Storage: $1.3 million dollars per year.
Servers: $2.9 million dollars per year.
Registration Fees: $6 million dollars per year.
Total Bandwidth: $2.8 million dollars per year.
Additional Services: $700,000 dollars per year.
Current Infrastructure Costs (as of November 2023): Approximately $14 million dollars per year.
我比較感興趣的有幾塊,一個是標題提到的簡訊,在「Registration Fees」這個段落的說明裡可以看到列了兩個項目,一個是下載 Signal 的費用,另外一個是簡訊 SMS 認證的費用:
Signal incurs expenses when people download Signal and sign up for an account, or when they re-register on a new device. We use third-party services to send a registration code via SMS or voice call in order to verify that the person in possession of a given phone number actually intended to sign up for a Signal account.
這邊有些要確認的,下載軟體的頻寬應該是包括在 Total Bandwidth... 而且推敲起來,金額應該不算大:
The cost of these registration services for verifying phone numbers when people first install Signal, or when they re-register on a new device, currently averages around $6 million dollars per year.
另外一個感興趣的是頻寬的部分,裡面有提到有一個比較吃頻寬的項目,是處理不在通訊錄上面的通話或是視訊。這邊 Signal 為了避免 IP address 的洩漏,會避免直接讓兩邊接通,而是透過 relay 接通:
To take one example, Signal always routes end-to-end encrypted calls from people who aren’t in your contacts through a relay server that obscures IP address information.
At current traffic levels, the amount of outbound bandwidth that is required to support Signal voice and video calls is around 20 petabytes per year (that’s 20 million gigabytes) which costs around $1.7 million dollars per year in bandwidth fees just for calling[.]
In total, around 50 full-time employees currently work on Signal[.]
To sustain our ongoing development efforts, about half of Signal’s overall operating budget goes towards recruiting, compensating, and retaining the people who build and care for Signal. When benefits, HR services, taxes, recruiting, and salaries are included, this translates to around $19 million dollars per year.
„Wenn Verbraucher:innen die ,Do-Not-Track‘-Funktion ihres Browsers aktivieren, ist das eine klare Botschaft: Sie wollen nicht, dass ihr Surfverhalten für Werbe- und andere Zwecke ausgespäht wird“, sagt Rosemarie Rodden, Rechtsreferenin beim vzbv. „Webseitenbetreiber müssen dieses Signal respektieren.“
“When consumers activate the 'Do Not Track' function of their browser, it sends a clear message: They do not want their surfing behavior to be spied on for advertising and other purposes,” says Rosemarie Rodden, legal officer at vzbv. “Website operators must respect this signal.”
Amazon on Wednesday said it will launch an independent cloud for Europe aimed at companies in highly-regulated industries and the public sector.
這邊講的「完全獨立」,除了東西都放在歐洲以外,連員工都是歐盟員工:
Customers of the new system will be able to keep certain data in the European Union and only EU-resident AWS employees who are located in the 27-nation bloc will have control of the operations and support for the sovereign cloud.
這個作法倒是頗特別的,看起來是想要試著說服歐盟這樣是 OK 的?推出的時候可以看看還有什麼特別的東西?
[Tue Jul 18 12:58:29 2023] igb 0000:04:00.0 enp4s0: igb: enp4s0 NIC Link is Down
[Tue Jul 18 12:58:48 2023] igb 0000:04:00.0 enp4s0: igb: enp4s0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX/TX
Oct 4 10:55:58 myserver Tor[991]: http status 400 ("Tor version is insecure or unsupported. Please upgrade!") response from dirserver 1.2.3.4:80. Please correct.
本來想說可以裝 Tor 官方的版本 (官方有提供 apt repository),結果發現官方不支援 Raspberry Pi 一代用的 armhf 了,只好另外找...
While working on documents in the Snowden archive the thesis author learned that an American fabless semiconductor CPU vendor named Cavium is listed as a successful SIGINT "enabled" CPU vendor. By chance this was the same CPU present in the thesis author’s Internet router (UniFi USG3). The entire Snowden archive should be open for academic researchers to better understand more of the history of such behavior.
Ayup. We use AWS CloudHSM to hold our private signing keys for deploying field upgrades to our hardware. And when we break the CI scripts I see Cavium in the AWS logs.
Now I gotta take this to our security team and figure out what to do.
We're currently experimenting with this change in Chrome version 115, working to standardize the behavior across the web, and plan to roll out the feature to everyone soon.
主要的差異是在於,即使你輸入或是點擊的連結是 http://,他還是會優先嘗試 HTTPS:
Chrome will automatically upgrade all http:// navigations to https://, even when you click on a link that explicitly declares http://.
只有在 http:// 連結遇到 upgrade 到 HTTPS 失敗時才會回頭用 HTTP:
This works very similarly to HSTS upgrading, but Chrome will detect when these upgrades fail (e.g. due to a site providing an invalid certificate or returning a HTTP 404), and will automatically fallback to http://.
