You can also spin up your own Bluesky PDS (the account server) since federation is live now, or your own appview (basically the feed display server that has most of the smarts) and point your app to it, or set up your own relay (CDN like server) and point your appview and even point feed generators to it (3rd party custom feeds are supported in Bluesky)
So if you don’t like the decision made by anybody else you can just replace them. And yeah, just like on Mastodon nobody’s going to use unmoderated appviews, subscribe to scrappy feeds, or federate with a PDS hosting only shitty people.
The biggest individual difference is that bluesky makes identity independent of the hosting server (via cryptographic keys) and makes content location independent of the hosting server (via content addressing).
And these features together also enable more efficient caching and propagation in the network as well as enabling features like custom feeds and 3rd party moderation tooling which works the same independently of which server you’re on. So Bluesky can give you a better global view of the network and more efficient communication between users on many different servers in the same thread.
Ironically enough, Jack’s other favorite place Nostr (which is built as P2P with repeater nodes) is also adding moderation tooling similar to that in Bluesky (labelers making use of the content addressing and account key ID) to flag stuff
Bluesky is open source and have a site for documentation
Splitting off identity means you can bail and take your friends and post history with you when a server either goes down, gets hacked, or if the admin goes insane, or if it gets freenoded (hostile takeover and impersonation)
On bluesky the closeness comes more from the personal connections plus the choice of feeds
Yes, there’s already some 3rd party reimplementations of both clients and PDS servers and feed generators (but haven’t heard of custom appviews yet). I don’t know anybody running an open PDS yet though, it’s mostly individuals running them
Ranked choice would actually let people pick both an independent as first choice together with the safe choice as second (and the bad choice dead last)
Not easy to find a new job with a new team working out as well as the old team, leaving together is hard to organize, establishing a new company with the group who left is waaay harder unless you’re a bunch of supergeniuses, and chances are you’ll just have to sell anyway due to lack of a PR machine and distribution channels like what the big publishers have.
Unless the small studio basically starts off as a co-op you devs don’t have much of a voice.
Keep in mind that because few residential users max out capacity simultaneously the ISPs “overbook” capacity, and usually this works out because they have solid stats on average use and usually few people need the max capacity simultaneously.
Of course some ISPs are greedier than others and do it to the extreme where the uplink/downlink is regularly maxed out without giving anything near the promised bandwidth to a significant fraction of customers. The latter part should be disincentivized.
Force the ISPs to keep stats on peak load and how frequently their customers are unable to get advertised bandwidth, and if it’s above some threshold it should be considered comparable to excess downtime, and then they should be forced to pay back the affected customers. The only way they can avoid losing money is by either changing their plans to make a realistic offer or by building out capacity.
When the oil industry doesn’t have to pay to clean up their externalities we already don’t have a free market. You break it you pay. Fixing the externalities by incentivizing better technology is at minimum a correction to the market.
Pushing a route also means that the network traffic will be sent over the same interface as the DHCP server instead of the virtual network interface. This is intended functionality that isn’t clearly stated in the RFC. Therefore, for the routes we push, it is never encrypted by the VPN’s virtual interface but instead transmitted by the network interface that is talking to the DHCP server. As an attacker, we can select which IP addresses go over the tunnel and which addresses go over the network interface talking to our DHCP server.
Ok, so double encrypted and authenticated traffic (TLS inside the VPN) would still be safe, and some stuff requiring an internal network origin via the VPN is safe (because the attacker can’t break into the VPN connection and your client won’t get the right response), but a ton of other traffic is exposed (especially unencrypted internal traffic on corporate networks, especially if it’s also reachable without a VPN or if anything sends credentials in plaintext)
Plaintext connections inside corporate networks can still be MITM’ed if the adversary knows what they’re targeting, while they can’t connect to the corporate network they can still steal credentials
I’m tech support so I’ve seen some stuff, sooo many intranet sites on internal servers don’t have HTTPS, almost only the stuff built to be accessible from the outside has it. Anything important with automatic login could be spoofed if the attacker knows the address and protocol (which is likely to leak as soon as the DHCP hijack is applied, as the browser continues to send requests to these intranet sites until it times out). Plaintext session cookies are also really easy to steal this way.
Chrome has a setting which I bet many orgs have a policy for;
Misinformation like multiple Israeli newspapers quoting Israeli ministers who spoke in public and checking it against other public information which you can look up
Jack Dorsey claims Bluesky is 'repeating all the mistakes' he made at Twitter (www.engadget.com)
Donald Trump says he'll revoke Joe Biden's protections for trans people 'on day one' (www.advocate.com)
EA boss thinks ads in triple-A games would be 'meaningful' growth driver (www.gamedeveloper.com)
What could help triple-A games get even bigger right now? According to EA CEO Andrew Wilson, the answer lies in ads....
Google employees question execs over 'decline in morale' after blowout earnings (www.cnbc.com)
At an all-hands meeting last week, Google executives responded to employee questions about declining morale even with financial performance improving.
FCC explicitly prohibits fast lanes, closing possible net neutrality loophole (arstechnica.com)
Federal judge indefinitely postpones Trump classified documents trial (www.cnn.com)
Don't forget to tip your doctor for a good service (lemmy.world)
Republicans are pulling out all the stops to reverse EV adoption (www.theverge.com)
Novel attack against virtually all VPN apps neuters their entire purpose (arstechnica.com)
Forcibly displacing Rafah civilians would be war crime, France warns Israel (www.theguardian.com)