Nah bc you're not swapping from CNAME > A records, which could have other random networking related impacts, especially if you're running a public API.
Following this. It's my experience that for all the rhetoric about VCs being ultra-helpful at the end of the day the success of any venture lies with the founders/operators - the VCs can merely allocate some time, monetary capital or social capital to push things in the right direction. But that can be a huge lever.
> That's your excuse? Haven't you heard of artificial intelligence? It can move through thousands of recordings in minutes.
Doing what nefarious activity exactly? I'm not sure good sir, but if we want to make mountains out of molehills we're all free to do it... it's just an analytics tool like any other with the one caveat that they recreate the screen from DOM reconstruction instead of just sending over each and every click event like every other marketing tool (Heap, Segment, Intercom - you name it).
Sure, give users an opt out and respect that but otherwise the drama around this stuff is pretty wild.
You don't use the same argument when entering a grocery store - you're being tracked all over the place. Well, when you're on my website you're on my property and I'll respect the governing rules that say what I can and can't do without permission but hey, if you don't like it... leave?
It's just session replay... in 2020... if we don't want to be tracked I think it's on us at this point to use a blocker.
As someone who runs a site that uses this, I can tell you with 100% certainty that without it we (a) would not be able to optimize user experience nearly as well, (b) would not be able to serve customer support tickets nearly as well and (c) would not be able to make product decisions at the velocity we want.
Not sure what folks are doing on sites like Notion, etc. that makes session replay so creepy but also do we really think companies and startups have time to sit and watch all the user sessions?
This is awesome, thanks for sharing that! Can I ask a quick prying question -- who writes these principles and who approves them over on your end?
Effectively trying to gauge - is it grassroots and from the ground up, implemented and vetted by the engineers or is it more top-down "we need a way to align engineering at scale" development?
Mostly wondering about adoption and imagining whether my approach of pushing this into our team is the way to go or if it's worth allowing a collective to determine the working principles. Sorry for all the questions, you sparked my curiosity :)
But even if you use a third party, tying identity in to your application almost always still has to be rolled on your own right? So no matter how bulletproof the 3rd party solution, it’s likely that a tremendous number of vulnerabilities on an application basis could come from faulty auth integrations as well
But folks really cache auth related data? Isn’t that better handled purely through client <> server requests and handling caching for all UI or action based data?