The article is surprisingly missing the most important part: a cost comparison. I understand and share the frustration with rising prices and ads creeping into paid plans, but for people who value optionality and broad access, streaming is still meaningfully cheaper than owning content.

In many cases, the price of a single movie is comparable to an entire month of a streaming service, which gives access to thousands of titles. Ownership can make sense if you repeatedly watch a small, fixed catalog over many years, but for most casual or exploratory viewing, the economics still favor streaming.

Fair enough! However you need to consider:

- Depending on your taste you will need to subscribe to multiple servics. Shows / movies I enjoy are scattered across Netflix, AppleTV+, Prime, Disney+. And it's increasingly unlikely that IP is licensed out (i.e. no Star Wars on Netflix)

- There is a surprising amount of movies which are not on any streaming service (at least in Germany) OR they are but you still need to buy a digital copy or rent

- The UX of self hosted solutions like for example Jellyfin or other open source can (surprisingly!) be better than the paid solutions. I.e. no ads & and no UX redesigns

I'm not opposed to streaming services at all. I will subscribe to them as long as it's value for money.

However in recent years streaming services got worse while self hosted solutions got much much better.

Your point - subscription is cheaper than self hosting - may still hold, but the balance has definitely shifted in favor of self hosted solution.

I don't think it'll become mainstream in the near future (or ever) but for me personally it's worth it!

It's also not "either / or". You can both self-host and have subscriptions, but maybe you can cut down on some subscription services:)

Some people do not mind buying art or paying artists for their work.

If we assume an artist gets 1¢ per stream of a song, and that album is 10 songs long, you need to listen to it 100x for the artist to get the same as just buying a $10 CD from Bandcamp.

I understand this example is missing the cuts given to other parties (label, etc) but it is still more to the artist than streaming unless you obsessively stream the same albums repeatedly.

Spotify is cheaper because your favorite local indie band makes far less from it.

Additionally, thrift stores have loads of CDs you can rip for extremely cheap.

Spotify pays me about $0.003 per stream. That's pretty typical for every artist on the site.

For the most part, you aren't meaningfully paying for content when you use streaming services. This has the effect of making it not cost effective to produce good content you enjoy, while still costing you money to pay for the services, most of that money being funneled towards slop and execs. The ecosystem as a whole would benefit if you set aside the money you would ordinarily pay for streaming, and instead spent it on choice works you appreciate, while downloading whatever you like.

For movies specifically, you should consider paying substantially more than you would on streaming if you watch any substantial amount of movies. It is very hard to fund good movies with only streaming revenue.

Can we remove this? While this war is a horrible tragedy, I’m of that opinion that we should not discuss geopolitics on this site unless it’s directly impacting the core topics we are all here for.

Mind sharing a link? That sounds really interesting!

It’s too soon to know, but this could make 3-year H-1B renewals hugely problematic. That would be a major blow to the program. I was fortunate to get mine in 2014 without a single problem. There’s no way I’d expect someone to get through this process today. And realistically, most companies aren’t going to pay such a large premium just for a typical software engineer.

> And realistically, most companies aren’t going to pay such a large premium just for a typical software engineer.

This is the point, I think (whether I agree or not)

"Hire locally!" as a catch phrase wasn't working.

Then probably just more outsourcing? Which again, maybe the point is more to keep people from coming here and less to help American workers?

If the job was easy to effectively outsource, it would have been much cheaper for hiring organizations to outsource years ago rather than bring employees in on H-1Bs before this announcement.

> most companies aren’t going to pay such a large premium just for a typical software engineer.

Isn't that the idea tho? Stop companies abusing the h1b for "regular" staff? It's supposed to be for talent you can't find locally. So "exceptional" would fit, no?

(outsider perspective, eu here).

It’s ultimately a numbers game. The more malicious seeds are planted, the higher the likelihood that one of them will be pulled into a real-world build pipeline. Platforms like GitHub, NPM, and other open repositories are ideal staging grounds because very few engineering organizations are willing to block traffic from them. That makes them near-perfect hiding spots for malicious content.

And the asymmetry is stark: attackers only need to succeed once. It takes just a single developer installing a compromised package to trigger a breach with potentially massive downstream consequences. So while I agree that quantifying impact is critical, dismissing large-scale seeding campaigns because “no one might have downloaded it” ignores the risk.

> The more malicious seeds are planted, the higher the likelihood that one of them will be pulled into a real-world build pipeline.

Sure, but you still need to show the impact. Not all "seeds" are equal; that's why we categorize attacks as either opportunistic or targeted (and within that, there's the kind of "lazy" opportunism of package spam versus "motivated" opportunism of trying to trick developers into using a specific compromised package).

(And to be clear, I'm not ignoring the risk here! I believe we can do better about qualifying the risk, which does exist.)

In a world where PR-focused organizations (not saying it's right or that's how it should be, but that 'it do be like it is') actively work to hide breaches on occasion? Should they not publicly success a win and support 'open source' while celebrating a dub, while giving them a sales tool / credibility?

I don't think I understand the question, sorry.

This is a surprisingly common issue. In my day-to-day work, we analyze millions to look for malware, and it’s well-known in the security community that attackers frequently leverage “trusted” websites to host and deliver malware as an evasion tactic.

The technique is so pervasive that I did an extensive research on it. In fact, there are several well-funded and widely used applications, some generating millions in revenue, that unknowingly host malware on their infrastructure. In more concerning cases, these platforms are even repurposed as command-and-control servers for data exfiltration. We're increasingly seeing enterprises take the proactive step of blocking traffic to these high-risk domains entirely to strengthen their security posture (e.g. it's completely common to block all traffic from network to Dropbox or other file hosting services).

But can you Ghibli? I guess NOT! /s

Javascript was never build for those use-cases. It should have stayed on the browser.

JavaScript has handled the concept of middleware for decades.

For a decade, since the intro of NodeJS

Sorry to inform you but you're off by about 6 years, nodejs was released about 16 years ago, and express has had middleware for 14 of those years.

Time flies... Thanks for the correction, buddy.

It would be very positive for the entire startup ecosystem if this deal goes through. It would also be a strong signal from the new administration about support of our current startup ecosystem.

You said the same thing as thing you quoted, so what issue do you have?