Hah, yes that was an odd placement. It seems like a non issue though.
Hah, yes that was an odd placement. It seems like a non issue though.
I very reluctantly put a new mac mini on order last Sunday. I didn’t feel great about it but I was feeling done with Windows for a bit at least for home use.
It’s public information transmitted over airwaves and several sites exist already. Flightradar24 and adsbexchange are the two I use, though Elon and Taylor Swift are far too boring to pay attention to when you can watch refuelers and jets instead.
At one point I had been playing GTA V online pretty consistently when I had a cheater start targeting me. It was pretty frustrating and after 30 minutes of that I gave up and closed down for the day. I shifted my attention to other games after that. I definitely get that they want to stop cheaters - cheaters ruin the fun for others. It’s a shame that the new anti cheat has made it so that Steam Deck players are stuck unable to play online.
Play services actually works very well for containerizing work apps. Better actually than on iOS. My work can offer a set of apps that are available in this isolated container and apply policy to them that doesn’t impact other areas of the phone. I can also shut off all of them with a single button when I am on PTO. Microsoft’s apps require these services to build the container, and I believe Android phones in China do not have play services. It’s not perfect, but I personally think it works very well.
The costs are definitely a huge consideration and need to be optimized. A few years back we ran a POC of Open Shift in AWS that seemed to idle at like $3k/mo with barely anything running at all. That was a bad experiment. I could compare that to our new VMWare bill, which more than doubled this year following the Broadcom acquisition.
The products in AWS simplify costs into an opex model unlike anything that exists on prem and eliminate costly and time consuming hardware replacements. We just put in new load balancers recently because our previous ones were going EoL. They were a special model that ran us a about a half-mil for a few HA pairs including the pro services for installation assistance. How long will it take us to hit that amount using ALBs in AWS? What is the cost of the months that it took us to select the hardware, order, wait 90 days for delivery, rack-power-connect, configure with pro services, load hundreds of certs, gather testers, and run cutover meetings? What about the time spent patching for vulnerabilities? In 5-7 years it’ll be the same thing all over again.
Now think about having to do all of the above for routers, switches, firewalls, VM infra, storage, HVAC, carrier circuits, power, fire suppression.
The cloud today significantly different than the 2003 cpanel LAMP server. It’s a whole new landscape. Complex, highly-available architectures that cannot be replicated in an on-prem environment are easily built from code in minutes on AWS.
Those capabilities come with a steep learning curve on how to operate them in a secure and effective manor, but that’s always going to be the case in this industry. The people that can grow and learn will.
The core features of a WAF do require SSL offload, which of course means that the data needs to be unencrypted with your certificate on their edge nodes, then re-encrypted with your origin certificates. There is no other way in a WAF to protect from these exploits if the encryption is not broken, and WAF vendors can respond much faster than developers can to put protections in place for emerging threats.
I had never considered that Akamai or Cloudflare would be doing any deeper analytics on our data, as it would open them up to significant liability, same as I know for certain that AWS employees cannot see the data within our buckets.
As for the captcha prompts, I can’t speak to how those work in Cloudflare, though I do know that the AWS WAF does leave the sensitivity of the captcha prompts entirely up to the website owner. For free versions of CF there might be fewer configurable options.
Can you educate me on the negatives of Cloudflare?
My company is on Akamai, who has a pretty solid combined offering of WAF, DNS, and CDN, and yet I still feel like their platform is antiquated and well overdue for a refresh.
Thinking back to log4j, it was cloudflare who had the automatic protections in place well ahead of Akamai, who we had to ask for custom filters. Cloudflare also puts out many articles on Internet events and increase adoption of emerging best practices, sometimes through heavy shaming.
Eyyy yes! I just picked up an MZ-N505 a few months ago! It’s been great at work to quickly start music without staring at my phone for 5 minutes first.
Plex, as a company, definitely is aware of what items are in your library but streams don’t go through the Plex servers unless you use the Plex proxy service which is enabled by default but only used when the client connection speed is too slow to use the desired streaming setting.
Everyone who accesses their Plex externally should use app.plex.tv rather than NAT/port forwarding unless you’re also doing IP whitelisting on the NAT (not feasible for most remote access scenarios, as IPs are dynamic in most cases). Jellyfin should never be exposed externally.
I work in a highly regulated sector of IT and have learned that even the most robust software will have serious exploits at some point.
I have not looked into it for a while but I believe their servers broker a direct connection between the client and server.
I always wonder why some people are so dedicated to Jellyfin. Even if JF had full feature and experience parity, it would still not have secure remote access the way Plex does. There is no need to port forward or NAT Plex for external access if you use app.plex.tv to access. With the threat landscape the way it is today, that is worth a lot.
You don’t think it’s possible that the accusations were mostly unfounded and the LTT crew are just decent people? They did bring up some issues with onboarding which are completely expected on smaller companies.
At my work we pay auditors to assess our security controls and I would chose a different company if I thought they were being anything less than honest with us on their findings. The agreements and SOW are set up at the beginning of the engagement, so the investigators get paid regardless of their findings. It’s not like the bond rating agencies on Wall Street.
When I worked at an internet provider, Netflix sent us a cache (I’m sure they have several at that ISP now). I can’t imagine it cost them more than a few thousand dollars, as it was just a bare bones box full of hard drives. We gave them free power, internet, and rack space in our data center. Every night during the slow period it would fill up with whatever they thought would stream the next day.
There was nothing to do with neighborhoods, the cache served customers all over Maine and they didn’t pay us anything. Netflix’s costs are more likely content and licensing.
Available to all Wikipedia+ subscribers
I bought an Ayn Odin 2 recently and noticed how hard it was to find Russ/Retro Game Corp’s site and videos even when searching directly for retro game corps. It was like the results some days were buried and other times I could find them in the top few.
My aging windows tower and retired work laptop were both struggling to keep up with my photo and video editing. Linux asnt an option for Capture One and Davinci Resolve, and the writing was on the wall for what Windows is becoming.
Combined with the failures in Intel Raptor/Alder lake CPUs, I took an unexpected leap into the realm of Apple silicon with an M4 Pro Mac Mini.
Apple is not a perfect company, but this new machine processes video faster than anything I’ve ever used, and for the first time since the 2010s it has replaceable (proprietary) storage.