Country -> Zip -> ...

Autocompletes the user input to avoid errors.

• Use inputmode="numeric" for a ZIP code
• work with autofill and its autocomplete attributes: postal-code, address-line1, country
• country first in case of international addresses

See the service for it: https://api.zippopotam.us/

The collateral of the investments is the hardware. The same hardware that will be worth nothing after three years... unless the price of the new hardware goes up. So these companies have interest into increasing the hardware prices.

The timing is awfully convenient for the tech companies.

The new users doesn't know how the technologies work. "They know how to use apps. They do not know what apps are. They know files exist somewhere, in the cloud maybe, or possibly inside the app itself — the distinction isn’t clear to them and they’ve never needed it to be."

And that’s the real damage. It’s not just end users who don’t know this stuff. It’s developers.

The smartphones initiated by Apple is also to a certain degree. The hardware is locked behind safety reasons, but "safety is the stated reason, revenue protection is the operational reality".

Google started Android as an opposition, but they added the Compatibility Test Suite, then Play Protect (treats every sideloaded app as a threat by default), then the long series if API deprecations, then changes to make bootloader unlocking harder with device-specific security keys. Then the Play Integrity API.

You paid for the phone. You own the phone. Google and its partners have decided that ownership does not include the right to modify it.

It leads to the more harder point: "The users who grew up on these platforms don’t know what they’re missing. They’ve never used a system where they were genuinely in control."

So they are only consumers. It has its own issue: "The problem is that users have been convinced to treat pervasive surveillance infrastructure as benign or beneficial, and to respond to any criticism of it as paranoia, technical elitism, or failure to appreciate convenience. The learned helplessness is the crisis."

Apple tells not to install Apps from outside the App Store because it's dangerous and people nod.
Microsoft's Recall feature was reintroduced quietly.
Algorithm does not encourage what is healthy and good for the people, but what converts to engagement. The correct response to this is to reject the algorithmic curation model and use information architectures that don’t depend on it. RSS still works. The actual response is to try to game the algorithm. To figure out what the system wants and feed it signals that will produce better outputs.

Technical literacy is valuable and we're losing the ability to audit It's the prerequisite for meaningful consent. We're losing resilience compared to the Google Reader case, the Twitter's API one. The builder pipeline is also losing: "Power users become developers. Tinkerers become engineers." Developers are only building within the platform constraints. The adversarial capacity to break platform lock-in has atrophied.

The technical community is mostly not going to fix it either, because most of it has retreated into professional specialization and has largely given up on the broader project of maintaining technical literacy outside the profession. The OSS community does important work but it communicates almost entirely with itself.
So what’s left is individual stubbornness. Which is not nothing. Organized individual stubbornness, pointed in the right direction, is how every important counter-cultural technical movement has worked.

So how? The answers relies in the following paragraphs. " It is an argument for being considerably angrier about it than most people currently are."

Calm the feeds

So, other than Dual_EC_DRBG, NIST's cryptography may not be backdoored, but maybe backdoors aren't needed when the standardized cryptography is far from the state of the art and full of holes that weaken too many projects. Maybe the lack of secure-by-design cryptography is a feature for some, not a bug. Or maybe there are legitimate reasons for promoting legacy algorithms, who knows.

The thing is, modern and secureby-design cryptography exists, notably from D. J. Bernstein:

• ChaCha20 for secure and fast encryption
• X25519 for key exchange
• Ed25519 for signatures
• BLAKE3 for hashing, key derivation, and symmetric signatures (MAC) (BLAKE3 is based on a slightly modified core of the ChaCha20 function)
• The Safe Curve list

I have the same feeling. There is currently no alternatives to Firefox. All "alternatives" are chromium-based browsers that does not help in the long-term.

I still have hope for LadyBird or Servo.

Cela est logique:

Les entreprises en question sont des producteurs de gaz et de pétrole, de charbon (Aramco, Gazprom, etc.). Pas les consommateurs.
Ça serait comme dire que BMW ou VW sont les constructeurs automobiles qui tuent le plus sur les routes. Ça n’a pas de sens.

Pour qu’ils arrêtent de produire du pétrole et du gaz, faut arrêter d’acheter du pétrole et du gaz. Ils ne vont pas arrêter de le vendre d’eux-mêmes.
En France, notre électricité parmi la plus décarbonée du monde est taxée deux fois plus que le gaz (au kWh).
On peut donc rêver pour que la motivation vienne des États. C’est pas sur eux qu’il faut compter.
Enfin, je rappelle que si tous les efforts (et dépenses) faits par les écologistes pour combattre le nucléaire au profit du vent et du solaire avaient été fait dans l’autre sens, la part d’électricité décarbonée dans le monde serait de >50 %, pas 12 % (oui, il ne faut pas confondre électricité et énergie primaire, mais quand-même : une partie de l’énergie primaire est fossile parce qu’on refuse de produire de l’électricité à la place : chauffage, transport, etc. qui sont très faciles à électrifier). Compter sur les écolos (écolos politiques) c’est donc également une idée à la con.

Et concernant l'article qui semble plus d'opinion

Savoir que 32 conseils d'administration tiennent notre destin entre leurs mains est terrifiant, certes. Mais c'est aussi une simplification bienvenue du problème. Il est plus facile de cibler 32 entités bien définies que de changer, d'un coup de baguette magique, le comportement de 8 milliards d'individus.

Pour cela, il faut que toutes les nations de la planète se mettent d'accord, mais lorsqu'on voit les tensions à l'échelle du globe, cela reste pour le moment une utopie. Obliger ces entreprises à payer revient à augmenter les coûts des énergies extraites (ou diminuer les marge de ces entreprises artificiellement, qui vendront alors au plus offrant).

About stepping down

I didn't fail. I stepped down because I didn’t want what the role required. And occasionally, my ego forgets that.

The revenue numbers back this up. App Store grew 11% in 2025, Google Play 5%. There's still tons of unmet demand, especially for niche use cases that were never worth building before. Lower development costs mean these niches finally get served.

For apps that run locally—no servers, no cloud costs—subscriptions make no sense anymore. The only real cost is development, and that's becoming negligible.

This sucks for developers trying to make a living from apps. The competitive pressure is going to be brutal. But for users? It's great. People have been complaining about app subscription costs for years. There's that old complaint: "Why do I have to keep paying for software after I already paid $1000 for my iPhone?"

Le web étaient constitués d'humains créant du contenu pour des humains. Maintenant, l'IA crée du contenu (en publiant sur le web) que d'autres AI (en piochant sur le web) vont résumer pour les humains.

Le web est donc invisibilisé, et la qualité du contenu médian ou moyen décroît.

First off, it takes time to grow a design system's coverage. Design systems exist to provide common solutions that are versatile enough to be applied in multiple contexts. To do that successfully, we first need to fully understand those contexts - and that means diverging before we converge.

Ultimately, design systems are not replacing nothing. They’re replacing context-specific (if inefficiently created) solutions.

It doesn’t make sense for product teams to adopt design system components and patterns unless it matches or exceeds the quality of those that they’re already using.

Why don’t we approach guidance and documentation as modular parts of our systems, the way we do with everything else?

For example: “Buy this book” not “Buy This Book”.

This is important in button documentation, guidance on links, content A-Z styleguide, developer documentation in GitHub, Storybook or design libraries in Figma or Sketch. Design systems seek to increase efficiency via common solutions that can be maintained centrally and reused in multiple places. We can do that for documentation too.

We can create the guidance in one of those places and link to it. This is more maintainable, but forces people to go to another place to get all the information they need to complete their task.

Documentation has variants too: in the design libraries, we may simply tell people to write calls to action in sentence case, but in the content styleguide, we may want to explain that sentence case is proven to be more readable most of the time. So already we have 2 variants: rule and rule with rationale. As more tools are used for different purposes, the documentation get more variants.

It's common to have multiple documentation tool, so we need a way to plugin our common documentation to every one of them. So the author is working on such tool that can deliver specific documentation variants.

Benefits: stability and failure.

t’s more of a target than a strict rule. Sometimes you have to pull overtime. Sometimes you should get out early.

Rules can be ignored, but safety rules should always be considered. They are always defined after accidents.

So despite being a German citizen, my data protection rights depend entirely on the enforcement capacity and willingness of a foreign regulatory body. [...] This is the reality for any cross-border GDPR complaint. The regulation is EU-wide, but enforcement is national.

Some claimed it was spam and "an email automatically processed by upstream IT security systems and does not reach the responsible organizational units is legally not considered as received.

The burden is entirely on you to prove they received it.

Changes are needed

1. Cross-border enforcement needs to actually work.
2. The spam filter loophole needs to die.
3. There need to be mandatory minimum fines.
4. Data protection offices need funding and accountability.

Bad programmers worry about the code. Good programmers worry about data structures and their relationships.

git actually has a simple design, with stable and reasonably well-documented data structures. In fact, I'm a huge proponent of designing your code around the data, rather than the other way around, and I think it's one of the reasons git has been fairly successful

The actionable tip here is to start with the data. Try to reduce code complexity through stricter types on your interfaces or databases. Spend extra time thinking through the data structures ahead of time.

Enshittification of Postman (no offline mode), the performance crisis

I know hurl that can be useful. The author lists the ideal API tool:

• local-first
• file-system centric to be stored in the VCS
• zero login wall
• git native collaboration
• native performance
• extensible design
• universal imports (OpenAPI, GraphQL, ...)
• proxy agnostic. It must be designed to proxy traffic through any interception tool. Proxy-aware or browser-based architecture is must have.
• scripting & Auth flows. Pre-request & post-response hooks.
• Straightforward testing. Built-in support for writing and running tests against API responses by code.

For every Postman or Insomnia, there’s a Bruno, Hurl, or Httpie

1. Pourquoi nos politiques utilisent le réseau social X? C'est totalement contraire aux valeurs qu'ils défendent ici, et personne n'en parle.
2. Cette interdiction porte en elle l’ensemble des possibilités de contournement qui seront (et sont déjà) à l’oeuvre pour s’en défaire et la rendre au mieux inopérante et au pire totalement contre-productive
3. Les plateformes ne font rien contre leurs contenus nuisibles car c'est contraire à leur modèle d'affaire

Ces plateformes mentent, tout comme l'industrie du tabac sur la santé, tout comme l'industrie du pétrole sur le dérèglement climatique.

En cas d'interdiction, la faute sera automatiquement redirigé vers les parents ou vers l'État.

La vérification de l'âge est pour le moment impossible à effectuer sans atteinte aux libertés. OpenAI annonce donc un outil de prédiction de l'âge: qu'est-ce qui peut mal se passer?
Parce qu'ils ont autorisés les chatbots sexualisés.

Les plateformes ne renonceront pas , car c'est le prochain marché de consommateurs, et le dernier levier de croissance. L'auteur l'affirmait il y a 11 ans: https://affordance.framasoft.org/2014/09/voici-venu-le-temps-du-web-des-enfants/

Prédictions:

• L'assemblée nationale a adopté le projet de loi d'interdiction des réseaux sociaux.
• Le projet sera retoqué par le conseil d'État
• la commission européenne ne va rien montrer quant à sa volonté d'appliquer une telle réglementation
  -le gouvernement va sortir une application, dont France Identité sera le tiers de confiance. Que se passera-t-il- lorsqu'un certain parti arrivera au pouvoir? En cas de fuite de données qui arrive déjà régulièrement ?

Des ressources:

• l'[étude de l'ANSES] recommande d'imposer des régulations suffisamment fortes pour désermer les paramétrages toxiques des plateformes
• 3 articles d'Huber Guillaud: « un internet de moins en moins sûr », « Impunité des géants et criminalisation des usagers » , « Panique morale en roue libre »