Exactly. There's a sucker born every minute. I'm not saying people deserve to be taken advantage of. The reality is that there will always be people who can be lead off a cliff with minimal effort. There will always be people who believe that a guy with a thick Indian accent and broken English is a representative of Microsoft and that he can fix their computer in exchange for gift card codes. There comes a point where society sacrifices too much under the pretense of protecting the gullible. Prevent people from using technology at all and they'll go back to buying actual snake oil.
This has nothing to do with keeping people safe. If it did then power users could continue to install their own software by being given that ability as a developer setting. The fact that some people are gullible enough to go into a hidden setting on their phone and enable that in order to install an app from a random Chinese website is not a good reason to take away everyone's freedom. Consolidation of power is all this is about.
There is immense pressure to stop online scams which are draining old people of their life savings. The whole flow from the article seems entirely based around letting power users install what they want while being able to break the flow of a scammer guiding a clueless person in to installing malware.
It is promising that Google has avoided just turning off sideloading but still put measures in place to protect people.
Why can't a bank put a lock on large transfers or have an extra verification step? Or a cooldown period, so that if they see a large transfer from people above 60, let them go to a branch to verify/ack the transaction. Why is this the internet or operating systems problem to solve?
It's crazy. There have been news articles here where people have lost their whole account balance in one go and bank says they can't even do anything after the transfer is made. How is that different from Bitcoin then? People that have never done such huge transfer and the banks supposedly are monitoring transfers.
And since the customer was supposedly being careless, they won't get anything from the bank.
> Why is this the internet or operating systems problem to solve?
Exactly! I don't understand how account-draining transactions make it through, yet I get the third degree when I withdrawal a few thousand in cash to buy used equipment off craigslist.
But it's an interesting thing to raise, because so often when they do enforce those controls - the outcry is 'bank won't let me do what I want with my money!'.
Not such a stones throw from - 'tech company won't let me do what I want with my device!'
Im not making any specific point. But perhaps thats indicative that the solution needs to be holistic, or just that security is hard XD.
I've never seen any news about such scams with actual malware that can break through Android's sandbox system - as we're still assuming a rootless systems. In most cases it's pig butchering, phishing, cold calls that make the person use the official app to transfer money to an account they're told to.
What can Bank X do to stop phone malware from scraping the user's session token from the Bank X app or website?
Yes, banks should (and sometimes do) double- and triple-check with you before allowing large transfers/withdrawals, but scammers know how to coach their victims past this. Speaking from experience.
(I also don't fully agree this is Google's responsibility, and I am not happy about this development. But there are legitimate points in favor of outsourcing the question of "will this software do nefarious things" to some kind of trusted signing authority.)
Don't do instant non-reversible transfers. Specially for a transaction that is highly likely to be fraud. I.e. person transfers to someone you haven't done business with before or foreign accounts. Also the fraud detection needs to go both ways.
Because they want to shake the image that the iPhone is for the average person while Android is for technical people who take the risk of malware and scams.
There are more grandmas who just want their banking secure than there are FOSS advocates wanting full system access.
>There is immense pressure to stop online scams which are draining old people of their life savings.
From who? I'd rather have this done by a regulated service like a bank than a private corporation with a perverse incentive. Frauds and scams are already illegal.
That't the similar narrative to "think of the children". They want to act as this middleman and secure their place, all while having unfettered access to people's data.
Google restricts sideloading "for your safety", while their app store is full of scam apps and F-Droid has zero malware. Don't you find this slightly illogical?
It also only solves that very specific problem. You don't need to side-load an app to scam someone. There's plenty of malware on the play store you can use. And, you don't need malware. There's plenty of legitimate apps you can use for scamming.
And, you don't need an app, I would imagine most scamming is done without an app.
So, really, we're solving a subset of a subset of a subset of a subset of the problem.
yes. Hence, "this isn't about keeping people safe".
The most effective means of hacking is social engineering. You can't solve that with any number of "security measures". If you require all the DNA sources in the world, a scammer will still charm a target into opening it up for them.
> How come this is trying to install its own vendored dependencies, including executable binaries, instead of checking for what's already installed? That approach can lead to both security and performance issues.
I've been sympathetic to your viewpoint, and I can see why this kind of thing is becoming more common.
The idea that users can reliably supply their own vendor libs/execs for applications is a bit of a fantasy. Devs working on fixing issues caused by the user having a strange issue due to the version of Python or whatever that they have installed is largely a waste of time when the application can "simply" ship with the exact dependencies it expects. This is especially true when it comes to open source work. Dealing with weird edge cases because the user has a version of FFMPEG installed that, for whatever reason, is missing h264, is work that nobody asked for. Given that the audience of this kind of app is a general one (not specific at all to devs) then it doesn't make sense to require other system packages to be present; if things like Python and FFMPEG are not required and will be downloaded anyway as part of the app install process, then there's no point in not always doing that. If you think about it, it's hardly different from any other sort of software dependency. The dependencies are just relatively bigger.
Personally, I have no desire for my applications to use other executables on my system unless I request that they do so explicitly. I'm sympathetic to the idea from a mere efficiency perspective, especially when it comes to developer tooling. But a karaoke app? No offense, but why care? A Python interpreter will be anywhere between 50 and 200 megabytes. FFMPEG is even smaller, especially if you don't enable every single feature and codec. Compared to how ridiculously bloated your average basic mobile app is (without anything like a built in JIT), bundling a desktop application with something like Python provides a lot of power relative to the number of bytes added.
> The idea that users can reliably supply their own vendor libs/execs for applications is a bit of a fantasy.
That's why package managers and OS repos exist. Users shouldn't have to even be aware of this sort of stuff. In this case, though, when the application starts trying to download and install its own dependencies at runtime, instead of everything already being sorted out at build time, the user is made aware of dependency resolution, and now has to deal with the issues involved.
> This is especially true when it comes to open source work. Dealing with weird edge cases because the user has a version of FFMPEG installed that, for whatever reason, is missing h264, is work that nobody asked for.
And that's what config tests at build time solve for, and have solved for decades.
That's totally fair, though I personally don't share your experience. It could be that we just use search for slightly different reasons.
One of the reasons I love Kagi is that it respects double-quotes for exact matches. This might seem trivial except I remember being frustrated with both Google and DDG years ago for throwing irrelevant results at me even when I'm querying for an exact match. When Kagi was in beta and I got invited as an early adopter, my feedback to them was that I want a search engine that won't throw crap at me when I'm looking for an exact string match. They've honored that feedback! Even though Kagi doesn't necessarily have the most results, I want double-quotes and things like intitle to actually work as expected.
Another awesome thing about Kagi is how it lets you prioritize certain domain names. Likewise, it's great for blocking domains completely. All of this has made my search results very clean.
To each their own. I'm not saying you're wrong, but to me there's no comparison between Kagi's results and every alternative I've tried.
Oh, another thing I like about Kagi is that it's less censored than Google, Bing, and DDG these days. I used to be a fan of DDG until I noticed that results were sparse or nonexistent for anything even remotely controversial I queried. It became too PG-rated.
Wow, I had no idea the reason my peers and I can't find another position in less than 12 months is because the market for software developers is growing faster than average!
Every year US absorbs 120k+ H1B+L1+OPT new visa holders. Considering there are 1.9M software engineers, market has to grow by 5% every year just to stand still. Add US graduates and you are talking about 10% growth required just to maintain employment. It's not realistic long term.
Congress/president should pause H1B visas or hike up fee to 200-500K so that only truly exceptional talent are allowed in. Right now it's just give away to corporations that are laying off people by tens of thousands.
1) how many of these people leave the country in this analysis.
2) OPTs likely will get h1b/l1s/leave the country and are being counted distinctly.
3) not all h1b/l1/OPTs are for tech. majority for sure, but there's a conversation factor.
specially in the current situation that green cards are much harder to obtain and many OPTs don't find a job, I expect 1 to be much larger than in the past.
Oh, there's a name for it! I've sometimes been struggling to verbalize in the past the logical issue I perceived with the "immigrants steal are jobs" absolutists, and this is a useful reference.
As far as I understand the $100k fee applies only to consulate issued H1Bs. L1 -> H1B path (via AOS) is possible without fee. (Recent) US university graduates can also use similar path from what I understand.
We will see how much the $100k fee affects things during this H1B lottery round in few weeks.
> Only about 70 employers have paid a $100,000 Trump fee on H-1B workers from outside the US since it was imposed through a September White House proclamation, a government attorney said Thursday.
I think a lot of people have just moved to L1/O1/etc visas to get around it as OP pointed out, although a lot of people are still hiring H1B's. Amazon has applied for over 2000 H1B's so far this year, which puts them on track for ~7000 for the year https://www.uscis.gov/tools/reports-and-studies/h-1b-employe...
We have hit the cap for H1B's every year and we will always do so until we get rid of the program. Cheap labor will always be in demand.
A 100k one-time fee is nothing for big employers. That's 25k/year for 4 years, and if you realize that H1B's can't easily leave their job it's obviously worth it.
Compare hiring an H1B that is stuck at their job, to an American who can leave at any time. You can pay the H1B a lower wage to compensate for the fee you paid to get them into the role. 25k/year for 4 years is worth it for not only the reduced churn that comes with training a new person, but also you don't have to pay any of the incentives that come with getting a new employee into the role like sign-on bonuses, wage bumps, benefits etc.
There's an X account which just posts universities hiring H1B's for ~half of what it would normally cost to hire people. An 80k/yr senior software developer will always be in demand, especially if the team is already predominantly non-american
Universities typically are in the public sector side of the equation... and the public sector doesn't pay any non-administrative role the Big Tech rate.
$80k/y isn't "we're paying H1-B half of what the going rate is" but rather "the state legislature has set this pay scale and we're paying everyone that amount" ... And many times, H-1B visas aren't eligible to work in those roles.
> Universities typically are in the public sector side of the equation... and the public sector doesn't pay any non-administrative role the Big Tech rate.
There's absolutely no reason government couldn't pay competitive rates for software engineers. They do it for doctors and administrators of state-owned medical centers. Not to mention football coaches
Football coaches are revenue generating for universities... software developers at universities not so much. Doctors are licensed professionals that have a decade of schooling... software developers frequently reject licensure and celebrate their lack of a formal education.
Exactly. The fact that H1B's get paid less than Americans across the board is all you really need to know about the issue. There IS no reasonable counter argument.
It's supposedly a program for importing the best and brightest talent that doesn't exist in the US but somehow those best and brightest people get paid LESS than their American counterparts? It was never about the best and brightest it was always about bringing in cheap labor that can't leave.
Sadly I don't think we'll ever fix it either, right leaning industrialists support it because they benefit from cheap labor, and the left leaning politicians get to continue importing people who overwhelmingly vote for them. As usual the loser in the equation is the middle class American worker.
How many H1B visa holders become citizens eligible to vote for those "left leaning politicians?"
I don't think having an H1B helps you accelerate your citizenship application in anyway, and for many countries the wait for legal citizenship is decades long.
You didn't answer the question at all. Getting an H1B visa is merely the first step in a very long process towards citizenship. Decades long. For example, if you're from India and you get an H1B, it'll be roughly a decade before you can get a green card. From then you have a mandatory 5 year waiting period before naturalization. And this assumes a normal, functioning immigration process; something we definitely don't have in the US.
This can be sped up if they marry a US citizen, speeding up the process quite a bit, but it will still be several years. Now their children would be citizens, but that's another 18 years before they can vote. Politicians aren't known for playing the long game...
>Politicians aren't known for playing the long game
There are plenty of politicians who have played the long game, also political parties take actions on longer time scales than individual politicians. Stances that politicians take on issues often come down from the party anyway. Many politicians don't care about many issues, but they vote based on their party's stance. The blue party is staffed with all types of people, many of whom will live to reap the benefits of changed demographics.
Heck many politicians are still in office 18 years later! Look at Nancy Pelosi, she was in office for 38 years. That's multiple batches of anchor babies.
It's not that long of an investment. We have seen this entire country go from 99% white in most places to below 50% in most places, in ONE generation and that change is clearly visible in national elections.
I mean just look at the data, it's a story that tells itself. One party does indeed benefit from increasing diversity and they are also the party that coincidentally spends a lot of time working on initiatives to increase diversity.
It seems that you are using the term "Great Replacement" as a tactic to dismiss the argument and all the data by which it is supported because you have no real counter argument.
I also did say that the other side benefits from importing cheap labor. Which is why both parties seem to do very little to slow immigration no matter which is in power, despite overwhelming demand from their constituents to slow immigration.
> The fact that H1B's get paid less than Americans across the board is all you really need to know about the issue.
Except this is literally false. Every single study I’ve seen that claims this has no real evidence - just speculation without knowing the details of the jobs or the people being hired, based on their own self-serving false comparisons to make dubious claims that similar jobs are paid differently.
Since you said “across the board”, do you think Google or Amazon pay a software engineer at the starting level differently based on immigration status? No, they don’t. Literally every manager at big tech could tell you this confidently.
I have worked at Apple for a decade, H1B's absolutely do get paid less. We have many H1B's that literally just sit around and push buttons and file bug reports, and barely know how to code. Some of them can't code at all. Ofc some of them are good engineers, but they are not even in the majority.
There is plenty of data to back this up.
>A total of 60% of all H-1B jobs are assigned wage levels that are well below the local median wage.
The EPI report is one of the commonly cited baseless reports. Dig in a level beyond their press claims and you’ll find no real method behind it that justifies their claims, because they have no actual way to compare one worker to another to know they’re equivalent and comparable for the purpose of compensation.
As for your claims about Apple - I am guessing you aren’t a manager and don’t know about how their pay scale works. I’m not doubting your claims about the quality of some workers - although I bet you’ll find plenty of non immigrant people not doing work as well. But I know the claim on pay is wrong, once you adjust for performance ratings and levels.
We have moved far-away from the notion of a factory work who's labour can easily be traced to the output.
I think in general we have to question what work one does - not in a negative way - I think its healthy to do so. Standard economic models and thinking are pretty dated and don't really reflect reality as the world of work evolves.
H1Bs are not cheap labor. They’re almost always pricier than the alternative to the company. This is a myth that is ultimately rooted in racism more than facts. Most of the top H1B filers - big tech companies in particular - pay literally identically for the same job. They have fixed pay structures internally, in part because if you don’t, you could face discrimination lawsuits - but mostly to just not lose the competition for talent.
But the cost to the company isn’t the cost of the pay anyways. It’s also the cost in lost time of the H1B process, the fees you pay as part of the process, the costs of law firms you have to hire, the cost of time delays, the risk of the immigration process not working out. Those work out to a lot more value than 25K/year.
An H1B is also not stuck in their job - you can transfer H1Bs.
I do not see how the facts you present call into question the basic logic that as you increase the availability of a commodity, say labour, you anticipate its price to diminish. All of the immigrant workers could be better-compensated and more productive than all of the American workers, and still their presence could drive the price of labour for native workers in that sector down. E.g., if there is a shortage of repairmen certified to fix some medical equipment, introducing a glut of new repairmen who are even more productive will fail to reduce the compensation of the incumbents only in exceptional circumstances.
People applying for H1B visas are getting partially compensated in the right to legally reside in the US rather than in money. The right to legally reside in the US is something that a lot of foreigners want badly, and are willing to accept otherwise-poor compensation for; and by definition it is not something you can pay an American citizen with.
Why is the company getting to pay their employee with that legal-residence-value and therefore get a discount on compensation?
The cleaner approach is the immigrant has to pay that value in visa expenses, taxes, or something else; while the company should have to pay market rate for the position.
Like many school systems facing teacher shortages, South Carolina’s Allendale County has looked overseas for help. A quarter of the teachers in the rural, high-poverty district come from other countries.
The superintendent praises the international educators — mostly from Jamaica and the Philippines — for their skill and dedication, but she is preparing to lose some of them as the Trump administration reshapes visa programs.
Facing higher visa sponsorship costs and uncertain immigration policies, Superintendent Vallerie Cave said it feels too risky to extend some international teachers whose contracts are up or bring on others.
So, split out technology careers from H-1B so that they can be regulated with less impact on the other careers that are currently under the H-1B.
The other part would be to properly fund DOL so that they have the resources to inspect H-1B-dependent employers ( https://www.dol.gov/agencies/whd/fact-sheets/62c-h1b-depende...https://en.wikipedia.org/wiki/H-1B-dependent_employer ) more carefully and prosecute visa fraud in a more timely manner (note that this also gets to other parts that got struck down with Chevron deference so instead of DOL being able to do things administratively it requires going through the courts).
And yes, I do believe that upping the filing fees for H-1B-dependent employers would be a good thing... and auditing them to make sure that they have a butt in seat position for their employees and aren't hiring to try to make a deeper bench of poorly qualified individuals doing routine tasks that do not require a specialty technology degree.
The current (rather hamfisted) approach to trying to cut back on immigration has knock on effects that are impacting rural and remote parts America to a much greater degree than urban areas.
The current $100K fee doesn’t apply to people changing from a student visa. This was long the path of people in software dev or other high tech careers: get a masters or PhD in the U.S., then get an H1B to start working. For those already on H1B after starting on that path, again the fee does not apply if they want to change jobs and have the new employer sponsor their H1B. So hiking that fee to $200K or more wouldn’t really change things much, at least in tech.
200-500k would make a large negative impact in healthcare. Specialty doctors cannot be trained in a snap, and there are limits on how many MDs and DOs are churned out of schools.
So healthcare industries turn to H1Bs to hire specialty positions in underserved / rural areas. The alternative is to shut these facilities down, which has other negative aspects to communities.
I was surprised to hear in this thread that there is a physician shortage in the US, because my understanding was that most Americans go to university and that doctors are paid well. Why aren't more graduates pursuing careers in medicine?
It turns out that they are, but (if I do not misread the situation) there is a regulatory bottleneck:
>The United States is grappling with a physician shortage, but the solution does not lie in simply opening more medical schools. As a physician-scientist and former founding dean of a medical school, I argue that the true bottleneck is not the number of medical school graduates but the insufficient number of residency training positions. Since the Balanced Budget Act of 1997, which froze the number of Medicare-funded residency slots, the United States has seen a steady increase in medical graduates, yet the availability of residency spots has stagnated. This mismatch between undergraduate medical education (UME) expansion and the lack of corresponding growth in graduate medical education (GME) is the key issue.
As this has been the arrangement since 1997, by now a graduated American child of an immigrant H1B specialist trained in a foreign country may be unable to secure a 'residency training position' and therefore unable to practice medicine in his or her own country? It sounds absurd.
Half the Fortune 500 is founded by an immigrant or child of an immigrant. Most of the others rely on immigrants in key positions. Pausing visas or hiking fees up doesn’t protect jobs - it just causes a future decline in the American economy. I think it’s literally cheaper in terms of the country’s future to just pay those who can’t get jobs to take a one-way flight elsewhere, if they’re not able to compete, than to make it harder to get talented people to move here.
So immigrants are in fact taking away the jobs? Do you have the same opinion of illegal immigrants jumping the border and taking jobs from average Americans?
I find this argument extremely funny because when immigrations are taking the white collar jobs, you guys get anti immigrants, tighten the visa stuff, but when blue collar and low level jobs are taken by illegal folks you turn and blind eye and noone is illegal in stolen land login.
I 100% agree that H1B has been extremely abused by folks from specific country running body shop tech consultancies but the solution is not to hike up the fees to 200k-500k.
The 100k fee by Trump admin is already showing effects in the job market. Most companies are not readily sponsoring H1B visa anymore, getting a big tech job as a intl student is already tough and only exceptional ones are getting such jobs.
I honestly don't see that much hypocrisy on this point. People in tech who are supportive of expansive rights for foreigners to immigrate to the US generally ground their argumentation in either claims that it's immoral for the US to limit immigration (the view characterized by the slogan "no one is illegal on stolen land"), or claims that they benefit from immigration even if they are competing for jobs with immigrants. And often the people making these claims are socially adjacent to immigrants in their workplace or other social circles.
Meanwhile, the people in tech who oppose immigration often do bring up the same argument you do - that it's bad to allow immigrants to compete with blue collar American citizen labor even if this competition would make some things that these white-collar tech workers buy cheaper - or ground their opposition to immigration in negative effects of immigrants on American society that aren't directly related to competition for blue-collar jobs (generally, that the presence of large numbers of immigrants has bad cultural or political consequences for the US as a whole).
The political fight over immigration among white-collar tech workers I think has more to do with battling moral claims, or different visions of what the US should look like culturally and politically, than it does over purely-materialist job competition concerns that they are hypocrites about when the job competition is happening to blue-collar workers.
There's lies, damned lies, and then: there's statistics.
You have to counter the growth in jobs based on how many new people there are to take them, the location in which they are, and somewhat weirdly other jobs.
Plenty of people feel so dejected at the current state of things that they leave computer work entirely making "openings" where there isn't actually any growth.
Like all things that you try to understand: a single datapoint, when averaged, is like trying to calculate the heat from the sun by looking through a telescope at jupiter. It will give you a far-out tiny facet of data that only makes sense when coalesced with a hundred other ones.
This is something I already knew, but I realized it even more upon seeing the film Wendy and Lucy.
Yes, it's an arthouse flick. No, it won't be everyone's cup of tea. No, it's not blockbuster material. But, what it does show is how filmmakers can do a lot with very little. It's a simple story with a bittersweet ending and no VFX. I'm certain it cost relatively nothing to make. And it's unfortunate that we don't get anything like it in mainstream theaters.
Hollywood has been pricing itself out of existence but they still have the surprised Pikachu face while things decline.
I had a conversation with a bunch of Hollywood people last year. Some were writers, actors, etc. A handful of film personnel. They were all quabbling about what was going to win at the Academy Awards, who was getting good and bad attention from the Hollywood Reporter, and so on. Simultaneously, they were lamenting about how bad things were in their industry.
I then asked the group if the industry had thought about making a good movie for a change instead of giving a shit what the Hollywood Reporter has to say. They were dumbstruck, probably due to a combination of my rudeness and not having a good counterargument. If people are losing their jobs and not making money then it's hard to deny how self-congratulatory the entertainment industry is.
Yep. I'd just about kill for a decade where we go back to 80s flicks. Some of the best quantity and quality we've ever had for mass-appeal movies, and they didn't cost anywhere near what the average cost is today.
And I'd have at least 2-3 movies a year I'd really WANT to go see, probably more.
Back to the Future, Lethal Weapon, Arnie's action flicks, Ghostbusters-- I could go on for quite awhile, maybe the last decade where we had that kind of movie output.
When I write JavaScript, I make as many things immutable as I can. Sometimes it adds verbosity and leads to less efficient computational patterns, but overall I believe I run into far fewer bugs that are hard to make sense of. There are things about the design of Temporal I don't really like, but immutability was a solid move.
What I don't understand is why they had to make string formatting so rigid. Maybe it has to do with internationalization? I'd have liked if it included a sort of templating system to make the construction of rendered date-time strings much easier.
> What I don't understand is why they had to make string formatting so rigid. Maybe it has to do with internationalization? I'd have liked if it included a sort of templating system to make the construction of rendered date-time strings much easier.
I think Temporal takes the right approach: toString() is the (mostly) round-trippable ISO format (or close to it) and every other format is accessible by toLocaleString(). In Python terms, it is a bit like formally separating __repl__ and __str__ implementations, respectively. Date's toString() being locale-dependent made it a lot harder to round-trip Date in places like JSON documents if you forgot or missed toISOString().
Temporal's various toLocaleString() functions all take the same Intl.DateTimeFormat constructor parameters, especially its powerful options [1] argument, as Date's own toLocaleString() has had for a long while and has been the preferred approach to locale-aware string formatting.
A lesson I've picked up from what little localization work I've done is to avoid "specific formats" as much as possible. Some user's locale is never going to fit your "specific format" and the more you try to (micro-)manage the output format of your dates the more you are likely to make that user upset or show them a very broken experience. The short/medium/long formats you can get out of Intl.DateTimeFormat/toLocaleString aren't perfect, they are compromises, but they work and users can generally trust them.
(If you are using a specific format for something other than display to a user, maybe consider the standardized ISO format instead. Machine-to-machine communications could definitely use a whole lot fewer "specific formats" and explicit Date parsing. Very few backend languages don't have out-of-the-box support or easy found library support for ISO format today.)
I have a GMRS license, which isn't "amateur radio" per se, but can be used in much the same way. The main differences are that you're limited to a narrow band of "channels", and repeaters are not allowed to form networks. The tradeoff is that the license is basically just a fee and requires no test or advanced knowledge.
reply