What follows is the "advanced flow." I feel like there should be a class action lawsuit in response to this as when I purchased my device I had an expectation that I could install apps without this insane limitation
Enable Developer Mode ↗ by tapping the software build number in About Phone seven times
In Settings > System, open Developer Options and scroll down to “Allow Unverified Packages.”
Flip the toggle and answer a scare screen confirming that you are not being coerced
Enter your device unlock pin/password
Restart your device
Wait 24 hours
Return to the unverified packages menu at the end of the security delay
Scroll past additional scare screen warnings and select either “Allow temporarily” (seven days) or “Allow indefinitely.”
On the next scare screen, confirm that you understand the risks.
You can now install unverified packages on the device by tapping the “Install anyway” option in the package manager.
How is this unreasonable? This is to prevent cases where people are told to urgently install the app while on a call, so the call has to be broken and person has a day to actually do something about the call.
Are you that zoomer brained to not be able to wait a day to install your APK?
Oh good grief. This is such an uninformed and unnecessarily belligerent take.
We can and do have public nuisance laws which kick in when an individual is impinging upon the health, safety, comfort etc. of other people. This exists in jurisdictions all over the world for all kinds of things, the penalties are usually minor and applied only to repeat offenders. It is completely reasonable for someone to support the idea of these applying to marijuana use, in fact, in most jurisdictions where marijuana is legal, they probably already do. Yes, repeatedly stink up your neighbor's apartment and you may get a warning followed by a fine, deal with it. Your parent is not a Nazi and is not throwing stoners in prison. Perhaps go touch grass instead of smoking it now and then.
Not only that, but music generated by AI is not copyrightable. If it's truly 100% AI generated, you can redistribute it to your heart's content without infringement. (IANAL)
Someone will surely attempt some kind of end-run around this, perhaps through ToS alterations at the service you obtain the music from, but it's undoubtedly a problem for the labels. In the meantime they have a strong incentive to keep human creativity in the loop.
To me the anti-AI crowd is looking at this through the wrong lens, it's now possible to generate an infinite library of music that isn't copyrighted, and can be freely shared, some of which is quite good. There is a pathway all the way from conception to mass distribution that doesn't require the major labels. Whatever else happens that seems like a silver lining at least.
We were given a demo of a vector based approach, and it didn't work. They said our docs were too big and for some reason their chunking process was failing. So we ended up using a good old fashioned Elastic backend because that's what we know, and simply forwarding a few of these giant documents to the LLM verbatim along with the user's question. The results have been great, not a single complaint about accuracy, results are fast and cheap using OpenAI's micro models, Elastic is mature tech everyone understands so it's easy to maintain.
I think this turned out to be one of those lessons about premature optimization. It didn't need to be as complex as what people initially assumed. Perhaps with older models it would have been a different story.
> They said our docs were too big and for some reason their chunking process was failing.
Why would the size of your docs have any bearing on whether or not the chunking process works? That makes no sense. Unless of course they're operating on the document entirely in memory which seems not very bright unless you're very confident of the maximum size of document you're going to be dealing with.
(I implemented a RAG process from scratch a few weeks ago, having never done so before. For our use case it's actually not that hard. Not trivial, but not that hard. I realise there are now SaaS RAG solutions but we have almost no budget and, in any case, data residence is a huge concern for us, and to get control of that you generally have to go for the expensive Enterprise tier.)
I agree it makes no sense. The whole point of chunking is to handle large documents. If your chunking system fails because a document is too big, that seems like a pretty glaring omission. I just chalked it up to the tech being new and novel and therefore having more bugs/people not fully understanding how it worked/etc. It was a vendor and they never gave us more details.
Not all problems have to be solved. We just fell back to using older, more proven technology, started with the simplest implementation and iterated as needed, and the result was great.
That's good. I think if you can get the result you need with a technology that's already familiar to you then, in cases where that tech is still supported, that's going to be a win.
RAG worked well for us in this recent case but, in 3+ years of developing LLM backed solutions, it's the first time I've had to reach for it.
We anthropomorphize these agents in every other way. Why aren't we using plain ol' unix user accounts to sandbox them?
They look a lot like daemons to me, they're a program that you want hanging around ready to respond, and maybe act autonomously through cron jobs are similar. You want to assign any number of permissions to them, you don't want them to have access to root or necessarily any of your personal files.
It seems like the permissions model broadly aligns with how we already handle a lot of server software (and potentially malicious people) on unix-based OSes. It is a battle-tested approach that the agent is unlikely to be able to "hack" its way out of. I mean we're not really seeing them go out onto the Internet and research new Linux CVEs.
Have them clone their own repos in their own home directory too, and let them party.
Openclaw almost gets there! It exposes a "gateway" which sure looks like a daemon to me. But then for some reason they want it to live under your user account with all your privileges and in a subfolder of your $HOME.
> for some reason they want it to live under your user account
The entire idea of Openclaw (i.e., the core point of what distinguishes it from agents like Claude Code) is to give it access to your personal data, so it can act as your assistant.
If you only need a coding agent, Openclaw is the completely wrong tool. (As a side note, after using it for a few weeks, I'm not convinced it's the right tool for anything, but that's a different story.)
I tried this with Claude code on macOS. I created a new agent user and a wrapper do run Claude has that user, along with some scripts to set permissions and ownership so that I could run simple allow/deny commands. The only problem was that the fancy oauth flow broke. I filed an issue with Anthropic and their ticket bot auto closed it “for lack of interest” or whatever.
I fiddled with transferring the saved token from my keychain to the agent user keychain but it was not straightforward.
If someone knows how to get a subscription to Claude to work on another user via command line I’d love to know about it.
I ended up creating an LXC on my homelab and providing it access there, with a self-hosted gitea server but that's only for side projects that I want to host, not develop actively.
Oh that’s an idea. I was going to argue that it’s a problem that you might want multiple instances in different contexts but sandboxing processes (possibly instanced) is exactly what systemd units are designed to deal with.
This is a good time to reflect on how business actually works (as opposed to how hopeful consumers wish it would work).
A business exists because its shareholders invest capital with the expectation of a return. As a result, nearly all businesses go through similar lifecycles. The stages are launch, growth, maturity, decline, and sometimes renewal. There is a lot of capital injected in the early stages and to capture market share the firm often produces the best product it can.
Once the market share is acquired, the business puts up moats if it's able, and then it enters the MATURITY phase. That's where the Windows business is. In the maturity phase a business focuses on TAKING PROFITS wherever it can find them. This includes but is not limited to cutting back on its investment in product, as much as it can. If it can cut budgets and quality and give that money to the shareholders it will. If it can inject ads into the product or resell your data it will.
The very purpose of a business is to reach maturity and then take profits.
That's capitalism. The investors provided the capital. In the end, they gets what they wants.
Now if a company leans into this dynamic as hard as Microsoft has, you should know what's coming. No one should be surprised - maybe they're scared of the Neo right now and there'll be a few years of reprieve, but they're a mature firm, they're in profit taking mode, and the goal in this phase is not to make Windows as great as possible, it's to squeeze as much money out of it as they can.
The next stage is decline -- where the squeeze gets so hard that the business actually collapses. All businesses fail sooner or later. Everything becomes lawyers and accountants slicing it up, selling it off, and sometimes it gets restructured and reborn, sometimes it doesn't. This can take years or it can take decades but it's basically a bumpy downhill road from maturity to that point. If you stick around at this point and keep using Windows, keep in mind that's what you opted into. There isn't really any other way. It's just business.
Intriguingly, free software in its more elemental forms doesn't appear to follow this lifecycle. It's not for profit and there are no investors to satisfy. Contributors who build the software do it mainly out of self-interest: they build what they want to use, and as a result they may come and go at any time. But the software remains there, and you are welcome to tinker with it, too.
I'd argue that although publicly-traded businesses do usually go through that cycle (I would say that it's not ALL, but it's certainly MOST, because I can't come up with a counterexample), privately-owned businesses are more likely to avoid it. For example, McMaster-Carr. Privately-owned, with just a few owners rather than a large number of shareholders. And as far as I know (never having been one of their customers myself, just hearing testimonials), they're still just as good at making quality products that their customers want as they were a hundred twenty-five years ago when they got started. No "TAKING PROFITS" stage, and no subsequent decline.
But it does seem like publicly-owned companies go through those stages. It may be shareholder pressure, but part of it also appears to be when they get people in upper management who went to business school to get an MBA, rather than who have been with the company for years. I don't know what makes MBAs so prone to the nonsensensical pursuit of short-term profits that tank the company, rather than the greater (in the long run) long-term profits available by just continuing to make good products that customers want, but it shows up often enough (in many industries) that I'm starting to think of it as "MBA syndrome". And if a company is publicly-traded and run by MBA-style management? Sell your shares now and get out while you still can, is my advice.
Ive found it useful to regard MBAs and the entire pipeline from education to managing companies for MBAs akin to a clergy class.
They spend so much time and effort learning the scripture and then are praised as having some sort of intimate knowledge of business practices and working towards the ever growing prophet (read: profit).
Their forecasts akin to divination (but with charts and graphs, oh my!)
In this context, it's helped me understand, or at least create a useful caricature of what must be going on in those spaces where everyone drinks the kool aid of "there is only the next quarter".
This cultural shift exists and it will intensify as long as consumer prices and cost of living continue to rise at the same time corporate profit margins do. This is a simple, easy link to make, pretty much everyone's now aware and has stopped buying the excuses. Consolidation and an increase in straight up, unpunished criminal monopoly and cartel activity within corporate America have given rise to this new culture. Luigi Mangione will not be the last of his kind.
I mean it's a title. Titles are under no obligation to condense the entire content of the article into one sentence. People who want to comment on the article should read it first, and then write in good faith.
The problem lies in the HN comments which have taken that title and interpreted it through the lens of unrelated political arguments: class warfare, anti-offshoring, etc. etc. I don't think any title would be immune from these people. They're just angry because the Internet has its hooks in their brain, and they're going to post about it.
His points are good and people would be wise to read the article and take them to heart. His key points are:
1) If you're a rent seeker, current trends will probably see you lose out to a bigger and more powerful rent seeker. He's probably right about that.
2) Creating more value than you consume is a great form of self-preservation, when you do this no one wants to get rid of you.
None of it's political. It's just good advice for life. I hereby forbid the masses from responding to these points with political rage bait.
HN has better moderation than a lot of places but from my vantage point the entire Internet is sinking into this garbage - we're more aware of the problem these days, at least, but everything and everywhere is more consumed by political hot takes than ever before.
If there was tech that forced commenters to read the article before they could comment on it - now THAT would be a valuable innovation!
> 1) If you're a rent seeker, current trends will probably see you lose out to a bigger and more powerful rent seeker. He's probably right about that.
> 2) Creating more value than you consume is a great form of self-preservation, when you do this no one wants to get rid of you.
> None of it's political. It's just good advice for life. I hereby forbid the masses from responding to these points with political rage bait.
They’re both tautologies. No new or useful info to glean. I didn’t need some highly intelligent security researcher to explain these things that are explained by intuition by anyone with an above room temp IQ.
There must surely be more to this, and given how many of his other recent blogs are a mix of political rant and a screed against da haterz. I suspect it’s a lot more political on his side than you think.
> If there was tech that forced commenters to read the article before they could comment on it - now THAT would be a valuable innovation!
lol, gotta love people who whine about HN quality and then just write pointless crybaby paragraphs like this. If you can’t beat em, join em I guess.
I appreciate that there are people out there working on stuff like /e/OS, but the number one question I have when I learn about a mobile OS that isn't iOS or "Googled" Android is: will the banking and payment apps I need to operate in the modern world run on this OS?
A lot of people don't think this way because they haven't had any problems. But then one day it happens to you and you realize, ok, this is the one thing that matters - you're in a cashless store and the only way you can pay for your meal is to use Approved Apple or Approved Google operating systems.
Where I live, the app my electricity utility provides for viewing and paying my account DISABLES ITSELF FOREVER if you so much as enable USB debugging on your phone (even after you've disabled it again).
To their credit Graphene maintains a global database of which of these apps work and don't. They're the only ones I know of so a thousand upvotes to Graphene OS.
But for my banks, the records in that database are grim. They won't run on Graphene, and they don't respond to reports about it.
One of my banks just discontinued its web UI because "people don't use it anymore, they use the app only."
This is how they're going to get us, folks. This is how we're going to lose it all. Writing code alone will not solve this. It will require some kind of collective action to defend our liberties. Some parts of the world are already lost. So this situation will likely come to a jurisdiction near you eventually: to make a transaction you will need permission from Google, Apple, Visa, Mastercard, or it won't happen. Then that four company list will start to shrink.
> the app my electricity utility provides for viewing and paying my account DISABLES ITSELF FOREVER if you so much as enable USB debugging on your phone (even after you've disabled it again).
These are self-inflicted problems by these apps. Nothing to do with the OS. These apps simply don't work. Complain to the companies that push these broken apps to you.
Would you buy a microwave oven that kills itself if you play the wrong kind of music in your kitchen?
The problems may be inflicted by these apps but the reality is that in many cases you're stuck with them. Electric company freezes your account if you enable USB debugging? Well, you can't choose a new electric company. We can complain to these vendors all we want but they just ignore us.
So these problems become problems of the OS, not because the OS has a problem, but because it affects the reality of using the OS.
It obviously depends on where you live. In my country you certainly con choose a new electric company. I mention that because we really should use consumer choice to overcome these types of problems where we can. Ie if you can switch to a bank/electricity provider/whatever that has a less terrible app it’s really good to do so.
I agree on principle. I'm not sure if everywhere in the US is like this, but everywhere I've lived in California basically had a monopolistic electric and gas provider.
For things where we do have a choice, yes I agree.
Is it such a burden to write them a letter stating, "Because you have decided to disable my electronic access, I am notifying you that I withdraw my consent to e-delivery. Please provide me statements and directions to mail you a check for payment." Maybe spend 20-30 min to find the specific laws that give you the right to do that and remind them of their timelines to comply.
Send a letter like that certified. It gets attention, and the time to write and mail a check really isn't, if you batch your bills, more than using an app.
We do have ways to push their inconvenience back on them.
It is great that you have the right in your jurisdiction to do that. Where I am, they just shut off your power if you don't pay.
It's a big and hairy world out there. Having lived on three continents and traveled to some pretty wild places, I always get a kick out of seeing which rights people have and assume that the rest of the world also has.
This a pretty general recipe to make a company care.
A Professional letter letting them know that you know your rights, and that they know your rights (Them getting your letter is your proof of that) is what the beginning of someone losing his bonus for a compliance incident looks like.
Companies don't care about you, or even shareholders, they care about the incentives of leadership.
Not everyone has the time and resources to battle their utilities and bank(s). I know it’s important and sustained effort is necessary even if it’s hard, but we are talking about massive populations here and most people simply can’t or won’t fight that battle on their own. Organizing a large pushback is also a huge effort. And at the end of the day, there is an easy solution for folks: buy a “proper” smart phone that “just works” because it solves the problem now.
We’ve gotten to the point where unfortunately it is a luxury to fight for your privacy and consumer rights.
Yes that is correct. So what do you suggest people do? What is a realistic way to move the needle? Because I can tell you now that (as I detailed in another comment) asking someone to change their banks, utilities, etc. to accommodate their smartphone choice is not a serious suggestion, nor is asking everyone to wage war with all the services they engage with. They’re simply not going to do it no matter how many passionate speeches or flippant comments you throw out there. They’re going to buy the thing that solves the immediate problem of not having access to critical services in their lives. If their amazing open source phone can’t pay their bills, it’s going in the bin.
To be clear I want the same thing you do. But just going “do it it’s important” is not going to make it happen.
Well, we gotta choose our battles, right? It's easy to get collective support for visible oppression and fascism. Everyone sees it on the news. It's hard to get support for "lemme use a smartphone that isn't apple or android." the average person doesn't care.
Not saying that we should just give up. But as the above poster said, it's a luxury that takes a lot of time and resources.
Perhaps, but a recent example is ICE in Minnesota. The administration tried its best to spin it to match its propaganda but many people saw through it.
Not sure where you live but in much of California, there are no alternatives for most utilities. Water, gas, electric often only have one singular provider in many regions.
Fair enough, although barring VPN use is quite a bit different from forcing an app that requires Play Services or iPhone. A VPN isn't as legitimate a need to pay a utility bill in the same way paying without an Android or iOS phone can be.
Fair enough, although barring VPN use is quite a bit different from forcing an app that requires Play Services or iPhone. A VPN isn't as legitimate a need to pay a utility bill in the same way paying without an Android or iOS phone can be.
> I don’t see why not. It entirely depends on why someone needs a VPN.
Nah, not really. Using a VPN is a luxury, a preference. You're arguing that using a VPN should be a right in a discussion about people not being forced to use specific Apple or Google services, which is an entirely different thing.
You’re implying we have more choice than we do and asking “the average joe” to change banks to accommodate their smartphone is not a serious suggestion.
My utility company, for instance, literally won’t let you navigate their site with a VPN running. These kinds of practices are commonplace and becoming standard.
I promise your electric company accepts payments outside of an app on your phone. I further promise that other banks are available that don't have terrible apps. These problems are way more surmountable than you're painting them here.
The alternative they accept is traveling down to their office and handing them cash, no joke. Phone app or cash. No website, never has been one. No snail mail because they "modernized" and discontinued it some time ago.
But I'm OK because one of my banking apps has some method of reading my contract number from the disabled electricity company app, and telling me how much I should pay and then it fires off a payment to them. Even though I can no longer use the electricity app directly because I enabled USB debugging once, the banking app is somehow still able to pick up this info from it.
Of course, said banking app refuses to run on Graphene or any of these other Google Play-less OSes, and the bank doesn't respond to inquiries about that issue, multiple people have tried.
The other bank I use does respond, and says they'll never run on "alternative OSes" because "alternative OSes are too insecure." They don't respond to followups.
I'm just saying man. A lot of people think this stuff is trivially solved because there is an option available to them in their home country. You don't know how big and nuts this world of 8 billion people and 200 countries is. This stuff varies beyond imagination, sometimes for the much worse.
Yeah I don't understand it either. Why can't you just use a card? Also, are cashless stores a real, developed thing? I've never encountered one in Europe.
reply