Artisanal code has a future. Maybe not a high paid one but maybe we go back to roots. if you enjoy programming and were never focused on output or on pipelines, LLM doesn't offer the same ezperience
Sometime around when wordpress came out, or at least 2005 or so, I started positioning myself as a bespoke web designer, then app developer. Whereas anyone could get a site done, I turned myself to doing things that hadn't been done before, for which standard solutions wouldn't fit. I turned away 80% of jobs and raised my rate from $25 to $100, then to $300/hr. To me, pricing and only doing bespoke work was a defensive measure against falling into a career hole I didn't want to end up in. But mostly it was just that I didn't want to repeat myself or waste my time doing something that a client could already buy off the shelf.
Artisanal code, or bespoke code, has always been the best paid and most satisfying work. If we no longer have a new generation of curious people who enjoy solving hard problems, it's only going to become more valuable.
Basically coding, explaining, and owning the whole stack from the DB schema to the CSS. In 2005 that meant a client wanted a website but it needed to be driven with live data from a database, with a custom back-end they would use to update it, something that wordpress wouldn't be able to do easily. Or they wanted a data-driven Java or Flash applet embedded, dynamic resizing, or "mobile-friendly" circa 2008. I had worked for a company in 1999 making websites, split between designers (like me) whose job was to make Photoshop comps with rollover layers and split them up into tables, and the "webmonkeys" who got paid more to take that and mess with the javascript in Dreamweaver. The guys who knew how to tie that into Coldfusion or something made the most. Primitive HTML and PHP and inline javascript and mysql. I just figured out how to do all of it together. Then, web apps, multiplayer games front/back, and starting to get into logistics software. Typical gig from 2005-2010 was 9-12 months, single project stuff, hourly and freelance.
What I realized was that knowing what my software did, being able to explain every part of it and being able to rewrite it from scratch if necessary, was much more valuable than just delivering it. The powers that be who run companies are looking for communication, so they understand what they're getting, someone who can speak the same language as them and materialize it into code that works. LLMs are a decent imitation of that, but they're fatally flawed, because they never understand a whole stack.
Android was designed to prevent Windows from dominating mobile:
I literally helped create Android to prevent Microsoft from controlling the phone the way they did the PC - stifling innovation. So it's always funny for me to hear Gates whine about losing mobile to Android.
I saw a lot of people get told they were too dumb to understand how the app stores or Adobe subscriptions were a good value proposition. A lot of people rolled in the mud and now they’re upset their clothes are dirty.
If it didn’t affect those of us that tried to resist, I wouldn’t care, but we got dragged along unwillingly and now it may be impossible to hit the brakes before corporations control everything by usurping control of our identity systems.
I've kept a spare cheap android for too long and recently went with Graphene instead. I have one Google profile and only use it for Uber, work's Google Chat and maps. One bank refused to work (even with Google services) so I moved bank. I've moved most of my mobile use to self hosted (freshrss full text, password manager, calendar, tasks) with no direct internet connection.
It's a bit irritating but I'm glad I started down this journey because it looks more and more like I'm going to be avoiding the internet
My setup is similar and nearly 100% self-hosted, including email, files, AI. If something does not work on Graphene, I will do without it. I also have a Google profile, mostly for testing purposes.
I said it already in another comment, but if you care enough to use GrapheneOS, I believe you should not only "do without it". You should also complain to those services.
If enough people complain, those services will start caring. If all they see is "one user complains every 3 years", they will just ignore it. That's how it works.
Drop your sarcasm for long enough to see that "I won't use your app if I have to use Google" is not a complaint _to_ Google.
The bank I was talking about were the worst net loser of customers in the UK last year (around -8000) They are making excuses but maybe they would care about why.
Also, it works in practice. Some banks have fixed their apps after GrapheneOS mentioned that the app was broken. In some of the issues/reports linked at https://privsec.dev/posts/android/banking-applications-compa... there are even bank app developers joining in on the discussion (e.g. NL -> Triodos).
The consumers of google captcha will not care if on occasion some failing business attempts to enable graphene or linage users, the userbase of those users is not enough for most companies to care and the ones that do probably aren’t cared for by google.
I hate that this is the way it is, I’m a graphene user too, and I see a pretty bleak future for any unsigned OS, followed by a pretty bleak and authoritarian future for humanity.
Not to Google, and not to any of the TooBigTech, obviously. For those, we need to enforce regulations (that already exist but are ignored). As a user, the only thing you can do against TooBigTech is to complain to your government (if they can listen, e.g. in the EU there is a DMA entity that you can and should contact).
But for companies that are not monopolies, you can complain to them, and you can give them a bad review on the Play Store. Most companies are not in the business of screwing you: if they screw you, it's just a collateral effect. If you want to be on their radar, you have to make noise.
If enough people complain, then the company sees a need, then they prioritise. If they believe that "it only affects 1 guy who complained 2 years ago", of course they won't do anything... and I don't even know if I would blame them for that.
How have you managed to accomplish self-hosted email? I tried similar in 2022 and found it damn near impossible without business static IP or a cloud provider.
You can't do it reliably without a static IP in a non residential subnet that lets you set reverse dns. If you have a static residential IP and they don't filter inbound SMTP you can make it work with a smarthost/relay like mailgun. Its not the insurmountable obstacle everyone makes it out to be, but its not going to be free unless you already have an IP that meets the criteria.
If you don't have a static IP you need will want to think about a MX relay service too ~ although mail is surprisingly tolerant of offline MX hosts if you can wait a little bit for your mail.
My approach is to run a VPS with multiple static IPs that I (using Wireguard) tunnel to a number of virtual machines I host at home on a microserver. Likewise, the virtual machines' primary view of the Internet starts on the opposite side of the tunnel.
I have access to a commercial (non-residential), fixed IP. You could also use an outgoing relay as a compromise, since presumably the issue you are facing is other servers rejecting email that you send from a disreputable IP. That being said, you really want a fixed IP as a matter of convenience if you are going to self-host anything.
How often are your emails being marked as spam, for others? A few years ago it read like there’s a whole science behind avoiding getting flagged. Is this easier now with agents aiding the setup?
Not the person you replied to, and it's impossible to know with certainty how often you're in someone else's spam, but very rarely.
I had an issue with yahoo a couple of years ago that's all. The "it read like there's a whole science" is sadly a trope mostly repeated by people who have never tried because it gets upvotes on Reedit.
There are some steps you have to take, but not many, and systems like Mox mailserver or stalwart guide you through it, and mail-tester will check if you got it right.
Email, other than tweaking spam filters, is one of my lowest maintenance systems. I can't remember the last time I touched Exim or Mox config
You got me really interested here, I ran my own mailserver years ago and eventually just gave it up. I am getting rid of Google Workspace and have been planning a migration to Proton for two domains. But this sounds like a fun project. Any advice? I am going to check out Mox and Stalwart.
What providers are good hosting candidates, I have a website on DO, but from my understanding their entire ranges are blacklisted heavily.
If I remember rightly DO have some restrictions like port 25 on ipv6 outbound being blocked.
I can't speak for all of them but I use mythic beasts in the UK for one mail server (they are a very knowledgeable old school host) and it has been good. I also have dedicated with OVH which is fine, and a couple small scale (eg simplelogin, a notification server) with IONOS but they only deliver to me so I can't say how reliably they deliver elsewhere.
Mox is great but I think it's still alpha. I've been using it for 2 years in production for a small traffic domain. The other I use Exim (with mythic beast's Sympl that sets it up) but it's a little more hands on at the beginning
I imagine an agent would make a lot of the first time setup from scratch easier, but the fastest reliable way to get up and running is mail-in-a-box or mailcow. Before those were available I built a flurdy style Postfix+Courier+Amavisd+MySQL setup and have been evolving it ever since. Now I'm on Postfix+Dovecot+rspamd+MySQL but I don't think that's for everyone or even the best way to start.
The science of not getting flagged is easy when you're not sending large volumes of untrusted mail; it only gets complicated if you start hosting mail for "customers" or let your system forward mail unfiltered into gmail/yahoo.
Here's my hit list of universal things to configure:
* Start with an IP with good or neutral reputation, non-residential, its nearly impossible to fix an IP that has been burned by a spammer. (Network)
* Valid reverse dns for your IP matching your mailhost forward dns (DNS)
* Valid SPF record; -all (DNS)
* Valid DKIM; with sufficiently sized key (DNS+Config)
* Valid DMARC; start with p=none to test and move to p=reject once you're configured (DNS)
* ARC if you or your users will ever possibly forward mail (Config)
* Don't get your messages flagged as spam anywhere ever, filter outbound mail even if its just you. All it takes is one piece of malware and a saved password and you'll have to get a new IP. (Config)
* Don't configure services behind your mail server with example domains that you don't control ~ I get so much mis-configured test mail from people who think its cute to use my domain as an example in their practice lab. It all gets reported as spam or bounces and then their smart host bounce rate goes up. (Config)
* Test for open relay; only relay for authenticated users. (Config)
* Use strong authentication, preferably with certificates or MFA. (Config)
* Secure everything; IMAP/SMTP/POP are old AF make sure you're requiring STARTTLS and setup MTA-STS to prevent downgrade attacks and enforce encryption in transit. Use a real certificate from Lets Encrypt don't self-sign. (DNS+http+Config)
* fail2ban your auth, you're going to get so much driveby password spraying and credential stuffing; I fail2ban block entire subnets at a time with iptables actions. I also have a bunch of "poison pill" rules for weird stuff I see in my logs eg block anyone who tries to auth with the NTLM hash for 'password'. (Config)
* Don't bother with BIMI at home, you can't get a blue check mark without deep pockets and a trademark (vmc) and most platforms only show logos that have a matching vmc. (DNS+https+config)
* DMARC reporting and TLS-RPT reporting are a pain to manage but are helpful troubleshooting deliverability be prepared to read some XML reports or setup a stack to parse them as they arrive (DNS + Config + https)
* setup the SMTP Submission port (587), so many networks block port 25 outbound and its the right way for clients to connect. (Config)
* configure BACKUPS, don't skip this step, encrypted restic backups to s3 or backblaze b2 is cheap and easy. (config)
* track your configs in git, don't commit secrets. (config)
* configure a free blacklist monitor on mxtoolbox for your domain(s) (config)
If you do those things you'll be in a pretty good spot, you could probably paste that list/this post into your agent and vibe up solid mailserver.
For me keeping the spam and phishing out is a bigger hassle than deliverability issues. rspamd does a pretty good job of keeping it manageable.
I do all of those things and with all of that setup the only place I ever run into issues with with users on AT&T's residential broadband mail servers. AT&T appears to block you if you're not known to them and they have a short memory. If you don't have regular correspondence with AT&T users they will block you after a bit. I'm a fairly low volume sender so I end up blocked every other time I try to send to AT&T by no fault of my own. I've talked most of those friends off of AT&Ts free email and on to ProtonMail at this point.
A VPS or cheap dedicated is enough to get the static IP. I have very few problems with email, I use one VPS and one dedicated server though some zealots would argue a vps isn't self hosting
Halifax UK. It just refuses to work so I left it (Graphene is more secure, so forcing less security for the sake of tracking is off the cards). All the other banks so far say they won't work without Google services but if I click OK they work
Not OP, but I've been on GrapheneOS for a few years and I have no problem with Chase, CiT or Wealthfront. I mostly use them to check balances and unlock debit cards, but they all login and function fine.
> One bank refused to work (even with Google services) so I moved bank
Banks are implementing terrible "security" checks. Users of alternative OSes should be a lot more vocal: change bank, but also complain a lot to the offending one, and make sure to leave them a bad review on the Play Store.
Actually people not using an alternative OS but caring about that should also leave bad reviews to those banks on the Play Store.
At the end of the day, the problem comes from humans in those banks who don't understand and don't give a shit. The only way to make them care about it is to complain enough that it becomes their problem.
When I had a jailbroken iPhone my bank app (HSBC) would detect it and show a warning but let you continue anyway at your own risk, which I thought was a reasonable compromise
This should be the way. Have a tiny burner phone for maps and any apps that you absolutely can't use without google(it should be a tiny set of < 10 apps hopefully) until you can fully de-google
My current de-google project is categorizing all my pictures on my local NAS to create the memories feature (where it shows historic pics on multiple theme axes). You can get really far with just a few hours of work a month to de-google and some off the shelf image embeddings.
The hero project in this category — what one cannot do trivially as an indie dev — is creating a great fresh PoI dataset. This is tough to do on a planetary scale because its a societal cooperation problem.
The problem with this is gmaps. There is no alternative to it and by the nature of it knowing your location it removes anonymity. I would buy, or even pay a monthly fee, for something that is 75% as good as gmaps but respects your privacy but there is nothing out there I have found.
I don't get how Samba is not there yet. We already have everything in the OS, the UI, the mental model, the protocols, how come it's such a terrible experience that we need to re-invent the wheel in web 2.0.. Maybe we need a Jarred Sumner to fix it.
Samba has never been about file sharing over the internet. The project has been about cleanroom-reverse-engineering specific MS technology. To start it was NT4 authentication domains, then printing services, along the way SMBv1 (commonly incorrectly called CIFS btw), then SMBv2 v3.x, and then in 2012 Samba Active Directory.
In no way has it ever been about a functional alternative to something like Nextcloud. It's been about services primarily for LAN functionality, not stuff that should be going over the internet (mostly for security reasons).
So your expectations really don't align with what Samba has ever been about.
Source: I professionally support Samba for businesses.
I have nothing but issues with it, mostly because the iOS/Android apps are notoriously bad at syncing the files timely and also because of ridiculous filename restrictions on Android.
Is not the same though. It requires downloading the entire shared folder. That doesn't work when I have 100+GB of files and I want to share it with my phone
If you dont need filesharing, you can just setup wireguard, setup a network drive on your phone's files app.l, and then when connected it'll feel like native file browsing.
> The rest of the EU also benefits from their hard work
I don't know. I want to agree with you, but a large part of the economic growth in Poland is off-shoring and cheap tax (~12% on contract) for tech workers. The average tech wage there now is pretty similar to the UK, and I don't really see many startups there - probably in part because of how bureaucratic their business system can be. I don't know if this influx of foreign money from off-shoring and surge in real estate pricing is sustainable or good in the long run.
Other than a massive influx of overdevelopment of flats in the cities (sometimes too rushed, I've seen reports of flat blocks subsiding because of cutting corners), I'm not sure where else the increase it.
Do you have any sources for the claim that a large part of growth is off-shoring?
Because that seems extremely implausible, and actually very insulting to the incredible success of Eastern Europe, before and after joining the EU, in closing the gap to Western Europe over the last 3 decades.
I’m so confused. At least in tech all the big companies I work with are hiring in Poland because it is about the same as India after losses around fake hiring and the quality averages better.
It is absolutely a huge offshoring target at least for the US.
Anecdotes from your bubble inside one particular industry, that represents a small fraction of the economy of a nation, do not adequately explain the post soviet transformation of economies containing hundreds of millions of people. That's all.
Specifically I asked for evidence that current GDP growth is significantly driven by this specific type of foreign investment, as claimed. None has been forthcoming.
The reason for the growth over different time frames can differ. Anecdotal, but most of the IT people I know from Poland worked for, as they call it, "big corpo" and generally it's offshoring either directly with companies such as DXC/Luxoft or n-ix, or through local offices (Akamai for example). If you look at the average salary in Poland (in general), and the average tech salary + the number of tech workers there, it's easy to say a large part of the GDP is tech.
Whether or not it's offshoring is a little less obvious, but I can't think of more than 2 or 3 successful Polish tech companies.
There are other countries in the world or even in the EU where salaries are lower than in Poland. Why don't they see the similar growth? I guess this is more nuanced than just lowered salaries can explain it. Surely, that's part of the equation but to develop highly innovative economy, one needs to start with something. That's how China started, how Korea started etc.
You dont have money, you complain. You (as in your country) get the money, yet you still complain.
Sure, its not ideally distributed, but nowhete is. Such economic success will drag many parts of the country up. Yes, jobs not paid the best will have to commute from further. But compared to where Poland was 2 decades ago (been there many times), its great growth and success.
Plus you guys have correct mentality to by far the biggest threat to Europe - russia. Not so common in eastern Europe, russian-paid politicians are quite successful in some places. But of course Poland has a history with russia to remember so thats luckily not an option.
China was the offshore haven and built their own domestic economy off the expertise while still maintaining very low income taxes and 15% corporate tax for tech companies.
It was an annoying way of writing on places like LinkedIn and marketing copy for 3 or 4 years before LLMs appeared on the scene. I remember realising that I can't read them (my brain jumps between the words and the picture making it hard to focus on the content) before AI appeared.
reply