Readit News logoReadit News
nitrammm commented on 418 I'm a teapot   developer.mozilla.org/en-... · Posted by u/SirAllCaps
wiseowise · 2 years ago
> So if someone doesn't undeestand this assumption, then they are an asshole?

Yes.

> That's pretty crazy viewpoint.

Companies that make millions of devices while abusing free APIs without giving anything back are assholes. Hmm, let me think?

No, it’s not.

nitrammm · 2 years ago
You must be living in a bubble if you think that's how companies operate.

Saying that someone is an asshole for using an API in a way which clearly should be possible according to the documentation is a very clear sign of that person being a junior developer who don't have actual real world experience of anything except toy projects. Any developer with some years of experience would understand that this would happen and he should not be surprised over it.

It's very possible that no one involved in this is even aware of this issue, so automatically calling them assholes is somewhat incompetent at best.

nitrammm commented on 418 I'm a teapot   developer.mozilla.org/en-... · Posted by u/SirAllCaps
Dudeman112 · 2 years ago
>What does this sentence even mean lmao

>if you say something is unlimited I'm going to take your word for it

The sentence refers to people like you. It doesn't make you incredibly clever to consider those sentences literally, like small children or those with under-developed empathy and theory of mind often do

It just makes you an inconsiderate numpty

>Hacker News would be on the complete opposite

Yes, there are lots of people on the tech scene that just don't get ideas like "don't abuse it", or "considering the consequences for other people"

nitrammm · 2 years ago
> Yes, there are lots of people on the tech scene that just don't get ideas like "don't abuse it", or "considering the consequences for other people"

Got to love the cleverness with the people who design services with the assumption that there are no such people and then goes on to hackernews and cries when a kid in China breaks their site. Lol.

Insanely incompetent.

nitrammm commented on 418 I'm a teapot   developer.mozilla.org/en-... · Posted by u/SirAllCaps
wiseowise · 2 years ago
Sure, you specifically can use it million times, or even more (given your span of life).

If your audience is millions of users it’s millions * millions, not cool.

nitrammm · 2 years ago
So if someone doesn't undeestand this assumption, then they are an asshole?

That's pretty crazy viewpoint.

nitrammm commented on 418 I'm a teapot   developer.mozilla.org/en-... · Posted by u/SirAllCaps
junon · 2 years ago
This mindset is why we need "do not use while sleeping" warning labels on toasters and hair dryers.
nitrammm · 2 years ago
This would be very valid comment if toasters had manuals telling that they are perfectly safe to use while sleeping.

If you lie in your marketing material then you may put yourself in a mess. Big surprise.

nitrammm commented on 418 I'm a teapot   developer.mozilla.org/en-... · Posted by u/SirAllCaps
Dudeman112 · 2 years ago
There's always an individual with autism-level consideration for what one says, isn't there?

No, effectively DDOS-ing a service just because it says it's free and unlimited is a dick move

People like those are a big reason for why we can't have nice things

nitrammm · 2 years ago
To me it just screams naivety to put up a free service, advertise it as unlimited and then calling people asshole when they make too many requests.

Personally I would never rely on a service like this since it's 100% obvious it would be sudpectible to junior developers misunderstanding what is reasonable usage.

If you're putting up an API assuming all consumers will consume it in some limited and reasonable way, then you need to rethink things a bit.

nitrammm commented on 418 I'm a teapot   developer.mozilla.org/en-... · Posted by u/SirAllCaps
wiseowise · 2 years ago
Water in a lake is also technically free (depending on local laws), do I have to make it clear that inviting millions to take a cup out of it is not a good idea?
nitrammm · 2 years ago
This is the internet? If there are a million people around the lake fond of tea then of course you need to tell them that they can't consume all the water. Offering a free service and being upset when people use it is just naive.
nitrammm commented on 418 I'm a teapot   developer.mozilla.org/en-... · Posted by u/SirAllCaps
wiseowise · 2 years ago
It says that you can call it unlimited number of times, not millions of devices that you’re selling.
nitrammm · 2 years ago
It says:

> Supports unlimited requests and is free.

Typically "unlimited" is more than a million.

nitrammm commented on 418 I'm a teapot   developer.mozilla.org/en-... · Posted by u/SirAllCaps
geuis · 2 years ago
Yeah I know. That is a legit critique. What's been happening is your essential black swan event. I've been running the service for 12 years and have never had this problem. There are hundreds of websites and independent users that have never abused the api like this until March. I have always been able to absorb the traffic impact.

This is different. Someone wasn't thinking and randomly added the domain to a lazy piece of code somewhere that got deployed to millions of devices pretty much over night. The only way I've been able to keep jsonip active is by incorporating Cloudflare. But they don't actually solve the problem. As a corporation, they treat ipv4 addresses like 3rd class citizens.

Anyway yeah I've been evaluating changing the TOS, requiring registered signins, etc. But NONE of those fixes a 300% level of traffic that's been hitting the service for months now. I can change the verbiage all I want. But it does absolutely nothing to stop the a-hole dev from China or wherever that rolled out an update to hundreds of thousands of millions of devices with simply emailing me if that's ok.

I've literally, and successfully, run the service for free to the public because no one has done this before.

And to the nginx people. No, returning 444 doesn't seem to fix the problem. I've tried. It doesn't work.

nitrammm · 2 years ago
Explicitly telling some junior software developer in China that he can call an API for free an unlimited number of times, then afterwards calling it abuse and him and a-hole dev is definitively a bit of an a-hole thing to do in my view.
nitrammm commented on GCP CloudSQL Vulnerability Leads to Internal Container Access and Data Exposure   dig.security/post/gcp-clo... · Posted by u/ivmoreau
mcstafford · 2 years ago
The vulnerability sounds like it's inherent to SQL Server, and that cloud providers haven't been successful in blocking the underlying problem due to its proprietary nature.

Presenting it as a Cloud SQL problem is disingenuous.

nitrammm · 2 years ago
No? From the article:

> we identified a gap in GCP’s security layer that was created for SQL Server. This vulnerability enabled us to escalate our initial privilege and add our user to the DbRootRole role, a GCP admin role.

So Google took proprietary software not designed for this use-case and built their own security layer on top of it and ended up with bugs.

Of course that's an issue with the service. Presenting it as anything else than an issue in Cloud SQL seems disingenuous.

nitrammm commented on EU approves new rules for tracing crypto transfers, introduces 1000€ limit   europarl.europa.eu/news/e... · Posted by u/yamrzou
wen_1k_btc · 2 years ago
"The text –which was provisionally agreed by Parliament and Council negotiators in June 2022- aims to ensure that crypto transfers, as is the case with any other financial operation, can always be traced and suspicious transactions blocked."

Stop lying, nobody believes you. Or are we planning for the future when cash is purposely eliminated?

nitrammm · 2 years ago
Your comment is confusing, because that's clearly not an attempt to lie.
n

u/nitrammm

KarmaCake day53April 17, 2023View Original