I will not verify my identity or age for any online service, other than clicking on an "I am over 18" button, ever. I will simply stop using the service, if it is required.

I encourage you to do the same. It's not "for the children". It's to harvest even more information from you so corporations can try to squeeze even more money out of you and to be able to track you and everything you do.

Do you know what's not accessible? Writing "a11y" in any article or documentation

I will accept it as a convenience in APIs since developers are lazy and can't spell, but fuck off with using it in text

We knew this was coming, but now the clock is running. From Privacy International:

"Yesterday the Trump Administration announced a proposed change in policy for travellers to the U.S. It applies to the powers of data collection by the Customs and Border Police (CBP)."

"If the proposed changes are adopted after the 60-day consultation, then millions of travellers to the U.S. will be forced to use a U.S. government mobile phone app, submit their social media from the last five years and email addresses used in the last ten years, including of family members. They’re also proposing the collection of DNA."

PI linked to and summarized a Federal Register entry describing the proposed requirements:

-All visitors must submit ‘their social media from the last 5 years’

-ESTA (Electronic System for Travel Authorization) applications will include ‘high value data fields’, ‘when feasible’
‘telephone numbers used in the last five years’
-‘email addresses used in the last ten years’
-‘family number telephone numbers (sic) used in the last five years’
-biometrics – face, fingerprint, DNA, and iris
-business telephone numbers used in the last five years
-business email addresses used in the last ten years.

https://www.privacyinternational.org/news-analysis/5713/trump-administration-wants-your-dna-and-social-media

The Federal Register entry says comments are encouraged and
must be submitted (no later than February 9, 2026) to be assured of consideration.

Federal Register entry: https://www.govinfo.gov/content/pkg/FR-2025-12-10/pdf/2025-22461.pdf

iOS 6 has to be the last iOS with well-designed UI. The UI is intentional and clear. It doesn't try to be anything more than that. It doesn't blur the lines between UI and user content. The UI is actually there as you need it rather than playing peek-a-boo with you. The visual affordances are very much appreciated. You know what is your stuff and what is a control or tool. And it makes *excellent* use of the very small real-estate available to it. It's refreshing to see.

https://www.martinnobel.com/techresearch/ios-6-screenshots

Github actions yeah but what about Github consequences

Recent discussion about the perils of doors in gamedev reminded me of a bug caused by a door in a game you may have heard of called "Half Life 2". Are you sitting comfortably? Then I shall begin.

Internet Archive Hits One Trillion Web Pages

https://hackaday.com/2025/11/18/internet-archive-hits-one-trillion-web-pages/

Espressif hired a bunch of Rust devs years ago and they have been quietly doing great work supporting Rust on their chips ever since. Still haven’t seen any other chip companies get close.

https://developer.espressif.com/blog/2025/10/esp-hal-1/

lol no you don't #privacy #cookies

Watching all of the random things that people have been saying about AWS's #outage yesterday reminded me of a discussion that I had with one of my teams while working at Google.

We were doing longer-term planning, and people were proposing multi-year goals. One (moderately senior) teammate wanted a goal of roughly "MTTR decreases X% per quarter".

So, that sounds nice in theory but it's not how mature services really work. As you fix the easy bugs, you get fewer and fewer trivial outages. "Admin typed dumb thing" mostly goes away with better checking and deployment policies. "Partial backend failure caused cascading failure" is mostly handled by avoiding patterns that cause cascading failures, and then dealing with partial failures as best as they can be handled. "Trivially bad software release broke things" gets handled by improved testing and canarying over time.

Unfortunately, once you get rid of the easy outages, you're left with *weird* stuff. I/O patterns that trigger latent firmware bugs in SSDs, causing accelerated failure fleet-wide, with a multi-year lead time on replacements. Datacenter fires. Natural disasters. CPU bugs. ROMs that get overwritten by excessive reading. Software bugs that cut across 4 or more services and somehow manage to find decade-old fatal flaws. Overloading some resource *that no one knew existed* (per-second-level domain HTTP cookie jar size, undocumented stateless router hardware state limits). Or (one of my favorites) BGP stops converging correctly because several racks were too heavy and their plastic wheels had cracked (yes, really!).

The sorts of things that you *can't* fix fast, because no one even has a good model for what is happening, and none of the usual quick fixes (roll back, drain, loadshed, etc) are helpful.

In this specific service's case, we weren't *quite* to the maturity level where I expected MTTR to start rising, but we were getting close. And, frankly, we didn't track MTTR very closely anyway.

Reading takes on AWS's outage like "when we had our own datacenters, we never had long outages without any ETA for recovery" mostly just means that you never had any of the really *fun* problems.

Remember, the reward for a job well-done is a new, harder job.

@me One of my first Delphi apps was a fake "system is locked" window with a password prompt -- to steal a BIOS password or something like that.
Worked just fine with some "social engineering" on my mom 😅