Yes, but the number of hours they can withstand these reads is rather insane. I’ve seen SAS level drives with millions of hours of runtime and no bad blocks. They are pretty robust these days!
I was happy to see the FortiCloud interface was updated recently, and pushing this update was about as easy as can be. I updated over 25 devices in a span of about 2 hours the other night and it all went without a hitch.
Gstatic.com is a domain owned by Google that serves as a content delivery service that caches all unchanging files in a server near the user to reduce load times. It is used to load content from Google’s Content Delivery Network (CDN) and store static data like JS libraries, stylesheets, and images. Gstatic.com also verifies connectivity to the internet for Chrome browser and Android devices. Google hosts its static content on a specific server called Gstatic to reduce bandwidth usage and deliver the content faster. Gstatic.com also allows users to embed Google Maps images on their web pages without requiring JavaScript. Gstatic.com is not a virus, but security software may display pop-ups about it.
As one who has to manage an HA pair of PaloAltos AND Fortigates, the FortiUpgrade is just so stupid easy & quick. I don’t understand why people would wait longer than a week or two for the ‘bleeding edge’ people to test first.
Then again, my configuration is so basic there’s not much to go wrong.
It comes down to the risk appetite of the business. You mention a “secure” network, but you already have internet access. So, it seems that some access to resources on the internet is already an accepted risk. Beyond the possibility that a random attacker might leverage the gstatic CDN to attack your network, do you have any other specific threats which make you hesitant to whitelist it? Are those threats large enough that the business would consider them to great a risk to that network? Do you have other mitigating controls in place? Would something like traffic inspection or endpoint protection be a sufficient mitigating control? Can the systems with the offending app be firewalled off from the rest of the network? Could the specific assets needed by cached internally and requests for gstatic redirected? What other compensating controls can be put in place to mitigate the risk?
All that said, have you brought the issued to your management and gotten their input on the risk? In the end, it’s a business decision and should be decided on by the business leaders. If they want to take the risk of allowing that network to access gstatic, that’s on them.
Based on this quick article, softwarekeep.com/help-center/what-is-gstatic-com#…. It feels like just allowing all of gstatic is a bit of a security nightmare. I’d push back and have them identify the parts of gstatic they actually need for their website to work and allow those.
Alternatively, if this application needs a cdn but is only intended for local hosting in the secure network, perhaps a locally hosted cdn could be a good idea.
Without knowing the security in place it’s hard to do much beyond give general maybe this or that.
Depends on how secure your seecure network is, but generally speaking I wouldn't allow it. As you said, it's way to broad and gives away control of what is loading and what comes on your network.
Just subscribed, came here for the same reasons! Hoping this place can take off, because main reason I was going to give Reddit a single of iota of traffic going forward was for the Mega Patch Tuesday Threads, those are so insanely helpful that they are the first place I go before patching now. Hopefully we’ll some going in here as well, maybe our lord and savior JoshTaco will grace us with their presence as well 🤞 🚬
I initially agreed with you. I’d hate to see all of that communal knowledge lost.
Reading the other replies, I am not so sure. Do they deserve to continue capitalizing on other peoples knowledge? Yes and No. They did supply a service without which that collection would have had to be assembled somewhere else. But I don’t think they should be able to capitalize on it forever.
With the archive team and their efforts, I am less worried about “Wisdom of the Ancients” situation.
I just hope the archives will be easily accessible and searchable, preferably without having to specifically leave the search engine to search them, otherwise the knowledge will still, in practice for most people, be inaccessible.
Hey @ruud, fellow SysAdmin here! Thank you for hosting this Lemmy instance! It’s a great place, uptime has been excellent!
I’ve a question, if you’re willing to give your opinion. Hardware is not cheap and eventually it might become impossible to pay the bills to host this instance.
What kind of support model do you envision for the future of this instance? Donations, subscription, advertisements?
Thanks anyway, and good luck to you!
Edit: I see that donations are already optional. Nice! But i’m still curious, so is there other options you’ve considered for your Mastadon instance for example?
Hi, I think donations will be the way also in the future. Anything non voluntary wouldn’t work because people will just move to other servers that are free. And so far I’ve seen there’s more than enough willingness to donate.
Systems and software engineer here. I’m curious how the Lemmy project plans on scaling media uploads. It doesn’t seem feasible to host on an instance server. Even Reddit had a problem with media over the years and some subs to this day enforce offloading media to third party.
Just Postgres or Postgres + Pics? Could you give me the number for Postgres? I’m thinking in hosting my server but I have concerns abot scalability and costs in the future.
It depends on many things like the number of tables, the indexes, etc… but Postgres doesn’t work well above 1 TB. Anyway, it will take several years to reach that point. Someone will figure out a solution.
Thank you for the info. Do you have any link with the specs of your server, bandwidth, cpu/ram usage, statistics…? Anything that could help me to do the maths.
Sysadmin
Active