individual has set up on the provided site. Then have them use a known hash for each one, essentially turning the password into a salt. And the hashes can be stored in a simple database that determines whether or not someone is old enough.

Next, the device hashes the user’s inputs for name, DOB, ID number, and password. If you want to require an ID, that photo can be verified directly on the device, because even phones are powerful enough to do things like OCR nowadays. Now the device sends that hash directly to the government, and asks “hey, does this hash match someone who is over {age of majority}?” The government’s system automatically responds with a simple yes/no.

Your device can now automatically respond to any age verification checks, so there’s no need for individual sites or apps to ask for your personal info. They can simply ask your device, and your device can respond automatically. The user never even needs to see an “are you over {age}” prompt, because it all happens before the site or service even loads.

It’s essentially the same idea that Tor uses, where routing your traffic through three nodes helps ensure security. The first node (the site, in this case) only gets the verification from your device. The second node (your device) can keep your info entirely on the device, so it never needs to send it to any third party. And the third node (the government) never sees your browsing data. The only device that actually sees both your personal info and your browsing data is your device, which you control. You didn’t need to send a third party any extra data about yourself to verify every individual site or service. Everything about your info stays entirely on your device. And the government didn’t get any of your browsing info, because the device was simply asking if you were old enough to be verified.

For shared devices (like desktops) this could be done on an account level. Same basic concept, except the “is over {age}” flag could be set on the user account. “But my privacy” folks start to rabble about this, (because it usually implies something like a Microsoft account) but I can guarantee Microsoft already knows roughly how old you are. So parents can log in with their verified account to watch porn, and kids will get unverified accounts that redirect them back to a “hey it looks like you’re unverified. If you’re old enough to view this content, here’s how to verify your device” page.

For parents, protecting your kids is now as simple as refusing to verify their devices/accounts and protecting that password (so they can’t just use your info to verify themselves behind your back). Hardware verification can be done securely.

Exactly. There are so many people in this thread who really seem to underestimate how much time and effort it actually takes to keep kids from playing the games their peers are playing. Keeping a teenager from looking at tits is a full time job by itself, which would require all kinds of invasive privacy violations. As the old adage goes, the strictest parents make the sneakiest kids.

but free ones really suck IMO

Kids don’t care. They’ll use whatever is available. Free ones are almost undoubtedly collecting and selling your browsing info too, but kids won’t care about that either. Now your attempts at blocking them have made their browsing less private.

and they aren’t very obfuscated so they can be easily blocked too

And now you’ve fallen into the whack-a-mole trap, which is exactly what most parents don’t have time for.

there are methods to detect VPN traffic so that could be blocked too

Methods available on residential ISP-provided modem/routers? That’s the only “networking gear” that most households have. I think you may be falling for the Average Familiarity trap.

If you wanted to go ballistic you could even set a whitelist of services and everything else gets blocked

Sure, and your kid can just buy a cheap prepaid SIM card to keep under their mattress. Data plans are stupid cheap, and kids are resourceful. Hell, I can walk down to the corner store and buy an entire android phone for like $50. Will it be a good phone? Fuck no. But it’ll get access to the internet. And if a neighbor or nearby business has unprotected WiFi, I don’t even need the prepaid SIM card.

If you’re trying to stop a 14 year old from looking at tits, you’re already in a pitched battle against an opponent who will never run out of determination. My original point was simply that parents don’t have the time or resources to constantly play cat and mouse with whatever kids are using to jork it. There are entire private companies and government departments with hundreds of full time employees who specialize in parental controls, and they still struggle to keep up. Parents who work full time (and who probably aren’t tech literate enough to do anything more than click the “Enable AdGuard” button when setting up their router, if their router even supports AdGuard) simply won’t have the time or resources.

Hah, I typoed. Fixed now. I shouldn’t comment before I’ve had my coffee.

Yup, I’m also squarely in the “good for them, it doesn’t really affect me in the slightest and they deserve to feel safe” boat. But I also have a sneaking suspicion that the guys like us aren’t the ones who would be upset about this. The Venn diagram of “men who wouldn’t get angry about this” and “fucking creeps” is probably close to being two separate circles.

It takes a pretty smart and determined kid to get around network controls

Proxies and VPNs exist for a reason. If the entire country of China can’t keep up with the number of VPNs and proxies poking holes in their Great Firewall, what makes you think individual parents have the time to do so? You never used a proxy site to access blocked content on a school computer? It doesn’t take a high degree of technical skill. You just google “proxy site” and paste whatever URL you wanted into the site.

Long story short? You should kill the container and change your related passwords/API keys. The dev tried censoring it for a while, but couldn’t keep up with the posts. They eventually nuked the entire sub and deleted their Reddit account. They also privated their GitHub and changed their username.

And the lead dev for Huntarr said they were following best practices, and had a heavy background in cybersecurity. And we’ve all seen how that turned out.

This change 100% smells like vibe code. They refactored nearly 15k lines of code in a single push. That’s not something you just do on a whim without a team of full time devs or vibe coding. And we know they don’t have the former, so it is almost certainly the latter.

There’s a massive difference between “using AI to write code” and refactoring almost 15k lines in a single push.

The “best” uses of AI in coding are for small blocks. You don’t just tell it “I need a program that does X, Y, and Z” because that will (at best) result in horrible code. Instead, it’s best practice to use it for small blocks of code, where you tell it something more akin to “I need a function that takes {a} as a variable, does {thing}, and outputs {x}.” That way you’re not using it to generate giant swaths of code all at once, you’re just using it to generate individual functions that you can then use as needed.

But it also means that the “most skilled” (as you put it) programmers are basically putting themselves in a permanent debugging seat instead of working as a developer. And in many cases, debugging code can be just as (or more) difficult than writing the initial code. It’s also why senior devs exist to audit code from junior devs, because it’s assumed that junior devs will inevitably make mistakes that need debugging, or will make code that clashes with code from other junior devs. And it’s the senior dev’s job to ensure that the code is both functional and integrated properly.

And this “adding 15k lines of code and ripping out 10k lines” push smells a lot like the former “write me a program to do {thing}” usage.