I feel the real problem here is mixing and matching kubernetes with ECS. They aren’t really meant to play together and were never designed to integrate together.
That's false. The only thing which slows things down is that Autoscaler is provisioning compute resources in a way which is dog slow.
If you add Karpenter (https://karpenter.sh) to the cluster it can scale based on the rules set out in the configuration and sends out requests directly to the underlying cloud orchestrator. Which in practice means it spins up new compute resources near instantly.
I see that they added support for Azure aswell recently (been a while since I used it)
I’m just showing my age since fargate was initially tied to ECS (and still mostly used with it). But the general issues still remain the same. It’s a container orchestrator trying to integrate with another container orchestrater.
This just shows that LCEN, DMCA, etc are poorly crafted laws. They ineffectually stop the abuse they claim to end (like copyright infringement). But it does allow large organizations a cudgel to protect their own IP.
Actually I think that articles very opening premis is exactly as obviously false as they say the original articles premis is.
In other words for example they have not shown that the purpose of a cancer hospital is not in fact to cure 2/3 of cancers. They say it's obviously absurd but that's just a bald assertion with no backing meat.
It can absolutely be argued that the hospital is doing exactly what it's intended to do, because it's what everyone involved is satisfied with letting it do.
Yes obviously it doesn't sound like an obvious way to interpret the functioning of the hospital. No one needs to write an article to explain that the world works the way it appears to or claims to. The whole point of the original POSIWID is to show that some other less obvious, possibly even intentionally hidden interpretation of a system is at least valid and logically "not inconsistent" with the facts and observations.
If the operators and funders of a hospital would like to cure all cancers but physically can't, one way to say that is that the hospital is simply doing the next best thing. Everyone involved has settled for some compromise and balance of resources devoted to it such that the amount of cost is as high as they are willing to go for the amount of cancers they are curing. However many they are curing, and even if 100% is not possible, there is still always some amount better they could do for some amount more investment, until all possible resources are devoted to that and nothing else. Everyone stops somewhere short of that and lives with the 2/3 performance instead of the 3/4 performance. And so the system is doing what everyone involved has decided it shall do. The purpose of the system is what it does.
That's not an absurd argument at all, and this rebuttal does not invalidate it.
Having lived in the U.S. for a while, it's apparent the purpose of a hospital is "provide big salaries to top administrators and executives whilst providing enough health care that they can get away with it".
What kind of severance packages does this article think even long tenured people were or are getting? Most provide only enough money to survive a couple of months.
Ehh. The SMA post is too disconnected to play an ear-to-ground role. Always felt more ceremonial or focused on soldier quality-of-life issues that didn’t really matter.
The real conduit for change in the military is a good stiff Congressional or IG complaint. Ask anyone who drove an MRAP.
Wouldn't just having 1000 canaries be a "legal" way to do the alerting?
A government can compel Amazon to avoid notifying a target (Israel in this case) that their information has been subpoenaed, but can't compel Amazon to lie and say it hasn't sent their info.
Or is the concept of a canary pretty much useless now?
I'm personally one of the "activists" who is trying to avoid Amazon and Google to a practical degree, due to project Nimbus, so I'd be more than happy if their data could be accessed, and even happier to see Amazon and Google just cut ties with them altogether.
And I'm personally one of the "activists" who is trying to avoid Amazon and Google to a practical degree, because they might be ordered by a foreign government (or my own government) to turn over my data to that government and be legally forbidden from saying that they have been required to do this. Or because they might succumb to activist pressure to deplatform me.
> (my nation of citizenship, the US, definitely has rules against that)
US rules are, unfortunately, nortoriously and outlandishly broken whenever it comes to Israel: Foreign Agent Registration Act, the Leahy Law, and probably a bunch of others as well.
1. You work for AWS, probably in account management or billing operations.
2. Your "buddy" in legal tells you that a subpeona has been processed that effects an Israeli government affiliated account.
3. Your buddy is breaking work rules and the law. You don't report it, as you are required to do. You're now a party to a criminal conspiracy.
4. Instead, you arrange for a payment to be made from AWS to an account in some pre-determined amount to communicate the confidential or legally sealed information that you conspired to steal.
Let's review. You're engaging in a criminal conspiracy to share restricted, sealed legal information with a foreign government. You are doing so by fraudulently stealing/embezzling money from your employer in a predetermined amount.
If that's not clearly understandable to you as a "bad thing" and a fraudulent activity, you're overthinking, lack any sense of law and ethics, are lacking cognitive ability, are a troll, or are just a schill for whatever team you're rooting for.
> You are doing so by fraudulently stealing/embezzling money from your employer
In this scenario Amazon is contractually obligated to pay Israel (unless they determine that they can't legally). If this employee is dutifully fulfilling that obligation in compliance with any relevant company approval process or other policies, then it's certainly not theft or embezzlement.
You seem to be adding a twist of "what if this is some random employee, not the one authorized to make the payments"? In that case sure, they might be defrauding their employer, but that has very little to do with the contract that this story was about.
It's like saying "what if instead of making the authorized payment to Israel, they keep the cash for themselves, then steal some monitors and assault some colleagues"? We've come up with a hypothetical where crimes are committed, yes, but it's hard to see how Israel would be to blame or would even be relevant.
In this scheme, the government would be deprived of its legal right to obtain information about a business's customer without the consent or knowledge of said customer.
In many/most? cases, a customer can be notified and can attempt to block such information gathering, but there are also many where it's not permitted.
No, speeding and nearly every other traffic offense is just brazenly doing the thing. There’s no deception required to facilitate drunk and disorderly conduct, trespassing, dumping your sofa by the side of the road, or just walk up to someone and start beating on them.
if you beat someone up you are defrauding their insurance company that has to pay for it and the govt that now has an injured tax payer that can’t pay taxes as well as a tax payer that wasn’t beat up. Can you prove that insurance companies don’t have to pay a single dollar if you beat someone up?
IE criminal intent vs criminal activity, critically the criminal activity only needs to be intended not actually occur for it to be fraud. Specifying which criminal intent is applicable is reasonable but nothing I said was incorrect.
The victims are the people being deprived of their legal protections.
Not everyone agrees which information should be protected but sending information can be a form of harm. If I break into your bank, find all your financial transactions, and post it on Facebook, I have harmed you.
Courts imposing gag orders over criminal or civil matters is a critical protection, and attempting to violate those gag orders is harm. The specific victims aren’t known, but they intend for there to be victims.
The payoff for AWS is the contract itself. Ultimately, it’s Israel that benefits from this information but being paid by your employer to commit fraud in a call center counts even if you’re not getting a cut of that specific victim.
IANAL, but all criminal definitions of fraud that I am aware of require an intention to harm to a victim. It's kind of hard to argue that sending money fulfills this criteria.
The harm is not to the recipient of the funds in this case, but to the investigating authorities, who have had the secrecy of their subpoena compromised.
There is wide latitude in the criminal code to charge financial crimes. This reminds me a bit of Trump's hush money conviction. IIRC, a central issue was how the payment was categorized in his books. In this case, there would be a record of this payment to Israel in the books, but the true nature of the payment would be concealed. IANAL, but I believe that is legally problematic.
The investigating authorities aren't being defrauded though; making someone's job harder isn't fraud. Google or Amazon could be committing other crimes,[1] but not fraud.
[1] If they actually violated a gag order, which realistically they won't. In all likelihood there's language to ensure they're not forced to commit crimes. Even if that wasn't explicit, the illegality doctrine covers them anyway, and they can just ignore any provisions which would require them to commit crimes.
Possibly, depending on intent. But even if so, obstruction of justice is not fraud.
> the real crime is treason
This hypothetical crime (which I'd say is highly unlikely to occur) would definitely not be treason, which has a narrow legal definition. We're not at war with Israel.
>Possibly, depending on intent. But even if so, obstruction of justice is not fraud.
Sure, but it's a crime still. Not just something neutral.
>This hypothetical crime (which I'd say is highly unlikely to occur) would definitely not be treason, which has a narrow legal definition. We're not at war with Israel.
No, just on several on behalf of them.
Which one feels should also have been part of this "narrow legal definition".
Almost all crime requires some form of lying, at least by omission and often of the explicit sort. Fraud though, is much more narrow than "they deceived but also crimed"... and anyone saying otherwise should be so embarrassed that we never have to hear their halfwittery ever again.
Americans get legal protections for their private health data because the disclosure of such information is considered harmful.
Other countries provide legal protections for other bits of information because disclosure of that information is considered harmful to the individual, it’s that protection they are trying to breach which thus harms the person.
How is this related to the fraud discussion in this thread? Illegal disckosure of confidential information is usually handled by a separate legal framework.
Stuff is generally also fraud rather than only being fraud. We don’t know the details of what else happened so we can’t say what other crimes occurred.
Same deal as most illegal things public companies do also being SEC violations.
The same action can break multiple laws. Unlawful discharge of a firearm is a crime, but it can also kill someone and thus break a different law. https://www.azleg.gov/ars/13/03107.htm
Here we don’t know which specific laws were broken because we lack details, but the companies definitely signed a contract agreeing to commit fraud.
Anyway, the comment I responded to had “require an intention to harm to a victim” it’s that aspect I was addressing. My point was the transmission of information itself can be harmful to someone other than the recipient of that information. So the same act fulfills both aspects of fraud (deception + criminal intent), and also breaks some other law.
The signal based on private information is what’s causing the harm not the movement of money. They could cause the same harm by encoding a signal in the timing of a money transfer, or hell using carrier pidgins.
I could send your username and password using similar methods, the medium doesn’t matter here but the signal and their attempt to hide it does.
What's the "dodge" here? All these companies already have a large presence in other countries. They can adjust employee counts in each of these locations as they see fit.
Let's say you make companies pay a tax per non-US employee. So they transfer the non-US employees to a contractor, and pay the contractor. This is often the default arrangement anyway. What do you do now?
You would need China-level capital controls to make this work and that is not compatible with the dollar remaining as a reserve currency. Nor will Congress or the Supreme Court go for it.
Yup. This is not difficult and it’s a fairly bounded problem. Only a few hundred companies are capable of the level of outsourcing that is considered significant. And those companies are highly sensitive to regulatory demands
"This is not difficult and it’s a fairly bounded problem"
Epic handwave. And you're wrong btw. If anything small business outsources even more than large companies. Tons of small business owners have zero US employees but have a personal assistant/CX agent in the Philippines, IT contractor in Latam, design contractors in Eastern Europe, etc.
The only hard dependency I am still aware of is write operations to the R53 control plane. Failover records and DNS queries would not be impacted. So business workflows would run as if nothing happened.
(There may still be some core IAM dependencies in USE1, but I haven’t heard of any.)
We don't know that (yet) - it's possible that this is simply a demonstration of how many companies have a hard dependency on us-east-1 for whatever reason (which I can certainly believe).
We'll know when (if) some honest RCAs come out that pinpoint the issue.
I had a problem with an ACME cert terraform module. It was doing the R53 to add the DNS TXT record for the ACME challenge and then querying the change status from R53.
R53 seems to use Dynamo to keep track of the syncing of the DNS across the name servers, because while the record was there and resolving, the change set was stuck in PENDING.
After DynamoDB came back up, R53's API started working.
reply