The job is defending people who get work done from people who don’t get work done.

Reclaim your PC. Make it yours once more. Join the penguins.

I’m willing to pay for one, maybe two subscriptions, and ain’t nobody got time to dig for which service has what show to find out season 2 is on some other service entirely.

Piracy provides a better user experience 🤷‍♂️

A moment of silence for the company that once connected hobbyists with affordable hardware. It was never perfect, but the profound impact on makers and industry is undeniable.

I will remember you for what you once were, not what you came to be.

Nobody here seems to understand the real technical purpose of this feature, so let me try to explain what’s really happening.

Android applications and much of the system are written in Java. In the beginning, this decision was made because it provides portability at least in theory and the language was familiar to developers, but this decision wasn’t without its disadvantages. This extra layer of the Java virtual machine led to laggy user experiences and increased memory use in the very first versions of Android.

The first attempt to fix this problem was the Dalvik runtime. This first solution incorporates a tracing style just in time compiler that translates Java into native code as it runs. An Android Kitkat, ART or Android runtime was introduced as a developer option and later became the default which offers full compilation to native code at install time. This led to a really long system update process and some complex apps took forever to install, so in Nougat Android moved to a hybrid design that only pre-compiles the most important parts of the application. This saves install time and system update time while still getting good performance by pre-compiling to native, and we fall back to JIT if unexpected code becomes a performance bottleneck when the user is actually using the app.

But which parts do we pre-compile? How do you know what code actually matters to the user experience?

This dialogue in Play is about sharing runtime information about which code was actually executed. Google aggregates this information so that when users install an app they also receive a file describing which parts are most commonly used and actually matter to performance so the system can focus on pre-compiling only this specific subset. Namely, this data is which classes and methods are expected to be hot, with special attention paid to the ones required to initialize the application.

From a technical perspective, I don’t really see how this places private user information at risk, and I agree that it needs to be the default for this design to work because most users aren’t savvy enough to understand what it actually does. Google tried to simplify it is much as possible in this dialogue, but it’s led to a lot of confusion especially for more technical users.

I asked my wife if she thought I was autistic. She was surprised at the question because she specifically sought an autistic spouse and had been operating under the assumption for no less than five years.

What Reddit fails to understand with their decades of industry experience and 2k employees is that without their users, they don’t have a product. Moderators work for free. Creators work for free. These people didn’t do it for Reddit. They did it for you and me.

And then like three developers in their spare time ate their lunch.

Don’t assume ineptitude.

I’ve been in the position of being asked to implement an anti-feature. I made it take as long as possible to drive up the cost and designed it to be trivially bypassable because I’m not motivated to intentionally trash my own project.

You do it because it makes an attacker’s life harder because now I have to find two bugs instead of one.

The entire boot chain of the phone up to the apps you run are verified successively by the component that loads it. A digital signature helps ensure that only trustworthy code ever runs. A bug must be found to bypass these checks to load malware code. For example, a bug in the image code in a web browser might cause loading of code that isn’t checked. This way the malware gets smuggled onto the phone.

This means that if you get hacked via one bug and malware is loaded, the attacker has to work harder to solve the problem of how do I convince the phone to load it again at boot because the code it’s made of isn’t going to be approved code. When you reboot, you are effectively forcing a validation that all the code you have running is authentic, which would exclude the malware. Trick me once sure, can you survive a full pat down? Probably not. It’ll get caught.

Unless I have a second bug to fool the normal code loading systems too, the malware can’t run. You have to go back and trigger the first bug again somehow, which places more strain on the attacker.

Repeat after me: I will not federate with any Meta products.