That probably means they receive a lot of small donations. Payment processors often have a fee structure that's 2.9% + <flat fee around $0.30>. So any donation below ~$4.50 would end up having a >=10% processing fee.
There could be currency exchange rates that are factored in at the donation end as well.
I agree that 10% is high, but it's still explainable.
Yeah, and those amounts are much more common when organizations are pushing for users to make their donation a monthly recurring donation resulting in much smaller transactions.
I believe they use stripe and this would also include:
$6.25 * 97% =$6.06 - $.30 =$5.76 That's $.49 in processing fees and .49/6.25=0.0784 So 8% rather than 10%.
I assume donations other than monthly are more like $15 or $25 but maybe there are people who do $5 or $3 or even $1.
Add in chargebacks, etc. and 10% unfortunately seems reasonable.
I do wish there was a way to pay companies that was less expensive for them but very little friction on my end. Venmo business is 1.9% + $.10 and that's better than I was expecting but still higher than ideal. I've encountered that once. Zelle depends on the business's bank and I've never encountered it as an alternative to credit cards.
Not affiliated with Mozilla or Venmo or Zelle in any way.
That is very high. Not sure who they are using for processing, but I know Stripe will give registered charities a (very small) cut on their fees, I'm not sure about non-profits. But even with market rates, the average fees through Stripe would be well below 10%, IME.
Although it could be higher if a lot of donations are small, and hitting the minimum transaction fees. The average could also be brought up if donations are made through the play or apple app stores, which have much higher takes.
LS seems to not be claiming any security promise on Linux because it can't make any guarantees given eBPF limitations. But the entire purpose is different and there is very little overlap in my view. PiHole is entirely (I think?) just applying the blocklist made easy. LS allows you to build the blocklist in real time.
I would guess that to the extent the blocklists include things that are loaded by applications and not websites, they are almost entirely built by users of something like LittleSnitch or OpenSnitch. This is also entirely doable with wireshark logs, but I think that requires more infrastructure to build into usable lists.
The comment was asking about preventing a compromised supplier for the developers.
A supply chain attack can be anywhere in the supply chain to the target. If I, the end user, am the target, then a supply chain attack compromising the developer of LittleSnitch is effective.
I may then be a conduit to compromising other software or components, and would both I and LittleSnitch would be part of the supply chain that could be attacked targeting them.
Many supply chain attacks aim to run malware on the end-users machine to harvest authentication tokens, etc. So pretty much everyone here who is a developer is the target.
> So pretty much everyone here who is a developer is the target.
Are you going to have this same discussion about every piece of software every mentioned on Hacker News? Why are we having it for Little Snitch specifically?
This is in fact true (in the US at least), but part of why it is true is that people don't wash dishes the way they used to (with multiple bins of soapy + rinse water) and instead just run a bunch of hot water.
Modern high-efficiency dishwashers probably beat the most efficient humans now, but that's relatively recent and not a huge margin (and may not get the same results).
Opera was also essential at this point, not in terms of market share, but of innovation in the browser space with features that would eventually spread to everything else.
That shouldn't be forgotten. There was a time when the 1% or so of users that ran Opera were getting a much better experience than any other browser. It was far superior for several years, until all of its innovations were copied by other vendors.
Me too. I was browsing on my old Windows 8 computer that I refuse to upgrade and it did not like my OS. I don't like it either, but I'm not going to install a newer version, out of principle.
There's zero javascript on the page and it reads perfectly in lynx. I'm not sure how your browser could possibly be a variable here, unless TFA's platform is actively blocking certain user agents (which I suppose isn't quite ironic, but would not exactly send the best message to go with the arguments)
Answering this and other similar arguments/observations, and for the benefit of those unable to read TFA:
To answer one potential criticism, it's true that in some sense, blocking and so on for social reasons is not good and is in some theoretical sense arguably harmful for the overall web ecology. On the other hand, the current unchecked situation itself is also deeply harmful for the overall web ecology and it's only going to get worse if we do nothing, with more and more things effectively driven off the open web. We only get to pick the poison here.
reply