my friend sophie got fired from her job at Facebook and turned down a $64,000 severance package in order to leak this, so u better read it. buzzfeednews.com/article/craigs…
my biggest takeaway from this article is that FB could be doing a lot more to prevent politically-motivated bot activity, but they choose not to because they don't see any immediate revenue or PR benefit from doing so.
clarification: in order to leak this *internally* at Facebook
FYI Sophie did NOT leak this memo to Buzzfeed. she posted it internally at FB, and then @BuzzFeed published this article without her permission.
I'm disappointed in @BuzzFeed for not respecting their source's wishes on when and how to publish their information.
• • •
Missing some Tweet in this thread? You can try to
force a refresh
in january 2023, i had a simple ultrasound done at SimonMed. they sent me 4 bills totaling $5137 for it.
after a year of emails and phone calls, they finally admitted today that i only owed $140.53 and are mailing me a refund check!
here's how i did it 🧵
2/ the first bill they sent was for $484.92, which i paid promptly. a few months later they sent a bill for $3378.69! i contacted my insurance and they sent me an updated EOB saying i only owed an additional $140.53.
3/ i emailed simonmed and attached the EOB. they said they would look into it. shortly after i got a new bill for $140.53 in the mail which i paid.
then i noticed the 484.92 amount wasn't counted in my insurance deductible so i contacted my insurance asking why
why is it not common knowledge that u can make perfect japanese-style croissants from scratch with like 20min of effort?? thx @MimeeXu for enlightening me
(recipe in thread👇)
1/ mix 400g bread flour & 6g salt
microwave 240g milk for 30s
dissolve 8g dry yeast in it
add 50g honey
add 40g softened butter
mix together
mix wet mix into dry mix to form a well-combined dough
cover and rest overnight in fridge
2/ 1. form 12 balls of dough 2. roll each dough as shown below, wrapping a piece of butter and pinch of salt at the center of each roll 3. lay rolls on parchment paper and rest for 40min in a slightly warm place (ex: warming drawer of oven, or an oven with the light on)
1/ in this thread i'll summarize some differences between SameSite=Lax (Chrome's new proposed default policy; see mikewest.github.io/cookie-increme… for more technical details) and third party cookie blocking (Brave's default policy unless user turns it off for a site)
2/ SameSite=Lax is more strict than 3p cookie blocking in the sense that it also blocks requests using unsafe HTTP methods. For instance if X contains a form that POSTs to Y, cookies to Y would be blocked by SameSite=Lax but not most 3p cookie block implementations AFAIK
3/ SameSite=Lax is less strict than 3p cookie blocking in the sense that a site can override it with SameSite=None. But unless a site does that, both SameSite=Lax and 3p cookie blocking will block 3rd party cookies on subresource requests.
External Tweet loading...
If nothing shows, it may have been deleted
by @ortegaalfredo view original on Twitter
a lot of @electronjs devs have the attitude that their app doesn't need sandboxing or keeping up-to-date with Chromium bc "it doesn't execute untrusted code". the problem is that falls apart as soon as you get XSS. github.com/signalapp/Sign…
(at least Signal has sandboxing)
"should i build this as a web app or use Electron?"
the difficulty gap between XSS and full RCE is much smaller in Electron compared to a browser like up-to-date Chrome, so plz make it a web app if u care about good things