I used to do this but these days I’m petrified of the restore being imperfect in some way.
I use the he.net app for TOTP. Will I get those back in working order?
I have a billion photos I want to keep — were they properly backed up to iCloud?
My mail settings are a pita to recreate. Will those come back?
Are passwords stored in the Secure Enclave? Could I lose those?
When I sign back into iCloud am I going to be able to use a username and password, or is it going to require me to approve the login on my laptop — which I left at home — as a second factor?
WhatsApp, Signal — how much is tied to my physical phone and/or any key material unique to the OS — material that is irretrievably lost, by design, when it is wiped.
I think really the long term answer is to stop using an opaque, closed source iPhone. Maybe some time in the next five years one will emerge that competes with Apple’s quality? Until then, every border crossing is going to risk handing over a huge part of my life to ICE because I can’t risk losing anything in a backup/restore hysteresis loop.
Post.: Another future direction would be for iOS and apps to recognise this as a common use case and provide guarantees about what is and what isn’t restorable after a wipe.
There’s also a conflict here between wiping data so that it is irretrievable and wiping data to later retrieve it. If you wipe with the intent to retrieve I can believe that immigration will just detain you until you restore your phone so that it can be searched.
Your phone could become damaged and inoperable every day. From dropping it in the toilet, being stolen, a house fire, etc. If you're "petrified" of losing your data, it's worth the work to ensure your data backup procedures are adequate.
You’re right, but also I know I have enough backed up to survive a catastrophe. What I don’t want to do is to test my backup in a non catastrophe situation and invalidate all my TOTP, WhatsApp history, mail settings etc. just because I wanted to test disaster recovery.
It feels like buying a fire safe (phone and app backups) without any kind of understanding if it works then burning your house down to see if it works. I want a fire safe (phone and app backups) that is up-front with guarantees it works!
I should have said this by the way: for a long time I did wipe my phone when crossing borders, learning the hard way all the little details that don’t quite work properly when doing a restore from backups.
Analogies only go so far. Going to the store, buying gasoline and rags and a lighter and then committing arson and burning my house down is maybe a little bit different from sitting down for a few hours with my laptop connected to my phone.
I've spent the last month and a half building an encyrpted backup system I could sleep peacefully with, independent of tech giants that secretly compromise you. I'm almost there but it's not easy for a lot of reasons you mention and more.
Ultimately it's not enough for individuals to spend this effort for themselves. We need a self-managed option that is nearly as turnkey as iCloud. A distro with it built from the outset.
Yes. You can restore your icloud backup to another target iphone without wiping the source iphone, as long as the target iphone has enough storage capacity.
IMO if you are so concerned about it, then just buy a second phone, and leave the "first" phone at a family member, or at least someone that you trust. If something fails to restore, just call them to read you the OTP code or whatever.
This is an issue I face- I have a collection of thermal cameras that use apps to control them- after every install onto a phone, they then reach out t oa server to authenticate.
Here's the issue- though I have a few older phones- these apps are 32 bit ones, so no modern phone after Android 13 will run them. And they are all now not on the app store anymore,as they all came out about around 2016. i did use a APK extractor to pull the APKs to store them - but the native backup functionality wouldn't capture that authorization in the future, I might rob myself of my ability to use some extremely expensive, and long-term invested capable hardware, by backing up and restoring-
I suspect a full image would solve this problem, but I don't think one can do that outside of things like TWRP- but that requires unlocking the bootloader, and if you do that it wipes your device- AND is more vulnerable to Custom's usage of Cellebrite and etc, to my undertanding.
I don't have this issue with laptops ,as I can fully image them and wipe and restore ahavend have a perfect replica/ no issues. But my thermal cameras do not run off of PC and th eform factor wouldn't work if they did
> I’m petrified of the restore being imperfect in some way.
A lot of this is from anchoring important things to your phone. I practice, and strong recommend, avoiding that as much as possible. Your phone should be entirely disposable. If you drop it in the ocean, would you care (other than the monetary loss)? If yes, find way to detach those things from the phone. There should be nothing important on a phone.
After the Handgloves specimen, the next part of the page is black with tiny writing. My awful eyesight and mobile scrolling priors caused my brain to assume I had reached the bottom of the page and stop scrolling.
Thanks for pointing out, indirectly, that there’s a lot more content than I had assumed!
Aside, but NBC’s website is way better executed than I was expecting.
Perhaps it changed recently, or I just never noticed? I was expecting 100MB with back button abuse and retention dark patterns. Instead, it loads fast, has minimal guff, and the footer scrolled into view ending the page within sight of the end of the actual article.
Perhaps this is a reward response to not having to / be able to doom scroll?
This doesn’t feel fair. The standards we have for how elected officials conduct themselves is very different from what we expect from non-political career civil servants, General Officers, and the like.
At our most charitable, we ought to recognize that in a democracy elected officials are plucked from the ranks of the general public. The qualifications for office are that you are the most popular person in the room, not the smartest, or the most professional.
The trouble comes when the elected officials also want to replace non-political career officials with political allies who behave similarly to themselves, which seems to be what we are currently seeing.
I agree on everything you wrote! However, I hope citizens vote for the persons they think are going to do the best job.
Obviously, it is a gamble, to wit the current administration, but I'm sure, on election day, most voters of the USA thought that the current president would do the best job. Many learn now they were mistaken, but this happens. That's the beauty of democracy, we can vote the incompetents out.
> I can’t assign papers any more because I’ll just get AI back, and there’s nothing I can do to make it stop.
One idea is to not ask for the papers back. When I was in University it was very much impressed upon me that writing papers was for my own benefit. All our marks came from end of year exams where we were essentially writing a paper in three hours under exam conditions.
Accordingly — and this obviously only works in a syllabus where grades are awarded only on exam results — nothing says “this is for you not for me” more than not even asking for the papers to be submitted.
(Our papers were marked but only with hints. The marks didn’t count and we went through each paper as a class, together, so could essentially mark them ourselves based on the points we did and did not raise.)
And upon failing the course, the students and their parents sue the university for failing to award a degree. They have, after all, been paying tuition fees of tens of thousands of dollars for the last four years. They damn well expect a degree in return!
In response, universities remove degree grading altogether. As your bachelors degree is now guaranteed, graduation is purely ceremonial. Matriculation immediately awards you the degree of Baccalareus Expectum which automatically converts to Baccalareus Artium after paying for 8 semesters.
These can optionally be paid in advance and, if so, the bachelors degree (or masters, if you pay for 16 semesters) will be available immediately. Attendance is encouraged but optional.
Backlash against a lack of real grades starts to build — without exams or marking, all degrees are the same. Institutions use actuarial tables and AI to determine what grade you would have achieved based on upbringing and family background. Dynamic pricing means the degrees costs less for the rich. Lower class families are able to buy their bloodline a ticket to the elite by proving they are worth it: paying full price.
If you think you are elite material, you can take out a loan of course. Why care about the burden of repayments when you’ll be the next superstar lawyer, programmer, analyst, quant, consultant, etc., right? Instead of an end of year exam to prove yourself you can instead prove yourself by paying off that student loan! Go bears!
the US model has focused less on exams and more on take-home assignments. this can be better because most people perform better without artificial pressure, and it's possible to ask deeper questions than on a timed exam. it's just that it is not viable as of this year.
You’re using a magic constant that doesn’t do anything at runtime. It’s only there to be parsed by static analysis. In your case that’s uv doing the parsing but another tool might delete it as unused code. In the sense that it’s one thing pretending to be another, for me, it’s in the same category as a magic comment.
Instead, why not make a call to uv telling it what to do?:
import uv
uv.exec(
dependencies=[“clown”],
python=“>=3.10”,
)
from clown import nose
The first call can be with any old python runtime capable of locating this hypothetical uv package. The uv package sets up the venv and python runtime and re-exec(3)s with some kind of flag, say, an environment variable.
In the second runtime uv.exec is a noop because it detects the flag.
My counterpoints to the PEP’s arguments are (1) we’re about to run Python so we presumably have a Python parser on hand anyway; and (2) for the foreseeable future it is going to be capable of parsing all previous versions of Python.
It’s a bit fast and loose though. I can see though that it’s helpful for long term stability to have two completely separate languages for dependencies versus the actual code, with the former being far more reduced and conservative than the latter.
If you use Python4.98 triple walrus operators to say requires_version:::=“>=4.98” it would definitely be annoying for any version prior to that to not even be able to parse the requirements, let alone try to meet them.
So but that means instead of uv running python python runs uv now, which (I would imagine) has all kind of implications from a development perspective.
I agree that theoretically your proposed way of doing things would be conceptionally among the cleanest, but on the other hand in all kind of scripts the shebang was sort of a comment with big implications as well, so I am not sure if being dogmatic is worth it here.
It might be specified that I needs to be proper JSON. And a proper JSON is much more maintainable (and extendible) than impromptu syntax (that first starts manageable, but step by stem moves into parsing hell).
One of uv's justifications is that it isn't dependent on Python, and so there's no circular bootstrap problem. Things are now at the point with uv were you tell the person you're sharing a script with:
1. Get the install command from the uv site and run it (if they don't already have it installed).
2. Run the script with uv.
Literally cannot get simpler than that. Making uv an importable means assuming Python is present or easily installed on every system, which if it were the case then uv wouldn't be becoming a thing.
Different python versions have different syntax grammars, so if the rest of your file has new syntax, and older python might not be able to execute even the first few lines.
The whole point of writing a "self-contained" script is that it should run anywhere. uv bundles its own cpython runtime(s) for this purpose, but relying on script execution prior to invocation of uv breaks this.
The trick in the featured article would allow me to drop a script written in modern python syntax on my outdated ubuntu LTS box and have it "just work", while GP's suggestion would not.
Instead, why not make a call to uv telling it what to do?
One important aspect to remember is that this isn't intended to be a uv specific feature. It's a (proposed) python standard feature that in the future other python package managers will implement. So whatever solution they come up with it has to work with any standard compliant package manager, not just uv.
Enriched flour is another good example that I was hoping someone would mention*.
It’s worth noting that it’s also slightly different in that processed flour is deficient in thiamin and calcium, so the fortification adds back these nutrients.
On the other hand, processing water to make it potable doesn’t remove fluoride and so fluoridation is not the process of adding back something that was there beforehand.
*I searched this page and found flouride and flouridation four times before your comment.
Lasering in on the three different use cases (rather than just one generic 25min focus time) and also providing statistics are both cool additions. Nice.
It would be a good addition to your write up to mention, for the uninitiated, that pomodoro is of course named after a physical timer with a rotary encoder!
If they pulled Miller out of the line and only then checked his photo ID, and the allegation is they used facial recognition to trigger this, then that implies they already had his biometrics in their database.
The legal disclaimer shown at the venue implies that the biometrics are collected (and “retained, stored, and converted”) at the venue. That’s clearly only half of the story. They must also be collecting (and retaining, storing, and converting) information about anyone using sources outside the venue.
The implication from chronology of the story is that MSG must have done something like googled Miller, found his LinkedIn bio-pic, and put that in their “safety and security” database?
I think we can conclude therefore that the disclaimer sign is not a quasi-legal disclaimer to let the venue record your face, but in fact a canard to divert your attention from the fact that they have already created records linking your face to your name — records created without your consent and without letting you know they did it.
Is that legal? This would be a clear GDPR violation in Europe.
You could probably argue a legitimate interest if you're collecting face recognition data on proven hooligans, but scraping pictures of people that have not been to your venue off a website clearly isn't a legitimate interest for such privacy invasion.
That is entirely too narrow. Laws that constrain the government are being ignored. Thats a LOT more than just privacy. Or “consumer wellbeing”, which as a term reviles me — We the People are more than mere consumers — but I take your meaning generally.
Much too narrow. They’re ignoring due process. Just ask anyone not white detained by ICE. (Is that everyone detained by ICE?)
That's fair - plenty of checks and balances are gone, even the ones that relied mostly on decorum and shame. My expectations were already quite low but I've been surprised just how openly and directly the fundamental rights are being attacked and equally surprised by how many people are happily cheering as it happens.
I like the perspective that we are more than mere consumers. I think that's a valid thing to be clear about although consumer protection as a concept doesn't feel belittling to me as a human (nor would I want it to extend to my entire life anyway).
If a 3-person law firm is suing you, and the law firm has a web site with photos of its 3 lawyers, it seems reasonable to add those photos to a pinboard at your entrance, so security staff know to look our for those folks, and not to allow them to come into your place of business (unless they arrive for an appointment, e.g. for a deposition).
What if the law firm has thousands of employees and you don't know exactly which ones might be working on your case at any given time? What if your entrance has a high volume of visitors and it's not practical for your security team to stop each of those people for minutes, whilst they check them against a set of thousands of photos?
I use the he.net app for TOTP. Will I get those back in working order?
I have a billion photos I want to keep — were they properly backed up to iCloud?
My mail settings are a pita to recreate. Will those come back?
Are passwords stored in the Secure Enclave? Could I lose those?
When I sign back into iCloud am I going to be able to use a username and password, or is it going to require me to approve the login on my laptop — which I left at home — as a second factor?
WhatsApp, Signal — how much is tied to my physical phone and/or any key material unique to the OS — material that is irretrievably lost, by design, when it is wiped.
I think really the long term answer is to stop using an opaque, closed source iPhone. Maybe some time in the next five years one will emerge that competes with Apple’s quality? Until then, every border crossing is going to risk handing over a huge part of my life to ICE because I can’t risk losing anything in a backup/restore hysteresis loop.
Post.: Another future direction would be for iOS and apps to recognise this as a common use case and provide guarantees about what is and what isn’t restorable after a wipe.
There’s also a conflict here between wiping data so that it is irretrievable and wiping data to later retrieve it. If you wipe with the intent to retrieve I can believe that immigration will just detain you until you restore your phone so that it can be searched.