1. 34

    I’m impressed by the lack of testing for this “feature”. It may have a huge impact for end users, but they have managed it to ship with noob errors like the following:

    Why is www hidden twice if the domain is “www.www.2ld.tld”?

    Who in their right mind misses that, and how on Earth wasn’t it caught at some point before it made it to the stable branch?

    1. 11

      url = url.replace(/www/g, '') - job well done!

      1. 21

        Worse

        What’s really eye-opening is that comment just below wrapped in the pre-processor flag! Stunning.

        1. 9

          Wow, so whoever controls www.com can disguise as any .com page ever? And, as long as it’s served with HTTPS, it’ll be “secure”? That’s amazing.

          1. 5
            1. 5

              Not just .com. On any TLD so you could have lobster.www.rs

            2. 3

              If I may ask, how is this worse than url = url.replace(/www/g, '')? If anything, the current implementation use a proper tokenizer to search and replace instead of a naive string replace.

              1. 2

                That’s just my hyperbole.

          2. 10

            Right, the amateurishness of Google here is stunning. You’d think with their famed interview process they’d do better than this.

            On a tangential rant, one astonishing phenomenon is the helplessness of tech companies with multibillion capitalizations on relatively simple things like weeding out obvious bots or fixing the ridiculousness of their recommendation engines. This suggests a major internal dysfunction.

            1. 14

              To continue off on the tangent, it sounds like the classic problem with any institution when it reaches a certain size. No matter which type (public, private, government…), at some point the managerial overhead becomes too great and the product begins to suffer.

              Google used to have a great search engine. It might even still be great for the casual IT user, but the signal-to-noise ratio has tanked completely within the past ~2 years. Almost all of my searches are now made on DuckDuckGo and it’s becoming increasingly rare that I even try Google, and when I do it’s mostly an exercise in frustration and I spend the first 3-4 searches on quoting and changing words to get proper results.

              1. 5

                Large institutions collapsing under their own managerial weight is more of a ‘feature’ in this case.

                1. 1

                  What are a few examples of queries for which DDG produces better results than Google?

                  1. 2

                    I’m not able to rattle off any examples, sorry. I’ll try to keep it in mind and post an example or two, but don’t hold your breath :)

                    I’ve been using DDG as my primary search engine for 2-3-4 years now, and have tried to avoid Google more and more in that same time frame. This also means that all the benefits of Google having a full profile on me are missing from the equation, and I don’t doubt that explains a lot of the misery I experience in my Google searches. However, I treat DDG the same and they still manage to provide me with better search results than Google…

                    In general every search that includes one or more common words tend to be worse on Google. It seems to me that Google tries to “guess” the intent of the user way too much. I don’t want a “natural language” search engine, I want a search engine that searches for the words I type into the search field, no matter how much they seem like misspellings.

            1. 7

              Looks like a dream scenario for phishing, with the opportunity to create legit-looking domain names, plus the secure padlock right next to the address bar.

              I’m curious what they were trying to optimise for when coming up with this.

              1. 14

                I’m curious what they were trying to optimise for when coming up with this.

                Consumer lock-in is my guess. In conjunction with their other remarks about URLs, I think they want to make URLs unpredictable and hence scary, leading users to trust Google to tell them how to get to Apple’s website more than they trust ‘https://apple.com/’ to.

                This gives them more power to advertise, more power to redirect, and more power to censor. From their point of view it’s pure win; from ours, not so much.

                1. 12

                  I think they want to scrap the URL bar all together so you can only make searches and click links (which go to google AMP pages) googles dream web is just one big google.

                  1. 5

                    …so you can only make searches and click links…

                    That’s just catching up to what everyone is doing anyway. Even commercials eschew a domain name and tell the listener to search the company. Back to the ye olde “AOL Keyword” days.

                    1. 3

                      because the domain name system is broken in the first place.

                      it’s invented by network engineers for network engineers.

                      1. 2

                        This has been the case for ages in Japan now, where ads often feature a search-like bar and the thing to type into said search bar.

                      2. 4

                        This. My hypothesis is that they are deliberately trying to break the URL bar with “improvements” such as these so that they can later justify removing it altogether.

                        As much as I’m annoyed with Firefox breaking DNS, this is arguably much worse. And what’s said is that all of the other major browsers will probably follow suit because imitating chrome is just what they all do now.

                      3. 4

                        I’ll be shocked if they don’t replace the address bar with a search-only box.

                      4. 5

                        I fail to see how this make phishing any easier. Given an attacker own a domain, he’s free to use whatever legit-looking subdomain names he wants. And even if somehow an attacker took control of www subdomain of a target, user are so used to www being aliased to @, I don’t see anyone thinking they might be phished due to that.

                        I’m curious what they were trying to optimise for when coming up with this.

                        My guess is they are trying to rethink the way people navigate the web. URLs are coming from somewhere with quite different application and users. Maybe we can do better for the average user (People on lobste.rs are not the average users). Hopefully those small changes can be easily driven by user testing and UX researches.

                        1. 1

                          A phisher who does obtain access to a domain can now quietly point WWW where they want and just one more thing will work out for their benefit. That isn’t a large difference, maybe, but could be quite confusing.

                      1. 3

                        Talking monocultures, most of us in U.S. have 1-3 ISP’s available that are all willing to profile, sell, and/or manipulate our data. One was just in the news for throttling firefighters communications not long ago. Moving services from any of them to Cloudfare might pose hypothetical risks but will reduce some real ones. Just like with HTTPS. I’d take Cloudfare over the others any day.

                        Of course, one of my old, project ideas for Mozilla was to develop their own CDN. They could use it to accelerate Firefox in key areas, esp on mobile. Opera did that. Focus on quality of service more than costs. As use went up, they’d have more money for servers in more places. Eventually, they might not need Cloudfare. This same division might also have VPS’s and dedicated servers that meet the needs of Mozilla and other FOSS projects. No-nonsense offerings.

                        1. 1

                          Talking monocultures, most of us in U.S. have 1-3 ISP’s available that are all willing to profile, sell, and/or manipulate our data. One was just in the news for throttling firefighters communications not long ago. Moving services from any of them to Cloudfare might pose hypothetical risks but will reduce some real ones. Just like with HTTPS. I’d take Cloudfare over the others any day.

                          I understand and agree with that bit, but how much of the technical design of the building blocks of the web as we know it should we base on the market landscape of one particular country at one particular point in time? I may be in the wrong here, but I can’t help but see this as a matter of setting precedence.

                          1. 1

                            Remember my comment said I prefer for them to roll their own some way, even if shared datacenters. It could become a point of trust on top of increasing performance or reducing costs of stuff. They’re not doing that. They want to go with a third-party provider. Cloudfare is the best right now even though there’s a good chance they’ll become evil later on. The alternatives in my country and a lot of countries are evil. You will also probably be able to change the DNS settings on whatever they deploy to use a different provider.

                            I don’t like the move. It will do more good than harm for something like several hundred million people.

                        1. 5

                          The type of discourse is so different from HN’s. That most likely stems for the invitation system, but comments are thoughtful and disagreement is respectful. You can assume that the person who disagreed with your viewpoint is a smart, cordial person who may know more than you do. On HN, they can be anything from a troll, a spammer, a bot, a world-class expert or a teenager pretending to be one.

                          1. 2

                            Lastline is looking for network threat analysts and IDS (Suricata, Snort) developers. Most of the team is in London, but remote is an option, particularly for the NTA position. Traditionally we’ve been featuring our sandbox most prominently, as that’s where the expertise of our founders (some of the founders of shellphish) lies. However, we’ve been investing heavily in the network security side, and have been running a few interesting experiments.

                            Email me at ggoncalves AT company domain to discuss details or to skip HR.

                            1. 3

                              “Essential Worship” by Greg Sheer. It’s a little shallow and broad but still good. Churches in my sphere have been struggling with diversity versus identity politics. Music is a natural battlegrounds.

                              I really enjoyed You Are Not A Gadget. Dystopic technologist non-fiction is a favorite genre for me.

                              1. 1

                                Interesting, I’ll add that one to my list. I hadn’t thought of that, even though I’ve experienced the “division” (in worship music style) myself. Moving to England, with the stronger high church tradition, has been pretty great in that sense.

                                1. 1

                                  To be honest I don’t think the book brings much to the table. Almost through it, and he seems to believe there’s a dichotomy to be clarified as false at every intersection, and is a general-use book for worship leaders. Our worship leader asked us to read it. But I’ve had a couple hard conversations with others about diversity/outward appearance/who I’m worshiping with not being foundational to my faith, and I’m looking forward to more!

                              1. 3

                                In progress:

                                Recently finished:

                                • Building E-commerce Applications, a complete waste of money and basically just a lazy compilation of undedited blog posts. Booooo.

                                • Come and Take It: The Gun Printer’s Guide to Thinking Free, by Cody Wilson of Defense Distributed fame. I finished this probably a week before the current kerfluffle started. There’s a whoooole lot of self-congratulatory bullshit and bluster in this, as Wilson is first and foremost (in my opinion) an attention whore, but buried in there are a couple of good reflections on the role of toolmakers in the pursuit of independence.

                                • Come as You Are, a delightful book by Emily Nagoski that I heard about through OhJoySexToy (webcomic about sexual health and practices). It covers a lot of interesting academic information about sex, attraction, and romance, and can help in debugging certain failure modes of relationships or in preemptively being a better partner.

                                1. 3

                                  buried in there are a couple of good reflections on the role of toolmakers in the pursuit of independence.

                                  We cannot be free until we control the means of production? That sounds like a good reflection, all right :-)

                                  (Note: this may sound like I’m trying to rile you. I’m not, I am genuinely amused to see Marx echoed in this unexpected context.)

                                  1. 4

                                    As the good Chairman once said, “Political power grows out of the barrel of the gun…”.

                                    A lot of Marxists, communists, and libertarians I think would actually have a lot to talk to each other about if they weren’t so busy engaging in culture war these days.

                                    1. 3

                                      It isn’t too surprising, since all three sprang from the same philosophical tradition.

                                      A funny aside: a friend of mine recently noted, with regard to economics, we’re all Marxists now.

                                      1. 3

                                        Yup! Certain groups don’t really like to think about it, but because Marx did the first serious systematic analysis of how economies worked on a global scale (and coined the word “capitalism”, although contrary to popular opinion he did not coin but merely redefined “communism”), all modern economics owes a debt to Marx at least as big as the one it owes to Von Neumann. Even those opposed to Marx’s conclusions are using methods he pioneered to fight them. (Or, to be more direct: “economics begins with Marx” / “Karl Marx invented capitalism”)

                                        1. 2

                                          You might like this recent podcast episode from BBC Thinking Allowed: Marx and Marxism: https://www.bbc.co.uk/programmes/b0b2kpm0

                                  2. 3

                                    Come and Take It: The Gun Printer’s Guide to Thinking Free, by Cody Wilson of Defense Distributed fame. I finished this probably a week before the current kerfluffle started. There’s a whoooole lot of self-congratulatory bullshit and bluster in this, as Wilson is first and foremost (in my opinion) an attention whore, but buried in there are a couple of good reflections on the role of toolmakers in the pursuit of independence.

                                    This was on my reading list; but, after I did the ’ol Amazon “Look Inside,” I took it off because it looked like the signal/noise would be unacceptable. Please give a shout if it ends up being worthwhile. I watched a few of his pre-DD/early-DD lectures on philosopy, and the guy gave me stuff to chew on.

                                    1. 2

                                      So, again, having finished it I think the same points could be handled in a pamphlet instead of the drawn-out narrative Wilson attenpts.

                                      1. 1

                                        Thanks for humouring my obviously lacking reading comprehension skills. 🤦🏾‍♂️

                                      2. 1

                                        Lectures on philosophy? Had no idea he was into that, mind sharing some links?

                                        1. 2

                                          Cody Wilson Philosophy, Part I is the first of a two part series.

                                          Why I printed a gun is short and sweet; but, doesn’t get too deep.

                                    1. 2

                                      I usually have one ‘fun’ fiction and a couple of heavier things going on at once, but I’ve run out of fun at the moment:

                                      • Beyond Good and Evil - Nietzsche
                                      • The Souls of Black Folk - Du Bois
                                      • Nausea - Sartre
                                      • The Gulag Archipelago - Solzhenitsyn
                                      1. 2

                                        On the same note as The Gulag Archipelago, have you looked at Escape From Camp 14? I haven’t read it, but it’s been highly recommended to me. It’s about the labour camps in North Korea from the perspective of a defector. Probably not as reliable as a source as Solzhenitsyn is, but the excepts I’ve read seem to make it a “lighter” read (quotes because we’re talking about the life history of a man who claims he didn’t know that the outside world existed).

                                      1. 3
                                        1. Getting Clojure by Russ Olsen
                                        2. The Rust Programming Book by Steve Klabnik

                                        (3.) Finished William Gibson’s Neuromancer few days ago.

                                        1. 1

                                          How are you finding Getting Clojure? I’m looking for a Clojure book that doesn’t start with “functional x imperative” and assumes I already know some stuff. Learning a new language is hard because there’s few books that meet you there, but I’ve found that to be even more so with Clojure.

                                          1. 3

                                            I have to say that this could be the best book I’ve read on Clojure (in aspects of learning it). It really has that Clojure vibe, concise, expressive, to the point! I really like it, because I often felt overwhelmed by possibilities of writing simple things. This book explained many aspects of Clojure and functional programming in Clojure (not in general, that’s important) very well, where I had that “ahaa!” moment. Plus it has examples from real world code (open source Clojure projects). If you ask me, go for it, you won’t regret it! This is the book to get to untangle your mind about clj.

                                        1. 7

                                          I pretty much always have three books going, so currently:

                                          • Light reading: Thinking in Bets by Annie Duke. Risk, uncertainty, heuristics. I’m not usually a fan of books with the structure “I did X for 20 years so let me apply that to all of life”, but this one’s hitting the books for its research and I’m a sucker for poker stories.
                                          • Dense reading: Discourses, Fragments, Handbook by Epictetus, translated by Robin Hard. On a stoicism kick. Reading around the dualism of book one has made this a slog and I may skip ahead or move on to Seneca.
                                          • Programming: Domain Modeling Made Functional, Scott Wlaschin. Still working on this one.
                                          1. 2

                                            That’s exactly my strategy as well (one light, one dense and one technical), I find it means I’m always in the mood to read something (otherwise I’ll resort to shallow articles and silly tutorials online).

                                            I’ve also found the full Discourses more “diluted” than the Enchiridion and didn’t finish it. I definitely suggest you pick up the latter, if you haven’t already.

                                            1. 1

                                              I’m also trying this:

                                              • One light/escapism: Fool’s Errand - Robin Hobb
                                              • One heavy: Selected Non-Fictions - Borges
                                              • One research: The Search for the Perfect Language - Umberto Eco
                                          1. 15

                                            I dislike CloudFlare because they’re making the internet more centralized (the more small websites use them as a proxy, the less direct connections to small websites are made) and because of some infamous abuse handling incidents, but I would trust them 100000% more than my local ISP.

                                            The local ISP knows where I live, the local ISP has to comply with local laws, the local ISP has monitoring installed by the local equivalent of the NSA. The local ISP didn’t even promise any privacy at all, which is worse than CloudFlare’s privacy policy for this resolver.

                                            1. 25

                                              “the local ISP has monitoring installed by the local equivalent of the NSA”

                                              You should assume Cloudfare does, too. They are a venture-funded, for-profit company operating in a surveillance state in ideal position to do surveillance. The NSA/FBI also pays or coerces compliance per Core Secrets leaks. The real question to determine if they won’t cooperate with the NSA is: “Will they turn down $30-$100+ million, go bankrupt, and/or go to prison for me?” If not, then they’ll likely cooperate. The cooperation also always mandates they lie about cooperating. They can promise government-proof anything while relaying data to the government.

                                              1. 10

                                                Key word being local. If you live in a country that’s not very friendly to the US, it’s better to have NSA surveillance than local surveillance :)

                                                1. 5

                                                  Excellent point! I argued something similar in essay on using multiple, non-cooperative jurisdictions for security. :)

                                                  1. 2

                                                    Couldn’t the opposite be just as true? If you live in a country that’s not friendly enough to the US, it may also be better to have local surveillance than NSA surveillance. If I know my government is out for my data, can’t easily access the stuff the US has, and isn’t sophisticated enough to upstream crypto algorithms into the Linux kernel or tap into underwater fibre cables, I’d pick local any day.

                                                    edit: plural

                                                2. 5

                                                  That’s true. However, your local ISP will still know where you connect. It will still see how much and if it’s unencrypted what you send/receive.

                                                  CloudFlare being a big target has to comply with some other country’s laws, as a US company it has to comply with NSLs, which might or might not exist in your local country. CloudFlare being a big company might also comply with other country’s laws - maybe not small ones, bug look at the list of companies that comply with China, etc.

                                                  Also this is actually not about your ISP vs CloudFlare. It’s about whatever you have configured vs ClfoudFlare. If Firefox starts making HTTPS requests to CF as a system administrator, when you expect DNS requests you might even miss them.

                                                  I think the problem is not that Firefox allows this, but that it’s skipping your system-wide configuration, without asking. After all I can already use CloudFlare’s DNS servers if I want to do so.

                                                  And then: CloudFlare makes its money by selling CDN features (including analytics, etc.) to companies, while my ISP makes money by selling internet to me. If your ISP doesn’t promise any privacy (or has no privacy policy, as you make it sound like) maybe consider switching your ISP.

                                                  The main point however is: I don’t think “overwriting” things like resolving hostnames is something an application should do, unless it’s asking or by design made to do so. In this case it’s not.

                                                  It will per default skip what you, your system administrator, etc. might have done to secure you.

                                                  It’s totally fine you trust CloudFlare more than your ISP/your local setup, but I don’t think it’s fine if a piece of software dictates and overwrites whom you trust silently, when you might already have consciously chosen someone else you trust.

                                                  1. 2

                                                    If your ISP doesn’t promise any privacy (or has no privacy policy, as you make it sound like) maybe consider switching your ISP.

                                                    In most of the US, that isn’t feasible. Most places have at most two residential broadband providers: the phone company (typically AT&T), and the cable company (either Comcast or Spectrum, depending on location). And not counting MVNOs, there are, what, four mobile broadband providers?

                                                    I do basically agree with you that this may skip what your local sysadmin has done to secure you. But it’s making the trade-off that most people do not have a local sysadmin doing anything to secure you, and will never opt-in to anything to secure themselves.

                                                1. 2

                                                  Given how good fluid reasoning is of a predictor of complex job performance, I wonder if a battery of novel logic problems in a programming veneer would be a good substitute for traditional initial employee screenings. Then the remaining candidates could get evaluated on a paid take-home task that replicates what the actual work would be as much as possible.

                                                  It would be great to just go straight to work-like tasks to evaluate prospective employees, but it’s costly, time-consuming, and will filter out candidates that won’t make that much of a commitment on first contact.

                                                  I, personally, won’t do any take-home work without the prospective employer also having invested something in the process. For all I know, my 2-hour project has been given to 100 other candidates, and there’s a good chance they’ll decide they don’t actually need to hire that position and not look at a single one.

                                                  1. 2

                                                    I buy into your premise that fluid intelligence correlates with complex job performance, but how many of us work in truly “complex jobs”?

                                                    For churning out stylish CRUDs and ticking off tasks from a backlog, there’s very little fluid intelligence required. Ability to focus and deal with the occasional boredom would be a much better predictor, I conjecture. Concretely, you can probe for this by asking candidates about projects they’ve been working on and making sure there’s at least a handful of them that they’ve taken to completion.

                                                    1. 4

                                                      I think machines are coming for the sort of tedious jobs that only require work ethic, i.e. the ability to focus and get through boredom. If that’s so, we’ll only be left with the complex jobs that require real intelligence.

                                                  1. 3

                                                    Curious that the “Linux Geek bundle” books that catch my eye are the OpenBSD-related ones: Book of pf and Absolute OpenBSD. Thought on these two books, anyone?

                                                    For background, I switched to OpenBSD a couple months ago, after being on Linux since 2.4…

                                                    1. 2

                                                      I read Absolute OpenBSD ~1 year after switching and reading man pages, and still got a lot of value out of it. Bear in mind I’m only 22 so it might not say much new to old school people :)

                                                      1. 2

                                                        I’m a tourist from Linux, but I love Michael Lucas. Absolute OpenBSD was an awesome read, even though I don’t use OpenBSD much at the moment.

                                                        1. 4

                                                          Another day, another this could totally happen to anyone but just happened to hit npm story.

                                                          1. 1

                                                            True enough, although npm does happen to be in a place of significant usage/consequence in the current web ecosystem.

                                                            1. 2

                                                              Would the scale have been the same though? This particular package is pretty popular by itself, but I’d bet a big chunk of its 2M+ weekly downloads comes from the fact that it’s a dependency for popular packages such as babel and webpack. Why on earth would I need to download a linter in order to run babel? What kind of dependency tree is that?

                                                              Even if you try to keep your dependencies as slim as possible, it’s absolutely unreasonable to expect to be able to audit the thousands of dependencies a single dependency may have, with all of them having the same permissions as the code I write to run arbitrary code on my machine. Are these really possible elsewhere?

                                                          1. 5

                                                            Leaving the React Native part aside just for this thread. Are they actually rewriting Office 365?

                                                            I thought that was a thing you should never do.

                                                            1. 5

                                                              Looks like it’s just the UI layer, other components are still written in different languages according a tweet later down.

                                                              https://twitter.com/thelarkinn/status/1006746626617008128

                                                              1. 1

                                                                I see. I mean, that’s not surprising, but it’s quite a departure from “All of Office 365 is… being completely rewritten in… JavaScript”. I guess he didn’t intend for this to be taken at face value, we’ve been taking a tweet too seriously.

                                                            1. 4

                                                              Is it really wise to solve something as high-volume as name resolutions with TCP with all its overhead? If so, why HTTP? What do you need headers for?

                                                              1. 4

                                                                HTTP is necessary because you can’t assume any ports other than 80 and 443 to be open.

                                                                1. 5

                                                                  Thankfully, we have --port options for the daemons.

                                                              1. 3

                                                                VSCode is such a great piece of UX. I don’t use it myself, but I always browse the changelogs for ideas of things I may want to improve in my Emacs config.

                                                                The multiple cursors for the file browser is interesting, I guess it’s the closest thing I’ve found to dired

                                                                1. 11

                                                                  I use a dumb phone.

                                                                  A phone is for urgent contact. Email is at the work desk. Chat is at the work desk. When I’m idling, I take out my e-reader and read a book. When I walk around, my eyes are scanning the environment to keep my situational awareness up. When I have dinner, I just eat.

                                                                  The only time my smartphone is online is when I am traveling and I need to check in via a wireless/cellular network.

                                                                  It is funny because when I was younger the ‘normals’ used to make fun of me for being on the computer a lot but now the table has turned, and they have now instead decided that not being in front of a computer all the time is a ‘weird’ thing. They were on mindless TV then and are on mindless social media now and they don’t like it when I don’t join them in this brain-melting process.

                                                                  1. 4

                                                                    Excellent point about being constantly in front of a computer, haha

                                                                    I use a dumb phone

                                                                    The only time my smartphone is online…

                                                                    Do you mean you own two devices or that you mostly use your smartphone as a dumbphone?

                                                                    1. 2

                                                                      now the table has turned

                                                                      Exactly. Same experience I had. Also like your characterization that they kept with the mindless stuff when they got on board. I was trying to sell them on what one could create and do before rather than consume.

                                                                    1. 2

                                                                      I have been feeling some of this, and am considering going back to my BlackBerry Q10. There’s a couple of reasons I wouldn’t ditch smartphones outright:

                                                                      1. I can miss having most apps, but perhaps not having access to the mobile Internet.
                                                                      2. WhatsApp is the de facto standard communications and organization platform for my social circles. I probably couldn’t get by without it at this point.
                                                                      3. I consider having a camera on hand at all times valuable, even if I don’t use it all the time. I would consider the one on the Q10 borderline serviceable in 2018.
                                                                      4. I use a lot of two-factor auth services, and I don’t want to carry a dedicated device for this.

                                                                      I would like to be less tempted to pick up my phone to play a game, or check the news, or read a news article. The Android emulator on BlackBerry would run all the apps I need today, but perhaps not for long (emulation level is roughly Android 4.3 without Google services).

                                                                      Keeping an Android tablet at home and a limited smart phone to take with me might be a suitable solution.

                                                                      1. 1

                                                                        I use a Q10, and I’m happy enough with it. The physical keyboard is so much better than any screen keyboards I’ve tried, and I mostly use it for SMS. But it can support my other use cases when I need them: mobile maps, camera, alarm clock and timer, terminal, web browser. Mostly I just appreciate that it’s neither iOS nor Android. And of course I’m fond of QNX.

                                                                        Still, I’m thinking of ‘upgrading’ to a Q20 just for the physical cursor keys. Text editing is pretty annoying without them. Long term, I’m not sure where I’ll go. My previous phone was a (dumb) Nokia Asha 210, and when I had accomodated to the S40 OS quirks I really liked it… but then when the mic stopped working I couldn’t replace it: they had vanished from the market altogether. Not even eBay had them.

                                                                        1. 1

                                                                          I’m considering the same thing, for some of the same reasons. I’m mostly concerned I won’t be able to reach anybody in my circle (especially my family, who’s in a different continent) without WhatsApp. I’m thinking of getting a 4G tablet that stays mostly at home and runs WhatsApp and whatever else I may think I may miss, and upgrading from the iPhone to a feature phone (eg: Nokia, Blackberry) for being reachable for important things. That’ll probably require making sure my family knows how to use Skype for phone calls, etc, but I think it can work!