HackerLangs
TopNewTrendsCommentsPastAskShowJobs

dm_

no profile record

Submissions

Show HN: "Where" is an open source E2EE realtime location sharing app

where.af0.net
2 points·by dm_·tháng trước·0 comments

comments

dm_
·tháng trước·discuss
I'm not a tax lawyer, so take this with a grain of salt, but yes, I think they were trying to close loopholes, but did so sloppily.

Read the text (https://oag.ca.gov/system/files/initiatives/pdfs/25-0024A1%2...), specifically 50303 section c.

It seems to me that the authors were, as you say, trying to close a loophole, namely that where I set up a Nevada LLC to which I hold 99% of voting shares but 1% of outstanding equity, put my assets in it, and just direct the LLC to spend on things I want it to--but in the process, they failed to realize that non-public super-voting shares (like Google class B shares) seem to fall into category (3) of section (c) (i.e. neither sole proprietorships nor publicly traded assets).

I don't think that's a great design, though it's still worth noting that it doesn't rule out privileged shares in general--GOOGL, to give an example, are privileged voting shares that trade publicly, and thus are obviously under category (1), and assessed per their FMV.

But in any case, I stand by my broader point: this is a specific detail of how the California proposal has been written; it's not a fundamental aspect of wealth taxes. Switzerland has a wealth tax that does not have this aspect, for example.
dm_
·tháng trước·discuss
Yeah, good point. And I think you could probably make a fair case that the choice of where to apply that sort of ugly anti-democratic violence and subversion probably reflected culturally chauvinist and racist ideas about which cultures would be receptive to hoity toity arts and culture (European, White) and which would not (the others).

But I don't know that I find a lot of fault with, like, funding the Kenyon Review. That sort of seems like a fine thing to do. I'm not sure there's a discernible difference between that and just sort of generally funding arts and culture, which a) seems fine, but b) also certainly serves to aggrandize "our" culture and promote the glory of "our" way of life.
dm_
·tháng trước·discuss
I don't think this is true of "proposals" in the plural. This is arguably true of the California ballot measure due, allegedly, to sloppy drafting.

But this isn't a fundamental aspect of wealth taxes; it's a choice. So I don't think it's a meaningful argument against wealth taxes in general.

(As an unrelated point, I think dual class shares are sort of bad and it makes sense to me to discourage them as a matter of public policy, but this doesn't seem like necessarily the best way to do it.)
dm_
·tháng trước·discuss
I'm sort of torn on this stuff.

On the one hand, I suppose modern personal computers often have a lot of excess compute, so for lightweight inference tasks it makes sense to utilize it.

On the other hand, it will always be true that datacenters can optimize for shared infra (i.e. when I'm asleep, someone in a different timezone can use my capacity), lower cost power (they can build near cheap power sources, which is not how I choose where I live), and upgrade cycles (they can upgrade hardware when it makes sense for production models, not when I choose to upgrade my laptop because I dropped the old one or I want a bigger screen).

That suggests to me that there is far more pressure to keep things in a datacenter than to move it to local computers.

As for privacy, yes, that part is nice--but remote sealed computing (a la Confer.to) is another option for this which preserves the economic advantage of the cloud.
dm_
·tháng trước·discuss
What's ironic about your statement is that it's this exact belief--that founders should remain in control--that has led to the widespread adoption of dual class shares, in which founders maintain control while ceding a majority of equity.

And the irony here is, by that same token, founders could maintain in control while not having such large equity stakes, and not becoming so rich.

So I do not think this is an argument for billionaires.
dm_
·tháng trước·discuss
The book "Limitarianism" seems relevant: https://www.theguardian.com/books/2024/jan/21/limitarianism-...
dm_
·tháng trước·discuss
I think those are unrelated dynamics. AI isn't causing people to use fewer apps. (Well, it might be, in a different way: you don't need the Yelp app if you can just ask ChatGPT where to get lunch.)

It's rather the case that AI makes it easier to build and publish an app, but not substantially easier to make a popular app that people will actually use.
dm_
·tháng trước·discuss
The article is referencing this paper, btw: https://www.nber.org/papers/w35275.

As I commented on the Ladybird thread (https://news.ycombinator.com/item?id=48410252), this is an empirical result that sort of tracks the intuition behind "sending a PR that compiles is no longer a sufficient stake to show real commitment."
dm_
·tháng trước·discuss
Also, this paper seems relevant: https://www.nber.org/papers/w35275

"Writing Code vs. Shipping Code: Productivity Effects Across Generations of AI Coding Tools"

As the FT summarizes,

> They found an explosive impact at the top of this funnel — coders created or edited almost 300 per cent more files — but that boost was halved to 150 per cent by the time they got to the number of discrete pieces of work submitted for review, and that in turn shrunk fivefold to a roughly 30 per cent uplift in the number of full software releases.

https://www.ft.com/content/8e9ae7a4-7209-4e2c-aa36-f3af77d6c...

So as I wrote, AI vastly improves labor productivity on _coding_, but not nearly as much on code _review_ or other parts of the release pipeline.

And, unfortunately, for many open source projects, it's easy for volunteers to send code for review, but hard for them to volunteer reviewing PRs, managing releases, etc.
dm_
·tháng trước·discuss
I think this is the key point.

A few years ago, if I send a complex PR that compiles and passes tests, that implies a certain amount of time and cognitive investment on my part. It seems likely that I wouldn't invest that if I didn't also understand the codebase, the feature or bug I'm working on, etc.

Now, that understanding is roughly as expensive as before, but AI has vastly reduced the cost of generating the code that compiles and passes tests.

Probably-well-intentioned community members are happy to contribute the cheap thing( Claude Code tokens) but, because it's so cheap, it's not a good indicator they've contributed the expensive thing (human understanding).
dm_
·tháng trước·discuss
I don't disagree with the desire for more inherently secure architectures, but I don't think it's the most relevant issue here.

You're always going to have to trust some core same-privilege code--a browser renderer is a great example of this: it has to be able to see the entirety of the DOM it's rendering, right?

Higher-level languages can still help code review--for example, memory safety makes it harder to hide a backdoor via unsafe memory operations leading to code injection. But you're still, fundamentally, trusting these community contributions.

I think the real problem (as others noted here) is that:

- writing code is now much, much cheaper than ever

- understanding and designing code is still fairly expensive

So doing the former (in the form of a PR that compiles and passes CI) is not a good "staking mechanism" to prove someone has done the latter.
dm_
·tháng trước·discuss
If "we" = "the USA":

1. I think the examples I linked to are real, in the sense that they were both a) CIA funded (or boosted) and b) are broadly credible cultural output.

2. Voice of America was a real media outlet with real cultural impact.

There are also non-American examples. The BBC World Service is (or was) pretty widely listened to, which strikes me as a pretty big soft-power boost for an otherwise waning colonial power.

I do think what separates those from (apparently) this example is that they were all output that had genuine value to the target audience. That's sort of like the discussion around USAID: it was, indeed, also often CIA-adjacent and, during the Cold War, was anything but a purely altruistic endeavor (which is why it's so funny to see reactionaries describing it as some sort of bleeding-heart operation), but it nonetheless provided genuine value to recipients of its relatively meager budget.

What seems to be the dominant philosophy in Washington now is either a) America can get all the same cultural influence for cheap via AI, or b) soft power influence doesn't matter anyway because America has the Tomahawk missiles.

I think both of those views are likely to be incorrect.
dm_
·tháng trước·discuss
What I think many of the jaded comments about how "it was ever thus" miss is what it means that American soft power is reduced to AI slop.

During the Cold War, the CIA famously funded all sorts of cultural endeavors, but much of the output (if not directly CIA-created, then at least bolstered by the Agency) is still held to have been culturally relevant: abstract expressionism (https://www.bbc.com/culture/article/20161004-was-modern-art-...), the Kenyon Review (https://www.thecollegianmagazine.com/the-kenyon-review-and-t...), etc.

Lots to criticize in the Cold War, but I think you can at least make the argument that this was emblematic of an American cultural power that was self-assured of its own value and legitimacy.

In comparison, now we have...LLMs creating personal finance tips?
dm_
·tháng trước·discuss
Looks neat!

I don't mean to be dumb, but it's hard to find docs on how Hyperdrive works. The Hyperdrive github just links to https://docs.pears.com/building-blocks/hyperdrive/, which links back to the github, and the docs seem mainly API docs.

Under the hood, what does Hyperdrive actually do? How does this navigate NAT, etc?
dm_
·tháng trước·discuss
That's what https://verifiableintent.dev/ is for, right?

Though I also think this is, in a sense, a poorly specified problem: without remote attestation (as with FIDO Security Keys), nothing prevents a human from connecting the "user presence" check to a software-triggered cryptographic key.

And for a variety of privacy and open-web reasons, nobody wants to tie common web flows to remote attestation.

So.... ¯\_(ツ)_/¯