My shower thought since I watched Star Trek: In a world where universal translators are ubiquitous, do babies even need to learn any common language, or do they each develop individual languages and let the UT handle the rest?

UT translating baby noises into articulate language, should have been in an episode.

I have nothing against any meta search engine, they are very useful, and I use them primarily as well.

However, they are not a true alternative, because they depend on third-party services. The same as Invidious is a very useful, but also not an alternative to YouTube itself, just a different user interface.

The best “server-side” anti cheat mechanisms online is streaming the game, and I am sure that eventually some talented developers are able to even write some aim bot (or more) for that.

Competitive games need a fully controlled environment. Doing it online with random unknown people should not be taken as serious as they currently do.

Alot about video games is not standardized. To be competitive all players should have the same hardware, internet connection, etc. So that it is actually individual skill that is measured, not just the size of players wallet.

But even then, developing skill takes alot of practice and time, which also, in our current system, can be converted into money. There just is no fair competition here anyway. Still many people believe in meritocracies…

Tesla’s CEO; The Inspiration For Tony Spark

Elon “Baby-Brain” Musk as the inspiration of “Tony Spark” the cheap knock-off Tony Stark.

Well, you and I just have a different understanding of “search engine” then. For me a search engine is something that doesn’t forward queries to third parties.

Which other trustworthy search engines are there? And I don’t mean some different frontend or a meta search engine like ddg, sp, kagi, searx(ng), etc… that mostly just use googles, bings or even yandex and beidu results?

Ages ago I configured and hosted yacy for myself, but that was a different time… Are there any real alternatives? With mayor internet companies like cloudflare, social media sites and many others restricting the access to the net and information, searching becomes more and more impossible if you aren’t a huge corporation…

In what region is Elden Ring available on GOG?

Gog is also much easier to deal with via a VPN. I bought some region locked games easily doing that and could play them anywhere, because they are DRM-free. Steam is much more difficult, because each account belongs to a specific region. Moving accounts means you have to have an bank account and address in different countries, so easy for rich people, more difficult for ordinary folks.

Sure, Steam seems fairly okay, especially their Linux support, but I still mostly prefer GOG, wherever possible, because it offers more control to their customer over the product they bought.

It helps that Valve is not publicly traded, but I fear that if the current owner (Gabe Newell) dies, there might be a shift in business practices.

Enshittification can still happen in privately traded/owned companies, it generally happens slower and in case there are other reason for the owner(s) to maximize short term profits (e.g. business built on VC money), it can happen faster.

The SDK is not closed source, you can find the source here: https://github.com/bitwarden/sdk

It might not be GPL open-source, but it is not closed either.

Sure. To me “source available” is still closed-source, since looking into it might give companies an attack surface for you to have violated their copyright in the future. Happened with IBM in the past: https://books.google.de/books?id=gy4EAAAAMBAJ&lpg=PA15&pg=PA15&redir_esc=y#v=onepage&q&f=false

Let’s wait and see before we get out the pitchforks.

Sure. Bitwarden doesn’t owe us anything, but it is still sad to see this decision and better clarification and explanation could have alleviated the breaking of the trust here.

So you meant to say:

I would go as far as to say that Bitwarden’s main competitive advantage and differentiation is that it’s source is available.

That is not true, there are a lot of other password management software out there where the client source code is either open source or source available. For instance keyguard: https://github.com/AChep/keyguard-app?tab=License-1-ov-file#readme which is an alternative proprietary bitwarden client, where the source is also available. Also the Proton Pass client is under GPLv3.

I would argue that the main advantage of bitwarden compared to others is that it is open source and has an open source server for self-hosting (vaultwarden). Which of course makes it difficult in terms of business strategy with their VC funding. But maybe becoming a non-profit org and getting money from donors, the strategic funds of EU and other governments, etc. might be an alternative way.

Ok, lets take it step by step:

Thanks for sharing your concerns here. We have been progressing use of our SDK in more use cases for our clients. However, our goal is to make sure that the SDK is used in a way that maintains GPL compatibility.

• the SDK and the client are two separate programs

I think they meant executable here, but that also doesn’t matter. If both programs can only be used together and not separate, and one is under GPLv3, then the other needs to be under GPLv3 too.

• code for each program is in separate repositories

How the code is structured doesn’t matter, it is about how it is consumed by the end-user, there both programs are delivered together and work together.

• the fact that the two programs communicate using standard protocols does not mean they are one program for purposes of GPLv3

The way those two programs communicate together, doesn’t matter, they only work together and not separate from each other. Both need to be under GPLv3

Being able to build the app as you are trying to do here is an issue we plan to resolve and is merely a bug.

Not being able to build a GPLv3 licenses program without a proprietary one, is a build dependency. GPLv3 enforces you to be able to reproduce the code and I am pretty sure that the build tools and dependencies need to be under a GPLv3 compatible license as well.

But all of that still doesn’t explain what their goal of introducing the proprietary SDK is. What function will it have in the future? Will open source part be completely independent or not? What features will depend on the close-source part, and which do not? Have they thought about any ethical concerns, that many contributors contributed to their software because it under a GPL license? How are they planning on dealing with the loss of trust, in a project where trust is very important? etc.

None of that makes Bitwarden not open source.

Yes, it does, because it violates its own license GPLv3 by having proprietary build-/runtime dependencies.

If it was under a different, maybe more permissive, open source license, then maybe it would still be open source, but as of right now i likely breaks its own license terms.

Not only that, they specifically state this is a bug which will be addressed.

From what they state, they think that because executables that share internal information via standard protocols does somehow not break GPL3 terms compared to two libraries that share internal state via the standardized C ABI which does. And they seem to not consider that a bug, just the build-time dependency.

Well, then it would be nice to hear from them an explanation on why they decided to violate the GPLv3 on their client, by coupling it with proprietary code in a way that disallows building and/or usage without that proprietary component.

They would be insane to change that.

Yes. And i hope that they recover from it soon.

I would say a proper explanation includes the goal you want to achieve, not just the statement that you think that you are allowed to do something.

That “explanation” is unsatisfactory and likely wrong: https://www.gnu.org/licenses/gpl-faq.html#MereAggregation

So they either have to license their SDK under a GPLv3 compatible license, or switch the license of their client to a non-GPL one.

Their “explaination” only mentions why they think can do it, but not why they are doing it.

So that means they are just supporting it as long as it is easy to do, and that they are not brave enough to fork chromium.

The only way I ever used passkeys is with bitwarden, and there you are sharing them between all bitwarden clients.

From my very limited experience, pass key allows to login faster and more reliable compared to letting bitwarden enter passwords and 2fa keys into the forms, but I still have the password and 2fa key stored in bitwarden as a backup in case passkey breaks.

To me, hardware tokens or passkeys are not there to replace passwords, but to offer a faster and more convenient login alternative. I do not want to rely on specific hardware (hardware token, mobile phone, etc.), because those can get stolen or lost.

That is why we can’t have nice things. Everything needs to make a profit and cannot simply be good.

Infrastructure shoudn’t be required to make a profit. They are there for the public good. What’s next? Paying for sitting on public benches and entering public parks? Paying for the privilege to exit your house and use the public sidewalk? We already have to pay to use public toilets in some cases…

These things should be available to everyone for free and build and financed via general taxes.

You where talking about “system wide AdGuard”, which is not the browser addon, but an app that uses DNS blocking, be it by either letting people set DNS servers manually, or automatically through VPN. Their VPN does not break TLS connection by inserting custom certificates and MITM proxies, so they cannot read/modifiy content.

It might be possible to use TLS breaking proxies for systemwide ad blocking, but even that wouldn’t help, because nowadays a lot of content and ads are loaded dynamically via javascript. So a browser is required to filter ads.

DNS ad blockers are not sufficient to block all ads and often overly broad. So they have much higher rate of false positives and negatives compared to in-browser ad blockers. Differentiating between ads and useful content based on domain names will become more and more difficult. Both might use some url from the same cloud provider, and blocking those breaks a lot of stuff.