The, "biggest talent hub" on the East Coast apparently sends most of its Graduates to inferior schools in Massachusetts. More like the biggest military hotel on the east coast
Websites, however, can experience drastic swings in recurring revenue, brand loyalty, all from the addition or removal of a seemingly minor visual interface element. Design = Sales online. If compliance for brick and mortar stores moved out of the entryway and into the mandated height of display cases, counters, signage for colorblind patrons, and mandatory gluten free options there would be a deluge of lobbyists to stop it.
Building onto the other reply to your comment, I think you'd be surprised just how much accessibility regulation already exists that's just invisible to you. You also use highly accessible websites every day, you just don't notice.
You might also not be aware of how differently these regulations are applied depending on the type of product or service being offered and the nature of its provider. If you're hawking a web-app for designing charts, you will probably not be asked to stop supporting rainbow color-scales. Now, if you're an educational institution whose admissions tab is unnavigable to visually-impaired people...
To some degree, where its followed at all, where its enforced at all, and when its not convenient exceptions get made. That's kind of my point... If this becomes a crackdown there will be an equally large backlash.
Design drives sales online. Entirely. If brick and mortar stores had to design their entire storefront and display area around wheelchair accessibility first to the detriment of 5-10% or more of recurring revenue we'd instantly have a small city worth of lobbyists to reverse it.
In the US, the ADA does indeed mandate many things (reserved parking spaces, door widths, ramps/elevators, etc.). Though to continue the analogy, I think we'd need to extend it to how the merchandise itself is displayed/marketed—for example, requiring all products to be accessible by someone in a wheelchair, braille on all packaging, etc.
Notice the usage of "Undue Burden" from the official ADA documentation: "The rules are also flexible for communicating effectively with customers who are blind or have low vision. A sales clerk can find items and read their labels..."
Why is western news media intentionally muddying the waters of public perception by comparing an American blacksite to everything in a sensationalist manner?
Let's save, "Nazi" and "Guantanamo" for the men who did the deeds.
In terms of legal precedent this is pretty shaky ground. In any other context this would sound pretty far fetched.
Would we allow a US company to circumvent sanctions on selling technology to refine nuclear material to Iran on the grounds that they might blow themselves up and poison US allies or Americans abroad?
That's the legal context I'd view this argument in.
This is a little bit different than Iran. The US government specifically does not want Iran to have access to nuclear technology, so preventing US companies from providing technology to Iran is in itself the goal.
In the case of Huawei, the US government's concerns mostly seem to be about Huawei possibly spying on the devices they sell. On the other hand, there doesn't seem to be any particular basis for concern about allowing them to use US software such as android. Therefore, from the perspective of the security threat that is the putative basis for blacklisting Huawei, the fact that Huawei is now blocked from using Android is merely an incidental side effect.
(Of course, if the real goal is to hold Huawei hostage as a means to negotiate a trade deal, then threatening to destroy their smartphone business by blocking them from using Android may be precisely what is really intended.)
I know its not a great comparison but that's part of my point. The context and legal precedent in this arena mostly applies to arms and aid, not consumer products.
This is different from selling nuclear technology to Iran. Android is open source (albeit not in the "real open source" way) and available to everyone. Anyone can fork it at its own will. Forking Android by a non-US company would give up the control of the OS on phones, which would threaten the US security.
It will give up control of the OS on phones that won't be sold in the US anyway. I'm not clear on how that will threaten the US security? Though it will no doubt threaten Google's profits and ability to benefit from their surveillance- and censorship-enabled search engine for the Chinese market.
Our tech companies should not be lining up to lick the boots of a hostile economic power. I can't even believe this is socially acceptable and am relieved it's starting to become legally unacceptable.
>It will give up control of the OS on phones that won't be sold in the US anyway. I'm not clear on how that will threaten the US security?
That's pretty straight forward, someone from the US exchanges information with someone who has a Huawei phone who is outside the US, someone who has imported a Huawei phone, or someone who is travelling / working in the US and has one. Which given that it's the number 1/2 phone maker in the world, is pretty likely
If it would give up control of the OS on phones anyway and it would not threaten the US security, why did the US ban Google from providing Android updates to Huawei? It is the same logic why the US government bans Huawei, unless the US government ban Huawei for other reasons.
Huawei does not play by the rules of other companies in the U.S. market. They steal our tech and sell it back to us for pennies on the dollar. China has been allowed to get away with this shit for decades and now we're supposed to feel sorry for them?
Huawei needs to be completely shut out of the U.S. market and Google should be ashamed for working with China. This is a net benefit to U.S. security.
These accusations are unfounded and unsubstantiated. If they steal your tech, you should sue them in court. We, the US and other nations, run by the laws. You have all the rights to sue whoever steals your tech. Android is open source and available to everyone including Huawei. Huawei has every right to use it. Blatantly accusing someone of stealing with no evidence leads to libel and defamation.
Years back when I was still freelancing, I worked with a U.S. firm who sold specialized lightweight cases for a popular sporting product. Their Chinese manufacturer stole the tech, ignored the patent, sold the same product to the U.S. market at half the price and put my client out of business.
These claims are not unfounded or unsubstantiated. There has been an ongoing pattern of abuse from China for decades and until recently nobody in our government was giving a shit about it.
People really do not want to run their own email. I used to, and have my own domain, but these days I pay a small ISP to manage it.
People might be OK with a quasi-managed solution where you pay a fee to the cloud provider to route in and out through a non-spam IP, and the provider does regular updates and configuration on the home server.
Dynamic IP isn't really the issue. If a server can ping, it can update its DNS record. This obviously won't work without WAN connectivity, but neither will an email server and there lies the problem - consumer WAN access can't be 5 nines guaranteed and if we start engineering redundant fallover/load-balancing as a backup, what's the benefit of that over a hosted email service?
edit: practical problem no 2 is that if your residential ISP sees activity on the standard SMTP ports, it will quickly dropped like a hot potato (if they don't outright block unsolicited connections to those ports altogether which is common). Complaining about it will garner the response "sounds commercial to me, get a business account".
> If a server can ping, it can update its DNS record
Isn't there a significant delay for this to propagate?
> consumer WAN access can't be 5 nines guaranteed
2 nines are more than sufficient, plus the occasional longer term outage for various network outages. Even for most business 5 nines isn't that important.
> practical problem no 2 is that if your residential ISP sees activity on the standard SMTP ports
Weirdly enough this isn't a problem for my ISP, I couldn't buy a static IP but they're happy to open any ports I want. YMMV.
You set the DNS TTL to 30 or 60 seconds, then there's no problem with caching the old IP.
Email is extremely tolerant of downtime. There are also commercial backup mail servers (these accept and cache the email until your server is back up), which can be used as the only public way to receive email. Some will deliver it to a non-standard port.
> You set the DNS TTL to 30 or 60 seconds, then there's no problem with caching the old IP.
This will not work. Most of your visitors will depend on some upstream resolver (for example google's resolver), which will cache you for 24h (you can explicitly request a flush - but the whole point of this system is that it's automated). AFAIK (which is a year or two out of date), every big DNS resolver that you might expect someone to use does this, to prevent the enormous performance issues from people setting their TTL to anything less than that.
Edit: Of course if you use a good relay server that isn't owned by you you can mitigate this, because they'll keep the emails in a queue for you until you can be found again.
Years ago, 24 to 48 hrs was the case for a DNS resolution update. But I have redirected DNS many times over the last few years and it resolves correctly, worldwide within a few minutes. Almost everytime. Occasionally, I will see a few locations in India or China cache for longer than the ttl but never longer than 4 to 6 hours.
And this isn't just a record cache. Even a nameserver change seems to get picked up in less than 15 minutes worldwide.
Google and the like are pretty good at filtering it. So good that the volume of spam has fallen. But about 10 years ago perhaps 90% of all email was spam. I wonder what the volume is now?
What are the current spam filtering options available to those who want to run a home server? Are they nearly as good as what Google uses?
I no longer consider google to be 'good at filtering' - it's over zealous - so it could be true that the huge spam problem has been reduced by a large percent, but that comes at a great cost.
To some the cost is less - to those who use email for business, I'd say there are significant loss possibilities. I have recently discovered this in several situations.
I think of it more like an a middle man in the ATM or a change making machine that is looking for counterfeit bills - sure it may be great to have it shred 90% of the counterfeits, and some people may never get several hundreds passed through - but if you did and the machine shredded the hundreds being sent to you often - I would not consider that good.
You use spamassasin (and maybe spamd as well). In a very practical sense it is miles better than what office365 has. It's not better than google (because what is?), but it comes close.
Is using a non-standard port a feasible option? Not that I think it's a good idea to put anything you'd expect reasonable availability to behind consumer-grade internet. Why not host your own email using VPSes?
No, there's no real provision in email for SMTP to be on non-port 25. You can make it listen on something else, but the only thing a remote server is going to do is look up the MX record, and then try opening port 25 on it.
Since you'll want a forwarder anyway (many many email servers blacklist anything on a known-ISP IP range (ie, home users)), you might be able to find one that allows you to configure a specific port to forward to, but it'd be non-standard.
Your practical problem number two sounds like a very localised issue, because this is not something that would happen in my neck of the woods (in fact, I doubt it is even legal).
Which will be useless given how many places blacklist the ISP IP ranges. You'll still want a email forwarder that can do the MX store & transfer for your server.
As long as you can send email to gmail and hotmail you've captured most email traffic people are likely to send. AFAIK, those services don't do what you describe.
Those communications have more or less been replaced by IM. You still need an email address for things like job applications, legal/financial matters, bills, online shopping status updates, etc. None of those use hotmail or gmail.
The xbox itself was pretty uninspiring. It was an underpowered budget PC, but someone said, "hey, let's take this gamespy app that people use for matchmaking and put it on a game console..." and suddenly it was christmas morning when you unwrapped Mario64 all over again.
The xbox WAS xbox live matchmaking. It made online multiplayer on the console mainstream.
Totally. I'm fairly new to DO and after seeing what happened was re-thinking my decision.
But this is a solid followup, "we made a mistake" post so I think I can rest easy.
One wonders how many others didn't get enough Twitter cred, before. That some low-level ticket stamper (even a high-level ticket-stamper) had authority to deep-six a customer on no more say-so than high CPU usage tells us more about the company than an incident report massaged by marketing communication specialists. Simply, the latter sounds good because it has been made to sound good by sounds-good experts, and could say anything; but the event itself is ground truth.
They will need a lot more time and good behavior to live this down.
I agree on the twitter cred point. The fact that this happened in the end, personally I think it is a good thing as it highlighted a weakness we must fix.
We trust our people high-level, low-level whatever to make important decisions everyday. thats why they are here.
The "marketing communications specialists" are getting slammed a lot here, so I will just point out that they spend most of their time rolling their eyes at my crappy grammar, spelling and ludicrous number of comma splices. I don't think our goal was to sound like anything. We just wanted to lay out our investigation and the follow on work we are undertaking.
Totally agree with your point that trust is earned and we lost many peoples in the last few days. That will take time and as you say good behavior to earn back, but that is what we are committed to doing.
I talk about mktg comms because I have worked at places where angry customers got earnest letters promising changes, but the manager expected to implement the changes said "No, we're not doing that!" Or "OK" but nothing happened. So I don't give much credit for promises, even when it was the right thing to promise.
Giving your ticket punchers authority is good when they are authorized to do what customers need to get or keep going. Giving them authority to eliminate customers, not so much.
I have to agree with the commenters who say it was an exemplary postmortem.
Hospitals have been doing formal postmortems for many years, but the number of them didn't start down until they instituted checklists.
I think there are some advantages to "installing" PWAs to your phone. As I understand it you're grabbing a ball of HTML, CSS, Javascript, a bunch of assets, and whatever else your website needs and presenting it in a chromeless browser (a browser without UI, not without Chrome).
If your PWA has significant offline capability, this can be useful. Think of Google Drive on a laptop. You can enable offline mode, which essentially saves a similar ball of assets to your cache and saves copies of your files to local storage. You can use most of the capabilities offline just like you were online (obviously not anything that actually requires internet).
There are advantages to appear like an app to the user. User's tend to assume "If I have no internet, websites don't work" which obviously isn't the case with drive in offline mode. But it's hard to fight that. The expectation around apps is that they generally do work offline, so it tricks / socially-engineers / whatever the user into that assumption.
so the idea is to use a native app thin shell around your pwa to get access to local storage and all the user's mobile data? How is this different than the way in which a blackbox like Flash breaks the security sandbox? How is this not ripe for abuse?
I wonder if the standard for excessive profits truly measures profit and not simply price increases and deceptive service charges.
If it is the later I can say I have definitely been harmed by cost cutting measures related to quality of service within telecom. Contractors who don't have enough training and are overworked have completely supplanted full time personnel who know their company's product and can provide competent support.
