The assumption is that legitimate companies who sell software will sign it and that signature proves it came from that company who you trust because of their publicly known legitimacy. It’s a bit of circular reasoning. But it does round back towards that legitimacy - if it is found that they violate your trust, they lose public trust and thus lose sales.

Luckily new OSes (cough NOT WINDOWS) are able to sandbox applications and prevent them from accessing resources without declaring the need to access it.

And as for the signing certificate, I think the MS Store will allow any signed app. They just offer the cheaper signing service.

You could let people host their own as a method of scaling. But that limits it to geeks like us.

Use kubernetes and let it scale and pay for hosting on cdns.

Uhg it drives me nuts when I search for some obscure programming topic and then I get links to local restaurants. That’s not what I was searching for!

My main concern is that cloudflare knows what content it is serving and it is certainly fingerprinting your browser. So regardless of how you request the data, cloudflare knows.

Both are bad. One is objectively more bad.

Yet another eye of the panopticon.

I’m starting to get the idea that the internet is bad and we should go back to the printing press.

That is glossing over how they process the data and transmit it to the cloud. The assistant wake word for “Hey Google” invokes an audio stream to an off site audio processor in order to handle the query. So that is easy to identify via traffic because it is immediate and large.

The advertising-wake words do not get processed that way. They are limited in scope and are handled by the low power hardware audio processor used for listening for the assistant wake word. The wake word processor is an FPGA or ASIC - specifically because it allows the integration of customizable words to listen for in an extremely low power raw form. When an advertising wake word is identified, it sends an interrupt to the CPU along with an enumerated value of which word was heard. The OS then stores that value and transmits a batch of them to a server at a later time. An entire day’s worth of advertising wake word data may be less than 1 kb in size and it is sent along with other information.

Good luck finding that on wireshark.

You can own a doodad but it’s a static, useless doodad until you agree to the ToS which allows you to use it.

Yeah but the whole tech industry operates as Whatever-as-a-Service now, which means those ToS changes are able to be applied whenever they like. You either continue using the service or you don’t. This apparently applies to lightbulbs now. Lightbulbs as a Service. Sigh.

There is a bog standard line in nearly every ToS “We have the right to modify this terms of service without notification to the user” blah blah blah. It probably even holds up in court.

I’ve tried to do that a few times but it’s a royal pain in the ass. If you don’t mind, which banks/credit cards make that easy?

Those HSA accounts are thinly veiled state legalized theft for political cronies. At least they are in my state.

Money goes in. Administrator determines if money goes out. Money (by law) does not roll-over from one year to the next and the administrator keeps the balance.

Just don’t use them.

Anecdote: A coworker of mine secretly had cancer. He was putting tens of thousands of dollars each year into his HSA. They denied him use for his chemo or whatever and it rolled his funds into the wood chipper. Tens of thousands of dollars.