At a very basic microbenchmark level, I use stream, netpef, a few private VM stress tests, etc. But the majority of my testing is done using real production traffic.
Same here, on occasion, but I've found they typically make you whole when you get a dud.
Good example:
I bought two collapsible milk crates. They loaded all my groceries into them in the store.
When I got home and lifted the first crate out of the car, it had too much weight inside, the bottom fell out and two bottles of wine shattered.
I told them the story when returning the crate two weeks later, they waved me off when I said I had a pic, told me it wasn’t necessary, and refunded the wine without being prompted.
Trying to get wine refunded with most other retailer would probably require talking to a manager and making a scene.
When I worked for MSN/Hotmail around 2000-2003, there were dozens of helpdesk folks who had access to an admin panel to easily view any email and could view/edit PII for anyone with very little (if not zero) accounting or auditing. It was protected by plaintext auth and open to the internet.
One employee told me that he caught his wife cheating by reading her mail.
Another used it to recover their own stolen EQ account worth thousands.
I personally used this access to help a friend recover a hacked/stolen Hotmail account. I told them the email address, what had happened to it, and they forwarded me a screenshot of their Passport.NET PII details for them to use the self-service password reset.
Just prior to your mentioned timeline Hotmail was vulnerable via query string params. A rather non-technical friend of mine brought this up in conversation and I didn't believe him, so he told me to log in to my account. He took a quick look at the URL and wrote down a param, then logged into my account on his machine. IIRC it was patched about month later but still, those early days of the web were pretty wild.
In 2002-2003 you could access anyone else's Hotmail account by going to your own Settings page, adding an input field with the ID "SignInName", entering the email address you want to switch to, and clicking Save.
Do you think things like this happen regularly nowadays? Most companies have logging in place but I'd assume there isn't resources to audit those logs unless a compelled by an outside complaint...
I've worked at some rather large companies with insanely relaxed security and auditing standards. I think it's even worse now than before because cloud providers make setting up a database cheap and simple. So today an individual or small team can throw together a production-scale MongoDB in a few hours and start filling it with potentially PII; whereas 10 years ago, something like that stood a good chance of having at least one external DBA/IT-person consulted before going into prod.
My line of thinking is to assume auditing and access controls are lax unless the data in question is part of the company's secret sauce, or is regulated by the government.
I remember knowing people on IRC who "had friends at Microsoft" who could do this kind of stuff to your MSN account, and I heard of people having their accounts stolen, but I never believed it. Guess there was some truth to it...
AvE tore one of their machines down awhile back[0]. It's so over engineered, I was wondering how they'd ever make money back with their business model.
> This is what you get with no constraints. Building something that lasts and doesn't break the bank is what's hard. This thing will last forever, but it's a machine to squeeze pre-masticated fruit in a plastic bag that costs $400.
I've watched this before and just skipped through to find that bit, but I'm fairly certain he also mentions at one point how they're almost certainly selling the juicer itself at a loss, which makes the whole thing that much more absurd.
Actually I want more than one (I want the motor...)
Anyone have the specs on the motor specifically (and please ignore my naivete): max RPM vs power consumption -- what about the power of these motors would be preferable to those on a boosted board (or reverse)?
Yes, absolutely, but it can be gutted for parts or rewired to bypass the API. The latter is not straightforward but someone did so in a video posted in these comments.
I love how Bolt.io tore down a pair of Beats headphones and came to the opposite conclusion -- that they were a ripoff and that the components inside in no way justified the pricetag.
But, take a look at the quality of the internals of Juicero vs. Beats headphones and realize that one of the companies is worth $1.5B while the other is shutting down.
That "Beats" teardown was with a counterfeit pair of headphones.
Even so, I don't think a large difference between the BOM and the price the consumer pays is necessarily a ripoff. There's more to a product than simply how much it costs to manufacture.
> Even so, I don't think a large difference between the BOM and the price the consumer pays is necessarily a ripoff.
Actually, in some jurisdictions, if that difference goes over 12.5% of the paid price, and the customer is not specifically informed about this (and about potential cheaper competitors), the contract is not valid.
Germany used to have laws similar to this for centuries (also in terms of a limit of how high interest could be, and a general profit limit, see "Wucher"), but many parts of these rules have been removed over the decades and centuries.
The counterfeit pair probably had a more reasonable frequency response than the genuine product it was trying to imitate, so much for Beat's famous distorted bass.
Holy crap. That's the kind of thing I expect from undergrads who don't know what COTS stands for.
Like how do you convince yourself that this is a sane design for something more than a prototype? Using more off the shelf stuff might result a little more weight and a higher overall part count but the cost savings would be huge.
As I kept watching the video I thought the word "overengineered" was the completely wrong word, and AvE himself addresses it perfectly in the end: It's "underengineered", "underdesigned" but "overbuilt".
I always assumed that the revenue was going to come from selling the bags of fruit. The machine is easily and cheaply cloned, but a network for distributing prepackaged produce would be much harder to copy and provide the recurring revenue that really matters.
I've wondered if some of the problem here is how many people involved are so well off, the VCs especially, that they've forgotten what $40/week is to the vast bulk of people in the world, or even in the industrialized countries. That's on the order of 5% of the median total income and a great deal more than 5% of the median disposable income in the US. I wonder how many people just forgot how expensive that is and how small the market is for that level of extravagance.
Previous gen Xbox dev kits generally had double the RAM and came with a Visual Studio license. They were very expensive. Now you can pay $19 to unlock a retail Xbox One to run any code you like with a 1GB RAM limit.
If you're that paranoid, you might want to also keep in mind that it would be far more reliable to shoulder surf via video surveillance. As a bonus, it even works with radios disabled.
Source Depot. Forked years ago with tons of added features. Various Halo titles also used it and had easy to use integrations with most of the art and design pipeline tools.
