...also migrating AWAY from Fastmail (Australian) and TO an European provider sounds like a very bad idea - I'd kind of want both the US and the EU legally away from my coms at all costs (!)
Is it that different? Being Australia in alliances like "Five Eyes" I don't think you can keep your stuff away from the US at least when using Fastmail.
If you want both US & EU away from your data, I suppose you will have to consider things like Yandex Mail, which comes with its own set of problems too, of course :)
The problem is that, even if Fastmail are Australian, they host exclusively in the US. They state that sure, there is the possibility of interference at the data center level, but they rely on their anti-hacking measures to prevent unlawful access
The EU has about 450 million citizens, which of course limits my direct vote. Downside of a democracy (EU is a complicated democracy, but still) is that a majority probably has other priorities than me.
However there are many ways to impact policy makers. From individual contact to impact on the public debate. Even a small post here may lead to people considering their vote or contacting a local or EU parliamentarian, which in sum pushes the needle. In the end they are receptive, as they need the votes by the people.
It's long and tedious and not all things go anywhere, but then again: I am just one in 450 millionand for most of those priority is to have a Job which pays the rent and food and thus I have to break it down to be relevant for them.
The actual answer as to how much you influence policy is: none at all.
The European commission proposes laws. European commissioners are proposed through existing EU institutions. They are not voted in.
You vote for MEPs, who discuss laws, pass them, perhaps amending them. They do not propose them.
And by the way, this is not democracy, it is 'representative democracy' - you vote for one person to represent you and 100,000s of others for all the decisions an MEP makes over their 5 year term. They are not bound in any way to stick to their campaign promises.
Anyway, you might be happy or not about the laws these unelected bodies pass - I'm glad you seem happy about it. You might or might not see Europe as a triumph for its subjects. But there is no need to kid yourself or others that you have any impact over policy.
The European commission are appointed by the Council of the EU which is composed by elected individual member countries' heads of government. Commissioners also need to be individually approved by the European Parliament which is directly elected.
Representative democracy is democracy. Basically all nation level democratic governments are representative democracies.
EU has citizens initiatives. Citizens can propose changes to the law and the parliament has to discuss it.
Stop Killing Games movement actually got a foothold.
EU as every healthy democracy has also non-elected experts (just like judiciary side) in its organs who can create law proposals. That's how we got USB-C and GDPR.
how about the OPPOSITE problem: _anyone knows of any non-EU AND non-US email providers_? with email accounts as the roots of trust for many things, i'd really wanna know how can I get a trustworthy one not-attached to eithern an unstable system (US), or a very overregulating one like the EU juristictions...
Name a country and it probably has its own problems: some combination of instability, corruption, authoritarian governments, collaboration with the US and EU governments that you want to escape…
ProtonMail is in Switzerland, so it’s perhaps the best mainstream bet. But the Swiss are absolutely not immune to US and EU pressure.
Runbox are a good option - company and servers in Norway: https://runbox.com/
Been around since 2000. They're also working on JMAP support and are the top financial contributor to the Stalwart mail server (https://opencollective.com/stalwart) so I think they'll have a more compelling offering soon.
Also worth keeping an eye on Thunderbird pro which will also use Stalwart: https://www.tb.pro/en-US/
Can recommend Runbox for a lot of reasons, but one gotcha that bothered me in day-to-day use was that emails are delayed by a minimum of 30 seconds, with no real upper bound, just a probability curve with, say, the 90th percentile around 5 minutes. On rare occasions, that means OTPs or login links valid for 5 minutes have expired when you get them. Yes this was really on Runbox' side, yes I talked to support, yes they cared, yes they subsequently ghosted me when delivering the requested headers of emails delayed for more than 5 minutes which they considered a normal delay "because email wasn't supposed to be real-time" (be that as it may, that doesn't take away that you sit there 30 seconds... 60 seconds... 90 seconds, wondering if you should go do something else while you wait for the confirmation link and get back to your current task later)
Seriously though, nothing but recommended in every other regard. Alias management, anonymous domains you can use, configuring the sender in Thunderbird no problem, everything else was great. My colleagues didn't seem to mind this delay so much as me so it's something to be aware of but might work fine for you
Edit: I realised this is already like four years ago now, it could have gotten fixed in the meantime. It was an issue for several years before we switched away for some reason related to calendars (don't remember the details, I wasn't my choice)
I agree, as a happy Runbox customer of several years. But probably the parent post meant non-EEA too, as Norway is effectively subject to any and all EU regulations.
Recently Runbox had a couple significant outages which made me rethink hosting my email with them. I and my family have used them for many years and I liked what they offered (didn't like bad web UI) but will probably be migrating to Fastmail or other when my current subscription expires.
I was disappointed more by their lack of communication than by the outages. And one outage wasn't even reported on their status page although they confirmed it via support. That's a very bad communication.
And that's pretty much the thread. You're either subject to a large power's jurisdiction or subject to a jurisdiction whose sovereignty is at the pleasure of large powers... Pick a threat model, plan appropriately, and keep things in perspective.
...would those "overreach instinct" expand to "handing over access an overreaching and likely corrupt EU or US prosecutor"? (I don't care about 5eyes etc, spyies will spy me, I just don't want stuff to be easily and unexpectedly draggable in a court case, or am email used as bolt-key to access other things to get blocked by a prosecutor's regulation...)
If your threat model includes the USA government then you can only go with obscurity, honestly - preferably self hosted with a completely locked down system that cannot initiate any network communication besides on the relevant mail protocol ports, completely immutable filesystem beyond the mail data with encryption at rest
And with all of that they'll still be able to pwn you through network equipment which relays your mail, eg some router or switch which they backdoored and mirrors all traffic to their datacenter.
> how about the OPPOSITE problem: _anyone knows of any non-EU AND non-US email providers_?
Yes, your own server at home. All countries have fundamentally the same problems, so you will have everywhere the same tradeoffs as a customer. So it really depends on what your specific circumstances and requirements are. If laws are your problem, then stay away from countries where you break them; otherwise, just don't go where they will sell your data for any random penny.
> or a very overregulating one like the EU juristictions...
WTF is this kind of demand? Those regulations do not concern you as a user, but can be very beneficial for you, don't you understand this?
lol, you want trustworthy stability without “too many” regulations. Good luck with that.
I’m not sure you know what instability means if you think the US is unstable. If anything, the fact that the dumbest person on the planet is in charge of the United States and the country still functions as well as it does proves a lot about the stability of the USA. The country runs on geopolitical easy mode.
Maybe there’s a libertarian fantasy novel where you can host your services.
> Mistral AI has already partnered with world-leading organizations, like ASML, DSO National Laboratories Singapore, Ericsson, European Space Agency, Home Team Science and Technology Agency (HTX) Singapore, and Reply to train models on the proprietary data that powers their most complex systems and future-defining technologies.
When you can actually represent somebody like the ESA get in touch with them. Otherwise, uh, gtfo.
...you sound like a typical opus-person :P Just use anthropic's flagships if you want good instruction following, focus in long convos, and proper understanding of guidance-when-wrong.
...the f?! why are we interviewing ppl for things like this?!
you either:
(a) want DEEP understanding of math and proofs behind algorithms etc.
(b) can get away with very high level understanding, and refer to documentation and/or use LLMs for implementation details help
there is no real world use case for a middle-ground (c) where you want someone with algo implementation details rote-memorized in their brain and without the very deep understanding that would make the rote-memorization unnecessary!
> there is no real world use case for a middle-ground (c) where you want someone with algo implementation details rote-memorized in their brain and without the very deep understanding that would make the rote-memorization unnecessary!
I was watching a video recently talking about how Facebook is adding KPIs for its engineers' LLM usage. As in, you will be marked negatively in your performance review if your code is good but you didn't use AI enough.
I think, you and I agree, that's obviously stupid right? I imagined myself as an engineer at Facebook, reading this email come through. I can imagine two paths: I roll my eyes, find a way to auto-prompt an LLM to fulfill my KPI needs, and go back to working with my small working group of "underrecognized folks that are doing actual work that keeps the company's products functioning against all odds." Or, the other path: I put on my happy company stooge hat, install 25 VScode LLM forks, start writing a ton of internal and external posts about how awesome AI is and how much more productive I am with it, and get almost 0 actual work done but score the highest on the AI KPIs.
In the second path, I believe I will be more capitalistically rewarded (promotions, cushy middle/upper management job where I don't have to do any actual work). In the first, I believe I will be more fulfilled.
Now consider the modern interview: the market is flooded with engineers after the AI layoffs. There's a good set of startups out there that will appreciate an excellent, pragmatic engineer with a solid portfolio, but there's the majority of other gigs, for which I need to pass a leetcode interview, and nothing else really matters.
If I can't get into one of the good startups, then, I guess I'm going to put on my dipshit spinny helicopter hat and play the stupid clown game with all the managers so I can have money.
I think the influx of many truly self-driven and resourceful self-taught programmers in the 2010s established a perceptible need (not necessarily an accurate one) of needing to "properly vet" non-degreeed candidates. Stuff like Leetcode is what emerged. The truth is, the "vetting" was originally done via self-selection. Generally computer-oriented and creative people gravitated toward application development and it was worth something to the world. The world probably didn't know how to value this group of people, so continuously tried to put in some kind of formal process.
But like Art, the artists came from everywhere. We're being dishonest if we don't acknowledge what truly made these developers get to where they are, and it wasn't because they originally went "Oh, I know what I'll do, I'll do thousands of Leetcode problems', that is absolutely not the true story of the developer in the last decade.
Leetcode is a sloppy attempt at recognizing and appropriately handling developers. It was an "attempt", a failed one imho. It fundamentally ignores the spirit in which these developers operated in, it reduces them to gym rats, and that's not how they got there.
This being a spiritual problem is what makes the most consistent sense. Even those that grind Leetcode will tell you their heart is not in it (just like GP mentioned above).
Maybe it's just me, but I want people that are reasonably competent and you can work with. Maybe there are some jobs that require deep understanding of maths/proofs etc, but those are what, maybe 1 in 100 engineering jobs?
More often than not a deep interest in a particular technical domain is a liability. It's like that guy that insists on functional programming design patterns that insists on a fold with tail recursion where simple mutation could have easily sufficed. Or endless optimization, abstraction and forced patterns. Bro, you're working on building a crud app, we don't need spacecraft design.
The math puzzles like this are supposed to show deep mastery. I assure you that you don’t need DP in 99.999% if cases as well, but idiots are still asking house robber.
People are sheep. Someone somewhere used mathematical puzzles as interview questions. That someone became big. Others assumed it was because their interview process was amazing and followed blindly. Soon enough the process started to be gamed.
I'm seeing this trend again in the field of AI where math olympiad participants are being given God like status by a few companies and the media.
Truth is even the most prolific computational scientists will flunk these idiotic interviews.
I am guilty of this. I started asking simple programming questions back in the early 90s. It was just a way to see if interviewee knew how to use for loops and conditionals, to see if they can solve simple problems. It was great when taken unprepared, but once people started drilling and memorizing them, the problems became a lot harder. It got to the point where you really have to study, it is not enough to have 20 years of professional programming experience.
Fun story. For years, I used a set of problems that I took from a very old programming book. I have probably seen dozens of solutions for these problems. About 6 years, in an interview, somebody happen to ask me about one of these problems. So, I wrote the solution and the interviewer told me it was wrong, but he couldn't tell me why it was wrong. Then he proceded to clean the screen. (It was remote interview). So I flunk the interview with a problem that I knew back and forth.
Hundred percent. Classic example of academic smarts vs real world smarts.
It's why developers as a group will lose negotiating power over time. You would expect a smart person to question why that 'problem' exists in the first place rather than forge ahead and making a solution for a problem that doesn't exist. It's like your manager telling you to write a software that does something, whatever that is. Your first question should be why and you should not type a single letter until you understand the domain and whether a software solution is needed in the first place.
For all the intellectuality modern devs give to themselves, they are still asking how high when told to jump. And in some cases even bragging about jump heights. Only difference is that many devs look down upon others (or simply are unable to understand those) who refuse to jump.
We all know devs have better things to focus on, given the state of modern software development.
Yes, and it's mostly the fault of a handful of companies like Google and Facebook that were started by founders who were still in college, so choose interview problems that look like CS algo puzzles instead of anything related to real work.
If you visit my eg. physical clothing store I'm allowed to monitor your in-shop behavior to better optimize my store for your needs. Same for a restaurant etc. That's how _you_ get _much improved services_ and I get _happier customers_.
Ofc I'm not allowed to freaking resell that data. THIS is the problem in online: releseling and data-brokers. Just KILL these categories of businesses off completely and make _them_ criminal (like even give f prison sentences to their operators).
We should get back to our sanity in ONLINE. As long as you're on _my (online) property_ and using _my services_ I can of course see EVERYTHING you f do, and should stop pretending I don't (as a business, ofc - anonymization exists and not any random employee can access any customer's data, probably should never access both data and identity correlated unless they're actively investigating some serious fraud). As long as I'm not sharing this data with anyone else, I should be 100% allowed to use every drop of this data to improve my services to you and totally differentiate myself from the incompetent competition that can't properly do this.
Data privacy (from EU's GDPR to... everything else) only helps big corporations fend-off competition from small startups or boutique shops that could easily out-compete them by offering hyper-personalized hand tailored micro-optimized experiences for their smaller number of customers based on the loads of data they collect from them. In the EU I've only ever seen these kinds of laws severely hamper small boutique or family businesses that wanted to hyperpersonalize to everyone's gain while big corpos easily surf around them with their teams of lawyers.
...we've all been brainwashed by this privacy psyop to sheepishly "fight for our privacy" in ways that are detrimental to us and only help our corporate oligarch overlords maintain an even tighter grip on power, while offering us worse and worse services. Wake the f up, DATA IS MEANT TO BE USED to IMPROVE goods and services, not remain uncollected or sit unused!
+ as a bonus we'd also incentivize businesses to internalize their marketing and related tech operations (since sharing data with 3rd parties would not be allowed), same for AI-customizations etc., forcing them to tech-ify and become more tech-savy businesses instead of externalizing all such things to evil big tech (eg. a clothing store chain could compete not only by producing better clothes, but also by developing better monitoring and generative AI for human-in-the-loop hyperpersonalization, spreading tech out... instead of outsourcing these to tech or big-consulting companies as they do now when the too-little-data they so collect anyhow is otherwise easily share-able to third parties)
> As long as you're on _my (online) property_ and using _my services_ I can of course see EVERYTHING you f do
That's fine, but you are not allowed to send me malware, that runs on _my property_ and snoops on _my data_.
Also data doesn't stop being mine, just because you have it. You also can't take photographs of random people and claim this is yours now. That's an important difference between the USA and European countries.
Well, we'd probably agree on most things... and re the photography example, afaik model release forms work similarly in the EU and US, right?
Now website code does typically run on your device, but I'd say that once you're a paid logged in user you clearly accepted to run it, under the conditions of it staying in its browser sandbox so... if you think it's "malware" then just stop being a customer. Otherwise software has a right to monitor its own operation.
...but yeah, maybe I missed the context a bit, a tracking pixel style tool will likely be used to track not customers but leads, so I do get your point, it gets trickier there and maybe privacy laws have a point there (as long as they stop there... hint: they usually don't!)
> under the conditions of it staying in its browser sandbox so
I consider fingerprinting my browser, by running programs and measuring the timings and characteristics of the browser to be a side-channel attack on the browser sandbox.
> Otherwise software has a right to monitor its own operation.
If websites would only "monitor its own operation", we would hardly have any discussion.
> if you think it's "malware" then just stop being a customer.
Easier said than done, when >90% of websites do this. Show me a mainstream corporations website, that work without Javascript. You can hardly pay for a train ticket and make an appointment to government services, without these crap.
Also there must be some rules what software vendors are allowed to do, since the average user can hardly reverse-engineer all the websites they (need to) visit. This is what regulations like GDPR try to enforce.
> and re the photography example, afaik model release forms work similarly in the EU and US, right?
It's not about contracting a model, it's about doing a random photoshot in public. People have the right to their own picture here, irregardless of who takes that picture and who posses it.
the fact that a not-so-direct experience of reality produces "good enough results" (eg. human intelligence) doesn't mean that a more-direct experience of reality won't produce much better results, and it clearly doesn't mean it can't produce these better results in AI
your whole reasoning is neither here not there, and attacking a straw man - YLC for sure knows that human experience of reality is heavily modified and distorted
but he also knows, and I'd bet he's very right on this, that we don't "sip reality through a narrow straw of tokens/words", and that we don't learn "just from our/approved written down notes", and only under very specific and expensive circumstances (training runs)
anything closer to more-direct-world-models (as LLMs are ofc at a very indirect level world models) has very high likelihood of yielding lots of benefits
But he seems to like pretending that we can’t reconfigure that straw of tokens into 4096 straws or a couple billion straws for that matter. LLMs are just barely getting started. That’s not to say there’s no other or better way, but yucking our yum he fails to acknowledge there’s a lot more that can be done with this stuff.
Command+shift+J gives you a file link, you can then use your favourite editor to find or manipulate it to your heart's content.
Coming from iTerm2 I was a bit disappointed at first. Now, I hope this feature stays because it means I can save logs easily, version them, compare them, etc. It's actually fantastic.
reply