th3raid0r

@[email protected]

P.D Alt account for tucson.social/u/th3raid0r

This profile is from a federated server and may be incomplete. View on remote instance

th3raid0r ,

Nah, it's spam, OP has posted the same question at P.D multiple times across various communities. Dude either somehow doesn't know forum ettiquite or is a bot.

th3raid0r OP Mod ,

I'll go first - I'm working on the reliability of some migration patterns between a couple managed cloud implementations. A bring-your-own-account model underpinned the legacy setup, while the newer cloud offering allows us to retain it all in our accounts.

This is on top of generally sussing out the reliability of the newer product with some chaos testing.

The unfortunate bit is that my OPS workload is so high that I struggle to get much traction on the above. Not to mention that this new product moves so fast that it's hard to get any sort of week-to-week consistency. Often requiring environment re-provisioning. Not exactly stuff that the community can really help with, but hey, that's what's on my plate.

SREsyphus

Maybe, one of these days, my SRE team can define SLOs that actually make sense. This "alert on whatever the customer wants" stance really really sucks.

A flow chart depicting a circular process. "why didn't you catch that incident" > Tune alerts to be more sensitive. > "Why are our alerts so noisy" > Tune alerts to be less noisy > and repeat.
ALT
th3raid0r OP Mod , (edited )

Definitely not that lucky. We have customers who seem to watch dashboards and create a Sev1 anytime latency degrades by 10%. They explain to their account manager that they need to have perfect performance all the time. The AM then comes to us demanding that we increase the sensitivity of the alert. Management agrees. And then, voila, just like that we have an alert that flaps all day and all night that we aren't "allowed" to remove until someone can show that the noise is literally stopping us from catching other stuff.

It's insanity.

EDIT: I only stay because new leadership seems like they want to fix it earnestly. And things are headed in the right direction, but it takes a long time to turn a ship.

th3raid0r OP ,

Sure. I can agree that my company would be liable. But the company isn't mine. I just work here. And my team doesn't use any conda stuff at all.

Essentially, I am being personally threatened of a lawsuit even though I have no ability to make a licensing or purchase decision.

That just doesn't sit right with me.

th3raid0r OP ,

I'm not here to discuss the nuances of a startup versus medium sized company. Suffice it to say that much of the organization still views itself as a startup. Even though yes, you are right, it's a medium sized organization.

th3raid0r OP ,

Send the emails to your company’s legal team. It’s not your fight.

Already did, and agreed. I also asked the legal team if they could ask Anaconda.com to stop contacting me and threatening me personally. We shall see what happens.

th3raid0r OP , (edited )

Yes, I am aware.

I'm more asking if others are getting a wide spread of threatening messages across the org - even if they don't regularly use conda/anaconda.

It's like everyone glossed over "I don't use it in my job at all, and neither do my teammates" bit.

th3raid0r OP ,

The real kicker is that I'm fairly sure we aren't really using them at any real scale - if we do it's to demo our product within the context of AI development. So if anything, they get a lot of free press when we do that. If they're gonna throw a fit over it, I'm sure we can work with some other "AI" company (that's what they bill themselves as) that wants the free marketing. Heck, I can't imagine the anaconda ecosystem working out if they keep threatening the developers that enrich that ecosystem.

[Thread, post or comment was deleted by the author]

    •
    th3raid0r ,

    Yeah, no kidding. The same systemd that enables the very things OP is trying to enable...

    systemdboot + sbctl + systemd-cryptenroll and voila. TPM backed disk encryption with a PIN or FIDO2 token.

    AFAIK this should be doable in Ubuntu, it just requires some command-line-fu.

    Last I heard the Fedora installer was aiming to better support this type of thing - not so sure about Ubuntu.

    th3raid0r ,

    TPMs can be extracted with physical access

    Sure, but IIRC, they'd still need my PIN (for TPM+PIN through cryptenroll). I don't think it's possible to do TPM backed encryption without a PIN on Linux.

    EDIT: Oh wait, you can... Why anyone would is beyond me though.

    th3raid0r OP ,

    Well, I mean, most corps trying to shoehorn AI into things are using Cloud implementations of the various "AI" solutions.

    What, pay for our own datacenter? Nah.

    Just import openai and add "the AI" that way. 🤦‍♂️

    th3raid0r OP ,

    Hahah, good luck. Proton Drive is really terrible. I can't even upload a single 1GB file through the service.

    I created autistic_devs community to provide a safe(er) space to discuss our unique issues within the field. ( programming.dev )

    After not getting what I needed out of a "managing up" post, I decided to create this community. Essentially the problem is that often we need to solve a social problem that others might deem "trivial". And when folks deem it trivial, they fail to provide anything except encouraging words. ...