NebLem

Hopefully more projects take advantage of vulnerability scanning and monitoring tools like those in this OWASP list https://owasp.org/www-community/Free_for_Open_Source_Application_Security_Tools, have good code quality standards to make their projects easier to understand and evaluate, contribute and respond to CVE reports, and get third party security auditing.

All of that is hard to motivated those throwing their code out to the world only to share how they scratched their itch to perform. I think we need a combination of governments and non-profits providing incentives / grants to projects doing good practices, document and provide trusted a forum to validate vulnerabilities, give some backing to “trusted” frameworks, and provide some vulnerability and auditing themselves.

The recent EU push into more government open source usage will help as they will be more incentivized to secure the pipelines and everyone will benefit the fruits of that firehose of funding.

Hopefully things like PineTime, Bangle.js, and the return of Pebble can shake up the market. There’s always neat DIY hacks like the SensorWatch too that can still make the space fun even if the major players get enshittified.

Outside of rate limiting and sending detected bad bots to poisoned static data, yeah not much you can really do without harming valid use cases.

In the federated world people can just set up relays or listener instances, which are far better than hammering hobbyist instances with the additional bandwidth.

Speed bumps are pretty much the worst option for speeding. Lane narrowing, adding curves, and lane diets should be preferred, and you can try them out at similar costs with plastic bollards or even cones. That being said if you want speed bumps, install elevated sidewalks instead.