• 6 Posts
  • 121 Comments
Joined 2 years ago
cake
Cake day: June 4th, 2023

help-circle








  • Apple and Google can fix the problem. Apps are required to ask for permission to access location information. Most of the time, it’s for tracking and analytics, not anything related to the app’s functionality. That’s the data that is leaking to these data brokers.

    In those cases, if asked, user can say no, but apps keep haranguing you until you capitulate.

    Instead, the OS could add a button that says: “Yes, but randomize.” After that, location data is returned as normal, but from totally random locations nearby. They could even spoof the data clustering algorithms and just pick some rando location and keep showing returns to them, or just trade the data from one random phone for another every N days.

    You do this enough and the data will become polluted enough to become useless.





  • Out in the cloud world, several companies changed their FOSS license to prevent large cloud providers from making money off their work (eg, Terraform, Redis, Mongo, and ElasticSearch).

    Their reasoning was sound, on paper. They were spending a ton of time and money supporting a popular product and the only way to make money on it was by selling hosted services to enterprise. Then these other cloud providers would take their work for free, compete with them for the same customers, and often win.

    In almost all these cases, the FOSS developers were pilloried for changing the terms of their original license, leading to immediate forks and fragmentation of the community.

    The only outfit that I know of that survived the transition was Thingsboard. They still offer an open-source service, but they take a lot of their enterprise-only adapters and do not offer it as FOSS. Only way to get these is to sign up with their service.

    Wordpress could have taken a survey of their highest paying customers, then created features they needed behind a private hosting service. Yes, people would have been unhappy, but the core service would remain FOSS and the company would still make a lot of money.

    This whole thing has been done in the worse possible, public, mud-slinging manner. I don’t understand who benefits from the scorched-earth approach.




  • fubarx@lemmy.mltoTechnology@lemmy.worldWhat is S3 storage?
    link
    fedilink
    English
    arrow-up
    16
    ·
    edit-2
    2 months ago

    S3 started as a place on the cloud to store and retrieve files. But it’s evolved a lot over the years:

    • You can directly stream music and videos from it.
    • Along with a separate Content Distribution Network (CloudFront), you can have copies geographically replicated to be closer to end-users.
    • There’s a separate service (Transfer), you can have multiple locations securely upload files to it. Examples are schools, retail outlets, enterprise divisions, news media, etc.
    • It has a built-in event system, so whenever a file is uploaded, it can trigger a function to process the content automatically. This makes it handy for applications where users upload content (like videos) that need to be automatically converted, then copied to another S3 ‘bucket’ for streaming or download.
    • You can make a ‘bucket’ (think of it as a directory of files) become a webserver, accessible via HTTP. This makes it dead-easy to build web front-ends using React/Vue, etc. and deploy them there.
    • Also handy to host static HTML content, for things like blogs, portfolios, or galleries. A lot of static content generators like Hugo and Jekyll have direct upload to S3 built in.
    • If looking to archive or backup, you can designate files to be put into deep freeze on Glacier. This means they are stored, but you will likely not have to access them that often. Storage and access costs are lots cheaper.
    • There’s a whole audit log/access control backend for regulated industries like finance, law, or healthcare.
    • You can set alarms so you are notified when there is a problem, and rules to prevent things like massive file uploads or DDOS downloads.
    • You can create what’s called a ‘pre-signed URL’ so someone using it can securely access a file for a limited amount of time. Those without can’t access it.
    • There’s a command line tool, as well as programming toolkits in lots of languages that let your websites and apps directly integrate with it.
    • Cost-wise, it’s pay-as-you-go with no monthly fee. So you can store a bunch of files up there and the bill at the end of the month is like, $0.23.
    • However, there is a fee for ‘egress’ traffic to the cloud, so if you want to put some content somewhere public and a lot of people access it, it can get expensive.
    • A bunch of third-party services have sprung up to offer basic S3-like access with zero egress fees, but they trade that fee for a basic monthly one (Backblaze B2, CloudFlare R2, Wasabi). Generally, they’ll cost less, but you lose some of the above features.
    • There are tools that mount S3 buckets as local filesystems, so you can add/list/delete files as if they’re local.

    There’s more, but that’s the crux of it.