nmjohn's comments

> and paid for with your privacy (and probably your website user's privacy too)?

That's not really how ssl certs work - google isn't getting any information they wouldn't have otherwise had by issuing the ssl cert.

It may also be interesting for people that browsers have a large list of domains they enable or disable certain behavior for a variety of reasons: https://github.com/WebKit/WebKit/blob/main/Source/WebCore/pa...

One of the standard link bypasses seems to work here[0] though. Is that not a reliable workaround here?

[0]: https://archive.is/BYCjp

Why are other news sources which also have paywalls not banned? (nytimes, wsj, bloomberg, financial times, etc)

Why did he not want CVE's assigned?

> And please don’t reply.

Respectfully, if you don't want discussion, why comment in the first place?

Commenting telling someone not to comment and then ending in telling them not to bother replying is confusing behavior to me for a discussion forum.

> Note: Relies on Apple Silicon, and configured to only produce Apple Silicon builds.

Just curious, what is relying on apple silicon?

> I have no doubt we will see them attempting to aggressively exercise these in future years to shut down alternatives to Vision Pro in the future.

Do you have examples where apple has aggressively used patents offensively like this?

> because it implies that it should be necessary

Who gets to decide what should or should not be necessary? Do you think your opinion about this is the majority view by people?

> it’s borderline treason and should be prosecuted that way.

Have words lost all meaning? This is the most absurd thing I've read all day.

(And I promise I'm not even remotely defending the absurd situations you're referring to.)

While that certainly has been true for the majority of the last two years - rpi's in pretty much all skus have been back in stock for a few months now - to the point that even digikey has many of the skus in bulk stock

See: https://rpilocator.com/

As for Zero W 2s: In stock right now: https://chicagodist.com/products/raspberry-pi-zero-2

What would your hypothetical egress arbitrage look like? Keep in mind we are specifically talking about cloudfront bandwidth - so being able to route to an upstream without that upstream also paying for bandwidth likely is not possible.

In my experience pricing can go far lower than that. The sibling commenter saying $0.001/GB on an 18PB /year commit seems reasonable to me.

If you can sign a yearly bandwidth commit (not sure what the minimum bandwidth requirement is, but 1PB / year may be in the ballpark) - you will get prices that are extremely competitive (maybe like 90%+ off base list pricing?)

> was only 27 minutes...

I was affected by the tunnel outage. It was down for closer to 3 hours, not 27 minutes. (Their status page does accurately reflect this time)

Not sure if ublock updated their blocking rules to bypass the block or youtube stopped the experiment - but starting yesterday, I'm no longer seeing any adblock warning which previously had started blocking me (as opposed to originally just nagging me to disable) from watching youtube videos.

I do wonder if the actual outcome of the experiment was increased rates of adblocking though - since every time it makes it into the news, more people are exposed to the idea it's even possible.

Aside, (cmd+l, cmd+c, cmd+shit+n, cmd+v, enter) is a pretty useful sequence to have muscle memory for to open the same page in incognito, which easily bypasses the block as well.

The attacker effectively controlled the IP the domain was pointed to. If you have this, getting a cert issued from any CA is trivial - you've proved to them you control the domain in question.

Yes, I was pointing out that many of their products have explicit limits.

But more importantly, the second link I posted shows how that despite being "unlimited" - it's not uncommon for hetzner to throttle / close your account if you go over unstated traffic limits.

Your random blog post is the outdated one.

Their actual docs: https://docs.hetzner.com/robot/general/traffic/

And reports of throttling once you actually hit certain limits: https://lowendtalk.com/discussion/180504/hetzner-traffic-use...

You can not get actual unmetered 1gb/s for anywhere close to that. If you start pushing anywhere close to that much bandwidth, you will be throttled / have your account closed. For example, Hetzner caps your bandwidth at 20TB per month.

Additionally, if you are actually pushing close to that much traffic, you can negotiate guaranteed commit prices w/ AWS that are competitive (especially when you consider the quality of bandwidth. I can only get ~100 mb/s to my hetzner server because of how bad their peering is. I can easily saturate my 1GB connection to anywhere in AWS.)

---

(Having said that, this does only apply to egress via cloudfront. Things like charging for intra A-Z bandwidth within the same region is insane, and for many workloads may be surprisingly expensive.)