Perhaps the author would consider open sourcing if they received financial compensation for their work to date? Crowdfunding or retroactive grants can liberate code.
Context: a big chunk of my 2024 income was from grant money to build open source software that I may have tried to monetize otherwise. It’s possible.
Sometimes you have applications that should not be able to access an entire database. There are other various scaling reasons, and PG extensions that can be helpful. But I agree that for small to medium sized projects, SQLite is highly underrated.
Uber always had cash options in SEA and still does in countries it continues to operate in, like India .
Each country has and always has a lot autonomy on features and services offered . Just their booking methods in different airports can have lot of variation , OTP workflows in geos with high no show rates , transportation options like motorcycles or Tuk tuk or public transit integration all are unique to many locations
Consolidation and exits happened for variety of reasons i strongly doubt it was ever because of product features or lack thereof
Cash is not only accepted but in specific Indian cities expected , I.e. the driver will call you and if you don’t offer cash they will cancel the booking or won’t show up at all .
Can you elaborate? In the U.S. you place an order and are quoted a price which you pay (typically with a credit card) before your order is sent for delivery. Receiving a call from the delivery driver about paying in cash would feel like an extra fee. In the situation you describe is no payment made in advance?
The commenter was talking about cabs and autorickshaws, not food delivery drivers.
Uber and others pay out on a weekly basis. Cabbies would rather have the cash now. And by cash, they mean a direct payment outside the app. Typically this would mean a direct transfer via UPI.
As you hypothesize it is about extra fees and renegotiating the price. Common tactics include asking more than the price shown on the app, or refusing to give change back,or pretending not to have any etc.
The “someone hates Tor relays” theory doesn’t sound worth the effort. This could be an entity running malicious relays, while also trying to unethically take down legitimate relays to increase the percentage of the network that they control.
This is almost certainly it. There’s a lot of head-sand-burying around here about just how easily an attacker with access to logs of a not-even-that-large segment of the nodes can gain visibility into individuals’ service access patterns.
Yeah. If you hate the tor network an easier thing to do is just to overwhelm it with traffic and degrade the service. Running some bittorrent downloads might be enough.
Beware the edge case: I responded STOP to a message years ago, then was unable to receive SMS from a popular money transmission app during the signup flow to claim funds that a friend sent me.
After over a month of troubleshooting, it turns out that I had sent "STOP" to that number years ago on a different device (no longer visible in chat history) and now had to send "UNSTOP" in order to receive the phone verification SMS required to sign up for the service. It was a shared number between multiple apps.
This happened to me with a major bank. They were using the same number for 2FA and some other types of texts. I got locked out of my account for a while because I had unsubscribed from their marketing texts. What an unbelievably dumb way to send 2FA codes.
Had a similar thing happen to me, but for Facebook. Account got locked, to unlock I needed to verify identity via text. Never received the text because I had disabled getting text fb notifications, which apparently included account recovery. Managed to find this on some obscure thread to text some number to resubscribe and get it to work - no mechanism from fb, no alternate way to verify, no indication that this was the issue.
I think something similar happened to me, but I used the phone's block and report feature. I assume it was the number of some SMS sending service that had both legitimate and spam clients.
Passkeys or WebAuthn, TOTP based 2FA (regardless of whether it's hardware or software based) is vulnerable to phishing. Protocols like WebAuthn are tied to the domain and is a lot trickier to compromise (at least not without significant effort).
A lot of people here are complacent when it comes to phishing because they believe "I am a big overpaid technical person on Hackers News, I am not dumb enough to fall for suspicious links unlike those dumb unwashed masses" but as most security people know, the sort of mass phishing attempts your grandma receives are relatively low effort compared to actual targeted spear phishing. A dedicated phishing attempt won't have broken English, CSS styling issues, weird punycode etc. It would be practically indistinguishable from the real thing unless you were specifically looking for it.
TOTP (thing that generates the 6 numbers every 30 seconds) whether that's a dedicated device (secure but very annoying) or a TOTP app on your phone (what most people use).
I at least have a different user account that only does TOTP but it isn't really a second factor if it is on the same device (since the idea is to make getting access to the code significantly more difficult than just getting access to the password).
I find it such a weird thing, maybe it's nice in some cases, but really this is a weird mechanism.
Phone numbers are exchanged a lot and repurposed. Most providers/carriers will likely have a do-not-use-for-x-amount-of-time bin to put newly reclaimed numbers in, but after a while, it will always be re-used. hence this kind of issue can happen.
In my country there's a place to register to disallow unsolicited marketing and other types of messaging. That's not by number you 'STOP' and hence it won't have such effects. A marketeer/sales company is simply not allowed by law to dial your number for sales/marketing, so they have auto-lookups to that registry to prevent breaching the law. translated, it's the 'do-not-call-me-registry' :D aptly named.
it won't stop phishing messages etc., but not much will. if you'd block it from 1 number, they will just use the next number..
The US has a 'Do Not Call' registry for unsolicited phone calls, but technically doesn't need one for texts because it's illegal to send marketing texts without prior consent in the first place. Thing is, 'consent' often just means failing to notice a checkbox during a signup flow or something, so people end up getting junk anyway.
Even more annoyingly, politicians wrote in an exception for themselves. In combination with the way campaign finance works in the US, this means that if you've ever give your number to any political campaign, it will be passed around forever and you'll have multiple politicians begging you for money for months leading up to every election. Each individual campaign/organization seems to respect 'STOP,' but once your number is on an e.g. 'Has ever donated to a Democratic candidate' list, there's seemingly no way to get it off for good. Thanks, Obama. (I gave him $50 in 2008.)
Even worse if someone else signs up somehow using your contact info. I got signed up (via email thankfully) for a political party in another country and no amount of "mark as spam", unsubscribe or replying would get me off the list. Eventually I just had to create a filter that dumps those messages in the trash.
It must be something with non-U.S. English speaking countries because I get numerous semi-spam messages in email and text for services in Australia and the U.K. casinos with account numbers or PINs, two step notifications for national car registries, banking, contractors asking about work or sending invoices. Maybe it's just English speaking countries have a lot of people named "iamthepieman"
My wife had someone do sign up for a bank account with my wife's gmail address. She told the bank they got it wrong, and they went away for a bit and then they re-signed up AGAIN. So she told the bank to close the account. It didn't re-occur after that.
A number of elderly folks have had this issue as well. I'm really at a loss on how to fix it, some times there are bad actors but generally it seems folks are clueless and the signup flow doesn't adequately account for this.
I have a common-ish first initial, last name Gmail account. The number of people who think they have my address is staggering. Hundreds over the years.
In one case, the manager of a large factory was forwarding me an email with remote access credentials and VPN software every month.
Is the email in question something along the lines of firstnamelastname at gmail? I'm guessing your email address is a really common name that someone else keeps forgetting how their email actually deviates, or someone typos writing theirs.
Another possible scenario is that Gmail is getting wires crossed. I have had the account firstname.lastname@gmail.com for 20 years now. About 5 years ago, some dude in Australia (who coincidentally has the same rare last name as me) started using firstnamelastname@gmail.com. Based on the emails I've seen I believe that Gmail let him do this for a while, but eventually started delivering his emails into my inbox. I don't know if there was a technical change in Gmail for how they handled these addresses or what, but it's very odd.
firstname.lastname@gmail.com and firstnamelastname@gmail.com are the same address, according to gmail documentation. If this is what is actually happening (and there isn't a subtle typo, etc.), then something is more wrong than "wires crossed" & you should report it as a security vulnerability.
I still get 5-10 texts a day from trumpy candidates because someone used my number like 5 years ago when they were spamming signups for trump rallies so the rally would be empty
>this means that if you've ever give your number to any political campaign, it will be passed around forever and you'll have multiple politicians begging you for money for months leading up to every election
They really should learn to not do that, my carrier routes most of those to spam already and the few that it doesn't, I mark as spam, so presumably they'll start getting routed to spam for other people with the same carrier.
What's worse is if someone accidentally uses your phone number when they sign up for something, then you're on the list and never able to get off of it.
If only we had the mobile numbers of numerous politicians. We could make a small donation to their opposing party and add a phone number from that last.
So a "stopper" can also mean a plug (i.e., something you shove into the neck of a bottle or a pipe to stop things coming out). "Stop" can also then be a verb which means, "put a stopper into"; and "unstop" can mean "remove the stopper from".
Since (it sounds like) this is talking about blocking and unblocking the flow of messages from that number, using "UNSTOP" (remove the thing blocking it) makes more sense than "START"; particularly as the latter seems to imply that you're asking to immediately begin receiving messages, whereas the former simply means to no longer block the messages.
There probably is a START instruction internally, but it won't take action against a number for which there has been a previous STOP. So UNSTOP acts like FORCE START.
If the process is releasing a STOP (removing or soft-deleting a STOP instruction logged in the DB or some such) then whoever worked on it initially may just have not thought beyond that (especially if English wasn't their first language so unstop might not have sounded any stranger to them than restart). Once something like that is written down and others have seen it, it tends to stick.
Of course it could hav ebeen done by someone like me, who is know to give things technically-correct-but-odd names deliberately…
Unless you need a kidney; then we just bury perfectly good ones regularly, and let the donated ones get a bit more stale while we confirm the opt-in eleventy times.
It's because of the US Constitution and voters' very firm, consistent, coherent stance on bodily autonomy. Even if we consider it to be costing a life, your say over your body is considered absolute, and no federal, state, or local government is allowed to pass legislation that influences what happens to your body.
Just kidding! It's all determined on a case-by-case basis depending on the most conservative perspective of the dominant, favored religion.
That only works if the marketing campaign exclusively uses the number you're blocking. In some cases - for example, political SMS in the US - it turns into whack-a-mole unless you unsubscribe properly.
Yep, US political spam is unblockable. I receive “wait, you’re a Republican, this can’t be right‽” style SMS messages from 10–20 unique phone numbers every day. The FCC’s spam complaint form only accepts one sender number per submission so I’m about 1,300 complaints in so far.
I’ve encountered a couple instances of businesses that 1) send me unsolicited marketing mail, 2) react to that being flagged as spam by internally blocklisting me, then 3) silently fail to send transactional mail such as password resets.
I hear you but caution against such oversimplification. Advanced Data Protection for iCloud is a thing. Our culture of cloud reliance is truly dangerous, but some vendors are at least trying to E2E data where possible.
There are big risks to having a cloud digital footprint, yet clouds can be used “somewhat securely” with encryption depending on your personal threat model.
Also, it’s not fair to compare clouds to wiretapping. Unless you are implying that Apple’s infrastructure is backdoored without their knowledge? One does not simply walk into an Apple datacenter and retrieve user data without questions asked. Legal process is required, and Apple’s legal team has one the stronger track records of standing up against broad requests.
Broadly, in the US, the Federal Wiretap Act of 1968 still applies. You're going to have to convince a judge otherwise.
Yes, perhaps broad dragnet type of might be scoffed down by some judges (outside of Patriot act FISA judges ofc)
I would warn you about the general E2E encryption and encrypted at rest claims. They are in-fact correct, but perhaps misleading? At some point, for most, the data does get decrypted server-side - cue the famous ":-)"
reply