Poloniex | Software Engineers & SRE | Full-Time | ONSITE (Flexible WFH, All WFH Temporarily) | Boston, MA
Poloniex started as one of the first exchanges for trading cryptocurrencies and digital assets. Poloniex has attracted millions of customers and facilitated tens of billions of dollars of trades. We are dedicated to creating the most advanced digital asset exchange in the world. Join us and help build the future of finance!
Poloniex | Software Engineers & SRE | Full-Time | ONSITE (Flexible WFH, All WFH Temporarily) | Boston, MA
Poloniex started as one of the first exchanges for trading cryptocurrencies and digital assets. Poloniex has attracted millions of customers and facilitated tens of billions of dollars of trades. We are dedicated to creating the most advanced digital asset exchange in the world. Join us and help build the future of finance!
I had this same thought in 2013 and created this library which uses a few simple tests to protect from comment spam. It definitely could be improved/tuned (and oof this code I wrote is baaaad), but for many sites it is good enough.
https://github.com/mccarthy/phpFormProtect
If you build a good rapport with everyone, this is unnecessary and you can simply provide constructive feedback without sugarcoating it. The best engineers will see right through this.
Why don't they check for this particular phone in TSA security? The process is already ridiculous with shoe removal and toiletries in ziploc. Why not check the model number on my phone?
They do check for it. I've seen people pulled aside with their phone getting inspected, presumably when TSA sees a something resembling a 7 in the scanner. (They probably know what to look for)
Given that a large swath of SaaS services, infrastructure providers, and major sites across the internet are impacted, this seems harsh. Are you unhappy with PagerDuty's choice of DNS provider, or something else they have control over? I don't think anyone saw this particular problem coming.
A company that bills themselves as a reliable, highly available disaster handling tool ought to know better than to have a single point of failure anywhere in its infrastructure.
Specifically, they shouldn't have all of their DNS hosted with one company. That is a major design flaw for a disaster-handling tool.
I'm not using the service, but I'm curious what an acceptable threshold for this company is. Like, if half the DNS servers are attacked? If hostile actors sever fiber optic lines in the Pacific?
I ask because my secondary question, as a network noob, is was anybody prepared / preparing for a DDOS on a DNS like this? Were people talking about this before? I live in Mountain View so I've been thinking today about the steps I and my company could take in case something horrifying happens - I remember reading on reddit years ago about local internets, wifi nets, etc, and would love to start building some fail safes with this in mind.
I'm not using the service either, but I noticed this comment [1]. It's not the first time that a DNS server has been DDoS-ed, so it has been discussed before (e.g. [2]). At minimum, I would expect a company that exists for scenarios like this to have more than one DNS server. Staying up when half of existing DNS servers are down is a new problem that no one has faced yet, but this is an old, solved one.
Namely "Uninterrupted Service at Scale -
Our service is distributed across multiple data centers and hosting providers, so that if one goes down, we stay available."
It seems fair to expect them to have a backup dns too, but I am not an expert.
From the perspective of my service being down, my customers being pissed, and me not being notified.. yes, maybe PD should be held to a higher standard of uptime. Seems core to their value prop.
The real problem here is not the chain of marketing tech that allowed this, the issue is that the marketing message itself sucked. If the message was valuable, many people wouldn't have been bothered by receiving it.
As for the message itself, if their intent is to sell you that specific item you searched for, they should say so. Of course, they need to avoid the creepy-factor, which, along with laziness are the two reasons they may have ended up with the junky message you received.
> The real problem here is not the chain of marketing tech that allowed this, the issue is that the marketing message itself sucked. If the message was valuable, many people wouldn't have been bothered by receiving it.
I disagree. This sounds like the rationalization marketing folks put forward, namely that they're actually helping people. No, they are not. At best, they're shoving messages into peoples' faces. At worst, they're shoving poisonous radioactive garbage messages full of lies into peoples's faces. The range of behaviour here is from mildly annoying to outright malicious. Very rare is the case when unsolicited marketing messages are something people are actually happy about.
I agree with you that the lazy/poisonous methods are far too common, and was exaggerating to some extent. In this case the chain of tech may be too sullied for a good message to be well-received.
I'd also like to add that as punishment for insulting the Sears marketing team, I got a piece of spam from them 20 minutes after my comment.
Poloniex started as one of the first exchanges for trading cryptocurrencies and digital assets. Poloniex has attracted millions of customers and facilitated tens of billions of dollars of trades. We are dedicated to creating the most advanced digital asset exchange in the world. Join us and help build the future of finance!
Please apply at the links above or email our Recruiter Michelle at msommerhalter@poloniex.com.