> Indeed, it's relatively impossible without ties to real world identity.
I don't think that's true? The goal of vouch isn't to say "@linus_torvalds is Linus Torvalds" it's to say "@linus_torvalds is a legitimate contributor an not an AI slopper/spammer". It's not vouching for their real world identity, or that they're a good person, or that they'll never add malware to their repositories. It's just vouching for the most basic level of "when this person puts out a PR it's not AI slop".
NUL in the middle of a string is fine, types have no meaning, VARCHAR limits are just suggestions…
The flexible typing is the biggest WTF to me, especially because it necessitates insane affinity rules[0]. For example, you can declare that a column is of type “CHARINT” (or “VARCHARINT”, for that matter), and while that will match the rule for TEXT affinity (contains the string “CHAR”), it also matches the rule for INTEGER affinity (contains the string “INT”), and since that rule matches first, the column is given INTEGER affinity. "FLOATING POINT" maps to INTEGER since it ends in "INT", and "STRING" maps to NUMERIC since it doesn't match anything else.
Then there are the comparison rules (same link). NULL < NULL, INTEGER || REAL < TEXT < BLOB - but those may be altered at comparison time due to type conversion. Hex values as strings get coerced to 0 as INTEGER, but only if they're in the SQL text, not if they're stored in a table. Finally, no conversion takes place for ORDER BY operations.
This is particularly galling considering that most of sqlite3's display types (this is `markdown`) don't visually differentiate between string-types and numeric-types - I manually added the strings on rows (by PK) 2 and 4 to assist the explanation.
sqlite> CREATE TABLE foobar (id INTEGER NOT NULL PRIMARY KEY, b BLOB NOT NULL);
sqlite> INSERT INTO foobar (b) VALUES (10), ('10'), (0xA), ('0xA');
sqlite> SELECT id, b, 15 > b, '15' > b, 0xF > b, '0xF' > b FROM foobar ORDER BY b;
| id | b | 15 > b | '15' > b | 0xF > b | '0xF' > b |
|----|----- |--------|----------|---------|-----------|
| 1 | 10 | 1 | 1 | 1 | 1 |
| 3 | 10 | 1 | 1 | 1 | 1 |
| 4 | '0xA' | 0 | 1 | 0 | 1 |
| 2 | '10' | 0 | 1 | 0 | 0 |
SQLite is great, if and only if you use STRICT mode (and enable FK checks, if applicable). Otherwise, best of luck.
Yes, the problem is that many corporate resources cannot differentiate their roles from that of a glorified search engine. In fact, some experts on the human mind cannot effectively differentiate the human experience from that of a glorified search engine.
Some companies definitely do just exist on marketing. Some clothing brands are objectively overpriced crap and pure wealth signalling. Or something like a juicero.
But I agree Apple doesn't even though they've gone into a direction I couldn't follow them in.
Not really. They back it up with "good enough tech" that looks pretty and sucks people in with marketing, and then locks them into a closed ecosystem. Admittedly, some of their tech is actually very good (e.g. M-series ARM-based CPUs), but much of it is nothing special, or worse, just copying something else that competitors have been doing for years, presenting it as brand-new, and claiming credit for it.
They did this with the always-on screens for phones. My LGs had this many, many years ago. It was so bad that when Apple finally brought it out and acted like they had invented it, coworkers saw my LG and asked if I had gotten the latest iPhone, and I had to point out that it was a 5-year-old LG.
And then there's other stuff that Apple has which is just plain bad, but they present as new and wonderful, such as the "island" keyboard.
I'm planning to eventually launch an open source platform with the same name (peerweb.com) that I hope will be vastly more usable, with a distributed anti-abuse protocol, automatic asset distribution prioritization for highly-requested files, streaming UGC APIs (e.g. start uploading a video and immediately get a working sharable link before upload completion), proper integration with site URLs (no ugly uuids etc. visible or required in your site URLs), and adjustable latency thresholds to failover to normal CDNs whenever peers take too long to respond.
I put the project on hiatus years ago but I'm starting it back up soon! My project is not vibe coded and has thus far been manually architected with a deep consideration for both user and site owner expectations in the web ecosystem.
Well this is supposed to load a website in the browser like a "normal" website (doesn't work for me, stuck on "Connecting to peers...").
Just using a torrent client means that you have to download the website locally with a torrent client, and then open it in your browser. Most people wouldn't do that.
If it actually worked i could certainly see the value prop of not making users download a separate program. Generally downloading a separate program is a pretty big ask.
Good catch!
Though it misses my primary condition: "disposable" - ha! :-D
(this one is a refillable one, and it looks like he is streaming the content from his PC?)
I believe the piece we're missing is the government (citizen?) service which issues (manages, replaces, revokes) constituents' cryptographic tokens for use with such things.
Then our voting systems could be electronic, secure, open, verifiable, and mostly private; assuming effective oversight / this organization does not issue fraudulent tokens or leak keys or identities (big assumption, but I don't think it's impossible.)
Isn't a vote being verifiably tied to a person actually a bad thing? Then you can actually check what e.g. your wife or kids voted for and punish them if they vote wrong. Or get people to pay for votes, but doing that at scale is obviously hard.
Maybe this isn't what you meant by verifiable, but there are systems with this property and they are bad.
The property you are talking about is generally called "deniability" in the literature, whereas the GP is talking "verifiability" ie. being able to verify your own vote is cast correctly. They are both valuable, sometimes mutually exclusive, but not necessarily, see eg. https://petsymposium.org/popets/2024/popets-2024-0021.pdf
No, because they have no idea what your true ballot ID was.
They can force you to show them a ballot, the idea is that all ballot ID's get made public. You could be showing them anybody's and they'll never have any way of knowing.
It seems you mean something simailar to Selene voting system where a tally board is published containing tracker vote pairs. Each voter can decrypt their tracker once the voting phase closes to check the vote and also means to fake the decryption for claiming another other tracker from the tally board as yours.
Not necessarily. In Colorado they handle this by putting the ballot in a blind envelope inside a trackable envelope. I can verify the details of the receipt of that trackable envelope to the tallying center where it is verified as untampered and opened under video with multiple people present. The unmarked envelope is added to all the rest of the ballots to be counted.
So then you can verify your vote reached the tallying center, but not that it was tallied correctly. Someone can look at your vote and count it wrong.
I think that's fine and the best we can do, but the person I replied to said you can verify your vote is tallied correctly. That implies checking what the actual vote was.
All true, but this is no different than any other ballot in the state. At a certain point you can choose anonymous ballots or you can choose trackable ballots.
Receipt-freeness (i.e., a secret ballot) is usually the desired property. Yes, a lot of people like you state they desire verifiable votes. But that's where you need to respond to the points the person above you is making: how is such a system not also susceptible to coercion and bribery?
(However you would verify your vote, imagine the person who is coercing you is just standing over your shoulder with threat of force. An example might be an abusive husband who does not want to allow their wife to vote freely/against him. A briber might simply force you to allow them to look over your shoulder before they'll pay you off.)
Vs. paper ballots in a polling place: a coercer would not be permitted in the poll booth with me. I get to vote, and when I leave, … I can tell them whatever, but it does not need to match my vote. It utterly defeats bribery, as the briber has no way to verify that I'm doing what they way.
Exactly, we can definitely build a secure online voting system, far more secure than the current paper one, but it will come with some downsides. One of them is a national digital ID mandated to all voters, which obviously can and will be abused by the government.
Another reason (besides what I mentioned in another post below) why such a secure system will never see the light, even if we can technically build it, is that the average person will start to question: why do we still need to vote for representatives if we have such a system in place? Can't we as citizens vote directly on bills/acts? Which makes sense since the current system was designed before all these tech and connectivity.
Yeah, we have certificates on our ID cards, but they need to be manually renewed every 3 years which necessitates a trip to the designated authority. And then the underlying system gets changed every so often invalidating the card types altogether, so they can be used as dummy IDs only.
reply