HackerTrans
トップ新着トレンドコメント過去質問紹介求人

mxhold

no profile record

投稿

Novo Nordisk's Canadian Mistake

science.org
5 ポイント·投稿者 mxhold·昨年·0 コメント

[untitled]

2 ポイント·投稿者 mxhold·昨年·0 コメント

State Bar of California admits it used AI to develop exam questions

latimes.com
8 ポイント·投稿者 mxhold·昨年·1 コメント

Andrew Cuomo Used ChatGPT for His Housing Plan

hellgatenyc.com
1 ポイント·投稿者 mxhold·昨年·0 コメント

Washington Post created a website to discourage its tech workers from unionizing

bsky.app
11 ポイント·投稿者 mxhold·昨年·1 コメント

Something Is Happening to People Who Use ChatGPT a Lot

futurism.com
3 ポイント·投稿者 mxhold·昨年·1 コメント

コメント

mxhold
·昨年·議論
Interesting coincidence?

>On April 12, Coinbase updated their user agreement to take effect TODAY, May 15, with new language about waiving some rights to class action lawsuits and jurisdiction selection.

https://bsky.app/profile/jsweetli.bsky.social/post/3lp7sw647...
mxhold
·昨年·議論
I've always been a little uneasy about Vercel after trying to self-host Next.js on a VPS and running into a few of the little traps they seem to have set to nudge you into hosting on their platform instead. I get they have to pay the bills somehow but it does feel a bit risky to bet on their goodwill long-term.

The way they've handled this vulnerability has made me even more uneasy.

Vercel's initial framing of their Firewall as having "proactively protect[ed]" their customers definitely leaves a bad taste.

This, plus the delay in notifying other platforms, reveals a conflict of interest I had not previously considered: is Vercel actually less motivated to prevent such vulnerabilities from being introduced to Next.js in the future because they can roll out mitigations on their own platform before public disclosure and then say "well you wouldn't have been affected if you used us for hosting :)"?
mxhold
·昨年·議論
I really appreciate this post. I've always been a little uneasy about Vercel after trying to self-host Next.js on a VPS and running into a few of the little traps they seem to have set to nudge you into hosting on their platform instead. I get they have to pay the bills somehow but it does feel a bit risky to bet on their goodwill long-term.

The way they've handled this vulnerability has made me even more uneasy.

Vercel's initial framing of their Firewall as having "proactively protect[ed]" their customers definitely leaves a bad taste.

This, plus the delay in notifying other platforms, reveals a conflict of interest I had not previously considered: is Vercel actually less motivated to prevent such vulnerabilities from being introduced to Next.js in the future because they can roll out mitigations on their own platform before public disclosure and then say "well you wouldn't have been affected if you used us for hosting :)"?