Christian Selig on the iPhone Air cameras:

The only area I’ve kinda been disappointed on is the camera situation. No, not the telephoto, I really never used that personally. And not the ultrawide, for me that just felt too wide. But the ultrawide did allow for awesome macro capabilities that this iPhone Air is sorely lacking.

This is so interesting to me. I feel like the only thing I’m missing with the iPhone Air is a telephoto lens. I knew that would be the thing I missed the most, but I didn’t realize quite how often I used it. It will be another hard choice next year if I have to choose between an iPhone Air with no telephoto lens and an iPhone Pro.

Minimum Viable Blog

Posted on May 3, 2025

Carl Öst Wilkens:

My requirements

Should use a domain I already own

Should follow modern web standards and have decent SEO

It should be very easy to add new content

All pages should be statically built

I would add that it should have RSS.

Mozilla’s CEO weighs in on U.S. v. Google

Posted on April 21, 2025April 21, 2025

Mozilla CEO, Laura Chambers:

Some of the remedies proposed in the case risk the future of our Firefox browser and Gecko browser engine—the last remaining non-Big Tech browser engine.

In the coming weeks, we hope to see a shift to focus on remedies that can improve search competition without harming the pro-competitive role that Firefox and other independent browsers play in the ecosystem.

I’ve been saying for a while that I can’t imagine how Mozilla continues without this funding from Google. I’m not particularly opposed to the government breaking up monopolies, but this entire case doesn’t make sense. What does it look like to break out Chrome as a separate company? How could such a company make money without a search deal that has how been deemed to be illegal?

Posted on March 28, 2025March 28, 2025

I’m happy to see WordPress is adopting bcrypt for password hashes. I have been following the trac ticket for over 10 years 🤯 Quite a few people got props on this one.

If you’re not familiar, until now WordPress used a library called phpass for hashing passwords. WordPress has a history of maintaining backwards compatibility with pretty old versions of PHP, which is great for users who don’t know how to upgrade things like PHP, but one of the trade offs is delaying support for things like bcrypt.

We can’t pretend that switching to bcrypt for user-generated passwords is a recent proposal. Ideally the switch would have been made back when the increase to the minimum supported version of PHP facilitated this change. However, this change has now been made and it helps future-proof further improvements to password hashing, including increases to the bcrypt cost in newer versions of PHP.

Many thanks go to the Roots team for maintaining their bcrypt password hashing package for WordPress as well as the many contributors on the Trac tickets and GitHub pull requests.

Also thanks to John and everyone involved for getting this into WordPress 6.8.

Posted on March 9, 2025

Matt Mullenweg on WordPress security:

One problem we’ve had on WordPress.com is we do all these amazing things and don’t tell anyone about it

My favorite example of this is the global CDN that Automattic operates in its own data centers. There are a lot of ways to measure the impact of this, but one way is authoritative DNS latency, which is on par with Cloudflare.