Readit NewsAlthough that's how electricity and water "subscriptions" work.
We’re just going to see more and more issues like this as more and more software is used in applications like this. I would be willing to bet that a Tesla would also spontaneously crash if left on for hundreds of hours, but they just rarely if ever are left on that long.
Security by its very nature has a problem of knowing when to stop. There's always better security for an ever increasing amount of money and companies don't sign off on budgets of infinity dollars and projects of indefinite length. If you want security at all you have bound the cost and have well-defined stopping points.
And since 5 security experts in a room will have 10 different opinions on what those stopping points should be— what constitutes "good-enough" they only become meaningful when there's industry wide agreement on them.
The budget that it takes to protect against a script kiddy is a tiny fraction of the budget it takes to protect from a professional hacker group, which is a fraction of what it takes to protect from nation state-funded trolls. You can correctly decide that your security is “good enough” one day, but all it takes is a single random news story or internet comment to put a target on your back from someone more powerful, and suddenly that “good enough” isn’t good enough anymore.
The Internet Archive might have been making the correct decision all this time to invest in things that further its mission rather than burning extra money on security, and it seems their security for a long time was “good enough”… until it wasn’t.
Besides, there are multiple U.S. laws that already govern this, especially:
"No provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider." (47 U.S.C. § 230(c)(1)).
This law is a bedrock, foundational law that helps the Internet grow by protecting ISPs and providers from liability.
Lastly, the U.S. is a sovereign country. A judgment from another country would need to be fully adjudicated here under U.S. law or any applicable treaties like the Berne Convention, not Moldovan law. Otherwise, chaos would reign. You would end up defending yourself from random judgments from foreign courts with radically different laws or even completely different ways of looking at IP protection that you might not even be aware of or be able to defend yourself from. This would be grotesquely unfair and manifestly unjust.
Cloudflare operates in and has a physical data center presence in Moldova, serves content owned by Moldovan citizens, and serves content to Moldovan citizens. Thus, they are subject to Moldova law. If they don’t want to be subject to it, they can remove their operations from the country and remove any interactions with Moldovans.
OVH’s failure was a single building. That’s the problem with a lot of server hosters - even Google has their availability zones all co-located in the same building, so a physical event like a fire could take down an entire region. AWS has AZs in physically separate locations, each with 1+ separate DCs.
In my little neck of the woods - cloud consulting/professional services - Google is worse than Amazon where I just left last year.
AWS ProServe never had a RTO mandate and from former coworkers I’ve talked to, still doesn’t.
Google’s Cloud Consulting division does force a hybrid office schedule which is really dumb considering the work is both customer facing and requires a lot of travel
Before Covid, no team had an RTO mandate, so ProServe wasn’t really special here. In ProServe you were still expected to be in an office regularly, but it was just understood that you wouldn’t be in an Amazon office all the time because you’re likely at a client’s office instead.
Post-covid, it’s mostly the same, although now even many clients aren’t requiring consultants to come in. But when they do, you’re expected to be there.
There really is a wide gulf between the services provided by the older cloud providers (AWS, Azure) and the newer ones (fly.io, CloudFlare etc).
AWS/Azure provide very leaky abstractions (VMs, VPCs) on top of very old and badly designed protocols/systems (IP, Windows, Linux) . That's fine for people who want to spend all their time janitoring VMs, operating systems, and networks but for developers who just want to write code that provides a service it's much better to be able to say to the cloud provider "Here's my code, you make sure it's running somewhere" and let the cloud provider deal with the headaches. Even the older providers' PaaS services have too many knobs to deal with (I don't want to think about putting a load balancer in front of ECS or whatever)
A lot of developers get frustrated at AWS or Azure because they want to deploy their hobby app on it and realize it’s too difficult dealing with stuff like IAM - it’s like trying to dig a small hole in your garden and someone suggests you go buy a Caterpillar Excavator, when all you needed was a hand trowel. The reason this persists is because AWS doesn’t target the hobby developer - it targets the massive enterprise that does need the customization and power it provides, despite the complexity. There are, thankfully, other companies that have come in to serve up cloud hand trowels.
There is no “one size fits all” cloud. There probably never will be. They’re all going to coexist for the foreseeable future.
Whether you are into remote work or not, this is meaningless
If you see a report published by a company that says “PwC did research for us”, then yes, it has likely been influenced by that company. But a report like this that is entirely PwC branded is not that.
Deleted Comment
That’s such an underrated statement. Especially when you consider the amount of code as a liability that you’ll have to take care later.
A lot of the people that are hawking AI, especially in management, are chasing a future where there are no humans, because AI writes the code and maintains the code, no pesky expensive humans needed. And AI won’t object to things like bad code style or low quality code.