The truth is most apps have no business having a menubar icon, but many of them cannot even be disabled out of the box. There's a number of third-party tools that help with the issue, but really this should be handled at the OS level. I want a permission similar to notifications to control whether an app can litter the menubar or not.
One thing's for sure: No application should be allowed to have a menubar item without a ToolTip. WTF, that should have been obvious from day one.
At the moment, I have 11 of them on my system (not counting the clock), a mix of third-party and Apple ones. NOT ONE of them has a ToolTip.
Even worse, if you click on them, the resulting menu does not show the name of the owning application. This too should be forced. For example, I unfortunately have to run Microsoft Teams, and its toolbar menu gives you no indication of what application it belongs to.
Whenever you combine two things into one, the complexity and cost go up considerably. A regular coffee machine is pretty cheap. Add high pressure so it can make espresso and it gets considerably more expensive. Add milk so it can make cappuccino, again more complex and expensive. The same holds for electronics. Isolating power when it's alone is fairly straightforward. It gets considerably more tricky and hence more expensive the moment you want to place any kind of a meaningful data signal in its vicinity.
I have been around touch screen Windows laptops for I don’t know how many years now, and I have never felt even the slightest compulsion to touch the screen.
It might be a generational thing; my kids get touchscreen laptops from their school, and they interact with them almost exclusively by touching the screen. I agree, I'd much rather use a mouse (or even better, a trackball; i wish most laptops still had those)
Let’s say it costs $10K/month/person so $120K/yr/person. Probably a big overestimate but gotta include healthcare and help people with long term stability.
That’s 120,000 x 1,000,000 = 120,000,000,000 or $120 billion USD.
Idk what the Nth order effects would be but yea I think what you’re saying tracks in the numbers
You cannot just throw money at a problem like homelessness in order to fix it. That is such an incredibly reductive viewpoint. It's akin to saying 9 mothers can birth a child in a month - oh look, we solved the population decline crisis! Someone go tell Japan!
Insider trading is not about fairness, it's about theft. If you insider trade on the stock market then, in a crude simplification, you steal profits from the company you have a fiduciary duty to, or some extension of that. It has nothing to do with a level playing ground, every trading company out there is trying to find information others can't and then trade on it.
What? How do you figure that? If I happen to know that my company is about to report very bad quarterly numbers, so I sell all my stock, then it tanks, I’ve just screwed whoever bought the stock, that in the most cases, will be some random people. The company does not benefit or hurt from stock prices unless they are buying back or issuing more stock.
Because that's what the law says? And the company most definitely does benefit and hurt from a fluctuating stock price, it's one of the key drivers behind financing conditions. What you describe is a simpleton view of the financial market.
On one hand, cool demo, on the other, this is horrifying in more ways than I can begin to describe. You're literally one prompt injection away from someone having unlimited access to all of your everything.
Not the person you're replying to, but: I just use a separate, dedicated Chrome profile that isn't logged into anything except what I'm working on. Then I keep the persistence, but without commingling in a way that dramatically increases the risk.
edit: upon rereading, I now realize the (different) prompt injection risk you were calling out re: the handoff to yt-dlp. Separate profiles won't save you from that, though there are other approaches.
Even without the bash escape risk (which can be mitigated with the various ways of only allowing yt-dlp to be executed), YT Music is a paid service gated behind a Google account, with associated payment method. Even just stealing the auth cookie is pretty serious in terms of damage it could do.
Agreed. I wouldn't cut loose an agent that's at risk of prompt injection w/ unscoped access to my primary Google account.
But if I understood the original commenter's use case, they're just searching YT Music to get the URL to a given song. This appears[0] to work fine without being logged in. So you could parameterize or wrap the call to yt-dlp and only have your cookie jar usable there.
Oh, that's true, even allows you to play without an account. I can swear that at some point it flat out refused any use unless you're logged in with an account that has YT Music (I remember having to go to regular YouTube to get the same song to send it to someone who didn't have it).
You get used to it :) And especially once you get used to the YOLO lifestyle, you end up realizing that practically any form of security is entirely worthless when you're dealing with a 200 IQ brainwashed robot hacker.
For now you are. All these things fall with time, of course. You will stop caring once you start feeling safe, we all do.
Also. AAarrgh, my new thing to be annoyed at is AI drivel written slop.
"No browser automation framework, no separate browser instance, no re-login."
Oh really, nice. No separate computer either? No separate power station, no house, no star wars? No something else we didn't ask for? Just one a toggle and you go? Whoaaaaaa.
Edit: lol even the skill itself is vibe coded:
Lightweight Chrome DevTools Protocol CLI. Connects directly via WebSocket — no Puppeteer, works with 100+ tabs, instant connection.
I feel like there's nothing fucking left on the internet anymore that is not some mean of whatever the LLM is trained to talk like now.
What can you do? I mentioned the use of AI on another thread, asking essentially the same question. The comment was flagged, presumably as off topic. Fair enough, I guess. But about 80% (maybe more) of posted blogs etc that I see on HN now have very obvious signs of AI. Comments do too. I hate it. If I want to see what Claude thinks I can ask it.
HN is becoming close to unusable, and this isn’t like the previous times where people say it’s like reddit or something. It is inundated with bot spam, it just happens the bot spam is sufficiently engaging and well-written that it is really hard to address.
As long as it’s gated and not turned on by default, it’s all good. They could also add a warning/sanity check similar to “allow pasting” in the console.
These are great, thank you so much for sharing the recommendations. I tuned in to NTS and casually just kept on listening for a very long time. If anyone else has good recommendations, I'm all ears. Thank you.
Check out mixes by Blackest Ever Black label (now defunct) from NTS and Berlin Community Radio, listening to them literally feels like a journey. Funny part, sometimes they use a contrasting tune to end a mix, which creates a feeling similar to movie credits roll in the end.
Having a search and having a functional search are two very different things though. To this day, the search on many sites is so bad that it's actually better to use a search engine and scope by site rather than use the site search.
While I see the point the author is trying to make, I'm not really sure I agree. Most users don't even read error messages, never mind logs. At best, logs are something they need for compliance, for most, the concept doesn't exist at all. I do agree that the logs should help you understand what went wrong and why, but in that regard the principle is the same for both sysadmins and developers and I don't really see the difference?
In my sysadmin work I curse every developer who makes me fire up strace, tcpdump, procmon, Wireshark, etc, because they couldn't be bothered to actually say what file couldn't be found, what TCP connection failed to be established. etc.
I get the impression that often it isn't laziness but the concept that error details leak information to an attacker and are therefore a vulnerability.
I disagree with this view, but it definitely exists.
Sysadmins needs logs that tell them what action they can do fix it. Developers need logs that tell them what a system is doing.
Generally a sysadmin needs to know "is there an action I can do to correct this" where as a dev has the power to alter source code and thus needs to know what and where the system is doing things.
> Most users don't even read error messages, never mind logs.
Yes, see all the questions on StackOverflow with people posting their error message without reading it, like “I got an error that says ‘fail! please install package xyz!’, what should I do?!?”.
I think that's being very generous. If you've ever been in tech support, you'll be amazed at how often you'll be asked what to do when it tells me to do X.
If they don't know how to do X, then they should be able to look up how to do X. If it's something like install 3rd party library, then that's not the first party's responsibility. Especially OSS for different arch/distros. They are all different. Look up the 3rd party's repo and figure it out.
I've worked in tech support. I get that 25-50% of the cases appear to be "read the docs to me." But the majority of those is because docs are poorly written, are overwhelming for new users, or they don't understand them and won't admit that directly.
on friday i got 2 calls saying "my phone is no longer showing me my emails, please fix" when the error message they received was roughly "please reenter your password to continue using outlook".
on wednesday i got a call saying "the CRM wont let me input this note, please fix" when the error message was "you have included an invalid character, '□' found in description. remove invalid characters and resubmit".
> but in that regard the principle is the same for both sysadmins and developers and I don't really see the difference?
No, it's very different: developers generally want to know about things they control, so they want detailed debugging info about a program's internal state that could have caused a malfunction. Sysadmins don't care about that (they're fine with coalescing all the errors that developers care about under a general "internal error"), and they care about what in the program environment could have triggered the bug, so that they may entirely avoid it or at least deploy workarounds to sidestep the bug.
> Most users don't even read error messages, never mind logs.
They don't need to. The log message is so helpdesk have something actionable, or so it can be copy pasted into google to find people with similar problem maybe having solution.
Oddly enough though, my journey into computers was greatly assisted by my curiosity at random log files that were being dumped to my desktop constantly.
reply