Correct. If you can always either fix it forwards or roll back, which you should be able to unless you're building software that needs to go out in releases with versions tracked separately that need to keep getting fixes, trunk-based development simplifies everyone's lives greatly.
I've never seen an organisation that insists on release branches and complicated git merge flows to release their web-based software gain any actual benefit from it that isn't dwarfed by the amount of tooling you need to put around it to make it workable to the dev team, and even then, people will routinely screw it up and need to reach out to the 5% of the team that actually understands the system so they can go back to doing work.
I've done branchy development to good effect for user-installable software, where we committed to maintain e.g. 3.2.x for a certain time period, so we had to keep release branches around for a long while.
But for continuously deployed SaaS or webapps, there's no point.
I've worked on software where we had multiple maintained release branches and we always just worked off master and then cut long-lived release branches from master at some point. Once a branch was cut we'd never merge master into it again and instead backport just specific fixes, which is quite different from git-flow.
Well in that case it sounds like you're shipping multiple versioned instances of your software for different clients, which is much closer to shrink-wrapped software than it is to e.g. gmail.
Baseline requirements are not an imaginary problem. All of them have a legitimate reason for existing. You could argue that some "are not that big of a deal", but that's exactly the point, the overbearing and overly specific requirements serve both their own purpose and double as Van Halen's "no brown M&Ms" clause: if the CA screws them up, either by malice or incompetence and doesn't immediately catch them and self-report, then you know they have no way of telling what other things they are screwing up. And if you're in the business of selling trust, that instantly makes you untrustworthy.
There are countless Bugzilla reports of clearly unprofessional CAs trying to get away with doing whatever they want, get caught, say "it's no big deal", fail to learn the lesson and eventually get kicked out, much to the chagrin and bewilderment of their management, irate that some nerds on the Internet could ruin their business, failing to understand that following the scripture of the Internet nerds is the #1 requirement of the business they chose to run.
Yes. Brown M&M tests are exactly what's called for here. You want a strong psychological urge to obey rules just because they're rules. There are roles where this isn't the right thing, but operating a Certificate Authority isn't one of them.
In my experience every case in the Web PKI where we found what seems obviously to be either gross incompetence or outright criminality there were also widespread technical failures at the same CA. Principles who aren't obeying the most important rules also invariably don't care about merely technical violations, which are easier to identify.
For example, CrossCert had numerous technical problems to go along with the fact that obviously nobody involved was obeying important rules. I remember at one point asking, so, this paperwork says you issue only for (South) Korea, but, these certs are explicitly not for Korea, so, what technical measure was in place to ensure you didn't issue them and why did it fail? And obviously the answer is they didn't give a shit, they'd probably never read that paperwork after submitting it, they were just assuming it doesn't matter...
If you purposely go into your phone settings and turn off auto-capitalization (which is what the kids do, since they're all typing on their phones), isn't it the very definition of pretentiousness? You're going into extra trouble to signify you're part of a clique, while feigning "laid-backness" and "i dont even care bro".
But you do care. You care so much to project your appearance of being cool and that you don't even care that you go through extra trouble to keep it up, even though paradoxically it would be LESS effort to not do it.
I think you are reading to much into kids trying to break norms and trying to be "part of a clique". It's not pretentiosness, it's part of finding yourself. They are also actively trying to get you to not read them because you are old and think they "are not serious" so mission accomplished I guess. And time will tell if these kids will invent something you have to respect. (Spoiler alert, we did and they will to)
I turn off autocapitalization on my phone so I can be consistent with my computers where it IS more effort to use capitalization. I also believe quite dogmatically that computers should not try to be smarter than me, I can press the buttons I intend to press, including the shift key on a phone keyboard.
This is not because I’m super cool, it’s because I’m an old man and I’m still typing in 2025 like I was typing on IRC in 1998 when nocapsing was absolutely dominant.
But if I type in a space where proper capitalization is expected, like HN, I do it (this was typed on my phone with no autocorrect, suggestions or autocapitalization — I know, I’m dumb and my opinions and settings are wrong). If it was my personal blog however I would do whatever I felt like doing.
Of course you are free to do what you want on your blog, but some choices make it harder to read. IMO not capitalising is similar to using hard to read fonts or colours.
You're describing a 15 second effort that is performed at most once per phone purchase, and at its least once in the owner's entire history of iOS backup/restore processes. Less total effort than our comments took to write. You're then reading a whole lot into that.
> If you purposely go into your phone settings and turn off auto-capitalization (which is what the kids do, since they're all typing on their phones), isn't it the very definition of pretentiousness?
That's incredibly presumptuous of you. That they're on their phone, that they had auto capitalization defaulted to on, that it's them who turned it off, that they didn't turn it off for whatever other reason (bugginess).
Cat's out of the bag there already. We all have general purpose computing devices in our pockets, locked down on purpose. Android used to allow you to gain admin rights but it's been getting more and more impossible to do so while still keeping most of your programs working. It's not only a cat-and-mouse game against "rooting detection" SDKs companies licence and plug into their apps out of a misguided duty of care, but it's especially bad with anything that uses Google's remote attestation lately.
Android is also about to lock down "sideloading", another "great" dysphemism for "installing software".
Moving the Overton window on this has been so successful, that even people in our industry happily accepted the much maligned dysphemisms of "jailbreaking" and "rooting" for what used to be called "local admin rights" and look upon such access as if it's only something pirates, criminals or malware spreaders would want to do.
I say this as someone who is running an Android phone with a kernel with some backported patches applied and compiled by myself. The fact that I can do it is great. The fact that the entire industry is trying to make it as frustrating as possible for me to do this under the guise of false premises such as "security" is disheartening.
Correct. Age verification and privacy consents belong on the browser. The issue is that on the browser, things work a bit too well (remember https://en.wikipedia.org/wiki/P3P ?), so the big players are incentivized to ignore completely the browser-based mechanisms and say/do nothing whenever they see lawmakers going on a dumb direction (risking fines is a reasonable price to pay in order to kill adoption of an actual browser/OS based control that would cause a dent to their tracking operations) that puts the onus on individual website operators.
The insane question here is, why would the EU mandate hardware attestation controlled by two private American companies in order to access services?
That seems completely contrary to the spirit of EU laws and regulations, which tend to be about protecting the consumer, preventing monopolies, ensuring people can generally live their lives where all things that are mandatory are owned and ran by the state and foster a certain degree of EU independence, with a recent focus on "digital sovereignty".
This one is a five for one against all of those goals? Harms the customer (you could see this as the polar opposite of GDPR), strengthens entrenched monopolies, force citizens to be serfs of one of two private corporations in order to access information, and on top of that, like it wasn't enough, willingly capitulates to the US as the arbitrates of who is a valid person or not.
This is so against the spirit of the EU itself that it would almost be funny if people weren't serious.
> The insane question here is, why would the EU mandate hardware attestation controlled by two private American companies in order to access services?
Because the EU doesn't actually care about privacy, otherwise they wouldn't be trying to do this and ChatControl. They care about being the main ones to spy on you, and maybe using fines as additional "taxes" on rich foreign companies. That's it.
Take any group of a hundred tech people (devs, analysts, architects, etc.), and 95 of them will do everything with their stock Android or IOS smartphone. Maybe 3 will consciously limit their use of that device, and the remaining 2 reluctantly use something sane like GrapheneOS. Those two might pipe up and take a stand for people without smartphones (which includes a very varied swath of people, from Luddites to people with disabilities), but they'll get drowned out by sighs, sheepish looks, and the chorus of 'let's just start with those two smartphone OSes, and if after a year or two people still really need something else, a new project can be started to address that'.
It's not an insane question, it just doesn't get asked.
> The insane question here is, why would the EU mandate hardware attestation controlled by two private American companies in order to access services?
Please (kindly) ask Paolo De Rosa [1], Policy Officer at the European Commission and driver of many of the decisions behind the wallet and the ARF. His position is one of fatalism: that it's "too late"; the duopoly of Goople is entrenched, and it's therefore not a problem if the wallet project entrenches it even further. Regrettably quite a lot of member states agree, although representatives of France and Germany specifically are frequently standing up to the fatalism.
> The insane question here is, why would the EU mandate hardware attestation controlled by two private American companies in order to access services?
Because this is being pushed by lobbyists to use hardware attestation to make it piratically mandatory for every citizen in the EU to be registered to either Apple or Google with a real id for all non-trivial online interactions at all times. The people behind this push neither have the technical knowledge nor care in the slightest that this is the consequence.
The app this discussion is about is a reference implementation that is part of a long-term process for building a digital identity app. Specifically, this discussion is about the age verification part of the app, which is the first part expected to be finished but is also only a small part of a much wider ideal.
Europe's dependence on American tech is a major pain point but realistically, there are only two smartphone vendors. If a European vendor does rise up, I'm sure whatever app comes out of this process will happily hook into the hardware attestation API for that OS as well.
But you could do attestation on GrapheneOS, no need to require the users to have Google spyware preinstalled. Google is abusing its position here, attestation should be to verify the security model, not Google's business model..
When scoped to attest the full software stack down to the kernel, yes, because it takes control away from the general purpose computing device that the user supposedly owns. I don't however have a problem with attestation scoped to dedicated hardware security devices such as Yubi Keys.
And if such dedicated hardware is ever required by the law, the manufacturer should be prohibited from bundling any business-related functionality there (such as displaying ads) that can't be turned off without breaking the certification.
Google's ad business model should never be mandated by law, unfortunately lawmakers seem to be unaware that this is what requiring Play Integrity effectively means.
Yes, and remote attestation should be illegal on any general purpose computing device, for some reasonable definition of what that is. General purpose computing should be a human right, in particular the right to change the software running on devices that you own.
This "identity wallet" is such a hostile idea, require identification for everything instead of thinking about how to remove identification (for example, allow anonymous banking, traveling).
Agreed. I refuse to use the terms "rooting" and "jailbreaking" in professional environments, I always use terms like "admin access to the mobile device".
Because that's what it is, despite the extremely successful campaign to paint people who want admin access on their mobile computers to be painted in the same light as pirates.
We have a near perfect system for finding the location of phone thieves, yet the police will not go and knock on the doors of criminals even when explicitly shown proof of "this is where the thief is currently".
Yeah it's odd and annoying. I realize the prisons are full but you could fine them £50k and have them pay it off over then next few decades or something.
I'm not victim blaming here, but does anyone have this nagging feeling that in this case, we, the "techies" caused this by refusing to engage with lawmakers?
In the case of E2E encryption, it's definitely a hill to die on, there is no way to make a backdoor "only the good guys" can access. But in this case, the long standing refusal for the tech industry to engage in even the lightest of lobbying towards having legal regulation for standards seems to bite us in the ass every now and then. We've seen it time and time even for things that are non controversial and would clearly benefit everyone: why is BCP 38 not mandated by law in any country? Why is IPv6 at the ISP consumer edge not mandated by law?
All of this could have had the same effect if instead of putting the onus of age verification on millions of websites, you instead put it onto the "customer end device", with some definition as to have it only apply to anyone who sells devices used to access online content with more than X% market share (meaning effectively Microsoft, Google on behalf of all Android OEMs and Apple, plus TVs and console makers).
You'd also put into law what content providers need to do to become compliant. It drops from "having a robust system of age verification" into "if you're serving content over HTTP and your content is for over 18, you need to send a specific over 18 header". If you're publishing an app on a walled garden app store, you need to specify the age rating (as one does already). If you state your page is good for under 18s when it's actually over 18, you then incur a fine.
Then it's really just up to OS makers to build support for the above into the parental controls functions that mostly already exist. Implement the header checking on the browser. Then restrict over 18 apps and outside app store that aren't explicitly authorised: this ensures no alternate browsers could be installed or ran by a child, while leaving them freedom to roam the web and install under 18 apps. The issue with existing parental controls is twofold: the web is a wild place and manually vetting every single app your kid wants to install is overbearing so everyone gives up on parental controls.
Then it's a matter of, when you buy a phone for your kid, you click a button "the user is a child, enable parental controls, set the grown up password". If parents fail to even do this, then clearly it's their own fault?
You'd specifically leave out non-HTTP protocols and leave a bunch of technical loopholes that could be exploited by technically minded people. It would both limit the amount of wreckage to things the common people doesn't even know it exists and make sure this wouldn't creep into places it doesn't belong. Sure, teenager who downloads Arch into a USB pen drive and boots off it can then access whatever they want, or someone who finds they can get into IRC and XDCC a bot for hot JPEGs, but at that point they clearly earned it.
I get the feeling that we've fucked it, left very important regulations up to people who have no clue and now we get the most onerous and worst implementation possible of things every single time put into law. We could have done the same with cookies, there's like, three browsers. Remember P3P? https://en.wikipedia.org/wiki/P3P
I've never seen an organisation that insists on release branches and complicated git merge flows to release their web-based software gain any actual benefit from it that isn't dwarfed by the amount of tooling you need to put around it to make it workable to the dev team, and even then, people will routinely screw it up and need to reach out to the 5% of the team that actually understands the system so they can go back to doing work.
reply