America has several sets of eminent domain laws depending on the jurisdiction. The most coercive is federal eminent domain law specifically as it relates to building infrastructure like railways and highways.
It's set up so that you can take the land first and eventually go back around and decide on what the right price should have been.
Not only does it superscede state and local law, federal infrastructure projects are also not bound by state laws like CEQA.
You can even apply federal eminent domain law by e.g. transferring a state-level project to the Army Corps of Engineers.
What America is lacking in these projects is will, not means. The federal government could take your house and run a train through it by the end of the week if they wanted, doesn't matter where you live.
[edit] In fact some states even ceded their eminent domain rights to private railways.
The Australian federal government is planning to build a high-speed rail line from Sydney to Newcastle (medium-sized city two hours drive north). Their solution to property rights, is >50% of the line will be underground. It will cost >US$50 billion, but if the Australian federal government wants to spend that, it can afford it. The US federal government could too, but it isn’t a priority for them
> local regulations make it prohibitively expensive
Local regulations can be pre-empted by state or federal legislation. The real problem is lack of political will to do it.
My understanding is that existing rail lines aren't flat/straight enough for high speed rail. There's no point to a bullet train if it has to constantly slow down for corners/hills.
I also find it far easier to resist accidentally entering credentials in a phishing site... I'm pretty good about checking, but it's something I tend to point out to family and friends to triple check if it doesn't auto suggest the right site.
I’m impressed with their feature to add the URL for next time, after manually filling on an unmatched URI. Hairs raised on neck clicking confirm though.
Importantly IMO is the extra phishing protection that the UX is really nice if and only if the url matches what's expected. If you end up on a fake url somehow, it's a nice speed bump that it doesn't let you auto-fill to make you think, hold on, something is wrong here.
If you're used to the clunkier workflow of copy-pasting from a separate app, then it's much easier to absent-mindedly repeat it for a not-quite-right url.
The 1Password mobile and desktop apps have such a nice UX that I’m happy copy pasting from and into it instead of having any of the browser extensions enabled.
I have 1Password configured to require password to unlock once per 24 hours. Rest of the time I have it running in the background or unlock it with TouchID (on the MacBook Pro) or FaceID (on the iPhone).
It also helps that I don’t really sign into a ton of services all the time. Mostly I log into HN, and GitHub, and a couple of others. A lot of my usage of 1Password is also centered around other kinds of passwords, like passwords that I use to protect some SSH keys, and passwords for the disk encryption of external hard drives, etc.
> The 1Password mobile and desktop apps have such a nice UX that I’m happy copy pasting from and into it instead of having any of the browser extensions enabled.
Also a great way of missing out on one of the best protections of password managers; completely eliminating phishing even without requiring thinking. And yes, still requires you to avoid manually copy-pasting without thinking when it doesn't work, but so much better than the current approach you're taking, which basically offers 0 protection against phishing.
My approach is that for critical sites like banking, I use the site URL stored in the password manager too, I don't navigate via any link clicking. I personally am fine with thinking when my entire net worth is potentially at stake.
It's not only about how you get there, but that the autofill shows/doesn't show, which is the true indicator (beyond the URL) if you're in the right place or not.
Rouge browser extensions for example could redirect you away from the bank website (if the bank website has poor security) when you go there, so even if you use the URL from the password manager, if you don't use the autofill feature, you can still get phished. And if the autofill doesn't show, and you mindlessly copy-paste, you'd still get phished. It's really the autofill that protects you here, not the URL in the password manager.
If you have rogue browser extensions installed, the browser extension can surely read the values that got filled into the login page without having to redirect to another site.
Not necessarily, a user could have accepted a permission request for some (legit) redirect extension that never asked for content permission, then when the rogue actor takes over, they want to compromise users and not change the already accepted permissions.
Concretely, I think for redirect browser extension users I'd use "webRequest" permission, while for in page access you'd need a content-script for specific pages, so in practice they differ in what the extension gets access to.
You don't need a autofill for a indicator. Simply bookmark your banks login page, even if it gets silently redirected later you will notice as the page wont be bookmarked anymore.
In Safari on iOS I have all the main pages I use as favourites, so that they show on the home screen of Safari.
Likewise I have links in the bookmarks bar on desktop.
I use these links to navigate to the main sites I use. And log in from there.
I don’t really need to think that way either.
But I agree that eliminating the possibility all-together is a nice benefit of using the browser integration, that I am missing out on by not using it.
Which works great until tags.tiqcdn.com, insuit.net or widget-mediator.zopim.com (example 3rd party domains loaded when you enter the landing page from some local banks) get compromised. I guess it's less likely to happen with the bigger banks, my main bank doesn't seem to load any scripts from 3rd party as an counter-example. Still, rouge browser extensions still scare me, although I only have like three installed.
> The problem is that the UX with a browser extension is so much better.
It's better, but calling it so much better [that it's unreasonable to forgo the browser extension] is a bit silly to me.
1. Go to website login page
2. trigger the global shortcut that will invoke your password manager
3. Your password manager will appear with the correct entry usually preselected, if not type 3 letters of the site's name.
4. Press enter to perform the auto type sequence.
There, an entire class of exploits entirely avoided. No more injecting third party JS in all pages. No more keeping an listening socket in your password manager, ready to give away all your secrets.
The tradeoff? You now have to manually press ctrl+shift+space or whatever instead when you need to log in.
The tradeoff is that you need to know how to setup a global shortcut or even know it's even possible. I wish people would stop minimizing the knowledge they have as something everyone just knows.
How do you set up this shortcut? I'd prefer to get rid of extensions, if for no better reason than sometimes it switches to my work profile and I have to re-login
yeah updates are where it falls over for us. inserts were fine, reads were great, but any workflow that needed to correct a small slice of rows after the fact got painful fast. we ended up keeping the row store for the hot path and rebuliding the columnar copy overnight. probably not elegant but it stopped the bleeding.
I've taken so much Advil/Ibuprofen in my life it would be impossible to count at this point.
I always got headaches when I was younger and it didn't really stop until I went to college at a higher altitude. When I go back to my hometown, after a couple of days they come back. Some headaches will go away on their own with water or rest, but others that seem to go from one side of my forehead all the way down the same side of my neck seem to only go away with medicine.
I used to have to take Advil what seemed like every other day to get them to go away. Tylenol never seemed to help at all. Aleve actually works better than anything for me.
Since none of them are actual migraines, most advice was the standard: drink more water, get enough sleep, are you stressed at work, etc.
I won't move back to my hometown because of it and it hasn't been as much of a problem. My grandmother said that I had a distant cousin who would get sick whenever he came to our hometown from Chicago as well. Said that his doctor thought it might have to do with the swampy air around the area. Pee Dee region of South Carolina, where Francis "Swamp Fox" Marion operated during the Revolutionary War.
I feel like people are underestimating the market share of Cursor.
The value in acquisitions for investors typically comes from how much money is locked into multi-year deals. A lot of tech folks in leadership positions that I talk to are very aware that the best option in this space changes every 2 months. Right now it's Claude. Next month it might be Codex. A couple months after that it could be Gemini/Qwen/Composor/Kimi/xAI.
Locking in with Cursor where quick swapping your team between the changing options is the point is a better choice than locking in even a 1 year deal with any single option where you're still going to be paying for token cost on top of it.
It’s fast, looks nice and since i really just review agent output these days, that’s good enough. They don’t move everything around and it moves at a nice pace.
Because of government pressure. It was delisted by lots of exchanges purely based on government fear of privacy and independence, not any technical or demand reasons.
The CEX that do list it, it is essentially a trap. As soon as you do something with XMR they start freezing your account and demanding all sorts of KYC/AML. That is my experience after playing with it by pulling out a couple hundred $ and doing nothing with it other than putting it back on an exchange.
reply