EDIT: Unfortunately I can not access the Google Cloud forecasts to archive them when I click "View Data set" I get " To view this page, select a project."
> Yes, it is very obvious from the screenshot that it’s built on top of Electron [1].
I love this. It was my first reaction when I used MS Teams ... shit, it's electron and the I got the horrible user experience as usual. And in MS Teams even the font and its rendering is hardcoded and the devs are refusing to do anything about this! So when I use MS Teams I need to look at blurry text.
EDIT: And they bundle libffmpeg.so too .... let's have a look at what version, though I guess 1password is not a good attack vendor as it'd be hard for the attacker to control input data, right.
Because Electron bundles (light) chrome and nodejs and all deps breaking desktop integration and security (the developers are now responsible for checking vulnerabilities in all bundled libraries and they are not doing it).
Those are pretty good reasons not to use electron.
It's also interesting to look at the trend. The daily number of deaths to the daily number of cases has dropped rapidly all around the world. Not sure why but it's a very good sign.
If I saw this trend only in a handful of countries I'd say they are undercounting (FWIW I still think they are) but because we can see this in US, EU and Asia, it'd say virus is getting less deadly/treatment is getting significantly better.
This is the biggest problem with tech today, making "eye catchy" software which is horrible to use and getting anything done (and I mean simple things as making a payment if it's just little bit different than the "designer" imagined, for example you want to add a note) is so frustrating because it takes so much time. Yet it was not like that few years ago.
Thanks apple I guess ?
EDIT: And then to make the software "easier to use" security goes down the drain. There is a small fintech bank where all you need to know is email and 6 digit pin number to pair the account with a phone. That is, the 6 digit pin number is all you need to know to access the customer's funds. Now keep in mind attacker wouldn't care about a specific account, just get loads of customer emails and try the most common pin numbers and fish what you can - there is no notification when a new device is paired either, indeed.
Not really the best user experience and use of my time if I lose my money and need to fight with the fintech bank to get it back or when my account gets locked needlessly.
The same goes for the constant redesigns. How is that mindful to the user if you change everything (again) so they need to spend their time to learn again how to use your app just to get the same stuff done as before.
After IBM, Microsoft and many others publicly declared (for marketing reasons no doubt) to stop working and delivering face recognition systems, a new competitor quickly fills the space. Color me surprised.
apt install nginx will set the users for you and it also starts automatically on start, ssh default config is perfectly fine, keys are set up automatically when you start the instance - any cloud provider/VPS service/even kvm with 'uvtools' does this for your (and even if not, it's one ssh-copy-id command).
But yes you need to run, for example, a certbot as well to setup certificates.
so it's:
apt install nginx
apt install certbot
certbot certonly -d your.domain -d www.your.domain
# again, when you apt install certbot it installs the cron/timer automatically for automatic certificates renewly and nginx reload
Still less work than going the CDN route I would say.
It really seems to me you don't trust default linux settings and need to take care of everything and fine tune everything but you trust CDN providers thus making the CDN route less work for you. If you trust default settings of a linux distro, it's less time consuming setting it up yourself on linux. Yes that's how user-friendly it really is today.
What do you guys do when admining a server to make it so time-consuming/bothersome?
If you just host static content you don't even need to care about security updates. Just deploy a new instance, "apt install nginx", done, forget about it. I would say less work than setting it all up on AWS.
When is the last time there was an remote exploit for nginx serving static files or in Linux kernel? You dont even need to worry about security updates in this scenario.
> I’m sure a large part is that he wants to maintain a personal account to learn/hone skills.
Yeah, he seems to be responsible for OpenShift (marketing?) at Red Hat and he only learnt how expensive AWS is when he got a bill? Bit embarassing.
Yes AWS is crazy expensive, their business model is simple yet super effective and they are swimming in money, power to them, make custom services with custom APIs, make it very cheap/free for low volume use and then crazy expensive when the usage goes up and the customer is vendor locked-in into their services + push enough money into marketing to so it is everyone's first choice.
Not only AWS is very expensive but also rather hard to use and all their forms and services pretty difficult to navigate as well, it put me off the cloud hype for very long time until I actually discovered reasonably-priced* cloud providers like DigitalOcean (or linode, vultr,...) with also very easy to use platforms.
* of course still pricier than dedicated hardware/VPS, however the premium for hourly billing and infrastructure maintenance is reasonable
http://archive.is/lAHOB
Let's see in few weeks how this forecast goes.
EDIT: Unfortunately I can not access the Google Cloud forecasts to archive them when I click "View Data set" I get " To view this page, select a project."