Funny to see this pop up again (I'm the author). The year is now 2025 and I still use Chase as a personal bank and I'm now discovering new funny banking behaviors. I'll use this as a chance to share. :)
My company had an exit, I did well financially. This is not a secret. I'm extremely privileged and thankful for it. But as a result of this, I've used a private bank (or mix) for a number of years to store the vast majority of my financial assets (over 99.99% of all assets, I just did the math). An unfortunate property of private banks is they make it hard to do retail-like banking behaviors: depositing a quick check, pulling cash from an ATM, but ironically most importantly Zelle.
As such, I've kept my Chase personal accounts and use them as my retail bank: there are Chase branches everywhere, its easy to get to an ATM, and they give me easy access to Zelle! I didn't choose Chase specifically, I've just always used Chase for personal banking since I was in high school so I just kept using them for this.
Anyways, I tend to use my Chase account to pay a bunch of bills, just because it's more convenient (Zelle!). I have 3 active home construction projects, plus pay my CC, plus pretty much all other typical expenses (utilities, car payments, insurance, etc.). But I float the money in/out of the account as necessary to cover these. We do accounting of all these expenses at the private bank side, so its all tracked, but it settles within the last 24-48 hours via Chase.
Otherwise, I keep my Chase balance no more than a few thousand dollars.
This really wigs out automated systems at Chase. I get phone calls all the time (like, literally multiple times per week) saying "we noticed a large transfer into your account, we can help!" And I cheekily respond "refresh, it's back to zero!" And they're just confused. To be fair, I've explained the situation in detail to multiple people multiple times but it isn't clicking, so they keep calling me.
I now ignore the phone calls. Hope I don't regret that later lol.
The fraud story is interesting, but something I had hoped would be addressed by the end of the post, wasn't. You wrote:
>Someone out there is probably mentally screaming at me "you fool!" at this point. With hindsight, I agree...
I was hoping the piece would end with what you would do now (or what should you have done) when Alex called you. Did I fail to understand something in the piece, and simply staying on the phone with Alex would have somehow avoided the fraud situation down the line? It doesn't seem so?
If I were to get such a call, today, my instincts would be to engage in the same "I'm fine" get-off-the-phone-fast actions. What is the alternative?
The way you phrase that, it sounds like these services are more advantageous to the bank, but possibly not to the account holder? If so, that goes against the tone of the article, where Mitchell implies (I think?) that he would have benefited more from speaking to Alex than the other way around.
This reminds me of a call I got from Schwab, which is my brokerage and one of my two banks where I keep checking accounts as well. I had a bunch of money that I had transferred in and stupidly, lazily, just left sitting around earning basically nothing. A nice guy called me one time and pointed out that I could be earning a few hundred bucks (maybe $800?) a month just by putting it all into a very safe money market fund. I did do that (and also got around to investing most of it at a later date).
I'm sure Schwab would rather me have my money in a mutual fund than have a bunch of cash, for the reasons the other commenter pointed out (more complex arrangements and a view of the bank as a partner rather than an interchangeable "money box" is 'stickier') but this was a real double win for me and one of the handful of stories I call upon when I am asked why I do most of my financial business with that company.
Not really, these are probably mutually beneficial. Having $35 million sitting in a cash account is, as Mitchell recalls in the article, pretty bad -- you're forgoing a lot of benefit for yourself.
What the bank is probably mainly trying to do is not "extract a higher margin" from you, but rather to "maintain your business." While Alex might not have recognized that a startup that took in a bunch of financing and plopped it into a cash account and then didn't do much with it is a customer who might disappear at any time, on some institutional level the bank is aware of it. They want you to regard them not as an interchangeable place that money sits, but as a valued partner who helps you do things with your money, and as a result you feel like it would both be a risk and a bother to extract all your money and go to some other bank.
If banks want to keep a customer, you might think the most important thing is to just not annoy or screw over their customers.
Why do they continually treat good customers like shit? I'm in New Zealand and my bank just continuously pisses me off. I don't want any upsell (the arseholes tried to upsell insurance when I got a credit card the other day). I've got a six figure facility at risk (US:HELOC?) and my bank's security practices are shockingly bad (we're way too trusting in New Zealand). Little things like access blocked from oversees for a month (phone banking was theoretically available but I couldn't call international so it wasn't). Aside: I would like to block phone banking because it feels so insecure. I've been looking for a better bank, but I wouldn't get the same mortgage facility, soooooooo I'm kinda stuck (maybe that's the reason they don't need to be good to customers).
Mitchell kept getting annoyed by the bank's activities. They wanted him as a customer but their internal systems didn't know how to make it easy for him. Systems with negative impacts are too common even when you're the guy making them money...
I hand the cashier my credit card. She looks at me like I’ve just asked her to barter goats for spices. “Can I have your name?” she asks. “No,” I reply. “You can have my money.”
Then comes the phone number. Then the email. [] Finally, after this interrogation, I’ve spent $300 and she asks if I’d like a bag. Of course I want a fucking bag: “That’s 25 cents,” she says. Why can’t stores just build the damn bag into the price instead of insulting me at checkout? I’m not asking to be hand-fed grapes like Julius Caesar.
And God forbid I need to call anyone about anything. Changing an airline ticket? Calling my credit card company? Forget it. Every road leads to an automated voice system with the warmth of a Soviet switchboard.
It can also be to maintain the bank. They don't like it when accounts get several more million dollars in them than expected and sometimes it can be too much to handle.
I read the whole story and I'm still struggling to understand what you did wrong here. You indicated many times "I know, that was a mistake" (or similar phrases), but each time I was baffled because I saw no mistakes. It was your business, and you had every right to move around the funds within your account. What gives anyone at Chase the right to say diddly squat about how you manage your business' finances?
I don't think he was trying to imply that he did anything wrong. He was admitting the ignorance regarding how banks and banking work... plus acknowledging that a lot of readers will have had experiences that would make them think "Oh you young fool."
In 2022 I lost my business banking and had to shut down a business that I owned for 20 years because it was related to the adult entertainment industry and, despite being completely legal and aboveboard, a single wire transfer that got a little bit of scrutiny resulted in them asking questions about what we did and, knowing that I was doing absolutely nothing wrong, I answered all of their questions truthfully and completely. A few months later I was told that we "fell outside of their risk appetite", our accounts were being closed... and for two months we searched for any bank or credit union in Canada but none would take us.
A lot of industry insiders had that exact reaction: "Are you stupid? Did you not know?! You NEVER admit that you're in this industry you moron!" etc. We even had a very sympathetic branch manager suggest that we re-incorporate, re-brand and hide what we do (a front, in other words). I couldn't do that. And I mean, we had no issues for 20 years. 10 of which were banking as a corporation (was personal accounts before that since we ran it as a proprietorship) and I thought that being in Canada we were pretty progressive. No one I told on a personal or professional level had ever cared. So why would the banks? We were lawful so why should they care?
> You NEVER admit that you're in this industry you moron!
This can bite you, though unlikely. Look at Fed Lisa Cook. Probably at some point she thought it'd be okay and she's good for the money and it's just a bureaucracy to bypass. It's a very small thing if you compare to ... uhm ... what Trump did. But it's biting hard now.
Chargebacks. Tons of people buy porn on a card then later deny it when their SO finds the bill.
The industry is rife with this kind of fraud, and chargebacks represent tangible risk of financial loss, so banks just blanket ban working with certain industries.
People who sell precious metal jewelry for credit card payments are another.
That's why adult industry merchants are a thing, like CCBill. They have been around for decades and its kind of a non-issue. Can still accept Visa, MC, AMEX, etc.
source: used to run porn websites back in the early 00s.
How does something like CCBill stay in business when the card networks themselves have strict guidelines on chargeback rates that'll get you booted from the network?
They charge 10% (or at least they did ~10 years ago, probably higher now) and require you maintain a 30% reserve and then they use that money to continue to lobby Visa/MC to prevent competition.
Presumably, such merchants are basically outsourcing their chargeback resolutions to CCBill, who I assume is quite good at fighting them via proof of purchase.
Nothing to do with charge-backs as our bank was not providing payment processing for us. We ran a "free site" that made its income from referring subscription sign-ups to paid sites through their affiliate programs. We sold nothing direct to consumer. Our customer was other adult websites.
The banking services they terminated consisted of a single business checking account, business savings account and company credit card. That was it. That was what they deemed "too risky."
We learned from someone who used to work at Chase's compliance department that most big banks just have a flat-out ban on working with any customers that are involved in the industry in any capacity what-so-ever due to concerns over serious things like human trafficking. It was the fact that we were distributing [lawful and traceable to the producer] content that made them not want us as a client.
1: Chase's business account wasn't appropriate for a tech startup; nor was it appropriate for the amount of money Mitchell was handling.
2: When your bank calls you after a very, very large money transfer, you should take the call.
That being said: In today's world where every other phone call is some telemarketer trying to scam you or otherwise sell you something you don't want or need, I can sympathize with why Mitchell blew off the first call.
They basically had no problems through $35M+ of money coming in except a few phone calls trying to sell him some banking services... I wouldn't really call it 'not appropriate' for a startup... All it was is probably the guy trying to say "hey maybe you'd be interested in parking some of that capital in a term deposit" or offering some credit products...
It is a bit weird how actively the guy tried to engage but it probably is just because it was one of the largest accounts opened through that branch - if they'd opened an account with the same bank but a branch in down-town SF instead of in the suburbs of LA then they would have had an account manager more accustomed to that kind of business and it presumably wouldn't have been as weird...
I certainly wouldn't label that 'do you need help' opening as 'engagement'. Something as simple as 'that's a lot of cash just sitting in that checking account, there are a few better options that could get you good returns on that while still being easy to use for expected expenses' would have been actually engaging.
> If you are the customer you want a bank that understands what kind of inflows/outflows you’ll typically have. The bank wants to manage the risk, and you want a bank that doesn’t freak out at what seem to you to be very mundane transactions.
Your answers are appreciated, but they beg further questions. Do you mind that I inquire further?
>1: Chase's business account wasn't appropriate for a tech startup; nor was it appropriate for the amount of money Mitchell was handling.
What properties make it inappropriate for a tech startup, specifically? What would be appropriate instead, and why?
>2: When your bank calls you after a very, very large money transfer, you should take the call.
He did take the call, but I take your answer to mean that Mitchell and Alex didn't have the right kind of conversation on the call. Is that correct? If so, what ought to occur on a call that follows a large transfer?
The bank account was appropriate for small businesses. IE, restaurant, laundromat, ect. This became clear when the article explained that there was education for tellers about what a tech startup is.
Mitchell didn't take the call. He ended the call as quickly as he politely could, short of hanging up on Alex.
Edit: I've had a few bank tellers advise me on how to adjust my bank account correctly in the past. I'm going to assume this is what Alex was trying to do.
I might also point out that, around this time, Wells Fargo tellers were very pushy and would make calls like this. (I got one) It later came out that they were under intense pressure to sell banking services that nobody wanted.
So there is some set of services that are useful specifically to a tech startup but not a restaurant, but then there are a category of services that "nobody" wants, neither restaurant nor startup. Do you have an examples of any of those categories?
I am not asking because I disbelieve you. I am asking because I find this all fascinating, but it seems my imagination is lacking! What would I want from a bank account as a tech startup, versus a non-tech startup, versus a restaurant, that the bank wouldn't already give me when I sign up for a normal business account?
You said you were "advised to adjust" your account. Again, I apologize if I come across as ignorant, but what kind of adjustments?
My understanding is that people with financial training don’t think about money, they think about risk. If you are a banker and ask yourself “What is the probability that this 100 deposit will be here in another 30 days?” you might answer differently depending on what you know about your customer.
- If you think that your customer will withdraw 50 in the next 30 days, you might take the other 50 and invest it in a 30-day CD, and take the other 50 and just hold on to it.
- If you think all 100 will remain in the account the entire time you could invest all 100.
- etc.
If you are the customer you want a bank that understands what kind of inflows/outflows you’ll typically have. The bank wants to manage the risk, and you want a bank that doesn’t freak out at what seem to you to be very mundane transactions.
A bank account is only insured up to $250k by the FDIC. Chase is a very safe bank, but the amount over that is still not insured, so it's not safe.
He also didn't get any extra controls on the account - you can see from the end of the story that they just forgot about it and someone stole $100k of it!
> So there is some set of services that are useful specifically to a tech startup but not a restaurant, but then there are a category of services that "nobody" wants, neither restaurant nor startup. Do you have an examples of any of those categories?
It wasn't a specific service, it was that Wells Fargo employees had a "performance metric" (which I understand in certain postapocalyptic hellholes translates to "a threat to your livelihood and your ability to receive medical treatment if you fall ill") on the number of products each customer was using. So they would encourage customers to open extra savings accounts, credit cards etc. (or some of the more enterprising employees would skip the phone hassling stage and just open these accounts).
The teller who called me basically gave me awful service.
I visited the bank a few days earlier because they sent me a debit card that I didn't want. (I wanted to switch it to an ATM card because it's harder to commit fraud with them.)
The teller basically didn't listen to me and tried to push services on me for 15-20 minutes. Eventually he realized I was getting extremely frustrated and helped me do what I needed to do.
The call from the teller a few days later was extremely unexpected, and I was justifiably curt. I said something like, "I don't want any new banking services, there's no reason for you to call me."
> You said you were "advised to adjust" your account. Again, I apologize if I come across as ignorant, but what kind of adjustments?
A few months ago, a teller offered to move my savings account to a higher interest version. I just had to maintain a minimum balance. A similar thing happened when I had my first summer job before college: A teller offered me a higher-interest money market account, it was just limited to something like 4 withdrawals a month.
> Do you have an examples of any of those categories?
I'm not an expert in startup finance, but I'll try my best.
The mistake that Mitchell made was kind of like keeping all your liquid assets in a checking account. Imagine if, instead of investing in a 401k (or similar,) retail investments, CDs, savings accounts, ect; you just put your entire life savings in a single checking account. Not only would you sacrifice a massive amount of interest, you would probably lose FDIC protection as your account grew, you'd be at risk of someone forging checks, and you'd be at risk of debit card fraud.
Startups often talk about their "runway." This is how long the startup can pay their employees, rent, and other bills; if they have no income. Don't quote me, but this is usually something like (roughly) 2-5 years.
Now, keeping the "runway" money in a single account is kind of, to put it bluntly, dumb. (It's like if you kept all your liquid assets in a single checking account.) Most of it should go to low-risk investments, like CDs and other high-interest savings accounts. I'm sure Silicon Valley Bank has a very straightforward way (for startups) to do this, that Chase doesn't have.
> What would I want from a bank account as a tech startup, versus a non-tech startup, versus a restaurant, that the bank wouldn't already give me when I sign up for a normal business account?
Remember the term "runway." Restaurants are typically profitable from day one, or become profitable quickly. They spend roughly as much as they take in. Startups often run at a loss for many years before they become profitable.
Likewise, a restaurant might have to pay back a loan that it used to buy equipment, renovate, or purchase the business. Startups hold onto their investment as "runway" instead of paying back a loan.
I'm going to assume that Silicon Valley Bank has products built around the fact that a startup has a large sum of money that it spends very slowly, versus a restaurant that needs loans and spends money as quickly as it comes in.
> I'm going to assume that Silicon Valley Bank has products built around the fact that a startup has a large sum of money that it spends very slowly, versus a restaurant that needs loans and spends money as quickly as it comes in.
That's what SVB assumed, and they were very wrong.[1]
> Some banking experts said that the bank would have managed its risks better had it not been for the Economic Growth, Regulatory Relief, and Consumer Protection Act (EGRRCPA), enacted in 2018 and supported by SVB CEO Greg Becker, which reduced the frequency and number of scenarios of required stress testing implemented under the Dodd–Frank Wall Street Reform and Consumer Protection Act for banks with under $250 billion in assets.
> He did take the call, but I take your answer to mean that Mitchell and Alex didn't have the right kind of conversation on the call. Is that correct? If so, what ought to occur on a call that follows a large transfer?
I would echo this question. If my bank called me and asked if I needed help, why would I say yes? I got money, the bank is holding it, everything is going great! This really feels like Alex was trying to ingratiate himself with a big client but communicated that really poorly, such that the message of "you are a big deal so I want to give you top tier service" never came across.
> I got money, the bank is holding it, everything is going great!
Until your account is many orders of magnitude larger than the other accounts. I suspect the typical "business" account was well under a million. See https://news.ycombinator.com/item?id=45058480 to understand why this was a big deal for the bank.
Honestly this was partly on Alex, but again, largely on Chase's banking practices. When a transaction of that size comes on the radar, you don't just ring up compliance to verify records internally. You also bring in the big guns from Main Office (aka the regional business banking HQ) and, along with Alex (as the point of contact), educate the business customer as to what can be done. This was what happened to me at Credit Suisse (RIP) after I had a similar, albeit smaller, transaction happen for my personal account. They were also extremely helpful when I wanted to get started with setting up my current trading business. Oh, and I'm still in touch with most of the people who helped me through that journey, even though they've left for other shores.
But again, Alex would not have been able to do this because Chase might not have had any policy about how to redirect customers to the appropriate type of banker. Which is kind of stupid for a megabank of its size.
It's not even an indication of fault. It's actually their internal sales/marketing system that flagging these messages. When they notice something like a large deposit, it triggers a message because they want to sell you a new account. Maybe it's savings, a CD, or you're getting ready to buy a house and they can help you with a mortgage. The average teller or even customer service person can't turn off these notifications, although, you may have some ability to opt out of them. Unfortunately, I find opting into useful notifications also opts me into useless ones, so I just ignore the texts...
Your whole arrangement of having an operating account separate from your wealth accounts is highly regular.
Edit - sorry realized I replied to a reply! Put air quotes on You/Your
Most banks have dedicated startup bank account tier where you get many perks (AWS/GCloud/azure credits, transactions fees waived for the first few years, accounting software discounts, virtual credit cards) so it's a good idea to open that account instead of a standard business account plus he had $35m just sitting there in a checking account if he has opened an account with a bank that is more experienced in dealing with this type of businesses their RM would have suggested to keep certain amount in the business account and create another saving account where most of the money would have earned interest or invested in some fund. So I think maybe he is implying that due to these mistakes he missed out on personalized guidance.
The biggest thing to me imo is that everything was in one account while fdic insurance is only 250k although if chase goes out of business you probably wont need the money anyway. Also specialized startup banks come with a lot of perks for companies and founders and chase evidently didnt (or just had account rep who sucked at his job)
It's quite a lot more important to diversify funds for procedural risk than bank failures, although SVB certainly illustrates that they do happen.
More likely, the bank will put a ~$1b hold on your account while they investigate suspicious transactions, and your options are to whistle, sing, scream, or twiddle your thumbs until they are done.
So having 4-5 total accounts, ideally unrelated to each other in terms of legal owners (differently-named subsidiaries are usually the way to go, I understand, though I am far from an expert in such matters), will enable you to continue to operate your business while bank A does compliance on your accounts.
If you run into a situation where banks A through F all put holds on your account, you need a good RICO lawyer or equivalent. Different class of problem, and different likelihood of happening, and the kind of thing a great CFO plans around.
> private banks is they make it hard to do retail-like banking behaviors
> depositing a quick check.....Zelle.
Good lord
American banking really is in the stone age. I don't think I've seen a cheque in 20 years. As for private banks, in Blighty they all (?) offer 'retail' services that out perform high street offerings.
Incidentally, all high street banking is free in the UK. Only private banks tend to charge for their services.
Zelle limits the amount you can send per day, starting at $500, so you can't even necessarily pay your rent in one go the first month.
With Chase, I don't have the ability to do ACH transfers to accounts I don't own (I hear other banks allow free ACH transfers), so if Zelle limit is too low, my only option would be a paid wire...
Congrats on the success! I’ve had a similar experience since I started moving more money around. My local branch started calling me too. I live in a busy area where lines at the bank can take hours, but now they told me I can just message someone whenever I go and they’ll move me to the front.
The other day I was just poking around the investment section of the app to see what kind of rates they offered, and almost immediately I got a call from my personal banker, haha. I actually ended up trying the investment since the returns looked good.
This is somewhat funny to read because if you were a JPM(chase) Private Bank client you wouldn't have any of these issues (zelle works, you can deposit checks, pull from any/all ATMs).
Chase Private Client refunds ATM fees too. It's especially nice if you live in a location where a substantial fraction of Chase ATMs and branches are shuttered!
yeah agree -- it seems like a mistake to use retail banking for real business amounts of money and transactions. I suspect that young adults focused on a fast-moving tech world really did not live the hard lessons of the past with business restrictions. On the one hand, it is a new world now (no one would have come up with the kind of money referenced here, with Mom and Pop business pace); on the other hand, maybe you really are trying to load a trucking worth of transactions onto the top of your used Honda Accord, so to speak.
At what point does it make sense to sign up for private banking? I've been happy with our credit union for day to day stuff but we don't keep a ton of cash around (most of our money is in a brokerage account (ETFs)). Is private banking just for folks that want to have a lot of cash around but not have it in an easy to use account?
If you have to ask, the answer is you don't have enough! :)
Seriously though, just wander into any big ass bank(Chase, BOA, etc) and ask them. They have multiple tiers of private banking, depending on your wealth level. Generally the bottom tiers start around $100k and go from there. To get into the fancy tiers you generally need $1M or more of bank assets. To get into family offices, you generally need $100M or so. Though shared family offices are sometimes available at the low 30-50M range.
Just be very careful of fees. Generally the larger the private client services, the higher the fees.
When you are managing a $500k-1M+ liquid net worth.
I think Chase starts “Private Client” at $250 or $300k. (Don’t use Chase, however.)
It might in some cases be more trouble than it is worth, if you are right around the threshold. A “normal” retail checking account and a brokerage account at another institution with the ability to transfer between them is probably sufficient for most. If you need loans or mortgages or other stuff, it might be worth the hassle (and phone calls).
Private client isn’t private bank. They name is like that so you think it is though. :) private banking services start around $10 to $15M with higher tiers as you go.
(Not trying to diminish private client services. But they’re night and day different services.)
The non retail banks that have a good reputation are even higher.
They don’t outwardly advertise their minimums because “it depends.” For example if you’re an up and comer in your field where it seems like you’re LIKELY to one day hit the mins, they’ll start the relationship early.
Chase has a decent private banking operation, which you might consider (so does BofA, and most large banks) which can give you the best of both worlds.
That was an interesting and entertaining read. Well written. Thanks for sharing. It reminds me I do have a bank with physical branches, the digital world made me forget all about that.
The US tends not to regulate what kind of services a bank has to offer to its customers. A bank doesn't need to offer any kind of transfer services to be a bank. As far as I know you can legally be a bank and only offer cash deposit and withdrawal.
The EU has PSD (Payment Services Directive) and PSD2 which stipulate what kind of transfers have to be possible to customers.
Because of that the US just has a bunch of startups which offer services that unify the payment landscape. The alternatives at a bunch of banks is still that you need to write checks.
You should start a business for your construction projects, then use a business bank like Mercury instead of Chase and get all the nice business features.
I move $10k+ in and out of BoA/Merrill every week and I’ve never received an alert or phone call. I would have stopped using Chase a long time ago if they were that annoying.
I basically never want to talk to anyone at any bank, like any other utility.
All politics aside, I want to note that this is not a “little known” thing and I’ve never seen it talked about as a “loophole.”
I’m a pilot, I know hundreds more pilots. Most individuals who own a plane (even a Cessna that costs less than a car) know about and often use this program.
It’s very much well known in the aviation community. And outside of that I’d say it would be more surprising to people that the general public can track any aircraft public or private! (Imagine everyone’s car being able to be real time tracked by license plate by anyone anytime)
Now, bringing some politics in, it does feel like aircraft movement for the purpose of public government use should be documented and available.
> Imagine everyone’s car being able to be real time tracked by license plate by anyone anytime)
Except ... every plane is being tracked in real time by the FAA (or other aeronautical organizations) for the good of both those on the plane and those around it.
The question is not whether such tracking happens or not, but merely whether the data is publically available. The analogy with cars would require that someone is actually tracking car positions, which as far as we know is not happening at any significant scale.
Exactly right. That’s what I’m saying. The tracking itself for air traffic control purposes has an obvious good purpose. The side effect that any random public individual can access this from their couch does not.
So, perhaps to reword my “imagine:” imagine the government required a tracker on every car, AND that data would be available to anyone in the entire world who wants it at anytime with no restrictions whatsoever.
I’m aware thank you. When I say air traffic I don’t mean exclusively ATC, I mean generally for all parties involved in air traffic (such as other pilots in the air). I don’t think such a use case exists for any person in the entire world on their couch.
> The tracking itself for air traffic control purposes has an obvious good purpose.
There's probably a way that the system could achieve the same safety benefits without invading privacy. Obviously, this FAA list is part of that. But there's probably even better tech that could achieve this too.
I'm not an aviation expert so I'll leave the details to those people. But we should be trying to find ways to improve the privacy of this system.
Give it time and people will try to justify real time tracking of all car traffic for "safety" reasons too...
> There's probably a way that the system could achieve the same safety benefits without invading privacy.
Probably, but the FAA and aviation in general leans towards "use the dumbest, most reliable technology possible" (for good reason, this isn't a dig at that). A relatively cheap wing-attachable beacon that beep boops on a frequency with no handshakes, encryption, etc. is one of the simplest possible thing.
Look at the fact that piston engines in aircraft still use magnetos and manual mixture controls. :) There's a ton of literature on that, we've had real world examples of more reliable alternatives, and yet... Luckily magento replacements such as SureFly are making some headway (after long, long long last). But they're a tiny tiny part of aviation today.
Yes. A good example is the continued use of AM modulation for aviation radio. While bandwidth inefficient, the failure modes of AM modulation are easy to understand and predictable, which is good for safety.
But, even then, there may still be something clever that can be done to improve privacy without something as heavy-weight as, say, encryption. We should be open to the possibility.
I'm not into aviation, but if this is about planes broadcasting their position publicly, I would imagine it's beneficial not just for the traffic control towers, but also for other pilots flying around in the area that can receive those signals, in case they're ever not within range of a working tower. It works as a redundancy option, for safety.
It also works in case there's unlicensed, radio-silent flyers, which is bad, but you turn a bad situation worse if they can't get info on what other aircraft they might bump into.
The unencrypted broadcasting of their position is like a trailer beeping as they're backing up. It's an alert for others to pay attention to them and stay out of their way.
Cars are being tracked at significant scale. Police and private entities commonly use ALPR systems and that data gets fed back to the manufacturer for resale on the capitalist surveillance market. Combine that with an IMSI catcher and you can derive identities without access to the license plate database. This works in conjunction with vehicles that have cellular modems sending GPS position to the manufacturer, for resale, and phones that send GPS position to the network operator, for resale. The non-flying public is extensively tracked.
You’re a pilot, you can probably think of some differences in the way aircraft operate versus roadcraft, that makes tracking them a much more reasonable proposition.
Hi @schmichael ;) Rust would've prevented one. The rest Rust wouldn't have prevented since as you already noticed, it was in the boundary layer and semantics of a C API. It would've only been as safe as the Rust wrapper. One argument is that the richer, more proven ecosystem of wrapper libraries may have prevented it versus my DIY wrappers.
The one Rust would've prevented was a simple undefined memory access: https://github.com/ghostty-org/ghostty/pull/7982 (At least, I'm pretty sure Rust would've caught this). In practice, it meant that we were copying garbage memory on the first rendered frame, but that memory wasn't used or sent anywhere so in practice it was mostly safe. Still, its not correct!
Rust has safe and reliable GTK bindings. They used gir to auto-generate the error-prone parts of the FFI based on schemas and introspection: https://gtk-rs.org/gir/book/
Rust's bindings fully embrace GTK's refcounting, so there's no mismatch in memory management.
We also use gir to auto-generate our bindings. But stuff like this is not represented in gir: https://github.com/ghostty-org/ghostty/commit/7548dcfe634cd9... It could EASILY be represented in a wrapper (e.g. with a Drop trait) but that implies a well-written wrapper, which is my argument. It's not inherent in the safety Rust gives you.
This is a generic smart pointer. It had to be designed and verified manually, but that line of code has been written once 8 years ago, and nobody had to remember to write this FFI glue or even call this method since. It makes the public API automatically safe for all uses of all weak refs of all GTK types.
The Zig version seems to be a fix for one crash in a destructor of a particular window type. It doesn't look like a systemic solution preventing weak refs crashes in general.
Do you mean gtk-rs (https://gtk-rs.org/)? I have done a bit of programming with it. I respect the work behind it, but it is a monumental PITA - truly a mismatch of philosophies and design - and I would a thousand times rather deal with C/C++ correctness demons than attempt it again, unless I had hard requirements for soundness. Even then, if you use gtk-rs you are pulling in 100+ crate dependencies and who knows what lurks in those?
Yeah, Rust isn't OOP, which is usually fine or even an advantage, but GUIs are one case where it hurts, and there isn't an obvious alternative.
> gtk-rs you are pulling in 100+ crate dependencies and who knows what lurks in those?
gtk-rs is a GNOME project. A lot of it is equivalent to .h files, but each file is counted as a separate crate. The level of trust or verification required isn't that different, especially if pulling a bunch of .so files from the same org is uncontroversial.
Cargo keeps eliciting reactions to big numbers of "dependencies", because it gives you itemized lists of everything being used, including build deps. You just don't see as much inner detail when you have equivalent libs pre-built and pre-installed.
Crates are not the same unit as a typical "dependency" in the C ecosystem. Many "dependencies" are split into multiple crates, even when it's one codebase in one repo maintained by one person. Crates are Rust's compilation unit, so kinda like .o files, but not quite comparable either.
A Cargo Workspace would be conceptually closer to a typical small C project/dependency, but Cargo doesn't support publishing Workspaces as a unit, so every subdirectory becomes a separate crate.
I'm sure the gtk-rs bindings are pretty good, but I do wonder if anyone ran Valgrind on them. When it comes to C interop, Rust feels weirdly less safe just because of the complexity.
But the GTK-rs stuff has already abandoned GTK3. Wait... I guess if the GTK-rs API doesn't change and it just uses GTK4 that's a good way to go? Everyone can install both 3 and 4 on their system and the rust apps will just migrate. Is that how they did it?
> That lead me to think that GTK and the GObject system is opinionated in a way that are not terribly compatible with my own opinions.
This might be amusing for me to say but... I also feel this way. I disagree a lot with the Gnome ecosystem's point of view. Funny!
Using GTK for Linux was a pragmatic choice. A goal of Ghostty is to be "platform-native" (defined here because there's no such thing on Linux: https://ghostty.org/docs/about#native). GTK is by various definitions the most popular, widespread GUI toolkit on Linux that makes your app fit into _most_ ecosystems. So, GTK it is.
I hope `libghostty` will give rise to other apprts (maintained by 3rd parties, it's hard enough for me to maintain macOS and GTK) so that you aren't forced into it. See https://ghostty.org/docs/about#libghostty For example Wraith is a Wayland-native Ghostty frontend (no GTK): https://github.com/gabydd/wraith Awesome.
You didn't cover it but is Ghostty still entirely dependent on libadwaita for most of its UI features? I completely lost interest when it was still in beta and I found out many features were disabled on Linux if you didn't want it to look and behave as a Gnome app.
Yes, its a hard dependency. But we go out of our way to add CSS classes to our UI widgets and even have a configuration in Ghostty to supply custom CSS directly (without you having to mess with gsettings or anything). We've seen some pretty incredible customizations in our showcase channel in Discord.
We haven't committed to our CSS classes yet as a stable API but we plan to do that in the next release cycle. Still, they haven't changed much in a year. :)
You are projecting. Personally speaking, I would choose Electron waaaay before I'd choose GTK. That probably wasn't an option for his optimized terminal, but would be Good Enough™ for just about anything else.
Electron is bringing an entire web browser in to provide a cross-platform user interface. GTK has become almost a web browser to provide a cross-platform user interface. That is why I started off with
Their CSS implementation is broader than what most actual browsers had 10 years ago. I would not have commented if I weren't already painfully familiar.
This is really just my opinion but I always can’t tell when an app uses QT and not positively. QT just looks uglier and feels more windows XP-esque than GTK apps
I like Linux because it gives me the freedom to make my system behave how I want. The GNOME devs seem to think that GNOME should only behave how they want. For example, last time I checked, GNOME required a third-party plugin just to move the clock from the center of the status bar to the side.
I'm not at all surprised to see that this mindset extends to GTK.
> The GNOME devs seem to think that GNOME should only behave how they want.
For many years I followed this whole outrage but wasn't really sure whom to believe because I didn't have any stakes in the matter. Then the GNOME/GTK devs removed support for key themes[0,1] and I still have no idea why. The arguments they brought forward make absolutely no sense to me.
Sun donated a bunch of UI guidelines to the GNOME project back in the really early days. Those guidelines basically boiled down to "You users are idiots, and power users don't matter, so get rid of as many options and force a single way of interacting with the software." The GNOME development philosophy just expanded on this.
Gnome shell is designed in a way so that users can configure basically everything using plugins. That way everything does not have to go through the Gnome Shell developers and much more specific and esoteric functionality can be added.
Being able to make a small change is good when every thing is well defined small parts. You can change the part you want and then use everything else as per normal. If everything is so tightly integrated that you end up having to maintain a fork of a large project, it doesn't work out so well.
I don't know which is true for this particular case, but I'd hazard a guess that it is a much bigger task than it needs to be.
I have seen Gnome devs talk of removing features because people were using them the wrong way. Not that people weren't using the features at all, just not for the purpose for which they were written. Experiences like that make me think that pull requests wouldn't get you very far either.
As a gatekeeper in an unrelated small project, I understand gatekeepers being selective. You have a vision, design standards, quality standards. Drive-by PRs that add "just this one thing I need" features is how your well-designed, cohesive project becomes a kitchen sink of shit.
> You have a vision, design standards, quality standards.
Unless, of course, all of those are shit, so a more design-competent person can drive by with an improvement, which will be rejected because it's too shiny
You're not, that depends entirely on the assessment of the relative approaches and whom you care more about, users or a subset of designers closest to the gates.
But that's beside the point, the point was the criticism of the "send a PR" even though that resolves nothing due to the mismatch.
While I prefer tiling windows manager, GNOME’s approach is sensible. Restrain your features to a restricted default and allow users to extend it if they want to. The code is open and well organized as far as I can see. So it’s very easy to see where to extend from.
You can "just use" KDE too. The default are actually less insane than gnome, it's easier to use.
The idea that more functionality makes software less usable makes no sense to me. No, it's more usable.
Its like when people argue that iOS not allowing anything other than safari is a good thing.
Okay... how? Because if you like safari, nothing changes for you. You just keep using it. You wouldn't even be able to tell.
Similarly, if you like KDE you can just... use it. You don't actually have to change anything. There's no gun to your head. If you're the type of person who just takes software and uses it, then great - you don't need Gnome for that. KDE is actually better at that, IMO.
I hate GTK enough that I'm considering porting Ghostty to literally any other GUI system. I think that Qt is probably the only alternative that anyone might consider "platform native" so I'll probably go that direction, even though Qt development is rather special in its own way (you know how GTK decided C needed an object system? Qt decided that C++ needed a more better object system).
> Qt decided that C++ needed a more better object system
I haven't used Qt, nor C++, in many moons, but my understanding was that `moc` [1] filled a gap of run-time dynamicism that C++ didn't natively support when it was invented. Has C++ since evolved to make that obsolete? Seems like moc is still a thing.
I feel some genuine grief about what GTK has become.
It started out as a toolkit for application development and leaned heavily into the needs of the C developer who was writing an application with a GUI. It was really a breath of fresh air to us crusties who started out with Xaw and Motif. That's the GTK I want to remember.
What it is now is (IMO) mostly a product of the economics of free software development. There's not a lot of bread out there to build a great, free, developer experience for Linux apps. Paid GTK development is just in service of improving the desktop platform that the big vendors ship. This leads to more abstraction breaks between the toolkit, the desktop, and the theme, because nobody cares as long as all the core desktop apps work. "Third party" app developers, who used to be the only audience for GTK, are a distant second place. The third party DX is only good if you follow a cookie-cutter app template.
I switched my long-term personal projects from GTK2 to Dear ImGui, which IMO is the only UI toolkit going that actually prioritizes developer experience. Porting from GTK2 to GTK3 would have been almost as much work since I depended on Clutter (which was at one point a key element of the platform, but got dropped/deprecated -- maybe its corporate sponsor folded? not sure).
While pulling in a library just for window decorations is insane, the same could make sense for a full UI toolkit - after all, that's how standard UI components have worked on e.g. Windows. In a way, Qt can already fulfill that role because by default it tries to adapt to the look and feel of the platform it runs on, including using GTK themes. Too bad that it's a bloated pig without a stable ABI that would allow you to use the system version.
> after all, that's how standard UI components have worked on e.g. Windows
Standard UI components on Windows are in user32.dll, and that's guaranteed to exist on each Windows installation all the way back to Windows NT.
And to just get an empty decorated window all I need to do is call CreateWindowEx() (which will always look consistent), all the rendering inside that window can then be done through one of the 3D APIs.
Same on macOS, I don't need any optional dependencies to create a decorated empty window which I can then render into with Metal.
For that same scenario (3D rendering into an empty window), Wayland only guarantees me a bare undecorated rectangle I can draw into with GL or Vulkan (and I wouldn't be surprised if even that is an optional feature I need to query first lol). And even if both GTK and Qt would be guaranteed to be installed on each Linux desktop system (so that I can pick one of two frameworks to give me a dedorated window, that would be overkill if I just want an empty window for 3D rendering - and even then I don't know if a window created through Qt would look consistent on a GNOME desktop or vice versa).
Of course that topic has been discussed to death without anybody who could fix that problem once and for all (by making the server-side decoration extension mandatory for desktop Linux systems) even recognizing that this is an issue that needs fixing.
Tbh, I don't even understand why desktop Linux needs more than a single Wayland implementation. So much wasted redundant work which could be put into actual improvements.
AFAIK, both KDE and GNOME had an architecture already where they changed only the base layer to adapt to wayland. Wlroot have a different architecture. And that’s why you have three mainstream implementations.
Slightly unrelated, but I wonder why the "Linux desktop maintainers" (whoever that is - and that this is even a question is probably the main problem) haven't come up yet with a minimal shared 'interface library' that's mandatory on each Linux desktop installation, and which provides a standard API (but no implementation) to create a window, get input events and probably also a set of simple UI widgets (buttons, sliders, checkboxes, lists - basically what Win32 or X11 provides).
KDE, GTK or any other concrete UI toolkit register 'drivers/plugins' with this interface library to do the actual work.
Minimal 'framework-agnostic' UI apps can then use this standard shim library and always look fully native, while applications which require the full KDE or GTK feature set can still use those frameworks directly.
Call it Common Desktop Environment or something idk...
I’m not a maintainer, but IMO, it may be the different design systems. Yes there are common elements like buttons and scrolled view. But the whole selling point of a toolkit is consistency, especially around more advanced widgets.
> But the whole selling point of a toolkit is consistency, especially around more advanced widgets.
In theory yeah, but that consistency is out the window anyway when some apps I'm using are GTK, others Qt, and yet others Electron with the JS framework flavour of the week.
A standard shim library which would map to the user's preferred framework (e.g. GTK or Qt) would at least be visually consistent between GTK and Qt - and not just for the window chrome) - even if it only offers a common subset of GTK vs Qt vs ... features.
Why don't the developer do the shim themselves? You can always have a core and shell out the UI to the platform being used. One example is Celluloid [0] (GTK) and IINA [1], both use mpv as their backend. Why not have something like libslack, libspotify (a real one), or libdiscord, then have a more appropriate frontend to meet the users where they are.
...more code in the client that should really be part of the 'operating system', and if I need to do it myself anyway, why should I care about consistency with other applications?
Such an idea only works if it is less work for application developers, not more. And I think the right place for that is the operating system layer, not the application layer.
Yes, but Linux is only the kernel, everything else is someone else project. A distribution is nothing else than a curated list of software projects.
macOS is a good example of what you're proposing. The developer toolkit have a lot of nice frameworks (libraries) to help build apps. But that ties you to Apple. You can't expect consistencies across OS unless someone does the work to provide an intermediate layer, and then you loose on each OS nicest capabilities.
It may not make business sense, but the most elegant solution is to have a core that is your feature set, and then flesh out each dependency according to the platform.
No, there are no protocols intended to implement such a thing at this time. I'm not aware of anybody attempting to spec out such a protocol either, but I do think it's a really interesting idea.
There is about zero chance that Gnome would implement such a protocol which makes the whole endeavor pointless. They can't even agree on server side window decorations.
That's precisely the point! It would be really nice for applications to be able to operate agnostic from the DE's decisions about UX and design. Applications want something much more high level: button here, scroll bar there, text input here. It's the DE's job to make such things accessible and look pretty. If you think about it, that's precisely why the web is a popular user interface target: the application has a much higher level interface, and all those concerns are, correctly, handled at a different abstraction layer.
I don’t think it’s possible to build a generic UI across DEs, at least if you actually want them to feel native. They’ve all got different standards, so while Gnome might have a button here, a text box here, and scroll bar there on KDE a scroll bar here, text box here, and then the button might make more sense.
My point is that the application doesn't have to care if it's running in Gnome or KDE. It just speaks Wayland protocol and then it gets a Window and some UI in it. The gnome window manager / KDE window manager then makes that UI properly native.
Consider input methods. That clearly belongs in the window manager process, not each application process. The application should simply ask for a text box, and then receive events when the text in the box changes. The fact that I'm typing Japanese into a fancy UI shouldn't make any difference to the application, other than what text it receives from the widget events.
And that should all be possible in a small, static executable, that is speaking the Wayland protocol, and has zero dependencies other than networking syscalls.
I like the idea but, having built many UIs for many different applications over the years, I doubt it would work for anything non-trivial. The thing is, as soon as your UI reaches a certain level of complexity you need tight control over the look and feel, especially over the positioning of UI components relative to each other. Unfortunately, the latter depends a lot on how exactly your UI components look and behave.
For example, your text input box's label might be displayed to the left of the box, to the top, or it might be one of those floating labels that are displayed inside the box but move to the top border as soon as you focus the box. Depending on that, you would choose the spacing to neighboring text boxes and buttons differently, and maybe also arrange things differently altogether, because of different space requirements.
In other words: Your application would need to know what exactly the Wayland "UI layer" is going to display in order to send it precise instructions. But then your abstraction is very leaky.
No it is the developer's job to make things be nice and work well. We've gone past pretending to be native shit for pretty much everything. We define our own design styles and language since the web took off.
Server side ui toolkit doesnt make much sense to me. Better idea is to target some multimedia layer like web browser, electron, etc ... Or just hope someone someday comes up with UI library that doesnt suck.
> The only UI Ghostty has is tabs and the context menu
- Tabs
- Splits
- "this process has exited" banner
- Close confirmation dialogs
- Change title dialog
- Unsafe paste detection dialogs
- Context menus
- Animated bells (opt in)
- "Quake-style" dropdown terminals (cross platform but different mechanisms)
- Progress bars (ConEmu OSC 9;4)
- macOS: Apple Shortcuts Integration
- macOS: Spotlight Integration
Probably more I'm not thinking of. It's unfair to say it's just tabs. Could we have done this without a GUI toolkit? Of course! But the whole mission statement of this project was always to use platform-native (for various definitions) toolkits so that it _feels_ native.
That's not for everyone, and that's the great thing about the wonderful vibrant terminal ecosystem we have.
> is it really worth the integration pain and now this rewrite?
There's definitely a lot more on the way.
The first goal and primary focus of the project was to build a stable, feature rich (terminal sequences) terminal emulator. We're basically there. Next up, we're expanding GUI functionality significantly, including having more escape sequences result in more native GUI elements. But also traditional things like preferences GUIs, yes.
We're also integrating a lot more deeply with native features provided by each platform (somewhat related to the GUI toolkit choice), such as automatic iCloud syncing of your configuration on macOS. Now that the terminal is stable, we can start to really lean in to application features.
This isn't for everyone. Some people like Kitty's textual tabs. That's fine! It's a tradeoff. That's the beauty of choice. :) Kitty is a great terminal, if you prefer it, please use it. But it has completely different tradeoffs than Ghostty.
I know I'm about to show my ignorance regarding GUI programming here, but: would SDL2 be a suitable choice? Or would that be too low-level? Or just...the wrong sort of library?
SDL2 wouldn't be appropriate for what they're trying to do.
SDL2 is more of a drawing and graphics library. You tell it to put a triangle here, it puts a triangle there. But it has no idea what a button should look like - how it should behave, how it should be animated - on Mac, on Windows, on KDE, on Gnome, etc. You could try to painstakingly recreate this look and feel for each platform, but it's a lot of effort, you probably won't get it quite right, you'll make oversights on accessibility and internationalisation, and your hard work will instantly look dated once the platform evolves.
To make native GUIs, you need to talk to the libraries that draw platform-native components, like buttons, for you. But of course each platform works totally differently, and the whole affair is honestly kind of a mess, which is why truly native cross-platform applications tend to be fairly rare in practice. Maintaining five different GUI code bases for all sorts of fringe platforms is not, in most cases, a good use of time. For most apps, either you stick to native and cut less significant platforms, or you abandon native altogether and just use a cross-platform wrapper like Electron.
Just from my basic understanding after working with sdl2 and gtk, sdl2 is more suitable for game development, It doesn't have standard set of UI elements. So every UI element, and interactions will have to be implemented by hand. Now imagine displaying a list view with huge number of items.
And the worst is, Terminals works with texts, sdl2, in my knowledge do not have proper way to display large amount of text, let alone select and copy.
There are probably other issues, these came from what I experienced
Unless you plan on writing your entire UI from scratch, like, from the framebuffer on up (in which case it will integrate poorly with the rest of the desktop) you must use one of the common widget toolkits: GTK or Qt. If you want the flexibility of not having to commit to C++, GTK is your only choice.
For any startup that actually reaches a sizable liquidity event of any form, it's very common.
As background: I cofounded a startup that made a lot of people millionaires. QSBS really helped a lot of people. Yeah, if you're going to make deca-millions anyways then it seems like a handout, but if you're "only" making a few million dollars it's the difference between retiring and not.
OSUOSL and Lance specifically (the writer of this post) was extremely supportive of me during the early days of Vagrant and Packer. Lance tried many times to try to find a way for OSUOSL to help my projects but I don't think we ever formalized anything.
Regardless, they were always big users and big proponents of the OSS work I was doing. And I remember that. I think more than the OSS project support they do, the support and education they help provide for students is laudable.
I personally think corporate sponsors shouldn't blink twice at supporting OSU OSL, but I'm not surprised given the state of... things. And the individuals choosing to judge and criticize based only on a 4 bullet point budget are infuriating.
Well, I'll help. I've emailed to setup a donation.
Thanks for everything you've done Lance, OSUOSL. And thanks to anyone else who helps support them!
Lance is a great guy and that lab for a decade plus has done great work and supported so much of community. Happily supported their start and will continue to.
As someone who was a student at the OSL when Vagrant was hip, also thanks to Mitchell for creating Vagrant! We used it a ton for testing all our our configuration management.
Kitty is a great terminal and Kovid does excellent work. I have a ton of respect for him. Ghostty (disclaimer: I’m the creator) could also be and I appreciate anyone who thinks so. There doesn’t have to be a winner/loser mentality!
The big picture is to get more people to use the terminal more for cases it’s good for. Infighting amongst people who already like terminals is counter productive, in my opinion.
My company had an exit, I did well financially. This is not a secret. I'm extremely privileged and thankful for it. But as a result of this, I've used a private bank (or mix) for a number of years to store the vast majority of my financial assets (over 99.99% of all assets, I just did the math). An unfortunate property of private banks is they make it hard to do retail-like banking behaviors: depositing a quick check, pulling cash from an ATM, but ironically most importantly Zelle.
As such, I've kept my Chase personal accounts and use them as my retail bank: there are Chase branches everywhere, its easy to get to an ATM, and they give me easy access to Zelle! I didn't choose Chase specifically, I've just always used Chase for personal banking since I was in high school so I just kept using them for this.
Anyways, I tend to use my Chase account to pay a bunch of bills, just because it's more convenient (Zelle!). I have 3 active home construction projects, plus pay my CC, plus pretty much all other typical expenses (utilities, car payments, insurance, etc.). But I float the money in/out of the account as necessary to cover these. We do accounting of all these expenses at the private bank side, so its all tracked, but it settles within the last 24-48 hours via Chase.
Otherwise, I keep my Chase balance no more than a few thousand dollars.
This really wigs out automated systems at Chase. I get phone calls all the time (like, literally multiple times per week) saying "we noticed a large transfer into your account, we can help!" And I cheekily respond "refresh, it's back to zero!" And they're just confused. To be fair, I've explained the situation in detail to multiple people multiple times but it isn't clicking, so they keep calling me.
I now ignore the phone calls. Hope I don't regret that later lol.
reply