Because it’s dumb.

Proton then stated that they “stand with journalists” but “cannot see the content of accounts and therefore cannot always know when anti-abuse measures may inadvertently affect legitimate activism.”

Every legitimate email service has anti abuse policies in place. The alternative is letting the service be turned into a bot farming operation, or worse.

Still waiting for your recommended alternatives.

I think I have asked a very clear cut question. Will patiently wait for your answer.

What a childish take.

Proton cannot operate outside of the law. Swiss laws may be privacy friendly, but that does not imply that court orders can be ignored.

But if you think so, then please name a single entity that after not complying with a court order, was still allowed to continue operations or was not fined.

Nowhere in that paragraph says that they will ignore the law.

Any service out there that would not comply with these orders, is a service that could not legally operate in these countries.

What you describe is a very recent phenomenon. They all were Windows exclusive until around when Microsoft announced the Windows 10 EoL date. Up to that point, pretty much every single video touching Linux, and especially those with Linus as the protagonist, were quite negative, sometimes for no reason at all, e.g. when he complained about UI elements that weren’t aligned with the Windows UX.

And this isn’t new either. Linus has a bias, like everyone else, and that’s fine, but one cannot play personal preferences as the gold standard, see his long term opinion about the iPhone vs Android, or his early videos trying to use Linux. The latter especially are famous in the Linux community of creators, you can find several reaction videos commenting on the topic.

They know. They just don’t care.

2FA should probably be enforced for the process of publishing packages

The most successful recent attacks haven’t relied on stolen user credentials, so this point is kind of moot. API tokens are way easier to obtain and use. Typo squatting and phishing are more effective, and attackers generally don’t need to bypass 2FA.

Linux distros usually rip out build scripts and build systems in order to replace them with their own, but this also further limits the code you have to audit.

Linux users who routinely download and compile src packages is a minuscule attack vector. Most users download binaries, so this point isn’t true either.

And look, I agree that MFA should be mandatory everywhere, and sandboxing is great, but the truth is that the JS ecosystem is chock full of lazy and sloppy devs. That’s just how it has been for the longest time, and no amount of security measures targeting them specifically is going to fix the current state of affairs, because as soon as one is implemented, someone will find it too cumbersome and will find a way to override it. The whole ecosystem needs adult supervision.

But honestly, I believe that JS in the backend has been a massive mistake and we all should abandon it as soon as possible. There are plenty of better languages and ecosystems out there, no need to keep self inflicting this kind of pain.

I see that we are making things up now, aren’t we.

Besides, what does “focus on fractions over decimal calculations” even mean? Fractions and decimals are inextricably linked. Even more, there are calculations that can be expressed more precisely as fractions than with decimals, and there are those that can be expressed as decimals but not as fractions.

So? Calculators have been better at math than students for the longest time, do we delete basic math from the curriculum too?

RISC-V is more like 1-3 years away from CPUs existing that have competitive performance in datacenter workloads. Not decades

I’ve been hearing this for the past five years.

People seem to forget that if one arch moves forward, so do every single competitor out there.

I would like to know what’s the influence of first generation immigration in these charts, because the states are kind of shit at reporting that.

My kids speak Spanish. They can read in both Spanish and English, but they learned Spanish first, so it took them a while to catch up in English. Many of their classmates come from Spanish speaking families, English is their second language, and they have a bit more of trouble. The issue here is that state level standardized testing doesn’t seem to care about Spanish at all, so you may find a bunch of very smart kids who score below average just because they speak more than one language, which is frankly insane.

I don’t know why it wouldn’t. This is the model Go uses, their package registry is just a glorified index of code repositories.

C is not that popular nowadays because most devs don’t want to deal with the tradeoffs, most importantly memory handling and management.

Because distro packages rely on a small group of trusted maintainers, while anyone can publish anything to the NPM registry.

Also, distro packages are usually full fledged applications or libraries, which require a certain number of developers upstream to maintain them. There are thousands of NPM packages out there that are essentially walking corpses waiting to be infected.

Are you suggesting that kids should stop learning basic arithmetic?

Yes. The one they had to promote Squid Game a couple years ago was especially loud.

I’ve seen these running in East Asia for several years now, admittedly not in 3D but still really annoying, as they can get extremely loud sometimes.

That’s not enough for production code.

Besides, this just reads like what a kid does with a Lego.

I’m sorry, does this mean that students were taking tests unsupervised until now?

Yet the need for skills remained.

What kind of skills are needed to ask a non deterministic machine to code things one cannot understand in the first place?