Sure, they don’t rule the world. They only have the power to ban you (either the company per se or its individual owners, officers, and/or employees) from ever again doing any business in the EU. Which naturally includes business with any individuals or companies either based in the EU (as a seller or a buyer) or wanting to do business in the EU. Or from traveling to the EU, whether for business or personal reasons. Little things like that. Nothing too inconvenient. (/s)

They haven’t taken things quite that far—yet. But they could. It’s dangerous to assume that you can ignore them without consequences just because your company doesn’t currently depend on revenue from EU customers. The world is more interconnected than that, and the consequences may not be limited to your company.

Geoblocking in such cases would not be sufficient. For one thing your geo-IP database will never be perfectly accurate, even without considering that “data subjects who are in the Union” can connect to your site via proxies or VPNs with non-EU IP addresses. For another you still need to respond to GDPR requests e.g. to remove data collected on a data subject currently residing in the EU, even if the data was collected while they were outside the EU, and you can’t do that if you’re blocking their access to the site. For a newspaper in particular the same would apply to any EU data subject they happened to report on, whether they had previously visited the site or not.

They never should have made opt-in an option in the first place. All the legitimate reasons to store data are already permitted without asking permission (required for the site to function, or storing data the user specifically asked the site to store such as settings). All that’s left is things no one would reasonably choose to consent to if they fully understood the question, so they should have just legislated that the answer is always “no”. That plus a bit more skepticism about what sites really “need” to perform their function properly. (As that function is understood by the user—advertising is not a primary function of most sites, or desired by their users, so “needed for advertising to work” does not make a cookie “functional” in nature. Likewise for “we need this ad revenue to offer the site for free”; you could use that line to justify any kind of monetization of private user data.)

In what sense do you think this isn’t following the email standard? The plus sign is a valid character in the local part, and the standard doesn’t say how it should be interpreted (it could be a significant part of the name; it’s not proper to strip it out) or preclude multiple addresses from delivering to the same mailbox.

Unfortunately the feature is too well-known, and the mapping from the tagged address to the plain address is too transparent. Spammers will just remove the label. You need either a custom domain so you can use a different separator (‘+’ is the default but you can generally choose something else for your own server) or a way to generate random, opaque temporary addresses.

If you want to talk about non-compliant address handing, aside from not accepting valid addresses, the one that always bothers me is sites that capitalize or lowercase the local part of the address. Domain names are not case-sensitive, but the local part is. Changing the case could result in non-delivery or delivery to the wrong mailbox. Most servers are case-insensitive but senders shouldn’t assume that is always true.

CVS and E*Trade both refused to accept my fairly standard user@mydomain.info address during initial registration, but had no issue changing to that address once the account was created. It would be nice if their internal teams communicated a bit better.

The full email address syntax described in the RFC cannot be precisely matched with a mere regular expression due to the support for nested comments. The need to track arbitrarily deep nesting state makes it a non-regular language.

If you remove the comments first the remainder can be parsed with a very complex regex, but it will be about a kilobyte long.

deleted by creator

Your intake of sugar participation in extreme sports absolutely impacts other people when you end up with chronic health issues that other people have to help pay for.

It’s not as if there’s some natural law obligating you to pay for anyone else’s health issues. Your government is responsible for externalizing that private cost onto you and others, effectively subsidizing risk-taking and irresponsibility. If you don’t like it, insist that people pay for their own health care and insurance at market rates, without subsidies.

So you’re not remapping the source ports to be unique? There’s no mechanism to avoid collisions when multiple clients use the same source port? Full Cone NAT implies that you have to remember the mapping (potentially indefinitely—if you ever reassign a given external IP:port combination to a different internal IP or port after it’s been used you’re not implementing Full Cone NAT), but not that the internal and external ports need to be identical. It would generally only be used when you have a large enough pool of external IP addresses available to assign a unique external IP:port for every internal IP:port. Which usually implies a unique external IP for each internal IP, as you can’t restrict the number of unique ports used by each client. This is why most routers only implement Symmetric NAT.

(If you do have sufficient external IPs the Linux kernel can do Full Cone NAT by translating only the IP addresses and not the ports, via SNAT/DNAT prefix mapping. The part it lacks, for very practical reasons, is support for attempting to create permanent unique mappings from a larger number of unconstrained internal IP:port combinations to a smaller number of external ones.)

Not every work produced by a LLM should count as a derivative work—just the ones that embody unique, identifiable creative elements from specific work(s) in the training set. We don’t consider every work produced by a human to be a derivative work of everything they were trained on; work produced by (a human using) an AI should be no different.

Examples of local commands I might run in tmux could include anything long-running which is started from the command line. A virtual machine (qemu), perhaps, or a video encode (ffmpeg). Then if I need to log out or restart my GUI session for any reason—or something goes wrong with the session manager—it won’t take the long-running process with it. While the same could be done with nohup or systemd-run, using tmux allows me to interact with the process after it’s started.

I also have systems which are accessed both locally and remotely, so sometimes (not often) I’ll start a program on a local terminal through tmux so I can later interact with it through SSH without resorting to x11vnc.

Not the GP but I also use tmux (or screen in a pinch) for almost any SSH session, if only as insurance against dropped connections. I occasionally use it for local terminals if there is a chance I might want a command to outlive the current graphical session or migrate to SSH later.

Occasionally it’s nice to be able to control the session from the command line, e.g. splitting a window from a script. I’ve also noticed that wrapping a program in tmux can avoid slowdowns when a command generates a lot of output, depending on the terminal emulator. Some emulators will try to render every update even if it means blocking the output from the program for the GUI to catch up, rather than just updating the state of the terminal in memory and rendering the latest version.

Historically speaking, people have gone to the trouble of manually digitizing hard copy books to distribute freely. There were digital copies of print books available online (if you knew where to look) before e-books were officially available for sale in any form. That includes mass-market novels as well as items of interest to historians. Ergo, your scepticism seems entirely unjustified.

OCR is far from perfect (though editing OCR output is generally faster than retyping), but even without it we have the storage and bandwidth these days to distribute full books as stacks of images if needed, without converting them to text. The same way people distribute scans of comics/manga.

The average person would just download it. Only one needs the equipment to digitize it. And that equipment isn’t as specialized as you seem to think. For printed (mass-produced) books you can just cut the pages from the spine and feed them in batches through an automated document feeder, which comes standard with many consumer-grade scanners. Automated page-turning on an e-reader can be done with a software plugin in some cases, or externally with something like a SwitchBot. Capturing copy-restricted video is frankly much more involved, and that hasn’t stopped anyone so far.

with books there’s basically no reasonable way to create an ebook from a hardcopy

On the contrary, tons of books have been digitized from hard copies through a combination of OCR and manual editing. (E.g.: Project Gutenberg.) The same basic process works for both printed books and pages displayed on an e-reader. It’s quite tedious but not exactly difficult. Anyone with a smartphone can submit usable scans, though some simple DIY equipment speeds up the process and improves the quality, and OCR is getting better all the time.

In the worst case the book can simply be retyped. People used to copy books by hand after all, using nothing more sophisticated than pen/quill and paper/parchment/papyrus. Unlike in those days the manual effort is only needed once per title, not per copy.

The most valuable thing is an experienced team who thoroughly understand both the specifications and the implementation as well as the reasoning behind both. Written specifications are great as onboarding and reference material but there will always be gaps between the specifications and the code. (“The map is not the territory.”) Even with solid specifications you can’t just turn over maintenance of a codebase to a new team and expect them to immediately be productive with it.

Who is enforcing this and how?

Liability would be decided by the courts or another form of binding arbitration. Obviously. Harming someone through action or negligence is a tort, and torts are addressed by the judicial branch. Both sides would present their arguments, including any scientific evidence in their favor—the FDA or similar organizations could weigh in here as expert witnesses, if they have something to offer—and the court will decide whether the vendor acted reasonably or has liability toward the defendant.

If you knowingly sell me a car with an engine about to fail, you are in no way accountable.

If you knew that the engine was about to fail and didn’t disclose that fact, or specifically indicate that the vehicle was being sold “as-is” with no guarantees, then you certainly should be accountable for that. Your contract with the buyer was based on the premise that they were getting a vehicle in a certain condition. An unknown fault would be one thing, but if you knew about the issue and the buyer did not then there was no “meeting of the minds”, which means that the contract is void and you are a thief for taking their payment under false pretenses.

Anyway, you continue to miss the point. I’m not saying that everyone should become an expert in every domain. I’m saying that people should be able to choose their own experts (reputation sources) rather than have one particular organization like the FDA (instance/community moderators) pre-filtering the options for everyone. I wasn’t even the one who brought up the FDA—this thread was originally about online content moderation. If you insist on continuing the thread please try to limit yourself to relevant points.

No, I am not okay with bans like that. You should be able to knowingly buy products with mercury in them. Obviously if someone is selling products containing mercury and not disclosing that fact, passing them off as safe to handle, that would be a problem and they would be liable for any harm that resulted from that. But it doesn’t justify a preemptive ban.

You misunderstood. It’s not a middle ground between “can regulate” and “cannot regulate”. That would indeed be idiotic. It’s a middle ground between “must judge everything for yourself” and “someone else determines what you have access to”. Someone else does the evaluation and tells you whether they think it’s worthwhile, but you choose whose recommendations to listen to (or ignore, if you please).

What if they never even hear the FDA recommendation?

Then the FDA isn’t doing a very good job, are they? Ensuring that people hear their recommendations (and trust them) would be among their core goals.

The rare fringe cases where someone is affected indirectly without personally having choosen to purchase the product can be dealt with through the courts. There is no need for preemptive bans.