I probably should have clarified that the 14m number was the estimated number of Californian residents that have Android phones as per the article, but my comment was moreso me overanalysing a joke.

Even if it were split evenly across the estimated 14m residents, it only comes to a grand total of $22.47

Part of the reason why I take good care of my little 24" dumb TV. It’s on the lower end (poor viewing angles, absolutely no adjustment on the legs) but I still have a use for it, so I won’t be replacing it.

The other concern I have with smart TVs is because manufacturers basically install a smartphone SoC, the TV’s lifecycle is now the same as a smartphone. Most people probably won’t connect a new smart TV box to their discontinued, laggy (thanks to bloated apps) smart TV, the completely functional unit just gets replaced.

We need regulation to be able to unlock these devices and make available the firmware drivers so that after the manufacturer stops support, the community can continue it (and obviously for us hackers, we would strip the system of all telemetry)

Agreed - the end of the article does state compiling untrusted repos is effectively the same as running an untrusted executable, and you should treat it with the same caution (especially if its malware or gaming cheat adjacent)

Well that’s certainly no light read - I’ll admit that I’ve only read the first six sections of the document for now

The crux of it that I could see was the initial repo that was backdoored contained a malicious Windows command in the PreBuildCommand field of .vbproj file

My initial thoughts would be that it might be advisable for build tools to confirm any defined build commands with the user when it detects a command not seen before?

I suppose otherwise the argument could be made that if you’re downloading and compiling code that is backdoored, if you’re not checking .vbproj or equivalents, you’re probably also not auditing any source code either and you’re being pwned either way.

I wouldn’t think so - it depends on your priorities.

The open source and offline nature of this without the pretenses of “Hey, we’re gonna use every query you give as a data point to shove more products down your face” seems very appealing over Gemini. There’s also that Gemini is constantly being shoved in our faces and preinstalled, whereas this is a completely optional download.