To reiterate the other comment about code maintainability, I’d suggest removing all commented out code as your next commit. With git, that information isn’t lost and you can always go back to it on commit d4c981a. The easiest time to create a clean codebase is when you start the project, and the second easiest time is now. Also might be a good idea to use a pre-commit hook to check if commented code is being committed, to stop you from introducing mess in the future.
Ohhhh you’re totally right. I tried replicating OPs claim and searched for the video title “Building an Open Source Payment System - Sebastian Javier Marchano, Taler System” and there was no red bar. Searching for “GNU Taler” shows the red bar for that same video. It feels like bad UI, overloading the meaning of the red seek bar, but it seems like in this case, that’s saying it’ll skip you to when they start talking about it, not that you previously watched the video.
I’m sure it’s tedious, but run those tests again, and when you do, before and after watching the video, go to https://www.youtube.com/feed/history and see if it tracked it. I understand you’re logged out, but maybe you’re somehow selected for a test of some sort of logged out experience.
That being said, I ran through your replication steps and could not reproduce it (even down to pulling up the same video). I also doubt that Youtube would create a feature useful for people logged out of their service, since they want to encourage you to log in because they get better data for selling ads.
Are you logged into Youtube/Google? EDIT: I see your comment in another reply saying you’re not logged in. Keeping the rest of my comment below for posterity
Youtube keeps a watch history, and allows you to resume videos where you left off of. This works across devices if you’re logged in. This functionality is enabled by default, and can be turned off in https://myactivity.google.com/
https://support.google.com/youtube/answer/95725
These settings are on an account level and tracked server side. Since the history can be accessed across devices, the browser you use and cookie retention have no effect on the ability for the viewing history to be retained.
This argument implies there’s an easy way for you to perform the reproducible builds on iOS, but it’s quite involved and requires a jailbroken iPhone. Overall this is more a limitation of apple and not signal.
Even if you were able to perform a reproducible build of Signal on a jailbroken iPhone, there’s no way to confirm that the stock iOS Signal app will match, or has a backdoor that got added in a supply chain attack that only is delivered to non jailbroken phones. You could use a jailbroken iOS device, but then it could be lagging behind updates and be even more vulnerable from zero days.
The real pressure here should be on Apple to provide a way to verify a build of an open source app matches what is being installed via the app store, but for some reason this is being framed as a Signal issue, which is disingenuous.
Not having reproducible builds is definitely weird though. Does anybody have more information on that?
They boast this as a feature, but on the instructions for how to do this for iOS, even Telegram admits “As things stand now, you’ll need a jailbroken device, at least 1,5 hours and approximately 90GB of free space to properly set up a virtual machine for the verification process”. Browsing the steps, it’s extremely complex, and doesn’t seem like something that is very user friendly and that you’d do weekly or monthly when a new version is released.
On the GitHub issue linked to in the body, it’s disingenuous to claim they refused to implement this, and that the technical hurdles Apple has in place make this extremely difficult which halted progress. In the community forums where the conversation was moved to, someone pointed out that even if you were to reproduce it on a jailbroken iPhone, that there’s no way to confirm that non-jailbroken iPhones aren’t receiving a version with a backdoor.
And even if you are using a jailbroken device exclusively and can confirm the reproducibility of the iOS app, then the risk becomes the latest available jailbroken iOS could be outdated from the real versions, and you’d have other issues with not receiving timely security updates. This same issue applies to Telegram also.
This is a great point because in the Lemmy UI, this information isn’t shown, and you can’t even list out all posts you’ve upvoted. As most of us coming from Reddit, we’re used to upvotes being private, and probably assume it’s the same. I understand the technical reasons for having the information public, but it is not clear from a user perspective that it’s public.
I’d assume this will be a non issue once they implement ActivityPub. They can enable whatever account restrictions on their gitlab instance, but if I don’t want to provide this information to report a bug, then I can use another instance or self host my own, without the account restrictions.
You need to use an IP address (as opposed to FQDN) for DNS because when your computer starts up, it won’t be able to resolve the FQDN to do DNS lookups.
Cloudflare DNS over TLS famously is using the IP address of 1.1.1.1: https://developers.cloudflare.com/1.1.1.1/encryption/dns-over-tls/
Of course theft is bad, but is eroding privacy the necessary evil to solve the problem?
In the US (I couldn’t find UK numbers but don’t know where to look), the National Retail Federation’s 2022 security report did find external theft is the biggest cause of shrink at 37% while theft of inventory by employees and loss of inventory by corporate mismanagement adding up to 54%. [1] If companies are losing more inventory through their own mismanagement than they are from people coming into the store and stealing, should this technology be the priority?
Really, if anything is the take away from the report (this is probably more US specific and not as applicable in the UK), it’s that there has been an increase in violence and aggression in their stores over the last couple years. With regards to the always running facial recognition, I don’t see how that will make a significant impact of violence and organized retail crime.
Obviously retail in the UK is going to be different, but this technology seems to be best suited for non-violent shoplifters, and that might not actually be a whole lot in the grand scheme of things, especially to warrant draconian measures.
Madeleine Stone, of the campaign group Big Brother Watch, is concerned about the slow creep of facial recognition technology.
“It is unacceptable to have police and private companies writing their own rules on the use of such a powerful surveillance technology,” she says. “We urgently need a democratic, lawful approach to the role of facial biometrics in Britain, but so far there hasn’t even been a parliamentary debate on it.”
Glad they devoted 3 whole sentences about this more than halfway down the article /s
Also, no mention of machine learning training bias or false positive rates of the existing technology? There’s so much which could have been fleshed out in this article.
https://www.youtube.com/watch?v=SEo7FGkmRx0