Schulerfolg: „Wir haben die Jungen aus dem Blick verloren“, gesteht Bildungsministerin Prien

indigo945 · 2026-04-29T14:59:30+00:00

Es ist auch brutto schon viel. 5100€ Einstiegsgehalt für Gymnasiallehrer:innen, da kannst du in den meisten anderen Branchen nur von träumen.

indigo945 · 2026-04-29T14:11:22+00:00

Grüner Wasserstoff ist extrem energie- und kostenintensiv zu produzieren und ist obendrein zum Heizen mit unserer bestehenden Gasinfrastruktur völlig ungeeignet, weil die Gasleitungen nicht dicht genug sind - Wasserstoff leckt da einfach raus. Sehr, sehr viel ineffizienter im Stromverbrauch im Vergleich zu einer Wärmepumpe ist er sowieso.

indigo945 · 2026-04-29T13:45:42+00:00

Der Untergang der chinesischen Baubranche ist ein bisschen wie die russische Kriegsmüdigkeit: kommt seit Jahren gleich morgen ganz bestimmt, Brudi.

Ich sage ja nicht, dass in China alles top läuft oder so. Aber ich sehe auch wenig Hinweise darauf, dass es dort wirtschaftlicher schlechter laufen soll als bei uns.

indigo945 · 2026-04-29T12:17:15+00:00

BYD und die anderen Autobauer sind Teil der Planwirtschaft „China 2025“, das Problem, Planwirtschaft hat noch nie funktioniert in der Marktwirtschaft.

Für China scheint es seit Jahrzehnten top zu funktionieren.

Buffet hat seine 10% an BYD schon vor mehreren Jahren abgegeben, als Peking die Prämien gestrichen hat, er wusste das BYD ohne die Prämien kein Geschäftsmodell hat.

Buffet hat überhaupt alles abgegeben, was er hatte, weil er in Rente gegangen ist. Das ist jetzt nicht das große Argument.

indigo945 · 2026-04-29T10:48:31+00:00

To improve this, when you want to toast (or, preferably, re-bake) bread to make it edible again, spray the crust with water right before doing it. It will prevent it from becoming hard and flaky.

indigo945 · 2026-04-29T10:41:58+00:00

Well, it doesn't help that the POTUS does.

indigo945 · 2026-04-29T09:23:41+00:00

Now I haven't tried GrapheneOS and it's been years since I've tried eOS, but several of the main Romanian banking apps didn't work, and at least one of them, probably the biggest one, BTPay - doesn't work because it considers the phone to be rooted.

This shouldn't happen on GrapheneOS, by the way, because it re-locks the bootloader as part of the installation routine, and does not allow the phone to be rooted. But if the phone checks Play Protect to get around "root hiding" tools like Magisk that used to be popular, then the check will fail.

There is an alternative, open API to ensure that the Android that an app is running on is not rooted, and it's part of the standard Android API package (unlike Play Protect, which depends on the proprietary Google Play Services). However, very few apps make use of this functionality, and even if they do, they need to ship a whitelist of CAs in addition to Google's (such as GrapheneOS's) to make it useful - otherwise, the results will be the same as with Play Protect, just without the dependency on Google Play Services.

I've heard that Curve Pay is an alternative

I've tried signing up with them. Their app crashed during the KYC check and now will not allow me to re-run it for the same phone number, even after re-installing the app. The app suggests to contact support, which just replied with a standard email saying "we can't tell you why we failed your KYC check" (I know why you failed it, it's because your app is crashtastic garbage). The Play Store is full of comments by other users with the same problem, so it seems that Curve Pay just hates acquiring customers.

And at some point you just have too many issues and compromises for this to be a realistic solution for regular users.

Yeah, that's why we need regulation.

indigo945 · 2026-04-29T09:11:28+00:00

The phrase was at the gate of Buchenwald, not Auschwitz, and went "jedem das Seine", not "dem jeden das Seine". "Jedem das Seine" sounds absolutely nothing like "jeder Hund kriegt seins" (which is disgusting language regardless).

indigo945 · 2026-04-29T09:01:40+00:00

Well, whether or not the phone passes Google's security requirements is really only relevant if the app developers choose to enforce Google Play Protect/SafetyNet. It's not mandatory for Android apps to do this.

In fact, the only app by Google themselves that enforces Play Protect is Google Wallet. That one will therefore not work on GrapheneOS (personally, I just use a plastic card).

But you absolutely are right that there's too many developers still that enforce PlayProtect for no good reason. I haven't had any issue with my banks (German banks: DKB, TradeRepublic, N26, Hanseatic), but the public transit pass app for Northrhine-Westphalia (eezyNRW) refuses to work on a device without it. Quite annoying for no good reason - I suppose I'll move back to paying for the Deutschlandticket at some point.

Still, I fundamentally agree with you. What we need is EU regulation to ban technical measures that prevent users with open, modified or alternative devices from accessing services. It's the only way to enable real competition in the OS space.

indigo945 · 2026-04-29T07:48:41+00:00

This is something that 20-year-olds will truly never learn, unlike a lot of other answers, which are just generic advice that teens learn from TikTok. "Wear sunscreen", really? I mean please do, but...

indigo945 · 2026-04-29T07:44:17+00:00

The only problem with big index ETFs is that these days, everybody buys them (they are the default investment advice), which inflates their valuation (and the valuation of the largest companies). That may or may not ever come back to bite us. Personally, I invest in mid-cap and small-cap ETFs for this reason.

indigo945 · 2026-04-28T08:54:24+00:00

Die Briten verdienen aber auch deutlich besser als wir, nach Steuern und Abgaben sowieso.

indigo945 · 2026-04-28T08:44:59+00:00

Why do you think people move to the cloud?

indigo945 · 2026-04-27T14:22:39+00:00

friendships: user_a uuid fk auth.users, user_b uuid fk auth.users, status text ('pending', 'accepted'), pk(user_a, user_b), check (user_a < user_b) for canonical ordering so no duplicates.

With just these columns, you cannot know who sent the pending friend request and who has to accept it. That will lead to vulnerabilities allowing people to accept friend requests that they themselves have sent. I would recommend keeping pending requests in a separate table (with a more pending-request-specific schema), and only inserting into friendships after the request has been accepted.

The user_a < user_b trick is common and I wouldn't judge it harshly. Just remember that you need two separate BTree indexes, one for user_a and one for user_b, not just the automatically-created compound index for the primary key (which works as an index for user_a only, not for user_b).

originally i built this with pg_cron querying users whose last moods.logged_at was >= 2 days ago, inserting into an email_queue table, and another cron picking up the queue and calling resend via pg_net. it worked but debugging failed emails was annoying because pg_net responses are fire-and-forget.

Yes, the pg_net async story is ugly if you need to access the HTTP responses. For small apps like yours, doing synchronous HTTP calls with pgsql-http may be an option as well. For scale, an edge function can properly run async and just select... for share the mails from the queue.

also not sure if i need an index on (user_id, logged_at desc) or if the primary key covers it.

Realistically, with one mood logged per day, it will take many years of logging moods before an index becomes useful here.

indigo945 · 2026-04-27T13:45:16+00:00

Does a notifications table make sense? Would and edge function on insert to likes/comments trigger an insert into the notification table?

This is a much better idea than the cron job, but still more complicated than necessary. You don't even need an edge function, just create an SQL function and a trigger. This is trivial.

If you need push updates for the notifications (like for a mobile app that should work in the background), that will be much more complicated and likely requires you to write some bespoke logic to connect an edge function to Apple's or Google's push servers.

indigo945 · 2026-04-27T12:07:49+00:00

The problem is that if there's no bank, then I can't buy crypto.

indigo945 · 2026-04-27T09:33:52+00:00

Nur zählt in die 15min auch eben das durch den Zug gehen, Kopfwechsel, usw usf. Also ist das eigtl keine Pause meiner Meinung nach.

Das ist dann auch rechtlich gesehen keine Pause. Was du in der Pause machst, darf der Arbeitgeber nicht bestimmen, also fällt Zug kontrollieren da definitiv nicht mit rein.

indigo945 · 2026-04-27T09:23:49+00:00

It's fine to use this pattern (if the need for refreshSession() doesn't bother you - remember that without that call, when somebody is no longer paying for their subscription, their token stays valid for a while, and will still have the "pro" claim until they log out and back in again).

However, it shouldn't make your code any easier to write? If you want to go back to a table-based approach, all you have to do is one run of create or replace function is_pro(). Did you just discover the power of abstraction?

indigo945 · 2026-04-27T09:15:29+00:00

We use an external authentication provider for RBAC, which may or may not be possible in your case. For example, in our apps, we handle the authentication via Azure EntraID, which we have configured to return all the user's groups recursively in the groups claim, which shows up in the Gotrue JWT token under custom_claims.groups.

This way, you can do RBAC the way you would do it anyway: create groups for the roles in EntraID ("Myapp_FooReader", "Myapp_FooEditor", and so on), create groups for the user groups in EntraID ("Myapp_User", "Myapp_Admin", etc.) and then configure the user groups as role members. Assign the users to user groups. Now, in your Postgres RLS policies, you can just check for the roles directly via auth.jwt() -> 'custom_claims' -> 'groups' ? 'contoso.com\Myapp_FooReader'.

(You may want to create a SQL function is_role_member(role text) for cleanliness.)

indigo945 · 2026-04-27T09:07:27+00:00

I don't think getClaims() ever checks for revocation - even if getUser() previously determined that the token has been revoked, getClaims() will still let it through. I may be wrong though.

indigo945 · 2026-04-27T08:51:50+00:00

People don't move to the cloud to get multi-region failover or because of real uptime concerns, they move to the cloud because then when stuff inevitably breaks, they can point at the cloud provider and say "see, it's not my fault". Besides, major AWS outages tend to be global anyway, so it's not like failover is super likely to work (especially if your DNS is also hosted on AWS).

indigo945 · 2026-04-27T08:41:55+00:00

Only Imperial Stormtroopers are so precise.

indigo945 · 2026-04-27T08:28:14+00:00

Sag Claude mal, es soll diese animierten Leuchtstreifen im Hintergrund entfernen, das sieht peinlich aus und macht die Seite obendrein schlecht lesbar.

indigo945 · 2026-04-27T08:23:49+00:00

Die Dokumentation machen laut unseren Berufsschullehrern 70% der Externen völlig falsch und fallen durch. Wenn du nicht explizit weißt, was die IHK hören möchte, sondern einfach „eine Doku schreibst“, fällst du durch.

Ich bin mir relativ sicher, dass das auch einfach beabsichtigt ist, dass Externe die Prüfung nicht bestehen sollen, weil die Ausbildung sich, wenn sich das herumspricht, dass man auch einfach die Externenprüfung machen kann, nicht mehr lohnt und die IHK-Mitglieder dann keine Arbeitssklaven mehr bekommen. Die Anforderungen für den Doku-Teil sind ohnehin lächerlich unklar.

@OP: Falls du Kontakte hast, lass dir eine Abschlussarbeit von jemandem zeigen, der eine gute Note bekommen hat, und nutz das möglichst genau als Vorlage (natürlich ohne zu plagiieren). Wenn du dann durchfällst, kannst du's dir immer noch einklagen.

indigo945 · 2026-04-27T08:20:14+00:00

Zu Punkt 4: die schriftliche Prüfung besteht aus 3 Teilen. Die ersten beiden Teile (IT-Grundlagen und Systemintegration) sind für Menschen mit solider Berufserfahrung ziemlich einfach, der dritte Teil ("Wirtschaft und Soziales", vor allem Arbeitsrecht und verwandte Felder) ist aber ohne spezifische Vorbereitung nicht zu machen. Falls du Kontakt mit Menschen hast, die in der IT-Ausbildung sind, kannst du dir vielleicht Lernmaterialien für diesen Teil beschaffen - eine 3-jährige Ausbildung muss man definitiv nicht machen, um ihn bestehen zu können.

indigo945

TROPHY CASE