This rebuttalakes no sense to me. What you cite is about about transport encryption. App -> Server. The end of the process is that the receiver (Telegram servers) receives a decrypted (plaintext) message, just as kelsey98765431 is saying.

The simplified terminology is not for you or I as technologists. It is for the general consumer market. Yes, public/private key cryptography has been a thing for decades, but it has been out of reach for the consumer market. The whole passkey idea is to reduce the technical and cognitive friction to make it a viable replacement for passwords.

You are completely correct and I really wish you weren't.

MS ToDo was hewn from the corpse of Wunderlist. It's the same "ding".

Yes! I dove into this (and later, Moondlander) because I have mobility issues and had to reduce travel, but the resulting 90WPM and (unprovably) faster coding have been awesome side-effects.

> Yeah it's a neat idea but I struggle to think of good use-cases [...] If I'm working on a service [...]

I suspect that's simply not the use-case they're targeting. You're thinking of a database as simply the persistence component for your service, a means to an end. For you, the service/app/software is the thing you're trying to deliver. Where this looks useful is the cases where the data itself is the thing you're trying to deliver.

That's an alarming equation. The harder you lie, the less likely you'll be called out on it.

What else in life works that way?

Politics ;-)

Yes, thank you. A mindset which thinks that documentation is wasted due to a need to constantly update, is cousin to the mindset which thinks that software, once written, is a purchased asset which needs no further attention nor maintenance.

They most certainly do not "handle it just fine". They are highly scammable, they know it, and it's "solved" my moving as much of the burden and repercussions onto the consumer as possible.

I've had my identity stolen, and both my wife and I have been mistaken for somebody else. There ARE way to move past this condition (inline with Google Pay, apparently), but it's just done via trust. Or apathy. Or acceptable risk. Or some combination thereof. It never truly goes away.

Huh. I've had credit card companies call me proactively when they thought something was wrong, before I caught any stray purchases. They refunded the money before I knew my card was stolen. So that was nice.

But then I've also heard pure horror stories about stolen identities, and I am genuinely sorry you faced any of that.

So what's going on here...

I think this is due to one aspect of their model that is ultimately an improvement, even though it still completely breaks at moments.

+ + Your card number is not your account. + +

Ie, if your CCN is compromised, it's disposable without starting your relationship with the company entirely from scratch.

Your "identity" though is not disposable. Your identity controls your relationship with the company and is not disposable. That causes major problems when hijacked, as it did for you. And that's not fixable (or at least not easy to fix at all).

So while we might not be able to solve the problem with identity, we can create firebreaks -- disposable parts of the infrastructure that attract some thefts because they allow quick wins. Ie, CCNs provide access to money. That funnels a lot of theft towards something that is easy to monitor and patch.

The identity theft remains an issue, but hopefully hits fewer people.

One thing that makes Google struggle is that they combine all of these interactions together. Nothing is revocable without resetting your entire relationship.

Given that they started as an email service, I have no idea if it's even fixable from where they are.

How is the Google way not even more so "moving as much of the burden and repercussions onto the consumer as possible"? They let fraudsters kill your accounts just so they don't have to take any liability or staff humans.

I've said this and will say it again, Google doesn't know how to deal with humans. They've failed in every endeavor where humans have to be in the loop.

I was going to say this but then I realized that what was meant by consumers was of course the people buying the services from the people whose accounts are cancelled. So the argument is that in the credit card world it is harder to cancel the accounts of scammers, and the people who buy from them must suffer more.

Not sure if I agree, and it does seem to me that Google's way is worse because at least there are some legal protections for people (consumers) who are scammed in the credit card way but in Google's way there is no protection of any sort for people whom the system dislikes.

A bank solving your issue as “acceptable risk” and trust, and it results in me being able to access my card and bank account, to me it’s “just fine”.

If google takes the path of rather locking everything down then risking to lose a cent, it’s safe for them and bad for customers... not fine.

Sure risk is never just dissolving into light, nuce smelling smoke. Someone has to take and handle it.

I propose it’s the company who makes billions to handle it gracefully for customers ...

>>>it's an unsolvable fraud/scammer problem.

>> credit card companies and traditional banks and credit unions handle it fine.

> They most certainly do not "handle it just fine". They are highly scammable, they know it, and it's "solved" my moving as much of the burden and repercussions onto the consumer as possible.

That's false. I'm credit card companies are required by law (at least in the US) to shield customers from the repercussions of credit card fraud.

I've had my card number stolen twice, once by someone who used it in the same metro area as I live in, and it both cases it went about as smoothly as you could imagine.

> it's "solved" my moving as much of the burden and repercussions onto the consumer as possible.

I've had fraudulent charges on my credit card several times, and I've had checks stolen, and in no case I had any repercussions and financial burden shifted on me. I didn't pay a cent, and both credit companies and banks never tried to claim I am responsible for it - they rolled back the charges and reissued account numbers and that was it for me. Maybe I'm just exceptionally lucky, but my impression from other people that this is what happens in most cases like mine. Of course, whole full-blown identity theft is a different matter, probably harder to handle.

Nothing ever truly goes away until relativistic effects dominate.

What wouldn't be the 5th time I've heard such stories, but I don't think it's in any way specific to IBM. Employers like that want any OT you do to be dedicated to THEIR endeavor, not somebody else's...even your own.

If you're able and willing to code in your off-time, you should be doing it for the good of the Company. /s

It's a terrible and completely unreasonable stance for an employer. You get the hours you pay for. You don't get to own people's free time.

So when you come up with a solution to a work problem in the shower in the morning or while lying awake in bed in the evening you could sell it to the employer, since you owned that time?

What happens if you create something patentable in the eve information related to your employer's business, maybe even to your project. Can you patent it yourself and then collect royalties from your employer?

What happens if you infringe Copyright on a competitor on your GitHub project, where your GitHub profile also says where you are working, can the competitor distinguish wether it was you personally or as part of work?

For creative work it is tough to fully distinguish between work and leisure time ... some companies deal with this better though, than others.

In a right to work state, you could indeed walk in, terminate your employment, and file a patent later. You could then charge that company for that work. In civil court, it would be argued as to when you actually had the idea.

In these civil suits, the one with the most money wins, so you would still lose even if you indeed solved the problem after you left.

No need to defend those huge corporations. They're perfectly capable of bribing officials to screw over employees all by themselves.

This is a fair argument, but the solution isn't to just strip the employees right to own their own thoughts.

The specific problem seems to be about patents and trade secrets. If a contract covered those two things well, would an employer have legitimate cause to push further than that?

Well, for corporate lawyers the solution is easy :-D

A good solution is hard.

This happens because the "first job" doesn't pay enough (so doesn't allow for long-term free time), or has hours that are too long to begin with (so doesn't allow for short-term free time).

They can "want" whatever they like. Doesn't mean it's reasonable, nor something people should cater to. ;)

That's not benign at all - using your "free" time for rest and recovery so that you can be worked to exhaustion during the week.

More the opposite. Your contract says 8 hours, but everyone does 11 on average, so there is no way you could dispute ownership of those results.

Secondly most IT companies have 'innovation participation' programs that want to have first dibs on all your creative ideas, whether it's on the clock or off.

Thirdly, in an industry with very low start-up costs (all you need is a computer)and high competition for talent, even the potential threat of a former employer claiming IP over your new business can be a potential deterrent that nudges people into just not do it.

And yet if I went to work at a retail job, they wouldn’t care.

It’s purely to help themselves.

The response to this should be "Sure, for 3x the salary"

That doesnt stand up to reason. There was no enquiry into the amount of hours put into this that would indiciate it was second job or exhausting, they also don't do a full enquiry into any other activities outside your work that might exaust you. That would make contributing to open source a totally arbitrary thing to pick on, which of course it isn't.

Yeah sure, and if you like I can also clean the bathrooms because I know how to do it... Off-time is for your own not for your company regardless off what you do with it.

If they want that sort of dedication they can give me equity or back off.

> If you're able and willing to code in your off-time, you should be doing it for the good of the Company.

Excuse me, what the f...?