If you purposely go into your phone settings and turn off auto-capitalization (which is what the kids do, since they're all typing on their phones), isn't it the very definition of pretentiousness? You're going into extra trouble to signify you're part of a clique, while feigning "laid-backness" and "i dont even care bro".
But you do care. You care so much to project your appearance of being cool and that you don't even care that you go through extra trouble to keep it up, even though paradoxically it would be LESS effort to not do it.
I think you are reading to much into kids trying to break norms and trying to be "part of a clique". It's not pretentiosness, it's part of finding yourself. They are also actively trying to get you to not read them because you are old and think they "are not serious" so mission accomplished I guess. And time will tell if these kids will invent something you have to respect. (Spoiler alert, we did and they will to)
I turn off autocapitalization on my phone so I can be consistent with my computers where it IS more effort to use capitalization. I also believe quite dogmatically that computers should not try to be smarter than me, I can press the buttons I intend to press, including the shift key on a phone keyboard.
This is not because I’m super cool, it’s because I’m an old man and I’m still typing in 2025 like I was typing on IRC in 1998 when nocapsing was absolutely dominant.
But if I type in a space where proper capitalization is expected, like HN, I do it (this was typed on my phone with no autocorrect, suggestions or autocapitalization — I know, I’m dumb and my opinions and settings are wrong). If it was my personal blog however I would do whatever I felt like doing.
Of course you are free to do what you want on your blog, but some choices make it harder to read. IMO not capitalising is similar to using hard to read fonts or colours.
You're describing a 15 second effort that is performed at most once per phone purchase, and at its least once in the owner's entire history of iOS backup/restore processes. Less total effort than our comments took to write. You're then reading a whole lot into that.
> If you purposely go into your phone settings and turn off auto-capitalization (which is what the kids do, since they're all typing on their phones), isn't it the very definition of pretentiousness?
That's incredibly presumptuous of you. That they're on their phone, that they had auto capitalization defaulted to on, that it's them who turned it off, that they didn't turn it off for whatever other reason (bugginess).
Cat's out of the bag there already. We all have general purpose computing devices in our pockets, locked down on purpose. Android used to allow you to gain admin rights but it's been getting more and more impossible to do so while still keeping most of your programs working. It's not only a cat-and-mouse game against "rooting detection" SDKs companies licence and plug into their apps out of a misguided duty of care, but it's especially bad with anything that uses Google's remote attestation lately.
Android is also about to lock down "sideloading", another "great" dysphemism for "installing software".
Moving the Overton window on this has been so successful, that even people in our industry happily accepted the much maligned dysphemisms of "jailbreaking" and "rooting" for what used to be called "local admin rights" and look upon such access as if it's only something pirates, criminals or malware spreaders would want to do.
I say this as someone who is running an Android phone with a kernel with some backported patches applied and compiled by myself. The fact that I can do it is great. The fact that the entire industry is trying to make it as frustrating as possible for me to do this under the guise of false premises such as "security" is disheartening.
Correct. Age verification and privacy consents belong on the browser. The issue is that on the browser, things work a bit too well (remember https://en.wikipedia.org/wiki/P3P ?), so the big players are incentivized to ignore completely the browser-based mechanisms and say/do nothing whenever they see lawmakers going on a dumb direction (risking fines is a reasonable price to pay in order to kill adoption of an actual browser/OS based control that would cause a dent to their tracking operations) that puts the onus on individual website operators.
The insane question here is, why would the EU mandate hardware attestation controlled by two private American companies in order to access services?
That seems completely contrary to the spirit of EU laws and regulations, which tend to be about protecting the consumer, preventing monopolies, ensuring people can generally live their lives where all things that are mandatory are owned and ran by the state and foster a certain degree of EU independence, with a recent focus on "digital sovereignty".
This one is a five for one against all of those goals? Harms the customer (you could see this as the polar opposite of GDPR), strengthens entrenched monopolies, force citizens to be serfs of one of two private corporations in order to access information, and on top of that, like it wasn't enough, willingly capitulates to the US as the arbitrates of who is a valid person or not.
This is so against the spirit of the EU itself that it would almost be funny if people weren't serious.
> The insane question here is, why would the EU mandate hardware attestation controlled by two private American companies in order to access services?
Because the EU doesn't actually care about privacy, otherwise they wouldn't be trying to do this and ChatControl. They care about being the main ones to spy on you, and maybe using fines as additional "taxes" on rich foreign companies. That's it.
Take any group of a hundred tech people (devs, analysts, architects, etc.), and 95 of them will do everything with their stock Android or IOS smartphone. Maybe 3 will consciously limit their use of that device, and the remaining 2 reluctantly use something sane like GrapheneOS. Those two might pipe up and take a stand for people without smartphones (which includes a very varied swath of people, from Luddites to people with disabilities), but they'll get drowned out by sighs, sheepish looks, and the chorus of 'let's just start with those two smartphone OSes, and if after a year or two people still really need something else, a new project can be started to address that'.
It's not an insane question, it just doesn't get asked.
> The insane question here is, why would the EU mandate hardware attestation controlled by two private American companies in order to access services?
Please (kindly) ask Paolo De Rosa [1], Policy Officer at the European Commission and driver of many of the decisions behind the wallet and the ARF. His position is one of fatalism: that it's "too late"; the duopoly of Goople is entrenched, and it's therefore not a problem if the wallet project entrenches it even further. Regrettably quite a lot of member states agree, although representatives of France and Germany specifically are frequently standing up to the fatalism.
> The insane question here is, why would the EU mandate hardware attestation controlled by two private American companies in order to access services?
Because this is being pushed by lobbyists to use hardware attestation to make it piratically mandatory for every citizen in the EU to be registered to either Apple or Google with a real id for all non-trivial online interactions at all times. The people behind this push neither have the technical knowledge nor care in the slightest that this is the consequence.
The app this discussion is about is a reference implementation that is part of a long-term process for building a digital identity app. Specifically, this discussion is about the age verification part of the app, which is the first part expected to be finished but is also only a small part of a much wider ideal.
Europe's dependence on American tech is a major pain point but realistically, there are only two smartphone vendors. If a European vendor does rise up, I'm sure whatever app comes out of this process will happily hook into the hardware attestation API for that OS as well.
But you could do attestation on GrapheneOS, no need to require the users to have Google spyware preinstalled. Google is abusing its position here, attestation should be to verify the security model, not Google's business model..
When scoped to attest the full software stack down to the kernel, yes, because it takes control away from the general purpose computing device that the user supposedly owns. I don't however have a problem with attestation scoped to dedicated hardware security devices such as Yubi Keys.
And if such dedicated hardware is ever required by the law, the manufacturer should be prohibited from bundling any business-related functionality there (such as displaying ads) that can't be turned off without breaking the certification.
Google's ad business model should never be mandated by law, unfortunately lawmakers seem to be unaware that this is what requiring Play Integrity effectively means.
Yes, and remote attestation should be illegal on any general purpose computing device, for some reasonable definition of what that is. General purpose computing should be a human right, in particular the right to change the software running on devices that you own.
This "identity wallet" is such a hostile idea, require identification for everything instead of thinking about how to remove identification (for example, allow anonymous banking, traveling).
Agreed. I refuse to use the terms "rooting" and "jailbreaking" in professional environments, I always use terms like "admin access to the mobile device".
Because that's what it is, despite the extremely successful campaign to paint people who want admin access on their mobile computers to be painted in the same light as pirates.
We have a near perfect system for finding the location of phone thieves, yet the police will not go and knock on the doors of criminals even when explicitly shown proof of "this is where the thief is currently".
Yeah it's odd and annoying. I realize the prisons are full but you could fine them £50k and have them pay it off over then next few decades or something.
I'm not victim blaming here, but does anyone have this nagging feeling that in this case, we, the "techies" caused this by refusing to engage with lawmakers?
In the case of E2E encryption, it's definitely a hill to die on, there is no way to make a backdoor "only the good guys" can access. But in this case, the long standing refusal for the tech industry to engage in even the lightest of lobbying towards having legal regulation for standards seems to bite us in the ass every now and then. We've seen it time and time even for things that are non controversial and would clearly benefit everyone: why is BCP 38 not mandated by law in any country? Why is IPv6 at the ISP consumer edge not mandated by law?
All of this could have had the same effect if instead of putting the onus of age verification on millions of websites, you instead put it onto the "customer end device", with some definition as to have it only apply to anyone who sells devices used to access online content with more than X% market share (meaning effectively Microsoft, Google on behalf of all Android OEMs and Apple, plus TVs and console makers).
You'd also put into law what content providers need to do to become compliant. It drops from "having a robust system of age verification" into "if you're serving content over HTTP and your content is for over 18, you need to send a specific over 18 header". If you're publishing an app on a walled garden app store, you need to specify the age rating (as one does already). If you state your page is good for under 18s when it's actually over 18, you then incur a fine.
Then it's really just up to OS makers to build support for the above into the parental controls functions that mostly already exist. Implement the header checking on the browser. Then restrict over 18 apps and outside app store that aren't explicitly authorised: this ensures no alternate browsers could be installed or ran by a child, while leaving them freedom to roam the web and install under 18 apps. The issue with existing parental controls is twofold: the web is a wild place and manually vetting every single app your kid wants to install is overbearing so everyone gives up on parental controls.
Then it's a matter of, when you buy a phone for your kid, you click a button "the user is a child, enable parental controls, set the grown up password". If parents fail to even do this, then clearly it's their own fault?
You'd specifically leave out non-HTTP protocols and leave a bunch of technical loopholes that could be exploited by technically minded people. It would both limit the amount of wreckage to things the common people doesn't even know it exists and make sure this wouldn't creep into places it doesn't belong. Sure, teenager who downloads Arch into a USB pen drive and boots off it can then access whatever they want, or someone who finds they can get into IRC and XDCC a bot for hot JPEGs, but at that point they clearly earned it.
I get the feeling that we've fucked it, left very important regulations up to people who have no clue and now we get the most onerous and worst implementation possible of things every single time put into law. We could have done the same with cookies, there's like, three browsers. Remember P3P? https://en.wikipedia.org/wiki/P3P
Usually I would agree with you, but this is an incredibly common initialism, used by not just people in the industry, but also by consumers. Sure, it may not be as widespread as VHS (global) or API (tech-adjacent), but anyone who is in the market for this software already knows what NVR means.
Most people would know the term from either being quoted or looking up CCTV solutions, all of which, unless they're fully "cloud-based", come with a component that is called the NVR. You wouldn't even consider this if you weren't aware of the concept. If NVR means nothing to you, Network Video Recorder doesn't mean anything to you either. This is meant to be a replacement for closed and inflexible hardware boxes that are sold together with security cameras, and the name of those boxes are "NVRs".
NVR is to distinguish it from DVR, Digtal Video Recorder (ironically it's not really digital, more like analog) It's much cheaper than NVR, because the camras are simple and diffrere the encoding to the DVR unit.
And there XVR wich can combine both Network and Digital cameras
Which is odd because the first time I heard the term DVR was in the late 1990's, referring to the box that was used to record TV signals digitally for playback and/or ad-skipping. The term distinguished it from things such as VCRs, which recorded in analog, on tape. Those DVRs were, in fact, digital.
If the recorder uses digital video as its storage, it's a real DVR, even if the video input is that weird HD variant of NTSC that's everywhere in security cameras
As a video professional, with many devices for recording video both at baseband and via ip, and responsible for delivering audio and video streams via networks to tens of millions of people, I had no idea what “NVR” meant.
I don’t believe video professional equates to security professional. Would not expect someone who is a video professional to know NVR but at the same time if you don’t know what an NVR is I would not expect someone to be using this software. The entry point into this space is an NVR.
Niche term yes but if you don’t know what an NVR is you probably don’t want to go down the road of Frigate. It is a lot more common than you might think these are traditionally deployed in most small biz.
Please take a breath and step away. I am pointing out that if you don’t know what an NVR is you most likely don’t want to mess with Frigate. It’s possible you do and you will learn a lot but in a thread about initialism, knowing what an NVR is tablestakes knowledge to running a Frigate deployment. It’s ok we disagree! Don’t degrade yourself to the level of a childish argument.
> What's the big deal that you need to call hard drives by an acronym that doesn't even mention that they're drives? No duh, of course the drives are on a network, and of course they store data.
See the problem?
Frigate is not "Cameras". Not all cameras are networked. Not all cameras record. Not all software that integrates with networked cameras is NVR software.
Sorry you took offense. I believe in a thread about initialism that some forms are expected based on the nature of the content. And specifically in this case, I am not sure what a video professional has to do with someone who works in security. So no I don’t need to stop and to be frank if you don’t know what a NVR is Frigate is most likely not a great solution but it also might be and you will learn a lot!
Please consider that we're not all English-speaking, and that such terms may be unknown to people who aren't from your culture, even if we do understand your language. CCTV could mean "China Central TeleVision" for instance ;-)
In the context of surveillance cameras it is perfectly clear what CCTV stands for, and if it is an unknown to someone because they are not familiar with the english language it is also perfectly reasonable to just force them to look it up like they would any other english word they are unfamiliar with.
Acronyms are not the same as the English language as they are not words by themselves but compressions. "Closed-circuit television" is self-evident to a reader; CCTV isn't. And "in the context", yes, but readers are not necessarily experts in their fields. This is why many news publications usually expand acronyms.
So to be clear, I think that it would make sense for Frigate to define NVR the first time they use it on their site. However, this isn't a news publication and I really don't think it's unreasonable to expect any serious visitor to the Frigate site to be expert enough to know what an NVR is.
But the site is for software managing... CCTV solutions.
I didn't know what NVR meant either but it seems reasonable for Frigate to assume 90% of the people coming across their site would be given the context.
You seem really worked up over some perceived slight by people you'll never meet running some random website committed against you, personally, with intent.
You think they have contempt for you? "The feeling or attitude of regarding someone as inferior or worthless." "The state of being despised." That's a bit of a stretch.
There's nothing wrong with expecting people to do ~10 seconds of research to find out what an acronym means. It look me less time to open a tab, type "nvr video", wait for the HTTP request, scan the page, and close the tab than it did for me to write the last sentence of this comment.
Hard disagree. I've just started looking at some home monitoring and was extremely frustrated by this assumption because literally everyone assumes you already know. Home Assistant documentation uses it, frigate's home page uses it, pages like this use it. It's not ubiquitous enough in the vernacular to simply be a proper noun (eg nobody cares that "LASER" is an acronym).
I finally had to look it up on Wikipedia so I could understand what they were even referring to and "Network Video Recorder" was much clearer as to what the component was. Overall it creates barrier to entry where everyone operates on the assumption that you're only shopping because you're already a customer.
I don't understand why they keep trying this over and over. It can't possibly be a moral crusade as it keeps happening with different players, but I don't understand the purpose.
We now live in a world where the opposite routinely happens: a crime happens, you give the police access to Apple or Google's Find Device / Find My data, they throw it in the trash. Law enforcement has more data to find and procecute criminals than they have time. People get scammed out of money by the thousands every day, over the phone, an insanely easy system to tap and trace. No one gets arrested.
Who is actually repeatedly pushing for things like these within the EU? For what purpose? What crimes went unprocecuted because of the unability to perform mass surveillance like this? It seems that all the time, when law enforcement actually cares about, it's trivial for them to get evidence? So why does this keep popping up every year?
I really don't, what is the answer? I assume higher ups at law enforcement, who are detached from the day-to-day operations, make up excuses about "end to end encryption being a challenge" because it's a meme, much like execs in our fields parrot "challenges" to boards and VC investors that are often fully removed from actual execution issues.
And then because it comes up in slides so much at that higher level, politicians actually start thinking that's why we haven't solved all crime, our guys are competent and clearly they're not understaffed, it's that pesky "not being able to break end to end encryption" that is preventing law enforcement from doing their work!
>It can't possibly be a moral crusade as it keeps happening with different players, but I don't understand the purpose.
it's not a moral crusade. they don't give a shit about children. they don't give a shit about crime. to the people in power, crime - even the most heinous kind - is just background noise. the laughably short sentences given to the perpetrators of the most heinous crimes in the EU/UK reflect that.
mass surveillance is a means to identify and suppress dissent.
the people in power care only about maintaining it. it's that simple. and once you acknowledge that, it will finally make sense why the US/EU/UK are implementing the same measures that China and Russia do.
That's pretty much exactly why. The EU is structured in a way where various groups keep proposing things and the elected representatives keep voting against them. There's no law saying they can't keep proposing the same things that keep getting rejected, so, they do.
We have this exact same post multiple times a year, where an EU body proposes a bad encryption law and everyone gets angry about how authoritarian the EU is. And then everyone forgets about it before the elected representatives get to vote on it and they vote to reject it, but that doesn't get to the front page so it doesn't give everyone the opposite emotions.
Also, end-to-end encryption is a challenge to law enforcement - idk why you think that's a meme. If they could just spy on all citizens 24/7, they could solve crime so much more easily! (Now that's a meme)
> Next year, the EU Commission is set to present a Technology Roadmap on encryption to identify and evaluate decrypting solutions. These technologies are expected to equip Europol officers from 2030.
> Now, lawmakers promise to be committed to finding the right balance between "allowing for efficient and future-proof solutions to facilitate law enforcement’s lawful access to digital information, while respecting the right to privacy and maintaining high levels of cybersecurity," said EU Commissioner for Internal Affairs and Migration, Magnus Brunner.
Basically the status now is "we've heard that most people think it is a really shitty idea, but we really, really think we can make it work and are going to come up with how! Just give us some time!"
It is misguided, wasted money and effort, and deserves to be called out as such; The chances of it actually being implemented are very, very small, however.
I’d imagine there’s a lot of money chasing around the lobby and some of it just slushes into things like these. Easy passive income when you think about it.
But you do care. You care so much to project your appearance of being cool and that you don't even care that you go through extra trouble to keep it up, even though paradoxically it would be LESS effort to not do it.