msumpter's comments

A direct link[0] to the PDF in case someone doesn't want to fill out the form: https://azure.microsoft.com/mediahandler/files/resourcefiles...

[0] - Always subject to change of course

Are you looking to make this feature available to only the paid tier or also to the free tier? Wasn't certain based on the blog posting, but most of the time you'll say if a feature is enterprise only, etc.

Currently on the free tier for my personal projects and would love to play with this on my personal k8s cluster.

So prior to the next warrant served to Uber authorities will sever all communication lines ran into the suite right?

I think the wifi captive portal feature requires a constantly running controller, other than that I only start a local controller for changes.

There are also a few docker based installation options for self-hosting too. I created one as well to run the container as my local user to not muck with file permissions https://github.com/msumpter/docker-cloud9-ide

Dunno why, but just surprised that Kim K's credit score with Equifax is 643. Unrelated, sorry.

Glad filings are being made already, I wonder if it will be possible for someone to also seek relief/guidance for individuals checking to see if they were breached on trustedidpremier.com and may be inadvertently waiving their rights to class action suits and instead being forced into individual arbitration.

Based on the fact their privacy policy and terms of service were just updated on Sep 6, this seems pretty blatant. Browserwrapped agreements haven't held up in most cases, but having the arbitration clause at the very beginning seems to be point of the entire thing. Pushing a notice 41 days after a breach (just in time for the 45 day requirement in most states) and directing individuals to check if they are impacted all while tricking them into waiving rights. Seems deceptive to me.

Also just tried to pull a credit report for Equifax via annualcreditreport.com and received a messages a condition exists at this time not allowing my report to be pulled and instead gave me mailing instructions.

There is a nicely done 'how it works' on Let's Encrypt: https://letsencrypt.org/how-it-works/

I'll keep my eyes peeled LOL

Here is the direct link to Upguard's write up (most of the Gizmodo details are here): https://www.upguard.com/breaches/the-rnc-files

It is mostly publicly available data, but not always easily accessible (states have varying requirements and methods of acquisition), firms go through quite a bit to get aggregate files in all 50 states. For them to be put up with no protection is jarring. But not surprising with other recent disclosures.

I only wish we had access to the files to do some queries across them!

Been looking at cloning the project to make the installer less dependent on vestacp.com's assets, so I only happened to know :)

The URL for vst-install.sh should be: https://vestacp.com/pub/vst-install.sh

Just some random feedback, all of course my personal opinion:

1) Editing paid invoices shouldn't be allowed after a payment has been made.

2) Quotes should have an accept or sign option, the quote list should reflect the status.

3) Quotes should also have templates similar to invoices

4) Dashboard widget reflecting outstanding payments, recent payment stats, etc. Could be handy.

Well from the install directions they recommend 8GB of memory for the server. A simpler SMTP server like Postfix or Exim can do with much fewer resources, and a spam operation doesn't care about abiding by protocol for redelivery attempts, they just fire and forget and mostly opt for direct SMTP delivery.

Cross devices targeting has become prevalent for most adtech targeting, at it's most basic they will correlate your public IP address but there are other methods for correlation.

Mail covers[1] are a very old surveillance technique and mail isolation control and tracking/MICP[2] has been standard on all parcels since early 2000s

1: https://en.wikipedia.org/wiki/Mail_cover 2: https://en.wikipedia.org/wiki/Mail_Isolation_Control_and_Tra...

I was thinking the same thing after reviewing the repo and output HTML but I wonder if that would really lower the monthly hosting costs for the Heroku instance and the various addons. It would be simple to modify the RoR app to output the proper caching headers that would allow any CDN to cache the HTML output and obey the various cache limits, but on demand rendering the output from time to time is still required once the cache expires.

I think moving the site to a normal static site generator (like Jekyll) would deliver the most bang for the buck but would be quite the transition. The site would only need to be built upon a new commit and with the proper site generator it will only update the underlying HTML files that require a change. Then syncing the update HTML to whatever CDN is chosen.

That has been one of my major driving forces behind creating Dockerfiles/docker-compose my personal/work projects to stand up quick environments. Docker support on CentOS 5 doesn't exist but I only have a few servers left from that era luckily.

If you want to give this a try within Docker I setup a repo here to try it out: https://github.com/msumpter/docker-lua-resty-auto-ssl

Awesome!

I had been playing around with https://github.com/jwilder/nginx-proxy and docker-gen to handle automatic Let's Encrypt generation for my docker containers.

It's amazing how quick to get some of these thing setup with very work: https://github.com/msumpter/docker-lua-resty-auto-ssl