every day we get closer and closer to ctOS in Watch Dogs becoming a reality

I legitimately can’t tell if this is satire or not. I think you’re confusing the USA with a European country that actually has data privacy and consumer protection laws.

Yeah, for sure. Same reason a bunch of subscription stuff goes up in price after a year or two.

Ask the 100,000 people that downloaded Boost, not me.

Ugh. I hate this so much.

That’s why I said “sold by Amazon”. The drop shippers are all third-parties. Instead of the item saying “Sold by Amazon”, it’ll say something like “Sold by [some third party] and fulfilled by Amazon”.

Stuff sold by Amazon themselves is generally okay, since they’re directly responsible for it (no third party they can blame for any issues).

I try to avoid Amazon where possible though. B&H is pretty good for electronics, and I know I’m not going to get cheap Chinese knockoffs when I search their online store.

Amazon is usually OK if you buy things that are sold by Amazon or sold by the manufacturer (if it’s a well-known brand). The third-party sellers on Amazon based in China are almost always reselling stuff from Aliexpress/Alibaba with a significant markup.

You can pay just a few dollars to remove the ads from Boost.

California (and a few other states) are trying. The CCPA and CPRA are a good step in the right direction. If you’re a California resident, you can request all the data a business has collected about you, tell them to stop sharing it with business partners, or tell them to completely delete it, similar to the GDPR in Europe.

That CAPTCHA isn’t specific to Temu.

My interpretation of that tagline is that since the prices on Temu are cheap, it means you can shop as if you had a lot of money, without actually spending that much.

I agree with you, and don’t really have any answers :)

US will try its best to block technology, including open source projects.

You can’t block open source projects from anyone. That’s the entire point of open source. For a license to be considered open-source, it must not have any limitations as to who can use it.

Yeah, it really depends on how much you trust the vendor.

Google? Say what you want about the company, but they’ll never intentionally serve malware.

Random company with no track record where we don’t even know who is maintaining the code? Much less trustworthy. The polyfill . io repo is currently owned by a Github user called “polyfillpolyfill” with no identifying information.

Third-party CDNs make less sense these days though. A lot of hosting services have a CDN of some sort. Most sites have some sort of build process, and you usually bundle all your JS and CSS (both your code and third-party code, often as separate bundles) as part of that.

deleted by creator

with mails that dont correspond to the original authors,

Oh! I didn’t realise this. Do you have an example?

You’d be surprised how much code people blindly reuse without even looking at it, especially in JavaScript. A bunch of it is from projects owned by random individuals. The JS standard library is ridiculously small, so nearly all JS apps import third-party code of some sort. One JS framework can pull in hundreds of third-party modules.

It’s much less of an issue with languages like C# and even PHP, where the first-party libraries are often sufficient for building a small or mid-sized app.

Most licences require derivative works to be under the same or similar licence

Some, but probably not most. This is mostly an issue with “viral” licenses like GPL, which restrict the license of derivative works. Permissive licenses like the MIT license are very common and don’t restrict this.

MIT does say that “all copies or substantial portions of the Software” need to come with the license attached, but code generated by an AI is arguably not a “substantial portion” of the software.

I expect it’s going likely to be used to train some Chinese AI model.

Even if they do that, the license for open source software doesn’t disallow it from being done.

My favourite part is that the developers that currently own it said:

Someone has maliciously defamed us. We have no supply chain risks because all content is statically cached

https://github.com/polyfillpolyfill/polyfill-service/issues/2890#issuecomment-2191461961

Completely missing the point that they are the supply chain risk, and the fact that malicious code was already detected in their system (to the point where Google started blocking ads for sites that loaded polyfill .io scripts.

We don’t even know who they are - the repo is owned by an anonymous account called “polyfillpolyfill”, and that comment comes from another anonymous account “polyfillcust”.