Hey can you share any papers you've published on both of these topics? My partner just finished her Master's thesis in a similar vein and in her direct conversations with farmers and they have seen similar frustrating dynamics using fertilizer in their fields. She would like to share your work with them.
I’ve come across this YouTube channel and found it interesting. But only as a lay person. I’d be interested if your partner found this content credible. https://youtube.com/@soilworksllc-gsrcalcium
Ask any publisher and you will get a resounding "yes, it is very different." On average they're able to attribute about a 33% decrease (globally) in traffic to google's (or others') AI answers. [1]
You're right that there are competitors, but those competitors are doing the same thing: hoovering up content and then not giving anything back for it. There are deals in place for some of the largest publishers [2] [3], but that leaves a ton of content out in the cold. That's going to decrease the amount of content that's out there, which will decrease the quality of AI search. I don't know where that ends, but given how leveraged the economy is in AI it seems like a good idea for somebody to figure it out.
> If you don't use their sync service, all your vault files are local only, and there isn't any mysterious telemetry happening in the background.
I think the parent's point is that Obsidian could add any tracking they wanted and -- unless you're examining their TOS or your network closely -- you might never know. However:
> Obsidian's business model is just selling the sync subscription service. There's no ads component to incentivize data collection/tracking and pissing off their entire customer base.
And that to me seems deeply infused into Obsidian's entire culture. They built a community and they're not gonna mess that up. And like you say, if they do it's trivial to move one's markdown somewhere else.
I vaguely remember reading that they were in fear if being cancelled at that time, in part because of the popularity of Twin Peaks, so they decided to lampoon it a little bit. I can't find a reference to that but it'd be funny if true.
> 3. Half of restaurants in my area do not have non-QR code menus, they just don't.
Not knocking this list, the shit is real. But I just had a lovely imaginary conversation with a server asking them what they would recommend and then trying something brand new.
When I go to a restaurant that has QR-only menus, I won't make a scene about it, but it lowers the mental rating I give the place and I'm less likely to return.
Joke's on the server. The robot that will replace their job soon will be more than happy to regale you with any hallucinated information you would like about the subtleties of the menu.
> the existing Vaultwarden system relies on Bitwarden clients and therefore caries Bitwardens secure reputation is its main selling point.
I hope that this could be a starting point and not an end-point of Vaultwarden. It has gotten far on the shoulders of the Bitwarden giant. If it forked, would it have a large enough community to continue to carry that trust forward (including building new clients)? How much financial support would they need? Could they find a sponsor? It's a European project -- would the EU help fund it as a data sovereignty push?
Agreed, it would be great to have a fully open source solution, however I would be wary of it until it was audited and backed by secuirty professionals in the field.
vaultwarden is great, but password managers are security critical software that need consistent maintenance and constant updates.
if bitwarden is acquired and the new owner decides an open source version of their product is not a business necessity, without someone actively supporting the salaries of engineers it’s unlikely to continue to be secure for much longer.
Is it possible that you are assuming they are referring only to Vaultwarden itself? Half of the equation is a server component compatible with every app produced by a company, the other is every app that is produced by a company. If the company decides to stop being compatible (by changing their own communication), what are you left with besides the built-in web interface and a handful of “maybe-compatible, maybe-secure” apps?
Security updates aren’t just about the vault. What does having a fancy locking system mean if the moment you open the door everyone can just walk in?
Most people just want a product to do what it says from all their devices, and don’t care about any of this stuff. As such, they are more inclined to simply move to yet another least-friction mature ecosystem.
Vaultwarden as an alternative is a bit like suggesting a third-cousin who homebrews beer in a trash can knows a viable alternative as a nationwide replacement for Budweiser, because they both happen to use the same shape of bottles. I’m sure some family and friends might go along, but everyone else is just going to pick a new common brand that is similar to what they had, not start brewing their own beer. Some will…for a while.
The best thing about self-hosting your password vault is that you can be naive about how many times it has been compromised without detection.
(I’m not against self-hosting things — I’m against acting like it is a realistic alternative for average people who almost never have the skills to implement it securely.)
But since it's already open source and popular among tech savvy people, they have to weigh any attempts at increasing profits against the risk of losing customers to a fork.
Well the first thing they can do is block access to self hosted servers in the official app. And they could petition Google to not allow clones in the play store. Together with Google's sideloading harassment that will make it much harder to use vaultwarden.
That's just it. If they were prioritizing humans they'd have a product with a measely million users, charge more, and offer great support. Their game isn't a good product though, their game is scale because they think that's the only way to win, and winning is the only way to survive.
Wait, how would limiting a great tool to 0.1% of the TAM demonstrate caring for humans?
Are you picturing them running a lottery for who’s allowed to use it, or an auction?
And with the loss of scale economies, it would have to be much more expensive.
So you end up charging, what, $10,000/month and only making it available to the very wealthy?
I don’t see how this game plan is better for humans. And I’m honestly not being snarky. Have you thought through how your proposed limits would work? Am I missing something?
I mean look at how Apple prices their computers and phones, or how WSJ charges for subscriptions, or how "Linux" keeps its market small by being awful at marketing. The point is there are plenty of ways to scale sustainably and support your customer base in a long-term way that keeps them, and it doesn't seem like Anthropic is doing that.
I am really not convinced that Linux is intentionally bad at marketing so as to ensure that they aren’t overwhelmed with users, all in the name of providing great support.
Honestly I never thought about it that way, but I do think that's an exaggeration. I don't see any believable sign that Anthropic's goal was ever to "serve humanity." That said, how do you serve humanity properly? Do you scale a mediocre product to a billion people and treat them like shit or do you build it deliberately and support what you make, even if that costs more?
You sound like "AI" is something people deserve for free when clearly, if you look at the garbage energy footprint alone, it's going to have to cost. Supporting it is going to have even more.
P.S. How can you "serve humanity" if you literally don't support the humans who use your stuff?
What are the benefits of a solar panel in space vs a solar panel here on Earth? I get that there's less "night" up there, and there's less interference from the atmosphere so the solar is more efficient, but is it that much more efficient that it actually makes more sense than solar panels on earth?
But it's so easily beatable! This might be the result of good intentions (being incredibly generous), but as the article states, any bot can afford a $30 phone and the concomitant hardware as the cost of doing business and bypass this.
Also as the article states (referencing an HN comment):
> How should we realistically teach Susan from HR the difference between a real Google Captcha QR code and a malicious phishing QR code - you (realistically) can’t.
Susan from HR is the least of it. This is a huge vector to increase fraud, not decrease it.
How would an ethical, competent engineer argue against this?
The CAPTCHA company who put this out might have an agenda, but also since they're in the industry they might also have knowledge to impart.
We're reaching an inflection point with the oligarchies where the old ideas of "writing a blistering editorial" or "calling your congress-critter" need to be seriously questioned as useful and other non-violent methods of recapturing digital freedom need to be entertained.
You realize that $30 phone is burned the moment it's used for abuse, right? It's not $30 and then spam as much as you like. It's $30 per action per site, which makes nearly all abuse unviable.
You realize how rife abuse already is using google's infra? Do you really think google's gonna be right there, cracking down on this? This is at least as much about locking people into their infra as it is cracking down on fraud, and anybody who doesn't recognize that is at this point willfully blinding themselves.
reply