I think the distinction here is they want an app that never NEEDS to be updated, not one that never DOES get updates (which is fair – I'm happy if things just work and are not changed every 2 weeks).
For a security app, it's pretty rational to need to be updated. One of the most common patterns in basically every technological attack is to take a freshly discovered vulnerability and target devices that haven't been updated yet.
It sounds good in theory but signal updates are beyond excessive, sometimes multiple times a day but almost certainly every few days.
Most of the time there is zero explanation for the update. They are just training their users to auto accept updates with no thought about why, which in itself is a security risk.
If signal really is pushing these updates for "security" then it must be one of the most insecure apps ever built. I legitimately can't think of another app or program that updates more frequently... Maybe youtube-dl?
> It sounds good in theory but signal updates are beyond excessive
Those are two different arguments.
Updating too frequently is not equivalent to "doesn't need to be updated." I can agree that they update a bit too frequently but that's nowhere near the argument about never updating.
A program cannot be secure if it does not update. Full stop.
> Most of the time there is zero explanation for the update
There's always a changelog.
If you, unlike most people, are interested it is all open source
That requires the programmer to be omniscient and clairvoyant.
You can get pretty close if you're in a static environment like a machine that never connects to the internet and the hardware never changes and no other software on the machine changes, but neither a phone nor a communication platform allow for that.
I searched so long for a single screenshot, looking at the app stores (in my browser) and Github with no success.
It really is weird not to show a single screenshot when the 4th listed feature is design ("Material You | Extra theme that follows your device palette").
My job requires the whole modern pipeline with Vue front ends, Quarkus services and k8s deployments and it's suitable for what we do in our teams.
But I have dozens of websites I built and am still building today in the way described and it works just as well for me. As a single developer with "simple" websites it's just great to have so little mental load when fixing some small things.
Admittedly I have a small script to upload stuff via ftp (if ssh/rsync is not available), so no FileZilla anymore :)
I, too, settled on a minimalist process for deploying my blog, just build it with a Hugo, copy the files over to a cheap server, and there you go, deployed. It's the right tool for the job (for me).
I thought about that process, too, but it’s more convenient to skip the whole “lots of commits” and GHA loop.
At the moment I’m still mainly fixing and customizing the theme, but I expect that once I actually start blogging instead of fixing the theme and learning Hugo, GitHub actions would make sense again.
> I, too, settled on a minimalist process for deploying my blog, just build it with a Hugo, copy the files over to a cheap server, and there you go, deployed.
Meh. That's over-engineered[1] /s :-)
--------------------
[1] I have a bash script that produces the site from markdown snippets, commits it to a repo and the VPS pulls master periodically.
It seems plausible that an agentic AI will notice that it's running in a Docker container while debugging some unexpected issues in their task and then tries to break out (only with good "intentions" of course, but screwing things up in the process).
Claude or Gemini CLI absolutely will try crazy things after enough cycles of failed attempts of fixing some issues.
They absolutely will, but a non-root user inside docker so far, even when asked, did not result in any damage outside the the docker container. With root it managed to break things, but as user it did not find a way. When I asked it to try more 'fishy' things, codes + claude code both refused; after prompting some more 'but we are testing a security tool ' etc, it just tried very meek things that did not manage to do anything.
It's a fair concern, and I understand where you are coming from. What I can say is that it's not our first rodeo incorporating another OSS product in our family. I tried to summarize it in the post:
> "This proven playbook is the same one that we applied when joining forces with PeerDB to provide our ClickPipes CDC capabilities, and HyperDX, which became the UX of our observability product, ClickStack."
If you research both instances above, the result is that these projects got more traction and adoption overall.
I hope this helps! and thank you for using LibreChat
It's been a while so I can't really answer your question. But in a localized Excel version i can NOT use the english formula names. So after you googled a solution for your problem, you also need to find out the translations...
Yeah the clock game is weird. One solution was "fünfundzwanzig vor zwei" which I never heard in my life (native German). At least in my region one would say "fünf nach halb zwei" or "Ein Uhr fünfunddreißig".
The classified documents thing with Trump was a manufactured scandal, for example. Everyone in our government is mishandling classified documents because we have a massive over-classification problem, as seen by the lesser reported and covered subsequent finding of Biden having documents.
Only one of those events was associated with a televised raid (which the press was notified of beforehand so they could be sure to film it).
It was all theater.
It's the same with Trump's prosecution in NY, that case was ridiculous. One deed expanded into 37 misdemeanors that were escalated to a felony because they were committed in an effort to cover up an alleged felony. I say alleged because he was never convicted of the original crime but, conveniently, that's not a requirement of that escalation in NY law.
Ironically, both of those cases only increased Trump's support among non-Democrats (Republicans and, importantly, independents) because it was transparent.
Here's a quote for the NY AG that sued Trump.
> "We will use every area of the law to investigate President Trump and his business transactions and that of his family as well," [0]
That sounds an awful lot like she went looking for crimes of a person rather than finding who's responsible for crimes. And threatening his family as well.
> The classified documents thing with Trump was a manufactured scandal, for example.
It was not. Trump was asked for months to return the documents.
He purposefully had staff to move documents onto his private jet and moved them around his various properties. He stored boxes and boxes, not just a few file folders, in random bathrooms.
Yes, plenty of folks may mishandle stuff, but many folks try to fix their errors when they're pointed out. Trump ignored the requests and continued doing things consciously even when notified.
We're talking specifically about lawfare - so no idea why you're talking about the Nord Stream pipeline? These banal observations about 'both sides' are so shallow.
Name Biden's lawfare. What exactly did he abuse the Justice Department to do?
You might be talking about lawfare, I'm pointing out how your media carries water for one side covering up petty vendettas against Trump by the Biden regime, all the way to suppressing blatant acts of terrorism against an ally - sorry vassal state - Germany.
