Internet Archive
A misconfigured North Korean Internet cloud server has provided a fascinating glance into the world of North Korean animation outsourcing and how foreign companies might be inadvertently employing North Korean companies on information technology (IT) projects. The incident also underlines how difficult it is for foreign companies to verify their outsourced work is not potentially breaking sanctions and ending up on computers in Pyongyang. ↫ Martyn Williams at 38 North What an absolutely wild story.
DuckDuckGo AI Chat is a private AI-powered chat service that currently supports OpenAI’s GPT-3.5 and Anthropic’s Claude chat models. ↫ DuckDuckGo’s new “AI” chat feature I guess I have to find another search engine.
This is the state of the modern internet — ultra-profitable platforms outright abdicating any responsibility toward the customer, offering not a “service” or a “portal,” but cramming as many ways to interrupt the user and push them into doing things that make the company money. The greatest lie in tech is that Facebook and Instagram are for “catching up with your friends,” because that’s no longer what they do. These platforms are now pathways for the nebulous concept of “content discovery,” a barely-personalized entertainment network that occasionally drizzles people or things you choose to see on top of sponsored content and groups that a relational database has decided are “good for you.” ↫ Edward Zitron Corporate social media has gotten so bad, they’re basically unusable. The rare times I open Facebook to like a picture my mother posted or whatever, I’m just gobsmacked by how utterly unusable it has become. I’ve never used Instagram, but whenever I accidentally end up there, I have no idea how to navigate that place. YouTube is more ads than video if you don’t pay for Premium (which I do, because I use YouTube a lot so I get enough value out of it). Twitter is barely worth a mention – it’s no surprise that a social network bought and run by a nazi is now even fuller of nazis than it already was. It’s not just social networks, either. The web as a whole feels like it’s been looted and plundered, and turned into a flyover state strip mall. Browsing the web is, for me at least, virtually impossible without autoplay blockers, my Pi-Hole, Consent-O-Matic, and settings to permanently block requests for location and notification access. The rise of “AI” has only made everything even worse, especially now that the big, wealthy content networks that, yes, own all your favourite technology news websites are also looking into it. Luckily, there’s also a countermovement brewing. I’ve focused OSNews’ entire “social” strategy on Mastodon (and the various other ActivityPub tools), as it’s the only social medium that’s usable and enjoyable. With the nazis remaining on Twitter, and all the brands and influencers on Facebook (or Threads or whatever), everyone else interested in technology coalesced around the Fediverse, and it’s been a massive boon for a small website like OSNews trying to steer clear from all the SEO enshittification. There’s no spam, only relatively small, approachable brands, no influencers, no algorithms – just real, ordinary people, who also care about a usable, fair, and equitable web. I hope that OSNews can eventually be run without any ads at all, but that’s going to take a lot more consistent work from me to convince more and more people to support us through Patreon or Ko-Fi, or for companies to become sponsors. However, I am convinced it’s a better route to take than trying to chase the SEO dragon, because we all know where that leads to.
For quite a while now, you might have noticed various people recommending a search engine called “Kagi”. From random people on the internet, to prominent bloggers like John Gruber and David Pierce, they’ve all been pushing this seemingly new search engine as a paid-for alternative to Google that respects your privacy. Over the past few months to a year, though, more and more cracks started to appear in Kagi’s image, and I’ve been meaning to assemble those cracks and tie a bow on them. Well, it turns out I don’t have to, because lori (I’m not aware of their full name, so I’ll stick to lori) already did it for me in a blog post titled “Why I lost faith in Kagi“. Even though I knew all of these stories, and even though I was intending to list them in more or less the same way, it’s still damning to see it all laid out so well (both the story itself, as well as the lovely, accessible, approachable, and simple HTML, but that’s neither here nor there). Lori’s summary hits on all the pain points (but you should really read the whole thing): Between the absolute blase attitude towards privacy, the 100% dedication to AI being the future of search, and the completely misguided use of the company’s limited funds, I honestly can’t see Kagi as something I could ever recommend to people. Is the search good? I mean…it’s not really much better than any other search, it heavily leverages Bing like DDG and the other indie search platforms do, the only real killer feature it has to me is the ability to block domains from your results, which I can currently only do in other search engines via a user script that doesn’t help me on mobile. But what good is filtering out all of the AI generated spamblogs on a search platform that wants to spit more AI generated bullshit at me directly? Sure I can turn it off, but who’s to say that they won’t start using my data to fuel their own LLM? They already have an extremely skewed idea of what counts as PII or not. They could easily see using people’s searches as being “anonymized” and decide they’re fine to use, because their primary business isn’t search, it’s AI. ↫ lori at lori’s blog The examples underpinning all these pain points are just baffling, like how the company was originally an “AI” company, made a search engine that charges people for Bing results, and now is going full mask-off with countless terrible, non-working, privacy-invasive “AI” tools. Or that thing where the company spent one third of their funding round of $670,000 on starting a T-shirt company in Germany (Kagi is US-based) to print 20,000 free T-shirts for their users that don’t even advertise Kagi. Or that thing where they claimed they “forgot” to pay sales tax for two years and had to raise prices to pay their back taxes. And I can just keep on going. To make matters worse, after publication of the blog post, Kagi’s CEO started harassing lori over email, and despite lori stating repeatedly they wanted him to stop emailing them, he just kept on going. Never a good look. The worst part of it, though, is the lack of understanding about what privacy means, while telling their users they are super serious about it. Add to that the CEO’s “trust me, bro” attitude, their deals with the shady and homophobic crypto company Brave, and many other things, and the conclusion is that, no, your data is not safe at Kagi at all, and with their primary business being “AI” and not search, you know exactly what that means. Do not use Kagi.
If you haven’t already heard of Beeper, welcome! Beeper is a universal chat app for Android, iOS and desktop. Our goal is to build the best chat app on earth. Beeper is built on an open source chat protocol called Matrix. Over time, we’ll help people migrate from proprietary, siloed chat networks to an open standard for chat. If you’re interested in learning about this, we’ve written more about our intentions. ↫ Beeper team Beeper is just great. Because I’m European and have ties to two different countries with vastly different chat preferences, as well as a number of friends living all over Europe and the US, I’ve always had to deal with at least four different instant messaging applications. Beeper, and especially the recent completely redesigned Android version, is so good and seamless that I no longer need to use the individual applications at all. It’s not perfect – the new Android version (the iOS version is old and outdated compared to the Android one) still has some issues. If you receive a video and play it, it doesn’t maximise unless you perform a very delicate zoom in pinch. Sometimes, sending video fails. Some emoji replies on some services look huge and pixellated. I’m sure these are all relatively low-hanging fruit types of bugs that’ll get fixes over the coming weeks and months now that the application is out of beta. However, the actual core of the application has been working amazingly well for me. Beeper also has another major announcement. I’m excited to announce that Beeper has been acquired by Automattic. This acquisition marks the beginning of an exciting new chapter as we continue our mission to create the best chat app on earth. ↫ Eric Migicovsky Automattic is the company behind WordPress, Tumblr, Pocket Casts, and a whole load of other products and services. Beeper seems like a good fit, since Automattic recently also acquired Texts.com, another multi-platform messaging client.
I’ve been talking about Servo, the Rust browser engine project originally started at Mozilla, for a while now, and while the project’s still got a long way to go, it’s definitely a serious contender to become a competitive browser engine in the future. It seems it’s starting to get some traction already, as The KDAB Group is working on bringing Servo to Qt. At KDAB we managed to embed the Servo web engine inside Qt, by using our CXX-Qt library as a bridge between Rust and C++. This means that we can now use Servo as an alternative to Chromium for webviews in Qt applications. ↫ Andrew Hayzen and Magnus Groß They’re already showing off a basic QML application rendering websites using Servo, which is pretty cool. It goes to show that Servo can definitely eventually fulfill the role that Chromium, WebKit, and Gecko fulfill now.
On October 3, 2023, Google and Yahoo announced upcoming email security standards to prevent spam, phishing and malware attempts. Outlook.com (formerly Hotmail) is also enforcing these policies. With the big 3 Email Service Providers (ESP) in agreement, expect widespread adoption soon. Today’s threats are more complex than ever and more ESPs will begin tightening the reigns. Failure to comply with these guidelines will result in emails being blocked beginning April 2024. In this article, we’re going to cover these guidelines and explain what senders must do in order to achieve and maintain compliance. ↫ XOMedia Some of these changes – most of them impact bulk senders and spammers – should’ve been implemented ages ago, but seeing them being pushed by the three major email providers, who all happened to be owned, of course, by massive corporations, does raise quite a few red flags. Instinctively, this makes me worried about ulterior motives, especially since running your own email server is already fraught with issues due to the nebulous ways Gmail treats emails coming from small servers. With the rising interest in self-hosting and things like Mastodon, I hope we’re also going to see a resurgence in hosting your own e-mail. I really don’t like that all my email is going through Gmail – it’s what OSNews uses – but I don’t feel like dealing with all the delivery issues people who try self-hosting email lament about. With a possible renewed wave of interest in it, we might be able to make the process easier and more reliable.
This month, after surpassing our legacy layout engine in the CSS test suites, we’re proud to share that Servo has surpassed legacy in the whole suite of Web Platform Tests as well! ↫ Servo blog Another months, another detailed progress report from Servo, the Rust browser engine once started by Mozilla. There’s a lot of interesting reading here for web developers.
Update: a short notice on the blog post now reads that “Floorp’s code is now fully public again.” It seems the developer has reversed course, which is good news. The original article continues below. Recently, a few people suggested I give the browser Floorp a try, a Firefox fork with some additional UI changes and additions. Since it was based on Firefox ESR, however, I saw no point in even trying it, because I prefer to be on the latest Firefox release. It seems I accidentally made the right choice, since yesterday the developers behind Floorp decided to take their modifications closed source. The appearance of Floorp forks – which, may I remind you, is a fork itself – seems to be the cause. I know it’s not nice of me to say, but Floorp has been in too much demand. It am surprise to me that companies and organizations would fork a fork that I had created when I was still a teenager, and at first I was happy about it, but it was not beneficial to me, and on the contrary, it was mentally draining. There were forks that wanted to hide the fact that they were Floorp forks, forks that did not want to contribute to Floorp at all, forks that used the code for life and just changed the name of Floorp, and many other forks were born. ↫ Floorp blog It seems the developer of Floorp is rather young, and started the project as a teenager, and as such, I don’t think we should be too harsh on them – I did some dumb things as a teenager – but complaining about forks of your own fork seems a bit disingenuous, regardless of how young and inexperienced you are. I understand seeing your work forked into competing browsers can be frustrating, but it’s a core part of the open source world, especially if you yourself owe your product to forking, too.
Remember last year, when we reported that the Red Ventures-owned CNET had been quietly publishing dozens of AI-generated articles that turned out to be filled with errors and plagiarism? The revelation kicked off a fiery debate about the future of the media in the era of AI — as well as an equally passionate discussion among editors of Wikipedia, who needed to figure out how to treat CNET content going forward. Gerard’s admonition was posted on January 18, 2023, just a few days after our initial story about CNET‘s use of AI. The comment launched a discussion that would ultimately result in CNET’s demotion from its once-strong Wikipedia rating of “generally reliable.” It was a grim fall that one former Red Ventures employee told us could “put a huge dent in their SEO efforts,” and also a cautionary tale about the wide-ranging reputational effects that publishers should consider before moving into AI-generated content. ↫ Maggie Harrison Dupré Excellent response by Wikipedia. Any outlet that uses spicy autocomplete to generate content needs to be booted off Wikipedia.
Speaking of collecting data, here’s another major content player signing a deal to sell your content to “AI” companies. The owner of Tumblr and WordPress.com is in talks with AI companies Midjourney and OpenAI to provide training data scraped from users’ posts, a report from 404 Media alleges. The report, based on an anonymous source inside the company, says that deals between Automattic and the two AI companies are “imminent.” It follows nebulous rumors that have spread on Tumblr over the past week, suggesting a deal with Midjourney could provide a new revenue stream for the site. ↫ Adi Robertson at The Verge We use WordPress for OSNews, but it seems this only applies to content hosted at WordPress.com, not on WordPress installations hosted elsewhere. If you host a site at WordPress.com, you might want to go to your admin panel and opting-out of this nonsense real fast.
Meta will soon begin “collecting anonymized data” from users of its Quest headsets, a move that could see the company aggregating information about hand, body, and eye tracking; camera information; “information about your physical environment”; and information about “the virtual reality events you attend.” In an email sent to Quest users Monday, Meta notes that it currently collects “the data required for your Meta Quest to work properly.” Starting with the next software update, though, the company will begin collecting and aggregating “anonymized data about… device usage” from Quest users. That anonymized data will be used “for things like building better experiences and improving Meta Quest products for everyone,” the company writes. ↫ Kyle Orland at Ars Technica Is it just me, or is the idea of Facebook collecting this type of data in particular just exceptionally creepy? I mean, browsing history or whatever is one thing – already bad enough – but hand, body, and eye movements, and camera information? Of course, this was the only expected course for Quest owners, but now that the time is here, it still feels just as creepy as when we first imagined it when Facebook bought Oculus.
Should web developers use pixels or ems/rems for accessible fonts? It’s an emotionally-charged question because there are a lot of conflicting opinions out there, and it can be overwhelming. Maybe you’ve heard that rems are better for accessibility. Or maybe you’ve heard that the problem is fixed and pixels are fine? The truth is, if you want to build the most-accessible product possible, you need to use both pixels and ems/rems. It’s not an either/or situation. There are circumstances where rems are more accessible, and other circumstances where pixels are more accessible. ↫ Joshua Comeau The linked article isn’t just an explanation of why, but also a tutorial.
The robots.txt file governs a give and take; AI feels to many like all take and no give. But there’s now so much money in AI, and the technological state of the art is changing so fast that many site owners can’t keep up. And the fundamental agreement behind robots.txt, and the web as a whole — which for so long amounted to “everybody just be cool” — may not be able to keep up either. ↫ David Pierce for The Verge Another thing “AI” does not respect.
As noted by Wired, WhatsApp wants the messaging services it connects with to use the same Signal Protocol to encrypt messages. Meta is also open to apps using alternate encryption protocols so long as companies can prove “they reach the security standards that WhatsApp outlines in its guidance.” The third-party services will also have to sign a contract with Meta before they plug into WhatsApp, with more details about the agreement coming in March. ↫ Emma Roth at The Verge They way this should work is that these megacorporations create free and open APIs any instant messaging application can tap into. I’m not looking to bring other services into WhatsApp; I’m looking to bring all services together in one unified application that respects my platform’s conventions and integrates properly with the operating systems I use. I feel like this contractual interoperability Facebook (and Apple) is offering is not interoperability at all, and does not reflect the spirit of the Digital Markets Act.
I love this quick to-the-point summary of most of the popular browsers out there right now. I’m a Firefox user, of course, since it’s the best choice between Chrome (I’d rather choose death), Safari (not cross-platform so utterly pointless), the various Chrome skins, and Firefox (the one independent browser). Still, I’m continuously worried about Firefox’ future – specifically on platforms other than Windows or macOS – and strongly believe we need more true alternatives for a healthier browser ecosystem.
SeaweedFS is a simple and highly scalable distributed file system. There are two objectives: to store billions of files!, to serve the files fast! SeaweedFS started as an Object Store to handle small files efficiently. Instead of managing all file metadata in a central master, the central master only manages volumes on volume servers, and these volume servers manage files and their metadata. This relieves concurrency pressure from the central master and spreads file metadata into volume servers, allowing faster file access (O(1), usually just one disk read operation). There is only 40 bytes of disk storage overhead for each file’s metadata. It is so simple with O(1) disk reads that you are welcome to challenge the performance with your actual use cases. ↫ SeaweedFS’s GitHub page It’s Apache-licensed and the code is, as usual, on GitHub.
Another month, another pile of improvement to Servo, the rendering engine written in Rust, originally a Mozilla project. This month the proof-of-concept browser UI got forward and backward buttons, making this bare-bones UI just a tiny bit more usable. Of course, the vast majority of changes and improvements are all focused on the actual rendering engine, which makes sense because Servo definitely isn’t ready for any prime time use – nor is anyone claiming it is. I’m incredibly curious to see where Servo goes in the future.
In a major move addressing European regulations, Meta will soon give users in the EU, EEA, and Switzerland significantly more control over how their data is used across Facebook and Instagram. The changes, set to begin rolling out in the coming weeks, aim to comply with the Digital Markets Act (DMA). ↫ Omer Dursun at NeoWin You’ll be able to unlink Facebook’s various services – such as Instagram and Facebook’s main social network thing – and you’ll be able to use Facebook Messenger as a standalone service without needing to have a Facebook account. Sadly, there’s no word on WhatsApp. This only applies to people in the EU/EEA. Americans need not apply.
Made to run natively on all modern operating systems and browsers, Ruffle brings Flash content back to life with no extra fuss. ↫ Ruffle website It’s using Rust and WASM, making it supposedly safer than the real Flash PLayer ever was, and of course, it’s open source too. Their most recent progress report details just how far along this project already is.
