None of this is surprising. I was a sw engineer at 23andMe about 5y ago. Their backend consisted of some of the worst python/django spaghetti code I’ve ever worked on. There was also no engineering culture whatsoever.
System Preferences was rewritten for Ventura in SwiftUI, which is absolutely not ready for production, especially on Mac. Speaking from personal experience, I recently wrote a simple macOS app using SwiftUI. I found the framework to be slow (why does it use so much cpu/memory when idle??), unintuitive, and awkward to use. Despite being in its 4th year, SwiftUI is still very much beta software, and I wouldn’t recommend using it for anything serious.
As a counterpoint, I’ve done several Mac apps with SwiftUI for internal use and it’s been quite pleasant. Early SwiftUI was definitely rough, but it’s quite nice now as of Monterey and Ventura.
If you’re seeing high CPU use and slow performance, it might be due to high usage of ObservableObject or other things that may be triggering updates under the hood more often than need be.
SwiftUI is very sensitive to the data model structure since it’s a react style setup.
Apple really needs to put some effort into evangelizing SwiftUI — some of the problem is poor or nonexistent Apple documentation and some is that every Stackoverflow answer is obsolete because the documentation is still so poor.
You can still run into walls with SwiftUI, but there are fewer of them than there used to be.
I don't buy it when news hits that the FBI took down some ransomware gang or seized bitcoin or what have you. I've never heard of a single former FBI hacker, I don't know of anyone who would want to work for them (who wouldn't pick another agency first). Their pay is terrible and they disqualify almost everyone who has the background of a hacker. They must have some other agency do the deed and then they take the credit out of legal necessity.
We (as in the IT Sec industry including me) prefer to blame Matthew. Or my 80 year old mother for not installing the latest Adobe patches in real time.
With 30 years of daily experience in this field, I am ashamed about how we fail Matthew & my mother in the sense that they can still not just enjoy the internet and open random emails without one of us blaming them for how stupid they are.
That analogy doesn't work in my opinion, because to even be allowed to drive, an extensive amount of training is required.
I think we need to start very early. There should be more mandatory comouter science and information security classes at schools because we are all confronted with these topics everyday.
Most people can work systems such as washing machines, vacuum cleaners and so on, the problems arise when the internet (or other forms of connectability) comes into the picture. But the reality is that most such systems will probably soon be connected in some way, so the challenge grows.
So I think it is very important that we push for more information/education instead of going into the direction of more locked down, closed off and proprietary systems because these can easily "not respect" the end user.
I blame the way we design our computer systems. For some reason, every program a user runs on a desktop computer has full access to every file saved by every other program. And full network access, and a slew of other permissions. In seconds a single malicious program can make a right mess of things, or exfiltrate sensitive data. A ransomware attack hit a large aged care provider in Australia recently and encrypted the files listing which medication to administer. How? I’d guess that every program on every computer in their network has full write access to their network shares. We made these attacks easy to pull off with our insecure by default designs.
It’s like we’ve given every Tom, Dick and Harry a F1 supercar then we blame them when they crash the thing. The mistake is ours for not making better security models. Desktop apps should be sandboxed by default, and isolated like we isolate phone apps. For all the justifiable fear people have about apple’s control over what software can run on their machines, I think the app sandboxing and signing security model they’re working towards is the right one for 95% of computer users.
I'm sad to agree. Having watched my own family, and my older parents, it would absolutely be better for them if everything worked that way.
They don't understand the concept of files as separate from applications. They just don't. They understand the concept of sharing -- that seems to be intuitive enough -- but not of files as objects in themselves.
A system which works this way would, of course, be completely rage-inducing to myself.
I disagree. Anyone with minor observation can get behind a wheel and drive. Will they do it well? No (same with a computer) Is it legal? No, but thats because we all decided that as a group. The danger is different, but I think it's still an interesting analogy.
I think we need to all realize that most people aren't cut out for computer science, per se, but most people are cut out to learn to responsibly use a computer.
Well, put it this way. Let's say that most people is cut out to learn to responsibly use a computer; I don't disagree with this fact.
As a matter of fact though, the same people do _not_ use computers responsibly. What do you do, then? Metaphorically jail them?
There are lots of areas where as humans, it's easy to reach a "sufficient" level, _and_ the dangers of an insufficiency are well known. Punishments or strict measures just don't work.
Everybody knows that they can be sufficiently and with little effort fit, but especially, that unsufficient fitness leads to sicknesses and earlier death. In this sense, which punishment can be worse? Yet, this doesn't work.
You can't compare this. There are much less bad actors in mobile traffic that constantly try to steal your keys, try to suck gas from your gas tank, hide in your trunk or trick you into insurance fraud...
The invoice shouldn’t have to be a PDF and shouldn’t have to be sent via e-mail. Sadly those are still the best tools we have.
It would be really cool to have an invoice format that contains payment and tax information in a machine readable way and a way to send that information around with a verifiable channel.
pdf.js lacks capabilities to extract the XML or verify signatures, so the usual way will be to use Acrobat Reader or the usual bunch of "industry-standard" invoice-processing crap that now suddenly has to deal with malicious input.
The idea to do it differently might be nice in theory, but is lacking a smooth way to change over from the old paper-invoice ways. PDF will be the thing for some decades and we will have to deal with it.
Having implemented rudimentary ZUGFeRD support at $dayjob a few years ago (our main product is sending, receiving and validating invoices for energy companies in Germany), I don't see ZUGFeRD becoming relevant anytime soon. At least for b2b invoices, nothing has changed since the release of ZUGFeRD. They prefer sticking to EDI formats (many with some custom edge cases for their SAP monstrosities, e.g. putting the `-` sign for negative numbers _after_ the number like `10-` for `-10`...)
Quite possible, yes. But the alternatives to zugferd look quite similar, due to requirements from the relevant laws:
https://de.wikipedia.org/wiki/Elektronische_Rechnung
translated excerpt:
an electronic invoice must be [...]
3. human readable
4. origin of the invoice must be guaranteed (digital signature or internal controls)
5. integrity of the invoice must be guaranteed
[...]
This means that while you might be able to use something other than PDF for the human-readable part, I don't think anything other than PDF will be used. All the other stuff (XML with embedded SVG or PNG, Word, plaintext) will have acceptance problems in one form or the other.
EDI is big business to big business, as evidenced by you mentioning SAP. There, you may be completely right, I don't know.
Sorry? I am pointing the fact that I thought it was at minima "outdated", if not racist to reffer to native american as indians, the downvotes comes from people thinking it is ok to call them indians and I am being too sensitive to raise this issue.
Anyway I think HN is a good source of information, and I enjoy it, but there is something that is probably inherit to all vote based online platform that turns social online interactions in the same way, interesting fact. I will stay a passive user when my karma reaches 0. Peace.
The main issue here is that you made a joke about race. It wasn’t funny, and was extremely distasteful. If this is still lost on you, then I suggest you take a moment to educate yourself on the matter and consider why this was offensive to so many people.
