Somewhat related, the hackers submitting a vulnerability disclosure to the companies are in a very “extortion-y” dynamic. I wonder how often companies get something like “pay us X amount or we let the world know today instead of waiting for you to fix it”.

That’s not illegal

What’s illegal is accessing a computer system without the authorization of the owners of the computer system. Technically speaking, port scanning the internet is illegal hacking, as you are not authorized to scan each port number on any of those machines. Ever find a random ip and give port 22 a few random tries over ssh to see if the root password is “guest”, you just committed a federal offense, because you were not authorized to access and attempt to login to that system. Is anyone going to report port scans to the fbi? Failed ssh loggin attempts? (Use a vpn/tailscale and don’t expose ssh to the internet anyway).

I often wonder where “knowing” someone’s password and “hacking” their social accounts falls in this discussion. You see or hear about it all the time. “So and so hacked my page” If you have someone’s FB login info and they have no idea that you do, you may have permission to access FB, as everyone does if you accept their TOS, but you don’t have the account owner’s permission to access their account, and if FB knew it wasn’t the account owner, they would not allow that either. So if they don’t allow that, you’re likely violating their TOS, and no longer allowed to access their systems, so maybe it could technically be able to be prosecuted as illegal hacking, idk.

I’m sure there are newer equivalents to what I’ve listed. I’ve been using those programs for years.

Some jumping off points

https://github.com/jaywcjlove/awesome-mac

https://formulae.brew.sh/analytics/cask-install/30d/

I misspoke

> System Integrity Protection (SIP) in macOS protects the entire system by preventing the execution of unauthorized code. The system automatically authorizes apps that the user downloads from the App Store. The system also authorizes apps that a developer notarizes and distributes directly to users. The system prevents the launching of all other apps by default.

https://developer.apple.com/documentation/security/disabling...

I was thinking of this https://eclecticlight.co/2020/06/25/big-surs-signed-system-v...

Huge difference between working fine, and working right. The security implications of rolling your own, is why I say “you don’t want to…”

Also, none of that code has anything to do with the product you’re actually trying to build. Imo it’s additional maintaining, tech debt, attack surface, and it’s a solved problem by a large community and has more knowledge from the security community baked in, and more eyes finding and plugging holes.

You don’t want to deal with processing a raw http request from the web server. You don’t want to split headers. You don’t want to sanitize input params, deal with character encoding, content types, gzipping, cache control, etags, basic authentication, flushing headers, chunking bodies, file streaming, tcp sockets, slow client avoidance, and probably 1000 other things I can’t recall.

No matter how unnecessarily complex you think a http framework might be, I assure you, it’s saving you from a mountain of already solved by people smarter than you or I complexity.

My favorite is when a full react site loads up, doesn’t have error boundaries, hits some unimportant js exception, and the entire page that was fully rendered and ready to go just pops out of existence and you are looking at a white page. That doesn’t seem like forward progress at all.

This is the problem with the original comment, it’s way to vague, or I’ve failed to make sense of it.

Not defending TikTok but there’s a wealth of public real time data from not just the US, but the entire world, some public api calls or scraping scripts away. Tiktok isn’t any more invasive than any other social media post, many of which are public and anyone in any country who wants to use the data can do so easily.

What trove of intelligence is being gathered by self obsessed videos of people mouthing a clip of some song or inspirational talk while begging for attention in the form of likes and follows?

I haven’t seen any sign of intelligence on TikTok that they even could gather lol, and if anything the app’s purpose isn’t to spy on us, it’s to make us dumb, inattentive, mindless consumers who all fight over everything and can’t compromise or work together.

My dad literally comes home from his job and scrolls TikToks of increasingly radical political rants and half naked chicks before inevitably passing out in his chair, phone in hand, mouth open, and whatever TikTok was on screen when he fell asleep playing on loop until he jerks awake or the phone dies. He’s not unique. So much of people’s lives are wasted on social media and it does them no positive

> At Apple things have gotten way worse. Trying to automate release building is practically impossible and will require hours or CI pipeline debugging with error messages that don't mean what they say.

This isn’t Apple’s fault… every build system sucks up a decent amount of time during initial setup. You can cut down massive amounts of time between iterations by adding some common optimizations:

1. Cache artifacts when that step or job succeeds, so if a subsequent step/job fails, you can adjust it and start up where you left off, using the caches artifact to restore the workspace state. This complicates debugging efforts and I personally don’t do any optimization until the pipeline is reliably green each time. I just deal with slow builds and switch to other stuff or work ahead while they run.

2. Fail fast. The CI run should bail out if any critical steps don’t pass, so anything further down doesn’t run for no reason, burning compute time and delaying queued jobs waiting for a runner. While developing the pipeline, watch the logs and when you see something you don’t like, slap the cancel button, or collect a couple things you need to change and iterate with passes with 2-3 changes.

3. Use adequately spec’s hardware. Xcode is resource heavy and compiles need plenty of memory and cpu cores. Play around with what is a good compromise between power and cost. See if your project builds faster with more cpu cores, or faster cpu cores, etc.

4. Cache build dependencies. Mac builds have cocoapods or something close to that, and whatever that package system pulls down can be reused between builds, just remember that cache issues are a pita to spot, reproduce, and regression test, so I’d again not add this in until you’re green.

5. Write your pipeline steps in a regular bash script. Then make your CI jobs and steps just execute the shell scripts. This allows you to develop them all locally, executing the script/step you need and then CI becomes just a wrapper to glue it all together and do some caching and optimization. The more of the process you can work on locally the less you have to run on CI and wait for. Once the scripts are all working locally, wire them into CI and see what breaks. ProTip: whatever breaks on CI due to missing software, deps, configurations, is going to break for any new hire engineer trying to get up and running, so document those things and make sure your getting started readme has them, and you’ll make new hires onboarding suck less :)

As for useful error messages, or lacktherof, I’d like to introduce you to programming, we’ve been waiting for you ;) but for real, useful error messages are the rare exception, and many apis are this way. That’s not to say it’s ok, but you kinda gotta learn to work around it. I’m sure there is enough context to point you in the right direction. Also, the errors might be from random pieces in your build pipeline and not necessarily from the actual Xcode build, so make sure you know what is erroring in addition to what the error is trying to say.

> At least Googles process is quite simple and can be dockerized.

One man’s simple is another man’s “practically impossible”. Simple comes from familiarity/exposure which builds knowledge and confidence. Anyway, you can totally run your builds in docker if you want to, and many do, but I’d personally not introduce more complexity until you have your pipelines running the slow way with the least amount of mental modeling to do. Once you know it all works, then have a go at running the build you know is good, inside a docker container (which in this case is just packing up kvm/qemu/libvirt to facilitate the running of a vm back on the host, but it means you can run mac containers on Linux runners, which will be much cheaper than Mac runners since those are usually Mac hardware)

https://github.com/sickcodes/Docker-OSX

> Also why do I have to pay Apple $125 a year when it costs $100 in the US? The exchange rate from CHF to USD should be in my favor.

Couple theories. 1. They have additional processing or tax expenses when dealing with your currency which they aren’t going to eat the cost of. 2. The higher price could be to deter abuse if for some reason there is an abnormal amount originating from accounts who pay with that currency.

It’s pretty weird to me that many folks view the people in our past as being unable to be intelligent near or on par with today’s levels. These people were not hypnotized by hallucinations, that’s saying they were not smart enough to even have a thought that they could understand it came from themselves. Yet they were smart enough to develop pulleys and create pyramids, or many other wonders of the world. Things we literally do know how they weee able to do at that time in the past. Things that none of our modern structures will outlast. Things that took understanding of complex subjects, capacity planning, raw material refining, site surveying, astronomy, physics, math, weather patterns, etc.

I wonder in 12k years if humans will look at us and say we were incapable of knowing that our thoughts were ours and lived in a hypnotic state viewing our thoughts as hallucinations. They couldn’t possibly know for one. And also, doesn’t that seem like a odd way to view people who accomplished things we still don’t fully understand?

https://www.ncbi.nlm.nih.gov/pmc/articles/PMC2772257

He couldn’t have been dead, not if he’s here talking about it.

I can’t remember what culture it was but there’s evidence of primitive batteries in pottery. Long before electric. That is odd no?