> There are plenty of platforms even easier than that where you can click "install" on "apps" that have already been configured.
Yeah, like TrueNAS, where they've decided it was good entire to run Kubernetes on NAS hardware, with all the fun and speed that comes with. You just hit "Install", wait five minutes, and you get something half-working but integrated with the rest of their "product".
I'll stick with configuration I can put in git, patch when needed and is easy to come back to after 6 months when you've forgotten all about the previous context you had.
An integrity check where both what you're checking and the hash you're checking against is literally not better than nothing if you're trying to prevent downloading compromised software. It'd flag corrupted downloads at least, so that's cool, but for security purposes the hash for a artifact has to be served OOB.
It is better than nothing if you note it down. You can compare it later if somebody / or you was compromised to see whether you had the same download as everyone else.
Flip a switch and then what, are you getting a isolated public URL to share? Or you have your infrastructure exposed to the internet and the shared URL is pointing to your actual server where the data is hosted?
The Nextcloud iOS app does it. For some reason it requires the location permission "all the time" for that, presumably as a way to "wake" the app from time to time?
I decided to try Nextcloud exactly because of this. My problem with it is more that the whole thing is a bit unreliable. Like once in a while the app will get into a state where the only way I found to recover is to just erase everything and re-sync everything. And the app will resend ALL the pictures, even though they are already on the server.
And I can't do that with my family members' phones. It doesn't matter to me if the app takes a month to sync the photos, but it has to require zero maintenance. I can deal with the server side, but I need it to "just work" on the smartphones.
Searching for "nextcloud ios background sync" shows a whole bunch of forum posts and bug reports about it not working well unless you have the application open.
For something that works well it seems like a ton of people have a lot of issues with it. Are you sure you're on the latest iOS version? Seems like people experience the issues when they're on a later version.
> Regarding NixOS, I'm mostly afraid of them going on a user purge after their developer purge
... Why? I don't know what developer purge you're talking about, but getting rid of people running a project almost never means suddenly they'll start to get rid of users, I'm not sure why that assumption is there. Not to mention that they couldn't even "purge users" if they wanted to, unless they make the download URLs private and start including some licensing schema which, come on, hardly is realistic to be worried about...
It's not "any company", it's exceptionally large platforms who can give insight into large societal questions and have enough influence to sway people's opinions. The data is technically public already, researchers could scrape it, but investigations has to be able to be done to ensure the platforms aren't used to intentionally steer people's opinion in a specific direction, since they're unable to self regulate that it seems.
> Can I get access to my politicians' emails "for research purposes"?
In the US that's called an FOIA. It could include their personal devices if they use them for work communication. It's not limited to research purposes.
Aah, that's much better and more realistic than my previous assumption that they were "government instructions", something used in the military and similar more secretive contexts, but I suppose they didn't use off-the-shelves components perhaps like today.
These instructions were not intentionally designed and put in there in secret. They're simply an unintended consequence of the "don't care" states of the instruction decoding logic.
The decoder is the part of the CPU that maps instruction opcodes to a set of control signals. For example "LDA absolute" (opcode 0xA5) would activate the "put the result in A" signal on its last cycle while "LDX absolute" (opcode 0xA6) would activate the "put the result in X" signal. The undocumented "LAX absolute" (opcode 0xA7) simply activates both because of the decoder logic's internal wiring, causing the result to be put in both registers. For other undocumented opcodes, the "do both of these things" logic is less recognizable but it's always there. Specifically disallowing these illegal states (to make them NOPs or raise an exception, for instance) would require more die space and push the price up.
See here[1] for example to get a sense of how opcode bits form certain patterns when arranged in a specific way.
I don't think they were "intended" for anything - it's just that was the state of the control lines after it decoded that instruction byte, and combination might do something somewhat sane.
Wiring all the "illegal" instructions to a NOP would have taken a fair bit of extra logic, and that would have been a noticeable chunk of the transistor budget at the time.
> Cloudflare has had some outages recently. However, what’s their uptime over the longer term? If an individual site took on the infra challenges themselves, would they achieve better? I don’t think so.
Why is that the only option? Cloudflare could offer solutions that let people run their software themselves, after paying some license fee. Or there could be many companies people use instead, instead of everyone flocking to one because of cargoculting "You need a CDN like Cloudflare before you launch your startup bro".
What you’re suggesting is not trivial. Otherwise we wouldn’t use various CDNs. To do what Cloudflare does your starting point is “be multiple region/multiple cloud from launch” which is non-trivial especially when you’re finding product-market fit. A better poor man’s CDN is object storage through your cloud of choice serving HTTP traffic. Cloudflare also offers layers of security and other creature comforts. Ignoring the extras they offer, if you build what they offer you have effectively made a startup within a startup.
Cloudflare isn’t the only game in town either. Akamai, Google, AWS, etc all have good solutions. I’ve used all of these at jobs I’ve worked at and the only poor choice has been to not use one at all.
What do you think Cloudflare’s core business is? Because I think it’s two things:
1. DDoS protection
2. Plug n’ Play DNS and TLS (termination)
Neither of those make sense for self-hosted.
Edit: If it’s unclear, #2 doesn’t make sense because if you self-host, it’s no longer plug n’ play. The existing alternatives already serve that case equally well (even better!).
Yeah, like TrueNAS, where they've decided it was good entire to run Kubernetes on NAS hardware, with all the fun and speed that comes with. You just hit "Install", wait five minutes, and you get something half-working but integrated with the rest of their "product".
I'll stick with configuration I can put in git, patch when needed and is easy to come back to after 6 months when you've forgotten all about the previous context you had.
reply