I have almost the same problem. With Poetry, I managed to work around it using this technique, involving a combination of groups and extras: https://github.com/lucaspar/poetry-torch
It's a hacky workaround, but it seems to work so far. It would be much nicer to see this solved in a better way, though!
> I currently hold a position in an academic lab, where we blend design, research and engineering to study social sciences-related question within large data sets.
Sure! It's Sciences Po médialab, in Paris.
https://github.com/medialab (linking Github, as it's much more relevant than the actual site).
The tenets of the lab have (more or less) to do with exploring Gabriel Tarde's theories of "Actor-Network" and monads (nothing to do with FP, mind you).
One of the fundamental idea behind this being that everyone now generates traces on the web, and anthropologist/social sciences researchers may use them as a new "terrain" of research.
It was founded by anthropologist and philosopher Bruno Latour, and a group of engineers (who knew each other from school, where they were dabbling with programming for networks/exploration of the web early on).
By network, I mean graphs (math).
Projects usually involves triumvirates of designers (usually specializing in information, sometimes students/researchers themselves), engineers, and politics or social sciences academics. Often being two things at a time.
We have regular hackathon-like sessions called "datascapes" where we explore (sometimes, dormant) data sets, either from the web, or digitized (i.e. scanned historical archives, etc...) to make sense of it, and come up with relevant research questions.
(We also do boring stuff to pay the bills, so that we have enough freedom to work on project we like afterwards).
I strongly agree. Nonetheless, many places aspire to be a second Silicon Valley, and it's certainly worthwhile pointing out how close or far away they are from that goal. In particular, those behind Station F probably want their project to develop in a SF/US-like direction.
It would be interesting to see if there can be a third way - an attractive location for startups with a culture that is open to entrepreneurship without being overly obsessed with quick unicorn money and without being entirely dominated by startups and VCs?
However, as long as you are not directly affected by any of those, e.g. you are not LBGTQ, you might consider staying to defend LGBTQ rights and thereby have a more meaningful impact. Even if you're not a politician, voting, educating your children and talking to friends and coworkers can have a significant impact.
What ethnicities/races are you talking about here in particular?
I suppose African-Americans will probably experience less animosity in Japan than in the US. But I think the ones subject to severe racism in Japan are rather other Asians, such as Chinese or Koreans.
Japan is a very ethnically homogenous country with almost zero immigration, and it is my understanding that that is due to the fact that foreigners are not very well accepted. Since people of different races hence represent almost negligible parts of the Japanese populace, you might consider it less of a problem than in the US, where racisms exists between citizens of the same state.
Disclaimer: I've never been to Japan, please correct me if I have the wrong impression.
There are some minor caveats, but nothing really worth worrying about. Most browsers accept StartCom certs these days, so that's not a concern unless you're supporting ancient systems. The big difference is in how much validation is done.
The cheap certs only offer domain verification; in other words, they verify that the person holding the certificate owns the domain in question. Typically via an automated email to one of the contact addresses associated with the domain. The catch here is that you're only allowed to fill out the CN= (domain) field in your cert; the others are blanked out. For what most people use SSL for, that's sufficient.
The more expensive certs will go a step further and verify the identity of the entity or person holding the certificate. This entails things like checking your articles of incorporation if your'e a business; things that tend to require a human operator at the CA reviewing your submission. In return, you get to fill out more fields in your certificate. However, nobody ever looks at the details for certs, so this is pretty much wasted money, IMHO.
The only point at which the more expensive certs get you something of value is:
1. You pay to get a wildcard cert, which lets you use your cert on as many subdomains as you want. If you actually need it for technical reasons (e.g. you let users create their own subdomains), this might be worthwhile. Most folks won't need this.
2. You pay to get an "Extended Validation" or "EV" cert, which gets you a little green box in the address bar with your company name. There's strict requirements on identity validation to get these, and it's supposed to engender more trust on the part of users. They're also very expensive. Personally, I suspect nobody really cares about these and it's just a racket for the CAs. But opinions vary.
The fact that EV certificates exist in the first place is an indication in my mind just how badly CAs messed up the certs originally. ("We need to sell more! Get rid of the checks")
It also drives me nuts that browsers still class self-signed certs below normal (non-ev) certs when they basically offer the same level of guarantees (in terms of "this person is who they claim to be")
You are wrong. Attacks against sites with self-signed certificates are trivial to execute (you just need to download the tools and learn how to run them) and can be fully automated. Obtaining fraudulent certificates is occasionally possible (getting more difficult every day), but it generally needs to be done one site at a time, and requires a _lot_ of resources.
That said, there are many ways in which browsers could improve the handling of self-signed certificates. For example, having a Convergence-like system to fall back to seems useful. Another possibility would be to use opportunistic encryption, where all access is encrypted even without a certificate. (This would defend only against passive attackers, but it's better than no encryption.)
I think the main catch here is that they're only willing to issue level 1 certs to individuals. For commercial endeavors, they make you pay money, and then they also have you send in proof of identity and stuff, and manually review your documents. I don't think there's a practical difference in security level, but I'm not an expert in this (which is why I don't address this aspect in my guide).
Unless I've misunderstood their policy, they also forbid individuals using Class 1 certificates commercially. For example, if you run a blog with "Support my blog! Buy my T-shirt swag from swag-selling-site.com[link]!" then your blog is commercial (per legal definition of commercial; IANAL); thus StartCom's policy forbids you to use their free certificate for that site.
The first sentence and a half of this paragraph[1] from https://startssl.com/policy.pdf expressly forbid it. Its final "when" clause might be trying to limit what is forbidden, but, grammatically, it has no power to restrict the first sentence, and doesn't properly restrict the second sentence either.
[1] "Class 1 certificates are limited to client and server certificates, whereas the later is restricted in its usage for non-commercial purpose only. Subscribers MUST upgrade to Class 2 or higher level for any domain and site of commercial nature, when using high-profile brands and names or if involved in obtaining or relaying sensitive information such as health records, financial details, personal information etc."
(Naturally, I hope I've misunderstood their policy.)
They do not work on Windows XP (unless the user is using Firefox or Chrome), as the StartCom certificate is not part of the XP trusted root certs. There is an update available from Microsoft to add some new root certs but as far as I can tell it is a manual only update, which means it's very unlikely to be installed by XP users.
We tried to switch our site to https only recently, and had to backtrack because of this (and because we are too cheap/stubborn to buy an SSL cert from someone who is in the XP trusted root certs).
> I'd add that though we've adapted to the look of a cursor, the designer in me cringes at the thought of outlined text (though I'm willing to allow that there are probably applications of this that work elegantly; I just can't picture any).
Outlined text is quite common in videos (e.g. for subtitles or credits). The outline doesn't disturb at all if done properly — it doesn't have to be thick, a subtle shadow will usually suffice.
I hope this will give rise to some replacement services; Latitude was actually pretty useful. I'm still wondering why they didn't implement "asking" for locations via push? That would save a lot of battery compared to updating in intervals and would be a lot more accurate.
They sort of did - they had a "request check-in" function. It never worked very well.
They also had an accelerated and supposedly more accurate tracking option on demand (i.e. I could request my wife's location to be updated "in real time"). That never worked very well and was removed.
That's strange — I've always had the impression that the battery usage of GPS was the main obstacle for location tracking services, so that any way to sidestep expensive polling would be a greatly welcomed remedy. I can't imagine that this would be technically impossible.
I haven't used G+' location features a lot so far, but if they are anything like Facebook's, they certainly don't replace Latitude. This comment (https://news.ycombinator.com/item?id=6019298) seems to affirm this.
Text in a carousel is a no-go; pausing when hovering is a neat idea, but not possible on touch screens, nor easily discoverable by the average user. Even if the timing is long enough, I still feel stressed out by the fact that I know the text could be dragged out of my sight any time, which stresses me out so much that I can't concentrate at all on the content.
The second terrible mistake is using page indicator dots (which do a good job of indicating the page) for navigation, let alone using them as the only means of navigation!
When you take into account these two things, a carousel can actually become comfortable to use and may no longer enrage its users. But that's still a far cry from being better than showing the content in a regular list:
> I've used them and my clients and the customers of those clients were happy with them.
What do you mean with "happy"? Did the customers actually understand how to use the carousel, did they discover its content, did they click on it? Not being annoying does not suffice to qualify as useful.
It's a hacky workaround, but it seems to work so far. It would be much nicer to see this solved in a better way, though!