HackerTrans
TopNewTrendsCommentsPastAskShowJobs

techthumb

no profile record

Submissions

Revel - a ride share service in NYC shuts down

gorevel.com
5 points·by techthumb·11 माह पहले·0 comments

Nasdaq/Verafin: AI Leader in Financial Crime Prevention

verafin.com
1 points·by techthumb·12 माह पहले·1 comments

AWS Console is returning HTTP 500 errors

console.aws.amazon.com
147 points·by techthumb·5 वर्ष पहले·2 comments

Show HN: Docker on macOS Without Docker for Mac

dev.to
1 points·by techthumb·5 वर्ष पहले·0 comments

comments

techthumb
·3 माह पहले·discuss
Amazon Bedrock Mantle provides OpenAI compatible API endpoints for model inference, powered by Mantle, a distributed inference engine for large-scale machine learning model serving. These endpoints allow you to use familiar OpenAI SDKs and tools with Amazon Bedrock models, enabling you to migrate existing applications with minimal code changes—simply update your base URL and API key.

https://docs.aws.amazon.com/bedrock/latest/userguide/bedrock...
techthumb
·12 माह पहले·discuss
Machine Learning capabilities analyze vast volumes of financial data, including transactions and check images to detect unusual customer behavior and suspicious activity with high accuracy and fewer false positives.
techthumb
·4 वर्ष पहले·discuss
Transaction boundaries are a critical aspect of a system.

I've often noticed that these boundaries are not considered when carving out microservices.

Subsequently, workarounds are put in place that tend to be complicated as they attempt to implement two phase commits.
techthumb
·4 वर्ष पहले·discuss
NASDAQ has moved the matching engine to AWS Outposts

https://www.nasdaq.com/press-release/nasdaq-completes-migrat...
techthumb
·4 वर्ष पहले·discuss
There's also https://jless.io
techthumb
·4 वर्ष पहले·discuss
K8S is not easy.

  It helps standardize:
    - deployments of containers
    - health checks
    - cron jobs
    - load balancing
What is the "old way" of doing things?

Is it same/similar across teams within and outside your organization.

If not, what would it cost to build consensus and shared understanding?

How would you build this consensus outside your organization?

For small organizations, one should do whatever makes them productive.

However, as soon as you need to standardize across teams and projects, you can either build your own standards and tooling or use something like K8S.

  Once you have K8S, the extensibility feature kicks in to address issues such as:
   - Encrypted comms between pods
   - Rotating short lived certificates
I don't love K8S.

However, if not K8S then, what alternative should we consider to build consensus and a shared understanding?
techthumb
·4 वर्ष पहले·discuss
I love Cloudflare & their products.

From a moat perspective, I wonder if the TAM of this business in the context of the three cloud providers is substantial.

Their stock price is back down to reasonable levels.

Perhaps they'll remain a niche player in the market?
techthumb
·4 वर्ष पहले·discuss


    #!/bin/sh

    set -e

    if [ -n "$VERBOSE" ]; then
      set -x
    fi

    if [ "$1" = "--show" ] && [ $2 = "twitter" ]; then
      echo "https://twitter.com/teaxyz_"
    elif [ -n "$1" ]; then
      # Hi, I know you’re excited but genuinely, pls wait for release
      # I added this so I can do CI :/
      case $(uname) in
        Darwin) suffix=macOS-aarch64;;
        Linux)  suffix=linux-x86-64;;
        *)
          echo "unsupported OS or architecture" >&2
          exit 1;;
      esac

      if [ "$1" = "brew" ]; then
        d="$HOME"/.tea/bin
        mkdir -p "$d"
        curl https://tea.xyz/dist/tea-$suffix -o "$d"/tea
        echo "$d" >> $GITHUB_PATH
      else
        mkdir opt
        curl https://tea.xyz/dist/tea-$suffix -o ./opt/tea
        chmod u+x ./opt/tea
        shift
        ./opt/tea "$@"
      fi
    else
      echo
      echo "418 I’m a teapot"
      echo
      echo "thanks for your interest in tea."
      echo "alas, we’re not quite ready to serve you yet."
      echo
      echo "while you wait why not follow us on Twitter:"
      echo
      echo '    open $(sh <(curl tea.xyz) --show twitter)'
      echo
    fi
techthumb
·4 वर्ष पहले·discuss
Good to see someone asking the important questions :)
techthumb
·5 वर्ष पहले·discuss
https://status.aws.amazon.com hasn't been updated to reflect outage yest
techthumb
·5 वर्ष पहले·discuss
This is a lot of security to give away in order to read news articles for free.

From https://incoggo.com/faq/

  If you’re a very security-minded individual (or you use your computer for very sensitive tasks), before using Incoggo you may want to be aware that the application does the following:

  Upon installation, Incoggo adds a file to your system’s sudoers.d folder that whitelists specific commands from requiring a sudo password to perform. (This allows Incoggo to manage your system proxy settings, kill certain processes on shutdown / restart, and perform tasks related to Incoggo’s auto-updating feature without requiring that a sudo password be prompted each time.)

  Incoggo loads external Javascript files when you visit specific domains (i.e. those we filter paywalls / clear cookies on / clear storage on / etc.).

  Incoggo overwrites a few system defaults (re: open page / process limits) at runtime for performance reasons.

  Upon installation, Incoggo also installs a trusted root certificate in your system keystore. This is required for Incoggo’s advanced filtering functionality to work (unlike the issues above – which we intend to clean up shortly – this one is a hard requirement for the app to work).
techthumb
·5 वर्ष पहले·discuss
I follow the implementation here.

The conflating part here is that using the callback as a mechanism to imply subscription.

This works for your situation.

However, if you need to start making multiple backend calls, then, you will likely need to separate the authentication part from the subscription part.

Generally, OAuth implies that the requirement is to get authenticated by a provider and making multiple subsequent calls to some backend. Additionally, the backend will verify the authenticity of the short-lived token before allowing the operation to proceed.
techthumb
·5 वर्ष पहले·discuss
In that case you could create a backend endpoint that accepts a request and makes the call with the API key on behalf of the client/front-end.

The title of the article says OAuth, and hence assumed that you wanted an authenticated client to be able to make the call to the backend for subscribing.
techthumb
·5 वर्ष पहले·discuss
From the article itself:

  ... one might think implementing OAuth sign up is relatively trivial; after all, you just need to write a fetch request that redirects the user to the OAuth page, then another request that sends their email to the newsletter service of choice to sign them up. Well, the issue is that in order to do the second step of that process, one needs to hit an API endpoint that requires authentication (an API key). That is essentially a password and not something you want to expose on the front end and give everyone access to.


The OAuth Authorization Code Flow with Proof Key for Code Exchange (PKCE) solves this problem without needing a worker.

This article Auth0 does a good job of explaining PKCE: https://auth0.com/docs/authorization/flows/authorization-cod...
techthumb
·5 वर्ष पहले·discuss
I am a fan of Peplink products.

I recommend https://www.peplink.com/products/ap-one-ax/
techthumb
·5 वर्ष पहले·discuss
With support for corporate proxies using self signed certificate authorities (CA)
techthumb
·5 वर्ष पहले·discuss
I've been using Minikube's docker-engine and haven't missed DockerForMac for some time now.

Minikube sets up a Linux VM using MacOS Hypervisor.

It even has a convenience command to configure docker-cli/docker-client.

  $ minikube docker-env
    export DOCKER_TLS_VERIFY="1"
    export DOCKER_HOST="tcp://192.168.65.11:2376"
    export DOCKER_CERT_PATH="/Users/wibble/.minikube/certs"
    export MINIKUBE_ACTIVE_DOCKERD="minikube"
For corporate situations where MITM proxies are used, you can inject/trust custom CAs using

  $ minikube start --embed-certs
https://minikube.sigs.k8s.io/docs/handbook/untrusted_certs/
techthumb
·5 वर्ष पहले·discuss
When I want a very specific version if the image, I use the SHA to pull/run

  $ docker pull hello-world@sha256:7d91b69e04a9029b99f3585aaaccae2baa80bcf318f4a5d2165a9898cd2dc0a1
techthumb
·5 वर्ष पहले·discuss
I am using "hyperkit"

Available options:

  --driver='': Driver is one of: virtualbox, parallels, vmwarefusion, hyperkit, vmware, docker, ssh (defaults to auto-detect)
techthumb
·5 वर्ष पहले·discuss
I've been using Minikube's docker-engine and haven't missed DockerForMac for some time now.

Minikube sets up a Linux VM using MacOS Hypervisor.

It even has a convenience command to configure docker-cli/docker-client.

  $ minikube docker-env
    export DOCKER_TLS_VERIFY="1"
    export DOCKER_HOST="tcp://192.168.65.11:2376"
    export DOCKER_CERT_PATH="/Users/wibble/.minikube/certs"
    export MINIKUBE_ACTIVE_DOCKERD="minikube"

For corporate situations where MITM proxies are used, you can inject/trust custom CAs using

  $ minikube start --embed-certs
https://minikube.sigs.k8s.io/docs/handbook/untrusted_certs/