Readit News logoReadit News
andyroid commented on Kim Dotcom's extradition to the U.S. given green light by New Zealand   torrentfreak.com/kim-dotc... · Posted by u/wut42
toolz · a year ago
I find this mentality is always directed at rich people, but never applied consistently in anyone's life, so I have a hard time taking this opinion seriously. Hopefully, you can convince me otherwise, but I've never heard anyone suggest the best sports teams should stop competing when they've won enough, or that the best inventors should stop, or the best artists, and so on. Money isn't zero sum. We're constantly creating insanely large quantities of money. If the people at the top are accumulating that money from individual consumers making their own free choices, then would you suggest that the people at the end of the line be given things for free? Or maybe they should be disallowed from making the purchases? Or maybe you're suggesting the rich keep selling but they're forced to give the profits away? and who would they give it away too? The federal government controls more money than any entire private business, so obviously it controls orders of magnitude more than any individual. Should these wealthy individuals be forced to give their money to the largest money holders in the world? What value system would that make sense in?
andyroid · a year ago
> never heard anyone suggest the best sports teams should stop competing when they've won enough, or that the best inventors should stop, or the best artists

While they want you to believe that, there’s no correlation between being rich and being best, or even good, at anything. You’re not the best athlete because your mom and dad were the best athletes. But if your parents were wealthy, you’re wealthy.

If they want standards to be applied ”consistently”, great. They can start by paying their taxes.

andyroid commented on Cure for male pattern baldness given boost by sugar discovery   sheffield.ac.uk/news/cure... · Posted by u/gnabgib
aikinai · a year ago
It’s a funny joke, but debunked by Elon Musk, along with a lot of other celebrities and normal people.
andyroid · a year ago
Does a hair transplant really count as a cure though? It’s more akin to a pricey baseball cap.
andyroid commented on Open Policy Agent   openpolicyagent.org/... · Posted by u/julien040
ffk · a year ago
On the first point, OPA is much older than OpenFGA. To really illustrate the point, OPA became a graduated project about a year before OpenFGA had their first code drop in the public GitHub repo. The OpenFGA people are aware of OPA and I'm sure they learned from the tradeoffs OPA made.

To the main point, what you described reflects the current trends of authorization. Define a data model, define data that adheres to that model, write declarative rules that consume that model, make a decision based on those rules.

Where things really start to differ is the kind of data that they bind against and how do you write rules. E.g. OPA is often used for either ABAC (Attribute) or RBAC (Roles) while OpenFGA is looking at ReBAC (Relationships). Each has their complexity tradeoffs, depending on the system being implemented. How easy or difficult a system makes these kinds of checks has a significant impact on how you write policies.

Hope this helps!

andyroid · a year ago
Not sure why that matters, but OpenFGA is an implementation of Zanzibar, which isn't exactly new. There are many similar implementations to choose from should one want to model authorization via a graph database.
andyroid commented on Open Policy Agent   openpolicyagent.org/... · Posted by u/julien040
ogazitt · a year ago
OPA is a great tool for implementing a policy-as-code system. But if you're trying to use it for application authorization (e.g. fine-grained authz for B2B SaaS or a set of internal applications), you may find that its policy story is strong, but it doesn't really have a "data plane": you either store data in a data.json file and rebuild the policy any time that data changes, or make an http.send call out of the policy to fetch dynamic data.

Check out Topaz [0], which uses OPA as its decision engine, but adds a data plane that is based on the ReBAC ideas explored in the Google Zanzibar [1] paper.

Disclaimer: I work on the team [2] that builds and maintains the Topaz project.

[0] https://www.topaz.sh

[1] https://research.google/pubs/zanzibar-googles-consistent-glo...

[2] https://www.aserto.com

andyroid · a year ago
Bundle servers provide a centralized "data plane" decoupled from the distributed component (OPA). You don't need to rebuild your policy any time data changes. Just push a new bundle with the data that changed, and OPA will fetch it as configured — either periodically or directly if long polling is configured.

https://www.openpolicyagent.org/docs/latest/management-bundl...

andyroid commented on Web3 doesn’t care about privacy   coinsights.substack.com/p... · Posted by u/shekarramaswamy
AlchemistCamp · 4 years ago
Most likely, the upcoming generation web3 big tech companies won't be founded in Europe. The US could go either way. Singapore, India and much of SE Asia will probably do well, though.
andyroid · 4 years ago
Where a company is founded is irrelevant with regards to the GDPR. If they have users in the EU, GDPR applies.
andyroid commented on Show HN: Infracost (YC W21) – Open-source cloud cost policies   github.com/infracost/infr... · Posted by u/hkh
andyroid · 4 years ago
Looks great! Love the OPA integration.
andyroid commented on Go’ing Insane: Endless Error Handling   jesseduffield.com/Gos-Sho... · Posted by u/genericlemon24
andyroid · 4 years ago
They should have just named it errlang.
andyroid commented on Docker Desktop no longer free for large companies   theregister.com/2021/08/3... · Posted by u/alanwreath
eptcyka · 4 years ago
What is the value add for Docker Desktop?

In a world where podman exists, what's the point of docker on dev machines anyway?

andyroid · 4 years ago
How about the fact that not all, or even most, dev machines run Linux, which is the only platform podman supports?

u/andyroid

KarmaCake day611December 7, 2012View Original