Imgur 改變使用條款,把 Imgur 的圖片都搬回本機上

Hacker News 上看到 Imgur 的使用者條款改變的消息:「Imgur will ban explicit images on its platform this month」,在 TechCrunch 文章標題提到的東西對 blog 影響不大,反倒是公告裡面另外提到的事情比較傷。

Imgur 在「Imgur Terms of Service Update [April 19, 2023]」這邊提到了:

Our new Terms of Service will go into effect on May 15, 2023. We will be focused on removing old, unused, and inactive content that is not tied to a user account from our platform as well as nudity, pornography, & sexually explicit content.

所以很少被存取的內容也會有機會被移除掉,這導致一堆小的 blog 或是 forum 用到的內容也會爛掉。

所以決定先搬出來,掃了一下 WordPress 資料庫裡面的內容,把檔案先拉下來,弄個 CloudFront 擋在前面 (有 free quota 的關係),然後把資料庫裡面的連結整批換掉。

另外是新的內容要丟哪裡,所以用 PHP 寫了一個很簡單的 self-hosted image server,程式碼在 GitHub 上面可以翻到:「i.gslin.com」。

裡面除了 PHP 以外,也練了一下 javascript,收 paste 事件把 image/png 的資料用 fetch() 傳到 server 端處理。

現在功能還很陽春,但至少能開始用,之後再逐步加功能上去。等功能變多變複雜之後,可能會用 Composor 掛套件上去... 但現在還算簡單,一個 upload.php 處理所有事情就好。

歐盟通過 Digital Markets Act 與 Digital Services Act

Hacker News Daily 上翻的時候看到的大消息,歐盟通過了 Digital Markets Act (DMA) 與 Digital Services Act (DSA):「EU Approves Landmark Legislation to Regulate Apple and Other Big Tech Firms」,這兩個法案會直接衝擊大企業壟斷的情況。

找了一下中文的資料,iThome 有報導:「歐洲議會通過《數位服務法》與《數位市場法》!傳訊服務必須互通,不得禁止使用者採用第三方App Store」。

其中 MacRumors 上的文章整理的蠻清楚的,DMA 包括了:

  • Allow users to install apps from third-party app stores and sideload directly from the internet.
  • Allow developers to offer third-party payment systems in apps and promote offers outside the gatekeeper's platforms.
  • Allow developers to integrate their apps and digital services directly with those belonging to a gatekeeper. This includes making messaging, voice-calling, and video-calling services interoperable with third-party services upon request.
  • Give developers access to any hardware feature, such as "near-field communication technology, secure elements and processors, authentication mechanisms, and the software used to control those technologies."
  • Ensure that all apps are uninstallable and give users the ability to unsubscribe from core platform services under similar conditions to subscription.
  • Give users the option to change the default voice assistant to a third-party option.
  • Share data and metrics with developers and competitors, including marketing and advertising performance data.
  • Set up an independent "compliance function" group to monitor its compliance with EU legislation with an independent senior manager and sufficient authority, resources, and access to management.
  • Inform the European Commission of their mergers and acquisitions.

可以看出來除了最後兩項是針對 EU 的監管機制外,其他的包括了安裝來自第三方的軟體、可以使用第三方的付款系統、可以整合系統服務、可以整合硬體功能、可以使用第三方的語音工具、可以反安裝所有的 app 以及提供平台蒐集到的資料給開發者,都是針對現在 AppleApp StoreGoogle Play 所限制的條件。

另外 DMA 也禁止了這些行為:

  • Pre-install certain software applications and require users to use any important default software services such as web browsers.
  • Require app developers to use certain services or frameworks, including browser engines, payment systems, and identity providers, to be listed in app stores.
  • Give their own products, apps, or services preferential treatment or rank them higher than those of others.
  • Reuse private data collected during a service for the purposes of another service.
  • Establish unfair conditions for business users.

而 DSA 的部份則是針對網路上的非法內容處理:

The Digital Services Act (DSA), which requires platforms to do more to police the internet for illegal content, has also been approved by the European Parliament.

其中 DMA 的生效日看起來會在 2023 年年中生效?應該是 六個月加上六個月...

Once formally adopted, the Act, which takes the legal form of a Regulation, will enter into force 20 days after publication in the EU Official Journal and will apply six months later. The designated gatekeepers will have a maximum of six months after the designation decision by the Commission to ensure compliance with the obligations laid down in the Digital Markets Act.

而 DSA 至少要到 2024 年才有機會會實施:

Once adopted, the DSA will be directly applicable across the EU and will apply fifteen months or from 1 January 2024, whichever later, after entry into force.

歐盟的市場夠大,這個應該會帶來足夠大的衝擊...

AWS CloudWatch 推出秒級的記錄功能

AWS CloudWatch 推出了秒級的記錄功能:「New – High-Resolution Custom Metrics and Alarms for Amazon CloudWatch」。

從一分鐘變成一秒鐘讓之後的調整以及 debug 好用很多... 不過這次支援秒級的是 custom metrics,原先 AWS 自家服務的支援不在這次範圍:

Today we are adding support for high-resolution custom metrics, with plans to add support for AWS services over time. Your applications can now publish metrics to CloudWatch with 1-second resolution.

另外 alarm 的時間可以降到十秒:

You can watch the metrics scroll across your screen seconds after they are published and you can set up high-resolution CloudWatch Alarms that evaluate as frequently as every 10 seconds.

對於市場上一堆服務的衝擊應該不小 XD

所以 Netflix 也往 Google Cloud Platform 嘗試了...

看到「Netflix Security Monkey on Google Cloud Platform」這則消息,看起來 Netflix 也往 Google Cloud Platform 在嘗試了。

Netflix Security Monkey 本來是對 AWS 分析,現在則是開始支援 GCP (雖然還在 beta):

Security Monkey monitors policy changes and alerts on insecure configurations in an AWS account. While Security Monkey’s main purpose is security, it also proves a useful tool for tracking down potential problems as it is essentially a change tracking system.

AWS Lambda 支援 Node.js 4.3

AWS 宣佈 Lambda 支援 Node.js 4.3:「AWS Lambda Supports Node.js 4.3」:

You can now develop your AWS Lambda functions using Node.js 4.3.2 in addition to Node.js 0.10.4.

另外同步在「Node.js 4.3.2 Runtime Now Available on Lambda」這邊也有文章介紹。

這樣總算可以拿出新的套件以及語法了...

AWS 通過的認證的證書資料連結

在「Frequently Asked Questions About Compliance in the AWS Cloud」這邊 AWS 的人列出一張表,提供了 AWS 目前所通過的認證以及證書資料。

舉例來說,在「ISO 27001 Compliance」這邊就有提供證書的 PDF 版本:「https://d0.awsstatic.com/certifications/iso_27001_global_certification.pdf」。

但也有一些證書是沒有給出來的,應該是要另外跟 AWS 要...

Amazon 的 CTO 對 AWS 十週年的想法

雖然還沒到十週年,但 Amazon 的 CTO 還是寫下他對 AWS 十週年的想法了,也是這十年來學到的經驗:「10 Lessons from 10 Years of Amazon Web Services」。

The epoch of AWS is the launch of Amazon S3 on March 14, 2006, now almost 10 years ago.

他所列出的十個主題分別是:

  • Build evolvable systems
  • Expect the unexpected
  • Primitives not frameworks
  • Automation is key
  • APIs are forever
  • your resource usage
  • Build security in from the ground up
  • Encryption is a first-class citizen
  • The importance of the network
  • No gatekeepers

原來 AWS 也十年了...

RFC7686:保留 .onion 給 Tor 的 Hidden Services 使用

看到 Tor Project 很高興的宣佈 .onion 這個 TLD 在 RFC 7686 成為 Standards Track:「Landmark for Hidden Services: .onion names reserved by the IETF」。

而且也因為成為 IETF 的標準,在 CA/Browser Forum 上更有依據討論在上面的 CA 架構:

With this registration, it is should also be possible to buy Extended Validation (EV) SSL/TLS certificates for .onion services thanks to a recent decision by the Certification Authority Browser Forum.

Amazon VPC 的 Private Subnet 不需要透過 NAT 去 Amazon S3 抓資料了

在今天之前,Amazon VPC 裡 Private Subnet 的機器需要透過 NAT 才能連到 Amazon S3 的 Endpoint API 上操作:(NAT instance 會放在 Public Subnet 裡)

出自「NAT Instances」的說明。

但在這個架構中,如果 NAT instance 不夠大台,甚至是流量需求超過 10Gbps 時就會有效能瓶頸了。而目前沒有比較簡單的方法可以解決。(一種解法是拆多個 subnet 跑,透過多個不同的 NAT instance 連出去,但這樣架構又變複雜了)

今天則是公佈了讓內部可以直接存取 Amazon S3 的方式:「New – VPC Endpoint for Amazon S3」。第一波是美國 (扣除美國政府用的區域)、歐洲、亞洲、澳洲。所以是巴西與美國政府兩個區域還沒上:

Amazon VPC Endpoints for Amazon S3 are available now in the US East (Northern Virginia) (for access to the US Standard region), US West (Oregon), US West (Northern California), Europe (Ireland), Europe (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), and Asia Pacific (Sydney) regions.

這樣是解了不少問題,不過如果可以直接解決 NAT infrastructure 的問題應該會更痛快?

Amazon 首次公佈 Amazon Web Services (AWS) 的財報資訊

在「Amazon Finally Discloses Cloud Services Sales, Showing 49% Jump」這篇提到 Amazon 首次在財報上公開 AWS 的營收資訊:

The first-ever disclosure of results from the Amazon Web Services division showed revenue increased 49 percent from a year earlier. AWS cranked out operating income of $265 million for Amazon, helping offset losses in other businesses. Net losses for the enlarged company came in at $57 million.

Amazon 的公開資訊可以參考「Amazon.com Announces First Quarter Sales up 15% to $22.72 Billion」這篇。可以看得出來到處在燒錢,但 AWS 本身是賺錢的...