Someone pointed this out on Twitter - it looks like StackOverflow recently updated their robots.txt file to explicitly disallow all crawlers. Obviously, this won't stop those that don't respect robots.txt, but I found this decision strange. Not even Google or Bing's crawlers (which respect robots.txt) will be able to crawl StackOverflow, which could be the final nail in the coffin for SO, since (presumably) most StackOverflow traffic comes from search engines.
The section you mentioned does not say anything about having counters for labels. It only mentions that they record "[t]he times of the first and most recent instances of queries for each query label".
Well, the counters aren't data collected, they are data derived from the data they do collect. The privacy policy covers collection.
EDIT: I see they went out of their way to say "this is the complete list of everything we count" and they did not include counters by label, so I see your point!
The "share which expires after one use" part requires the password either be visible to the server or encoded in the URL (also visible to to the server) unless you also want to share a password/key to access the password or, in which case the site doesn't make sense, or you want to require both folks are online at the same time to make a brokered WebRTC connection and share via that channel.
I think the intent is you have some crap messaging platform like email or SMS without and want to send a one time access link to the password. I'm not really sure how large the intersection of people who care enough about security to want that but not enough to want to avoid a 3rd party server and hoping first access of the link contents is by the intended target is though.
The server store encrypted password identified by item id. Browser side decrypt the encrypted password using key in the hash part. The hash part does not reach the server.
The full URL gets sent to the server on connection. You could break this out from the link, at which point you're back to sharing a password to share a password.
It has to, how would it deliver the password to the URL’s recipient otherwise?
I suppose to keep it fully stateless you could encode the password in the URL itself somehow, but then that would defeat the purpose of not having the secret hang around in perpetuity.
Absolutely. I love the work they have been doing on the backend, like PQ3 [1], but it just doesn't work for me when the Stickers and Emojis extensions on Mac leak several GBs of RAM and I have to terminate it several times a day to free up memory.
Another thing I dislike is that it stores the whole message history on the device. It's nice to have at times, but I send a lot of photos, which adds up in storage over time. I pay for iCloud, and store my messages there. Why does my Mac need to hold every single photo I have ever sent?
Local iMessage storage is debilitating. I have over 90GB of iMessage history that I don't want deleted. The keep messages for x days removes it from iCloud and the Mac though. Why?
I don't think that would be possible, as Liberapay is essentially just a UI for accepting donations directly into the developers' Stripe/PayPal accounts.
Doubtful. It's 100% funded by its own Liberapay page.[0] It's the second-most donated to recipient but at about $650 a week, that's not even enough to hire a full time dev let alone the business skills needed to pull something like that off
That's about $33.8k a year. Before taxes and with no benefits
The numbers in your source also contradict your statement, but point taken that European dev salaries are much nominally lower than American ones. It's still obviously not enough to pay a dev and business expert
EDIT: wow I just checked and the weekly amount they receive just went up to ~$875!
They don't even have the ability to group transactions together for US payments (or payments in Australia, Japan, Mexico, Malaysia, Hong Kong, New Zealand, Singapore, and others [1]) to lower fees, so I think any hope that a project like this would have any leverage is misplaced.
I asked Stripe back in 2018 if we could expect their unexplained same-region limitation on transfers to be lifted. They said it would be lifted soon. It's 2025, the limitation still exists and I still don't know why.
Payment processing is dominated by a massive monopoly, leaving no room for negotiation. The industry is controlled by global elites and financial powerhouses who gatekeep access. Only stablecoins have the potential to disrupt this cycle and offer an alternative.
The price of "free" is very tempting. I guess the cost of the servers they offer is having to put up with idiotic requirements like "CPU utilization for the 95th percentile [must be more] than 20%" [1], or they'll shut off your server.
I use one of these servers for hosting some non-critical things, but nothing that I run there is particularly CPU intensive, so I was just forced to set up a cronjob that periodically spikes the CPU to 100% for a few minutes.
Because the efforts of Anna's Archive are unfortunately currently very much illegal, and XMR is one of the few cryptocurrencies that can actually offer some privacy to its users.
reply