Certificate transparency and the fact that Chrome only trusts leaf certificates that are in multiple log servers stop governments or rouge CA’s from doing a ssl mitm(or at least doing so quietly).
“…(we can't create machine learning models from your data to improve the experience for other customers, for example, without your prior consent..”
Which if added as a new privacy setting to workspaces later on would seem to imply that this change of removing the org wide opt-out is really how Google could build the right conditions necessary to get users to “opt-in” when they really have not expressed any interest in doing so while making it a large enough task for admins to fail to achieve 100% enforcement of the organization’s actual desired configuration state… and hides the real intent of the change.
Sorry but “we are opting all your users into this and removing your ability to stop us” is an odd change that is being driven by something other than the feedback org admins. I have a hard time believing that normal users will see enough of an improvement to warrant even mentioning their email search to their boss but do find it probable that admins will mention being forcibly overruled by Google to others that help influence renewal… just seems like something else is the driver and the end goal.
imo believing that this change is being driven by good intent wouldn’t be so difficult if the change to make workplace privacy settings a user-only controlled setting if it inherited the current organization stance. Some users would enable it and if it really does improve the user experience so much then others will adopt it when they see it’s effects in action or get the “well I don’t have that problem” comment from a coworker(this is how Google search, Chrome and Gmail got to their levels of adoption after all). As of right now though it sounds like all the other messaging that we have to put up with which after awhile is to take as anything other than “you are trying to steal something from me”.
At least it’s not a setting that can only be saved in the browser’s local storage and not at the account level like so many other annoying things that get pushed(looking at you YouTube).
I don't think that argument really holds up when Robinhood is the subject. I mean they still don't even have phone support or same day guarantees covering them responding to your email.
They didn't two models ago and there was a special kernel hack/package installed specifically to keep the windows key from doing anything since there wasn't an accompanying license, it took less than a minute to remove but still annoying.
The last model didn't have that keyblock though so I guess they got over it.
Setting a Googlebot UA will work for any low tech filter, besides looking at the ASN of the source IP or the javascript engine behavior I'm not sure what else sites could really do to figure it out sans coordinating with Google to define the indexer source(browsing/click pattern maybe).
There's bound to be at least one googler in this thread and since the ASN check would be the hardest to fake and easiest to setup... someone go change their UA and go to nytimes or something from the office and see if it works(bonus points for any SRE who does it from a data center).
Users giving non-exclusive royalty free rights to the content and for the site to use it however they see fit being in the ToS is pretty standard(especially for comment based data)...
Not sure how you are expecting sites that are driven by the userbase to exist since your phrasing sounds like you believe providing all of the infrastructure, management and marketing for information isn't enough to morally receive payment for that information.
Because often the image that was indexed was in the related/other area of the page and is not on the page when you click on the link. Ever since Google removed the direct link to image feature from the search results page anything from pinterest.com is basically SEO spam.
No chance at this point, traders might have a non-zero risk of a fraud charge of some sort since they are purposefully misrepresenting the value of their account in order to get credit but RH is going to get stuck with the vast majority of the bill.
Classless networking used to not exist and a lot of universities being early adopters and some companies ended up with with class B's at least. Anyone in the US(who isn't one of the said universities) likely already had the address range taken back due to noteworthy underutilization though. We lost two class C's a few years ago due to this reason but it was hard to complain about since we weren't really using them.
A counter to that analogy is that where/when ramp access is needed and how one should be built in order for it to be usable is defined by building codes and the concept is well understood. Without what clear definition or a method to get a website's accessibility "certified" makes it seem like allowing litigation is not going to be produce meaningful results and could be easily abused.
The "premium" aggregators I've seen used in some enterprise software campaigns can be extra nasty, I had someone at work forward me a link(over IM) that a competitor sent them targeting our userbase(our company name was in the title of the page, contents of the page was why they were better) since mailing to in email on our domain seemed odd; they sent me a "you visited our site, now call for a demo" email a few minutes later that had my full name, a week later they called my parent's house asking for me (guess it was the only historic phone number associated with my name). Ever since then I have viewed tracking data as unacceptable because the likelihood of misuse is only dependent on how much someone is willing to pay an aggregator to turn a small ID indicator into a person.
Interesting solution, I would have assumed most people would choose the ~/.ssh/config + proxyjump feature to solve this vs adding a new tool into the mix. Is the benefit mostly in centralization of the config/routes or am I missing the target usecase?
Based on my experience of living in Mississippi: rural towns do not have swat teams(or a police force besides the county sheriff's office and maybe Highway Patrol if they are nearby), the suburbs also rarely have a swat team however every local police force or sheriff's office will have some "sharing" agreement with whatever the closest city is that allows them request swat if a situation requires it.
As for "nothing happens there" part, domestic violence and it's ability to turn into a hostage situation is usually why a swat team is used and is sadly a common issue; dumb bomb threat pranks to get school closed also appears to be an efficient way to get black trucks to show up in the middle of nowhere.
It's also worth mentioning when comparing US police to other countries that gun ownership should be a factor. Hard to compare what the appropriate fear level should be if the number of firearms encountered during day to day stops differ by magnitudes. Even in rural state like Mississippi that has very liberal gun carry laws, police still seized at least 4500 guns last year; the number of guns encountered in homes/cars/concealed carry that didn't warrant seizure would have a couple of extra zeros if it was tracked.
I can see a case where the actual mailing is being handled by a delivery service and the ability to remove a single entry from a queued job might not be technically feasible because either the relay service is not exposing it to you or (and hopefully the actual reason) the delivery service only has the job that data stored in encrypted form and addresses are decrypted at time to send using a kms/kmip type of process.
I really don't think the possibility of receiving one more email rises to the level of needing new legislation and adding one more liability to help push people to moving all of the data and logic externally.
1: Sounds like they are saying that until the changes to remove the cluster out of the request path, failover cannot be trusted so the only immediate action that can be taken is to disable the automatic failover logic and prevent any live maintenance jobs needing to take it offline from running. Not unreasonable depending on the timeline to implement the changes when comparing the risk of a cluster killing hardware failure (assuming that there is at least a one node tolerance) vs behavior inside of your buy/sell pipeline being "undetermined"; no failover is probably a great way to keep the sprint work priority at the appropriate level.
2. Loadtesting? Accurate end-to-end loadtests are painful to bootstrap from nothing and requires an environment that can be expensive, worth their weight in gold depending on how critical downtime is or if everything in your platform is pulling from the same resource pool(ie appliance based deployment).
Is it just me or is the service being advertised here(proxyorbit) seem less than ethical or legal? The way it is described and the way terms are worded, it sounds like they are selling access to open proxies that they have found without permission or have even asked permission to use them.
If true, integrating the proxy service into your product like they suggest just seems like a terrible idea for a number of reasons.