I replaced LG's ROM with CyanogenMod back in the day, and it was such a smooth experience. The main reason I moved on from it was because I cracked the screen and the replacement screen I got (installed by a local repair shop) had a touch sensitivity issue along the top edge.

From the first sentence of the featured article:

> If you’re using Windows or macOS

Also, Microsoft has attempted to reign in and standardize app developers on numerous occasions over the past couple of decades, and their failure to do so doesn't impact my statement regarding the direction of app development in general (or the weaknesses of people doing whatever they want on Windows).

Your shadow IT example is perfectly valid, and also isn't a 1:1 comparison with a company doing it automatically for a much larger number of external users.

That is specifically what I was talking about.

> (Because it seems Adobe's server serving the analytics image checks the request origin and only serves the image if the origin is Adobe's own website.)

It's additional complexity on the server side, per a Reddit comment on the topic: https://old.reddit.com/r/webdev/comments/1sb6hzk/adobe_wrote... The example curl commands given seemed convincing to me, although they also demonstrate that you can fake the origin pretty easily on the client side.

> 3. After the change, any external caller can dial a certain sequence to get a message of "Yes, this office was serviced by Adobe Janitorial!"

Theoretically, it's not "any external caller." Only the janitor's department calling in can dial that sequence and get "Yes, you serviced this office!" If anyone else tries to dial the extension, the desk-phone pretends it doesn't know what it means. (Because it seems Adobe's server serving the analytics image checks the request origin and only serves the image if the origin is Adobe's own website.)

The origin "security" doesn't excuse the complexity and the potential for both exploits and human-error breakage in the future.

Do you really not see scripted editing of shared system-wide text files as a step back compared to the general containerization that app development has moved towards? This sort of approach would be explicitly incompatible with sandboxes. Adobe can only get away with it because they're already very entrenched with their own app store on their users' machines.

People editing hosts files for other reasons was normal (a long time ago-- and it stopped being normal for valid reasons, as tech evolved and the shortcomings of that system were solved). A program automatically editing the hosts file and its website using that to detect information about the website visitor is not the same thing; that usage is novel and was never "normal."

There already is one. It just asks the user whether it's okay before it tells the website, as you acknowledged: https://news.ycombinator.com/item?id=47664546

What you're arguing for is not good UX. It's lack of user privacy & control. You just think you're being hip or whatever for being blasé about it.

This is not an approach any other app on any platform has historically used, and it doesn't seem sustainable if every app you install has to modify your hosts file to use a hack like this to detect whether it should handle files or not.

If you want the browser to be able to give the OS a file handler and have the OS present an option to install the app if it's not installed, that should be handled at the platform level, not on the website using a hack like this.

Why can a file not simply be downloaded with a page displayed showing a link to install the app and also instructions to open the file, trusting the user will know if they already have it installed? At best, you're talking about a very small UX optimization. Emphasis on the "kinda" in "kinda important."

By this logic, it's useful to know whether something was LLM-generated or not because if it was, you can more quickly come to the conclusion that it's LLM weirdness and short-circuit your review there. If it's human code (or if you don't know), then you have to assume there might be a reason for whatever you're looking at, and may spend more time looking into it before coming to the conclusion that it's simple nonsense.

> This is also kind of a moot point either way, because everyone can just trivially hide the fact that they used LLMs if they want to.

Maybe, but this thread's about someone who said "I'd like to be able to review commits and see which were substantially bot-written and which were mostly human," and you asking why. It seems we've uncovered several feasible answers to your question of "why would you want that?"

> Based on current internal deliberations, the company could launch its first touch-screen Mac in 2025

Even if it didn't come to pass, just a few years ago is a more relevant leak than the every-year-since-the-iPad-released "rumors."

Outside of your one personal project, it can also benefit you to understand the current tendencies and limitations of AI agents, either to consider whether they're in a state that'd be useful to use for yourself, or to know if there are any patterns in how they operate (or not, if you're claiming that).

Burying your head in the sand and choosing to be a guinea pig for AI companies by reviewing all of their slop with the same care you'd review human contributions with (instead of cutting them off early when identified as problematic) is your prerogative, but it assumes you're fine being isolated from the industry.

This example seems weaker than the asteroid example. Consider that if you're betting "loudly enough" it won't get merged, the less likely option becomes the malware actually being merged. Now you have a repo maintainer who can bet that it'll get merged (probably a more lucrative bet since it's less likely), and merge it to make money from that bet.

That's fine, but it needs an enforcement mechanism, or we're back to where we currently are ("click here if you're 18").

> It would be easy enough to push a rating to clients, they could even use HTTP headers for it. If lawmakers really felt the need to interfere in all of our operating systems it could require some means to collect and act on those ratings.

I would completely agree it seems reasonable at a glance to have websites push ratings and have the enforcement be done e.g. at the web browser level (with the web browser knowing how to enforce based on the OS's supplied age bracket), rather than making websites read the age bracket and act on it directly. Although it does still run into questions about how you handle websites with content from multiple brackets (like Reddit or X)-- what's the UX supposed to look like if a child attempts to access adult content on one of those platforms? If the platform can't know what's happening (due to your privacy/safety concerns), then you're limited to the web browser entirely breaking the interaction or somehow redirecting them somewhere else.

I understand the point you're making, but in this case, you're still incentivizing someone somewhere to not attempt to the best of their ability to intervene in that astroid. Bets that truly can't cause any change in behavior that might affect the outcome are a mostly theoretical category, in my opinion.

The stock market is 100% optional to participate in, and every broker tells you (is legally required to tell you, in fact) that you should go in with the expectation that you're going to lose money. That didn't stop whatever forces have made them essentially required to plan for the normal life stage of retirement these days.

No, but it's a framework that would allow other laws to do so. Because...

> it's not as if they had no idea the children endlessly posting selfies and posting "six seven" on their service weren't adults.

...you can make statements like that which sound like common sense, but it would be incredibly hard to regulate based on "if you know, you know" (or "you should have known"/"you had to have known"). The law has to provide (guarantee) a way for them to know in order to actually require them to take action based on it.

> As a parent, I might think that my 16 year old should be allowed to look up information on STDs but the websites that collect my child's age could decide they can't

This is a different problem. It sounds like you're essentially wanting to guarantee access to certain things, not just for your own 16-year-old, but for everyone else's, too (because if it was just yours, you could look it up for/with them if necessary). It'd be difficult to compel businesses to provide services to audiences they don't want to. But again, that's a separate problem that doesn't necessarily conflict with the rest of the system.