"An Ansible alternative written in Go would be perfect."
I understand the allure of Go - I was an embedded systems engineer working predominately in assembly language and C for many years. Memory management was a pain and concurrency was practically non-existent on many uCs.
But Ansible is pretty mature at this point, with a vibrant community, lots of internal and third-party modules and it's based on a ubiquitous scripting language (Python).
Please help me understand the rationale of a rewrite - what are the goals, what deficit would if fix and would the time required be justified versus enhancing Ansible as it is. At best I'm a Go newb, but I'm pretty proficient with Python - if it's just that Ansible's "not in your language", I'd argue a rewrite represents a false economy.
Third party modules don't cover everything and then you have to write Python. Plus the config files of Docker are better. So I would welcome a modern Ansible alternative that requires just one executable instead of a full Python stack.
CMU doesn't need a warrant to scrape or transmit Tor traffic, and neither do you.
Intent will matter very much in this instance: If the FBI paid someone to do something for them that the FBI would need a warrant to do, then there's a problem. The same would be true if a warrant-less sheriff paid a private investigator to eavesdrop on a suspect.
Otherwise, if, in the course of their research, no matter who funded them, CMU researchers found someone doing something illegal and reported it to the Man, that's generally regarded as good citizenship. If, in the course of my research, I happen to unmask a bike-theft ring, you can be rather certain that I'll call the cops.
Tor is a good invention that needs our support, but it isn't a license to do illegal things.
Tor is, in many ways, an encrypted Twitter. You know that everyone can read what you send and some people will actively attempt to crack it. You bet everything on the encryption and network structure to avoid interception and localization. I don't think there ought to be any inherent presumption of privacy attached to the protocol; to assume that there is one is to be exposed to any breach in the protocol's design.
They exploited a vulnerability in the tor protocol. There's an argument to be made that connecting to the tor network but not complying with the protocol is a violation of the CFAA, if done in a malicious way.
If you wiretap your entire neighborhood, find a bike-theft ring, and call the cops, you'll also get in trouble.
This is why you have fiber leaving your datacenter in two different direction and to two backbone providers. Once you do your due diligence, it's really hard to guarantee your providers never share infrastructure. Good luck guys!
Also, be aware that fiber sabotage is a thing that happens. It's rare, but it's bad, and in my experience even top-notch providers take days to recover from it.
Even if you aren't the target, it doesn't matter how many redundant links your single uplink provider has if the threat model is hostile actors with their infrastructure mapped out vs. wayward backhoes.
I don't believe the programmers at Facebook have evil intentions - I think they're just trying to build something that's technically cool. The problem is the MBAs will trying to build something businessy out of it and won't care whether it requires evil if it might possible make them some money.
There can also be a temporal factor. Today there might be no evil intentions but in a couple years someone might find that "we have this whole data set we could do X with".
Of course not - I'm skeptical of everyone's intentions and specifically think through how to best protect my own privacy (I don't have a Facebook account). Of course, Facebook didn't choose "Don't be evil" as their slogan so you can assume the standard "Make money by any means possible" slogan. Yes, I'm appropriately jaded.
In any case, the comment I responded to was pretty specific in asking us to trust that the programmers motives were pure. I wanted to point out that things could turn creepy later in the business life-cycle even if the original motives were non-evil.
Depends, did the life forms living in that obscure galaxy not observe it because the explosion eradicated them faster than their sensory observations could tell the explosion was happening?
Ie, even if the explosion occurred on a much faster time scale than their sensory biology, and thus wiped out their planets in an effective instant, I'd argue it made an impact even though no one was left to observe it.
impact on who? Doens't the very idea of impact require some sort of mind to understand the impact? In a world with no observers there wouldn't be any event's because there wouldn't be any perspectives to interpret it from.
It might not say that you trust what the person at the other end does but it does indicate that a third-party has vetted the identity of the person at the other end. Do you trust Google? Probably not with everything but you do trust that the certificate that was issued to them proves that they're at the other end of your search bar.
"We've also moved over 50 percent of the data that was in our primary database onto its own deployment. The data was orthogonal and didn't need to be co-located, but its heavy use was causing contention and fighting for shared resources. So we built out a new DB cluster and did an on-the-fly migration of that dataset."
I always watch for solutions with this "pattern" - you can often alleviate a problem (sometimes significantly) by reorganizing your systems, but eventually that DB will be busy enough doing it's own "core" functions that you'll have to either scale up or scale out.
My daughter, my wife and I visited the University of Alabama campus in late February of 2011 (about a month before the tornado) and started her college career there in August. When we returned to drop her off, the scale of the damage where the tornado ripped through Tuscaloosa was astonishing. There was an entire subdivision of suburban (stick-built) homes that looked like a pile of matchsticks. And there was a surprisingly small interface between the "completely destroyed" areas and "untouched" areas.
By the time she graduated this May, the damage has been cleared away but the path of this tornado is still visible. There are many brand-new buildings and a lot of open ground, but none of the new construction aligns with the grid of streets in the area. For a family from Pennsylvania (where we rarely see tornados or their aftermath), it was quite eye-opening.