If I'm just jotting down personal notes, I use a pen and a notepad. If I need to transcribe anything into my long-term notes, then I can do that at the end of the day/week/whatever, when I review what I wrote down.
> I've made a ton of attempts to build my giant collection of subscriptions but always just burn out on maintaining it.
RSS subscriptions aren't like Pokemon. You don't have to catch them all. One of the major selling points of RSS is that you can subscribe to sites that update infrequently so you get notified when they have a new update instead of checking the site manually and being disappointed that it hasn't updated in three weeks or whatever.
Adding a bunch of sites that update hundreds of times a day is a great way to DDOS your own attention span
> over 100k emails to go through in one lifetime isn't worth the trouble
Unless you're on a bunch of mailing lists, I can't even fathom having that much email, much less that much unread email. I'm fanatical about making sure that I'm at inbox zero as much as possible because the 'unread' counter is the enemy. It takes some effort to set up and adjust filters and actually unsubscribe from stuff, but it's completely worth it to have a mailbox that's actually usable.
I noticed that a few years ago that Google had removed the very handy tool I used to filter all mail from "x" sender and I could select all and delete. I believe they did it on purpose because I think Google really doesn't want you to delete emails. They made it harder to delete emails in bulk.
I do subscribe to things I find interesting but other times they are emails from services I joing. I am now using Office 365 and am being able to keep it much cleaner. All my Newsletters go into a Newsletter folder and I have a Sweep rule to keep the 10 most recent and delete the rest. My inbox is way easier to manage now. And every year I move the corresponding emails from that year into a folder, like "2024" and go through it from time to time. It's being a bliss.
My two gmail accounts probably have way over 100k as I've more or less abandoned them. Google also made the total emails you have in the account less apparent too, I was up to 80k and suddenly my inbox had around "3,000" or so emails.
I'm also glad I overbought RAM when I did my last PC upgrade in January, because who knows when I'll be able to do that again.
The 96GB kit I bought (which was more than I needed) was $165. I ended up buying another 96GB kit in June when I saw the price went up to $180 to max out my machine, even though I didn't really need it, but I was concerned where prices were going.
That same kit was $600 a month ago, and is $930 today. The entire rest of the computer didn't cost that much
Yeah I do regret not going 64GB when it was so cheap but honestly? 32 has been fine. I had already pushed the budget to future-proof critical things (mobo, PSU, CPU, etc.) and ram hopefully one day will drop to sane prices again. I doubt I'll feel the strain for 3-5 years if at all. It's mainly a gaming rig right now
That's the thing, though, it is about their careers.
It's not just that people are annoyed that someone who spends years to decades learning their craft and then someone who put a prompt into a chatbot that spit out an app that mostly works without understanding any of the code that they 'wrote'.
It's that the executives are positively giddy at the prospect that they can get rid of some number their employees and the rest will use AI bots to pick up the slack. Humans need things like a desk and dental insurance and they fall unconscious for several hours every night. AI agents don't have to take lunch breaks or attend funerals or anything.
Most employees that have figured this out resent AI getting shoved into every facet of their jobs because they know exactly what the end goal is: that lots of jobs are going to be going away and nothing is going to replace them. And then what?
disagree completely. You're doing the thing I described: assuming it's all ultimately about personal benefit when they're telling you directly that it's not. The same people could trivially capitalize on the shifting climate and have a good career in the new world. But they'd still be pissed about it.
I'm one of these people. So is everyone I know. The grievance is moral, not utilitarian. I don't care about executives getting rid of people. I care that they're causing obviously stupid things to happen, based on their stupid delusions, making everyone's lives worse, and they're unaccountable for it. And in doing so they devalue all of the things I consider to be good about tech, like good software that works and solves real problems. Of course they always did that but it's especially bad now.
> You're doing the thing I described: assuming it's all ultimately about personal benefit when they're telling you directly that it's not.
It doesn't matter how much astroturf I read, I can see what's happening with my own eyes.
> The grievance is moral, not utilitarian.
Nope, it's both.
Businesses have no morals. (Most) people do. Everything that a business does is in service of the bottom line. They aren't pushing AI everywhere out of some desire to help humanity, they're doing it because they sunk a lot of resources into it and are trying to force an ROI.
There are a lot of people who have fully bought in to AI and think that it's more capable than it is. We just had a thread the other day where someone was using AI to vibe code an app, but managed to accidentally tell the LLM to delete the contents of his hard drive.
AI apologists insist that AI agents are a vital tool for doing more faster and handwave any criticism. It doesn't matter that AI agents consume an obscene amount of resources to do it, or that pretend developers are using it to write code they don't understand and can't test that they're shoving into production anyway. That's all fine because a loud fraction of senior developers are using it to bypass the 'boring parts' of writing programs to focus on the interesting bits.
I'm a native speaker of English, northern California dialect. I pronounce every one of those letters, to varying degrees. Some just affect the mouth shape by subtle amounts, but it is there.
It's not about having time, it's about making time.
One thing that helps me is to actually schedule time to do the cool, fun stuff, put it on my calendar and treat that appointment as inviolable as missing work. Because it is work, and eventually it will become a habit.
> the point is to force companies to automate renewal
Cool. I'm a small-time webmaster with a couple of hobby sites with no more than a handful of visitors. Why do I need to set up automation to renew certs every 45 days, too?
For the same reasons as forcing companies to do it.
1. Revocation is a clusterfuck. Microsoft is currently failing to revoke tens of thousands of defective certificates for over seven months (the Baseline Requirements state that they should have been revoked within five days). Entrust was distrusted over repeated failures to revoke. Many TLS clients don't even bother to check revocation lists, or if they do they do it in a "fail-open" manner where inability to load the list does not prevent access which largely defeats the purpose. Short certificate lifetimes make revocation less important as both defective and compromised certificates age out rapidly, but without automation any meaningful reduction in lifetime directly translates to an increase in required effort which makes it a balancing act. With automation, however, reducing lifetimes is effectively free.
2. Automation is mostly a one-time cost. Manual renewal is a repeating cost. I started using LE to add HTTPS to my personal site when it first became available to the public in 2016 and then started using it for my work systems when our GoDaddy certs came up for renewal a bit less than a year later. Since then out of roughly 50 systems pulling around 70 certs I've had to "babysit" two of them once each, both because they were using wildcard certs which I was a very early adopter of and something about how I had set them up was technically wrong but worked in the initial version. Compare this to the "old world" where every couple of years I had to generally engage vendor support on both our server platforms and our CA because it had been long enough that things had changed on both sides so doing things manually required learning new things. Mandating short lifetimes is good for everyone. This is part of why LE has used a short lifetime since the beginning, to strongly encourage people to not try to do it without automation.
3. It's super easy. Lots of platforms have ACME support built in. For those that don't, packages like acme.sh are damn close to universal. If your system is able to expose a web server on port 80 it's basically trivial. If it's not, it's slightly harder. There's just not a good reason not to do it other than stubborn insistence. "Handcrafted TLS Certificates" just don't matter.
> I'm talking about managing two certificates so I can share a static site with a handful of friends. Each one takes about 10 minutes a year to update.
The personal site I started with is one certificate for a static site that I use for basically the same thing. It took me 10 minutes to set up in 2016 and I haven't thought about it for a second since then. It just works.
> Adding automation means I have to set up a process that I have to check up on at least once every 6.5 weeks to make sure it's still working.
Assuming you're using a common automation package and not rolling your own it should be included. I personally use acme.sh which can be configured to use email, XMPP, or HTTP(S) requests with prebuilt templates for most popular webhooks, as well as supporting fully custom notification scripts. I get an email every time it attempts a renewal that tells me if it succeeded or failed. Again one-time setup, easy, did it once literally almost a decade ago and haven't had to think about it since. As I pointed out in my previous post I did once have two of my systems fail to renew, I was notified, and I fixed it within a few minutes of seeing the emails.
Now that I'm actually thinking about the topic, these days for my work systems I have a platform that monitors for periodic updates and alerts me if they don't come in so I should probably reconfigure my notifications to use that instead of email and clean up my team's inboxes a bit by no longer needing to receive a couple dozen "everything's OK" mails every couple of months (or soon, couple of weeks).
I'm a small time webmaster and I haven't "set up" any automation - for my shared-hosting sites, the host has it built in; and for my self-hosted sites, the web server has it built in
The problem is that this breaks down if you don't want to leak any obscure subdomains you might be using via CT-logs – shared hosting rarely supports DNS-based certificate renewals for wildcard certificates, and even less so for domains hosted by an external registrar.
(Even for a fully self-hosted system you'd still have to figure out how to interface the certificate renewal mechanism with your DNS provider, so not as easy to set up as individual certificates for each subdomain.)
> (Even for a fully self-hosted system you'd still have to figure out how to interface the certificate renewal mechanism with your DNS provider, so not as easy to set up as individual certificates for each subdomain.)
That's exactly what the new DNS-PERSIST-01 challenge is for, being able to authorize a specific system or set of systems to request certs for a given FQDN and optionally subdomains without having to give that system direct control over your DNS as the existing DNS-01 challenge requires.
> The reality is that it was told to run commands and just made a mistake.
The mistake is that the user gave an LLM access to the rmdir command on a drive with important data on it and either didn't look at the rmdir command before it was executed to see what it would do, or did look at it and didn't understand what it was going to do.
reply