There is great approach based on test-id strategy, basically it's a requirement for the frontend teams to cover all interactive elements with test-id's.
It allows to make tests less flaky and writing them is increasing dramatically, also works with mobile as well, usually elements for the main flows doesn't change that often, you'll still need to update them.
I did stable mobile UI tests with this approach as well, worked well
Same goes with the real people, we all can do mistakes and AI Agents would get better over time, and will be ahead of many specialist pretty soon, but probably not perfect before AGI, just as we are.
Ideally it does. Users, super users, admins, etc. Though one might point out exactly how much effort we put into locking down what they can do. I think one might be able to expand this to build up a persona for how LLMs should interface with software in production, but too many applications give them about the same level of access as a developer coding straight into production. Then again, how many company leaders would approve of that as well if they thought it would get things done faster and at lower cost?
It was deprecated, but still some users have connection issues, I still have no access to a gmail from a office network without VPN. This is what I mean by saying that our state software is lame, they deprecated the cert two weeks ago and there is still issues with connection, and I'm sure they kinda don't care.
I have feeling that they had gathered database with usernames and passwords, cause only certian sites were targeted to use mitm, mostly it was mail services like gmail and social networks, facebook, youtube and others. Other sites were working fine even without that cert.
And after that mitm they had to stop, due to people's discontent and lawsuits. These are also reputational losses, it is unlikely that foreign companies will want to do business in a country in which personal data treated this way and where government wants to see all your passwords from email services and bank accounts.
There was also a question about ensuring the security of a root certificate that can decrypt data, it could easily get to third parties who could use it for their own purposes.
Connection issues and MITM are a different things. Connection issues is just bad ISP. This mozilla blacklist does nothing. They'll generate new certificate, put it on website, enable country-wide MITM for few days until protests calm down and then turn the whole thing off. And Mozilla will blacklist that certificate few months later, LoL.
Fella from Kazakhstan is here, the thing is that state government claims that they had finished certificate testing and provided instructions how to remove it from the devices two weeks ago (http://knb.gov.kz/ru/news/v-otnoshenii-sertifikata-bezopasno...).
I never installed that certificate and had to use VPN during this time. Still some of the people have connection issues with certain sites like facebook, gmail, etc.
Some of the companies had sued government and mobile carriers for that connection issues.
In my opinion Mozilla and Google made a right decision, there is a lot of talks of how good is Kazakhstan now for doing business, the taxes are low, it's easy to get a visas for foreigner employees, and by doing this they are losing trust to themselves.
I don't think they will manage to make a fork of some of the browsers, simply because level of the our software production is kinda low, especially in goverment sector, and people will definitely not use the browser if they will attempt to make one, they will manage to use VPN and will find other ways to just use the "normal" software.
> I don't think they will manage to make a fork of some of the browsers, simply because level of the our software production is kinda low, especially in goverment sector, and people will definitely not use the browser if they will attempt to make one
Well, they could always license browsers from other vendors, which they will, if things need to go that extent.
> they will manage to use VPN and will find other ways to just use the "normal" software
Are users in Kazakhstan willing to pay extra $5 or more per month for VPNs that respect user-privacy? If not, using free VPNs is going to only make matters worse. In India, where porn is blocked, users typically resort to using Telegram or free VPNs to satiate their desire for it; most wouldn't pay $2 per month for VPNs, even when they could afford it (since $0 VPNs are a click away and unblocks porn for them).
I can't imagine how a free VPN could be worse than an actual government-sponsored man-in-the-middle attack, particularly since VPNs don't force you to install their own CA certificate (and therefore can't intercept HTTPS connections).
Agree, but: Most free VPNs are run by state-owned actors, may also in fact be honey-pots, which are now dripping with meta-data for literally everything you do on the Internet. Whilst that is not strictly worse than MiTMd HTTPS, it is still a step in the wrong direction.
I'm not quite sure what you're insinuating about Tor. Tor is an opensource project govern by a non-profit. If you're worried about things like backdoors, that's why it was opensourced in the first place.
I'm not sure how you're connecting the CIA with Tor. I wouldn't be surprised if the CIA uses Tor. I know the State Department does.
That's a dramatic statement however and you didn't support it at all with your links. Can you back up the claim that most free VPNs are state-owned? That is what the reply was likely asking for.
Sure, they always could get a license of some of the browsers, and still it will be hard to force people switch to that browser, simply cause people are used to work in a Chrome, or Firefox, or even Edge, this software is convenient, and mostly it works perfect. It will be very hard for government, and they will lose trust even more, it's kinda painful to use services that our government provides, it's usually slow, full of bugs and it's takes long time for them to fix it.
By mentioning VPN I meant it will be the way to get a normal software if the will block the downloads and updates for the certian browsers.
Of course user privacy it's other topic and I don't think that most of the people will pay for the VPN.
