This makes the $50/mo plan viable for wan failover. Still have the cgnat issue, but there's some documentation about requesting an ipv4 address from support. Has anyone succeeded with that?
Is there a spec sheet or anything like that? I realize it's only for sqlite now, but supposing it's available for Postgres soon, I have a bunch of hard requirements. First is native support for SSH jump hosts. Next is query plan view.
An account doesn't have to be problematic for you to not want to see their comments. I have several handles in mind where I'd add them to such a list if it were a feature. Nothing against the people in particular, but sometimes when I see a handle (like others said, very often old accounts with high karma), I already know what they will go on about merely just based off the title of the submission and having unintentionally gleaned what topics they usually comment on just by being on HN for a while. It's a waste of time to read those comments, at least for me. Wouldn't hurt them if they lost my attention. I am not bothered by it enough to vibe code a browser extension for it, though. That threshold is a bit higher, I did it for blocking certain domains; there is only so many times I can sit through an article or an "essay" which should have been a podcast.
It’s usually old/high karma accounts, as they can get away with it easier. Throwaways that establish themselves for a time too, but those are usually dealt with eventually
Regardless of the fact that they can simply lie to you, it doesn't say that. The question is "Does TSA protect all data (e.g., photos)...?" What does protect mean? The stated common case is that a photo is ephemeral and is removed (from where?) after it is used. Now, they're using it for facial recognition. They didn't get a facial recognition system by deleting photos, so we know based on the premise that some representation of the data in the photo (your likeness) exists in persistent form.
But that's just generous reading, anyway. There are so many ambiguities that it's not really worth the trouble to attempt any rigorous analysis of it.
"In rare instances TSA will collect and temporarily retain photos and data..." How rare? Doesn't matter: then what happens?
"...data collection mode events are limited in time and place..." Damn unrelenting spacetime.
"TSA’s facial comparison technologies adhere to DHS and TSA cybersecurity requirements." Restatement of the problem.
To get actual answers (at least during sane political administrations), the System of Records Notice (“SORN”) is what you want. Whereas the info sites for these programs are typically useless, SORNs are the authoritative document that the federal government issues to identify and characterize systems that store records about data subjects, and include information about retention polices, exceptions, etc.
The last I read the SORN for TSA’s facial recognition, they did commit to deleting identifiable data within 24 hours.
CBP operates their facial recognition under a different SORN, and there are many more caveats, although they also commit to deleting identifiable data within 24 hours for US citizens (only).
> Now, they're using it for facial recognition. They didn't get a facial recognition system by deleting photos, so we know based on the premise that some representation of the data in the photo (your likeness) exists in persistent form.
If we want to be truly generous in interpreting it, the new sample would be deleted and the comparison is done against the photos they have on file from your ID/passport (although, since a foreigner can do it on their first visit to the US, it might just be based on scanning the document you provide). Of course, single-sample-per-person facial recognition is pretty limited, but it's security theater anyways.
That's too generous because even that document says that there that data is used for other purposes without detailing any of that. There are no timelines. Even when they say "temporary," when is that? Until 2300? Temporarily stored on the device until it's been stored remotely? Temporary until the NN is trained?
The cat's out of the bag, anyway. They already have a perfect dataset and surveillance mechanism. But it'd be nice to stop continuing to perfect it.
I think the mistake is assuming they're purely doing a 2d pixel array photo comparison and not a 3d scan. This would also satisfy their statement that they delete the photos, while still being able to store data that could be used to reproduce the photos.
I just flew from the US to Europe; at each point where I had to get my picture taken, the machine had a label on it that clearly said they would delete my data after 24 hours. (Or after use, I don't remember the precise time frame.)
Were they lying? Possibly. But this is not a matter of them trying to use weasel wording to trick you into thinking they're claiming something they're not.
You think they could be lying, but your argument is that they're being candid? Then we simply see it differently. I just read the primary source, so I know without a doubt that it's weasely.
Moreover, it was put forward as proof that they don't keep the data, but the source is actually called "Does TSA protect all data (e.g., photos) collected." What are they protecting if they don't have it? What would be the point of even doing this if they don't collect it?
But leave that aside and let's talk about your experience. Did it say the data would be deleted after 24 hours or did it say it would be deleted after use? What is use? Use could be we're operating a giant biometric database and we intend to keep doing it until the asteroid, and why wouldn't it be that?
No, that's not my argument. My argument is that if they are lying, they are doing so flat-out, not by using weasel words—because the wording they used at the point of disservice was very clear that they would be deleting them, not just "we will protect your data."
I'm not attempting to defend the TSA; I think they're reprehensible. I wish merely to provide new facts into the discussion.
Yes. And we've all worked on projects where you need some test data from production. Kudos to them for disclosing that practice, not doing it often, and only retaining the data temporarily.
Agreed. Provides no obvious benefit to either me or society at large. Normalizes collection of biometrics. Implementation details not easy to verify - they could be lying or could silently change things later.
The entire scheme has a very high abuse potential. Equipment and personnel set up at major ports and their presence normalized. Turnkey authoritarianism at its finest.
>The docs are the only way people find out about our commercial products
Wall that's the problem, and it's tractable problem. Seems like tailwind needs a sales strategy beyond hoping people read the docs. And that it gives rise to a perverse incentive--making a less intuitive product to drive the need for documentation--is bound to affect the product.
If LLMs are really the problem, and it seems possible that they are, then you might need to lean in. Maybe selling access to mcps and skills. I'd still bet on hiring someone to chase down some contracts is going to be the easiest way out of the hole though.
Agreed. If Tailwind could give you a paid subscription to a service that plugs into your agent and will recommend component compositions, styles, etc. (basically how those web app generators companies work but targeted at experienced devs) they have a chance to survive the transition.
Presumably the MCP could also be aware of the commercial products, which ought to coax the agent to apply those patterns. That'd be more useful than actually have the library.
This isn't novel either. Expo offers an MCP with its paid subscription, for instance. It's helpful. In fact, I wish the tamagui crew would get on that...
reply