I think it's not bad to remember people from time to time that "just following orders" oder "Just doing my job" isn't an universal excuse and that we hanged people rightfully for "just" doing that. If that's your only excuse for what you're doing you may should at least deeply think again if what you're doing is excusable.
They only want to protect MS in this case, I guess to increase their chance to resolve it positively.
But I just recently thought about this. If you develop exploits for say NSO und a journalist gets tortured to death. Should you be put on trial? I'm not sure why not tbh.
Are you sure? It looks like they only have 1 rack (+1 in another facility for redundancy) and seem to have 40Gbit/s connectivity.
A full rack is in the range of 1k, connectivity around 600$ per 10Gbit/s. I have no idea how much power they consume but I doubt it's 40k$+ per month for a storage workload. I would guess they are in the 10k$ range. Those are only list prices I've seen in the wild so take it with a grain of salt but 50k seem VERY high.
1 rack is a recipe for failure, you need to split, even without that consider
how many SSD's you need.
power usage for all those SSD's
inter-site connectivity (need to keep transferring data between the sites otherwise customers are going to be very surprised.
maintenance and software costs (at the colo level)
All these add up, closer to $50K than some $2K (LOL). The way you guys (below) are talking, this is not some home server that serves personal videos. It runs (some) business operations for thousands of small/medium companies.
When it comes to random companies running their own VDP vs. hiring it out, it can be less than standard despite there being lots of resources on setting it up. I've seen ones that only include a phone number, the email address listed doesn't exist anymore, etc.
Others have had to even get to the point of contacting an executive via LinkedIn despite there being a VDP page / security.txt.
Is there a list of countries that may do border controls of your devices and what rights you have and don't have in each? Basically a guide like this for more than the US.
Yes there exists now more proprietary software but you wanted to create proprietary software with it anyway so this kind of is what parent was talking about that some people don't want.
Partly related. Would you have paid if the project had offered a paid non GPL licence?
We (engineers) actually wanted to for another GPL’d project! But because they didn’t have a CLA, the lawyers wouldn’t sign off on it — they decided that the main/current maintainer didn’t have the rights to relicense it for us.
We probably would’ve for LZO too; not sure why that fell through.
> because they didn’t have a CLA, the lawyers wouldn’t sign off on it — they decided that the main/current maintainer didn’t have the rights to relicense it for us.
How would the legal argument be any different for MIT/etc. licensed software in that case? Would the lawyers sign off on using MIT-licensed software without a CLA? Wouldn't they make the argument that the provenance of the software and therefore its licensing is not solid? Seems like the only thing that matters is who has the right to offer a license to the software, not what the license is.
They just wanted the CLA to support the (paid) relicensing.
I think the reasoning (as it was explained to me) was that when people made their original contributions, they were agreeing to the license at that time (in this case GPL, but for other projects MIT). But the other contributors never agreed that the main maintainer could relicense their contributions for a fee.
The upshot was that we went with an in-house fully-proprietary alternative. More expensive, probably lower quality.
Would not the Observatory be Stratum 0, as it was the 'atomic clock' of its day?
> These are high-precision timekeeping devices such as atomic clocks, GNSS (including GPS) or other radio clocks, or a PTP-synchronized clock.[30] They generate a very accurate pulse per second signal that triggers an interrupt and timestamp on a connected computer. Stratum 0 devices are also known as reference clocks. NTP servers cannot advertise themselves as stratum 0. A stratum field set to 0 in NTP packet indicates an unspecified stratum.[5]:21
IIRC they used NetFlow data to find the only Tor user. So as long as your VPN doesn't use a different exit than entry IP it's as easy to find you as the Tor user.
They still pay for transit (Tier 1 providers) but they just refuse to pay for peering to eyeball ISPs. They just don't because they know if they are big enough the eyeball ISP is basically forced to offer them zero settlement (free) peering. If the ISP doesn't he has to pay for transit too and if there is some congestion in the path from the content provider to the ISP his customers are going to complain to the ISP that youtube is buffering and not to google. The content providers have a bigger lever so they don't pay.
Thanks. I think I have a better understanding now (those concepts like transit, peering are still hard to grasp for me as an outsider). Basically if you host content that many consumers want, you have leverage against ISPs?
They only want to protect MS in this case, I guess to increase their chance to resolve it positively.
But I just recently thought about this. If you develop exploits for say NSO und a journalist gets tortured to death. Should you be put on trial? I'm not sure why not tbh.
reply