Both Apple and Google offer the ability for your app to intercept and modify messages before being displayed. Use that to send encrypted messages and decrypt them there, using your own code on the user’s device.

That framing Makes it sound like the app developer has to do something active to keep message cleartext out of notifications. That's not how it is on Android.

A Firebase Cloud Messaging push notification contains what the app developer's server puts in it. That could include the message body or it could just be an instruction to the app to poll the server for new messages. It has nothing to do with the notification that's displayd on an Android device. Those are entirely local.

An app that cares about privacy wouldn't send anything more than a poll instruction over FCM.

You can implement either approach on iOS as well.

But if you have strong end-to-end encryption for messages, then you don’t have to care about the transport anymore, you assume they’re all compromised. At that point you might as well use the push notification system as your transport, given both OSs allow applications to intercept the push notification locally and decrypt it before it’s displayed to the user.

Plus, decrypting using a key stored locally cuts out a network roundtrip, which has battery and data usage impacts.

This has performance/reliability tradeoffs.

In fact this is what both iMessage and Signal (and maybe Whatsapp too but I can’t tell from a quick google) do.

Moving over to the management track and trying to not suck at it.

Tell your developers to start logging the exception, not just a hard-coded error message.

Not my devely. Most of us support stuff written by external vendors, and most of us don't get to choose who that vendor is.

It’ll work great if you can get the drivers all aligned properly. I’ve tried a few times to get my 12 year old Brother laser setup like that, and each time I end up throwing in the towel.

Maybe I’ll try it again someday with an LLM assisting.

CUPS just worked, it even supports AirPrint natively now. Thankfully my printer supports IPP (it's an all in one office type), so I didn't have to do much other than install a couple packages, add the printer and configure the default paper size.

The United States does not have a Secretary of War, and has not since 1947.

Does it matter?

It does to the person who asked the question.

Whether their concerns are driven by curiosity, ethics, philosophy, or something else entirely is really immaterial to the question itself.

As someone who has worked in projects with hundreds of seemingly trivial dependencies which still manage to produce a steady stream of security notices, "What qualifications do you have to write this software" seems like an entirely reasonable, far too seldom asked question to me.

Sure, but that seems like quite a high gatekeeping bar for a test suite.

What test suite?

I dont automatically dismiss ai slop but when its obvious this was barely reviewed and sloppily committed with broken links 404ing or files missing from git, then it is slop.

Using llm as a tool is different from guiding it with care vs tossing a one sentence prompt to copy localstack and expecting the bot to rewrite it for you, then pushing a thousand file in one go with typos in half the commit message.

Longevity of products comes from the effort and care put into them if you barely invest any of it to even look at the output, look at the graveyard of "show hn" slop. Just a temporary project that fades away quickly

The commits are sloppy and careless and the commit messages are worthless and zero-effort (and often wrong): https://github.com/hectorvent/floci/commit/1ebaa6205c2e1aa9f...

There are no code commits. The commits are all trying to fix ci.

The release page (changelog) is all invalid/wrong/useless or otherwise unrelated code changes linked.

Not clearly stating that it was AI written, and trying to hide the claude.md file.

The feature table is clearly not reviewed, like "Native binary" = "Yes" while Localstack is no. There is no "native" binary, it is a packed JVM app. Localstack is just as "native" then. "Security updates Yes" .. entirely unproven.

I'll have a much harder time convincing my company to try out such a tool if it's AI slop than when there's a group of people behind it.

I'll happily use it for personal development stuff if I ever decide to try cloud stuff in my free time, but it's hardly an alternative to established projects like LocalStack for serious business needs.

Not that any of it should matter to the people behind this project of course, they can run and make it in whatever way they want. They stand to lose nothing if I can't convince my boss and they probably shouldn't care.

I pay $25 for my backup 5G internet - but unlike a mobile plan, it's actually unlimited at 300mbps, and I don't have to resort to TTL shenanigans and such to use it for my whole network. It's just plugged into one of the ports on my router, and provides it with real public IPv4. Ran it for a few days when the fiber dropped out and consumed 200GB without complaint from either myself or the ISP.

How long until “first principles” is a meme like “considered harmful”? Or are we there already?

"from first principles" has been a common phrase in science and philosophy for a long time: https://en.wikipedia.org/wiki/First_principle

Sure, but that's not the way it's being used by your daily twitter/X poster.

Ok, we've removed first principles from the title above.

It's good that MLT did cancel them, but there's still a ton up that way. Mill Creek, Lynnwood, Marysville, just for a few examples.

For me, s/FreeBSD/Debian/. Same reason.