Certainly there are people locked out of their bikes, but perhaps not for the reason you're thinking about. Just recently, I bought a NIB VanMoof on CL. The owner had never put together and it sat in his basement for 2 years. So the batteries in it are dead (the controller battery was a spicy pillow, but the motor battery may still be okay), so I figured at the price it was offered at, it worth it just for the parts in the worst case.
I knew about the BikeyApp, and getting the encryption keys downloaded before I went to go buy the bike, but unfortunately, before I could stop the PO, he deletes the bike from his VanMoof account because I now own the bike, and he wanted to release it so that I could register it to myself. So I own it now, right? Wrong... Even though I now "own" the bike, I cannot register it because I don't have the original manual for it (the PO lost it), which has a special QR code printed on it to register the bike.
The PO, who has a receipt for the bike, cannot get VanMoof to transfer the ownership to me, so the bike is parts (which is a risk I was willing to take). I'm going to strip the craptacular electronics from it and just make it a regular 4spd pedal bike.
The funny thing is I was able to get the controller powered up and guess what? The bike was defective from the factory... the controller throws charging over-temp errors regardless of it being hooked up to anything, even dummy loads. This apparently is not an uncommon experience with these bikes from the forum posts I've read about them.
Also, as an aside, f* having to carry a phone to use a bike. This thing might look cool but it's a garbage fire of bad decisions fueled with VC money.
Look up "Earth ships". I have a pretty good book on them, but will have to get back to my library before I could tell you what its title is. I was researching these for awhile and honestly a lot of the reference material is going to be from the 70s. I bought a ton of books about passive solar and such and I think the vast majority were published during the oil crisis.
It's definitely a good option, but you're going to be pushing the boundaries of your local contractors and the materials you can source and or hire a crew to install. If you're motivated, there are any number of ways to construct these dwellings, but the most interesting and appealing method that I saw was one made like a commercial warehouse. It was in Virginia, maybe around Roanoke in the mountains, but the owner used steel warehouse trusses and a dexpan roof (poured concrete over a substrate like corrugated metal). Since it was a known method, he hired a commercial crew to do it and they didn't have a problem iirc other than getting the crane down his driveway. Istr I found this on the break time finehomebuilding forums...
I don't think anyone has any idea how disorientating tech can be until they've witness this for themselves. Also how hostile and large a divide tech creates that the industry doesn't give a damn about (I'm looking at you, Material Design and your crap low contrast fonts and lack of clear clickable buttons that has resulted in more support calls from my aging parents than probably anything else).
Anyhow, a neighborhood homeless man and I became friends and I'd help him out with $$ and food and drink from time to time. We'd hang out and I get to hear stories of all the crazy shit he'd seen in the past 40 years in the neighborhood, from growing up through the civil rights era and seeing the city burn in 68, to the lines of people around the block waiting to buy crack at Rayful Emmonds grandmothers house. He'd been in and out of jail, run with gangs, the full nine yards. After getting hit by a drunk driver on his way to holdup a liquor store to get money to buy his new baby diapers, he'd ended up on the streets with nothing but his stories and a bum leg.
Along the way, he told me about his wife and children, his stint at the Navy shipyards in Virginia Beach, and his childhood in North Carolina. He told me about how one day he'd love to travel back to his childhood home town and see his mother, who he'd purchased his childhood home for with the proceeds from his successful dealings at the shipyards.
One day, he mentioned he'd gotten some money and wanted to send his mother flowers, but he couldn't remember what the address was. I asked if he remembered how to get to the house, and he said he did, so I grabbed my laptop, opened up Street View in the center of the town and asked him which way to go.
I've never experienced quite such a reaction in my life. This was black magic fuckery to him and he thought I was using some secret government technology. I explained to him the general principles of it, and he just didn't believe it. Incredulous wouldn't describe a tenth of his reaction.
That reaction wasn't anything compared to when we finally found his mothers house. He couldn't believe that he was looking at the house he grew up in, had purchased for his mother and that he'd not seen probably 30+ years. He teared up looking at it and got quite emotional. I offered to find her phone number so that he could call her, but it was too much for him at the time, and he waved it off.
He eventually got housing through a city program, and I lost touch with him as he stopped frequenting the neighborhood.
Old Dirty, if you're still out there, I miss your company and stories and hope you're doing well!
Cognito is one of the most frustrating AWS services I have to work with, it is almost, but not quite, entirely unlike an SP.
We're using it to federate customer IDPs through user pools, but this ends up with customer configs being region specific.
Has anyone figured out how to set up Cognito in multiple regions without the hijinx of having the customer setup trusts for each region? Not to mention, while multiple trusts are I think possible with ADFS (not that I've tested it), I'm pretty sure that Okta doesn't support multiple trusts, so regardless of how many regions, we'd still be SOL there...
Eh? Brokering amongst multiple trusts (and managing protocol transition) is almost the raison d'etre for lifting token issuance out of your app and into ADFS, Okta, Auth0, etc.
Of course you'll have to deal with home realm discovery--really need to go in with open eyes on that one.
Yes, but cognito endpoints and pools ids are regional and globally unique, and there is no way that I know of to setup duplicate userpools in multiple regions and have requests served by either region. That means the customer IDP side would need to have two different SAML apps configured for each region...
That design raises the question as to what happens to passwords. Do they get replicated in the global table in plaintext? Or are you still forced to do a global user password reset if you want to failover to another user pool?
Ah, I see what you mean. It does seem like you'd want a more complex arrangement of trusts to keep things simple on the leaves; or else avoid using a product that requires generating a hundred scattered security authorities.
Having spoken with core teams like IAM and Cloudformation teams at length, this appears to an internal AWS organizational issue. Those teams are not responsible for the services integration with them and so they're at the mercy of those teams priorities.
But honestly, I think the reason that Cloudformation support isn't as widespread or a top level priority is that it simply exposes the poor architecture and behavior of many of AWSs second tier services and teams. There are many services that simply do not behave well when managed by Cloudformation, but are also completely janky on their own and I'm betting it's far easier to cover up for poor architecture in the console than expose all the services dirty laundry with a Cloudformation integration.
Additionally, there are a lot of service teams that probably don't have a lot of customers using Cloudformation, so don't prioritize it or half-ass it completely. I'm looking at you DMS, and your terrible turd of a Cloudformation integration.
I'd say nearly the same thing about IAM and service teams inability to implement it well. I still do not understand why AWS has not mandated all services need to support both tag and resource based policies and predictable IAM semantics (looking at you Glue with your little fu of love called the write action "glue:GetMapping").
Cloudformation and IAM are, to me, the two of the most killer services from AWS, neither of which I've seen replicated at other providers.
Ex AWS here. I had the fun of digging into the rabbit hole of IAM and its convoluted logic. It's definitely possible to do what your said, but it's super easy to make mistake and the internal documentation is lacking. It took me multiple trips talking to people to deliver the integration we wanted.
It's also very old with some odd decisions in there - I can't go into the specifics. And it's practically impossible for the IAM team to deprecate those impossible corners
I am not surprised, being that it's one of the oldest AWS services? What I do love about IAM is that with the work that the Automated Reasoning Group is doing with Zelkova, it's really a dream to be able test IAM policies before deploying them. I really hope their work trickles back to the service teams so that they too can leverage it to see their way out of those dark corners in IAM :)
It's one of the worst products on AWS. It's so bad, that companies would rather spend engineer's time to avoid it. That's why there are hundreds of products that replicate its functionality.
Has the GUI been fixed to be somewhat useful? Did they migrate from their god awful JSON crap? Can I embed simple infrastructure logic, like automatically adding a group of nodes to a Route53 zone?
I think it's a combination of CYA, government regulations, and simplifying operations for AWS. Without an ICP, you're not allowed any web presence in CN, which would require AWSCN to either modify services that are publicly available by default or not offering them. Instead, if they make an ICP a requirement, they have a defensible position with CN regulators, who really just want a throat to choke.
As AWSCN is reasonably far behind compared to Global regions, and they've already enough complexity just doing business in China, so I think it's completely reasonable the trade-off they've made or been forced to make here regarding ICP.
You'll still have to go over the firewall, you'll just be closer to it. It will be nice to see if the new region decreases the latency between the cn-north-1 or cn-northwest-1 regions and AWS global regions over DX connections. Right now, the majority of private leased connections in/out of China surface in HK, so ap-southeast-1 has been our region of choice for the global side of DX connections.
Just curious, what generation X1? Gen3s through gen5s in our fleet have been quite robust, but Gen6 have been problematic from the linux support side. We have a couple of problematic individual X1 laptops in the fleet that have been in for service multiple times, but knowing the owners of the laptops in question, it is not surprising.
We've got between 40-60 X1s (gens 3-5) and I'd say their issue rate is at or below that of our fleet of 200+ 13" MBPs. In that time, we've had one X1 with a broken hinge, one with a dead fan, and one with chronic user issues :)
The new 13" MBPs have been particularly bad with chronic keyboard, battery and screen issues. So much so that people with the old MBPs are holding off to the very last minute to update. Which sucks because in most cases, their problems with them would be fixed by new batteries and an OS reinstall, but since they're not serviceable, we just bin them for a 3rd party service provider to deal with later.
Also, the fact that Apple refuses to provide any type of pickup or onsite service contract is absolutely ridiculous. The damn things fail so frequently, it's cheaper for us to overstock Mac laptops just because it can take weeks to get a laptop fixed even through our 3rd party service provider. Our service provider often cannot get parts or has to wait for Apple to approve the release of a part to them even though they're an Apple certified shop.
Even going to the Apple Store is a complete and utter yardsale in our experience. Most of the time, it'll take them a week or more to fix anything, usually they say, because of parts availability (we're talking 13" MBP and 13" MBA mostly).
> If it’s DNS, don’t be too clever and name it Route 53. Name it Amazon Cloud DNS. Then anyone knows how to look for it in the console, web search for it, etc.
Please no. The unique AWS product names while occasionally inconvenient mean that you can at least find relevant information about them when searching, and you know that someone isn't confusing an AWS product with another platform or another style of deployment.
If you really don't like the AWS product names, then Azure is for you. Now go try to search for help with "Azure web apps" or "Azure sql database". Wade through the posts about locally deployed IIS, SQL server and the like.
Coming from a family of people in the medical professions, they've all seen reports of how _everything_ is going change in their fields because some new computer program can do X...
To which my father usually mutters something like: "Why fuck are they wasting their time with that? Can't they fix the fucking medical billing system instead?"
Most of the medical professionals I know echo similar sentiments.
I knew about the BikeyApp, and getting the encryption keys downloaded before I went to go buy the bike, but unfortunately, before I could stop the PO, he deletes the bike from his VanMoof account because I now own the bike, and he wanted to release it so that I could register it to myself. So I own it now, right? Wrong... Even though I now "own" the bike, I cannot register it because I don't have the original manual for it (the PO lost it), which has a special QR code printed on it to register the bike.
The PO, who has a receipt for the bike, cannot get VanMoof to transfer the ownership to me, so the bike is parts (which is a risk I was willing to take). I'm going to strip the craptacular electronics from it and just make it a regular 4spd pedal bike.
The funny thing is I was able to get the controller powered up and guess what? The bike was defective from the factory... the controller throws charging over-temp errors regardless of it being hooked up to anything, even dummy loads. This apparently is not an uncommon experience with these bikes from the forum posts I've read about them.
Also, as an aside, f* having to carry a phone to use a bike. This thing might look cool but it's a garbage fire of bad decisions fueled with VC money.