There's no particular reason an Auth system must be designed like counterexample #2. There's many ways to design that system and avoid cycles. You can leverage caching of role information - propagated via messages/bus, JWT's with roles baked-in and IDP's you trust, etc. Hitting an Auth service for every request is chaotic and likely a source of issue.
You don't necessarily need to hit the auth service on every request, but every service will ultimately depend on the auth service somewhere in its dependencies.
If you have two separate systems that depend on the auth system, and something depends on both, you have violated the polytree property.
You shouldn't depend on the auth service, just subscribe to it's messages and/or trust your IDP's tokens.
This article, in my interpretation, is about hard dependencies, not soft. Each of your services should have their own view of "the world". If they aren't able to auth/auth a request, it's rejected - as it should be, until they have the required information to accept the request (ie. broadcasted role information and/or an acceptable jwt).
There’s a million reasonable situations where this pattern could arise because of you want to encapsulate a domain behind a micro service.
Take the simplest case of a CRM system a service provides search/segmentation and CRUD on top of customer lists. I can think of a million ways other services could use that data.
The article doesn't make that claim. For example, the service n7 is used by multiple other nodes, namely n3 and n4. There is no cycle there, so it's okay.
but why is having multiple paths to a service wrong ? The article just claims "it does bad things", without explaining how it does bad things and why it would be bad in that context.
Treating N4 as a service is fair. I think the article was leaning more toward that idea of N4 being a database, which is a legit bad idea with microservices (if fact defeating the point entirely). My takeaway is that if you're going to have a service that many other services depend on, you can do it but you need to be highly away of that brittleness. Your N4 service needs to be bulletproof. Netflix ran into this exact issue with their distributed cache.
Youtube really wants to send me down the alt-right pipeline. I watch a few WW2 history videos and suddenly I must identify with "Mr Mustache" as the kids say. TikTok wants to radicalize me the other way, and shows me every video of a cop abusing their power that they can find. It cuts both ways.
I think what's killing Dems is that they don't understand the medium. Mamdani did really well by making good social media posts. Him and Trump had a grand old time at the whitehouse because they have a competent grasp on social media in common. Newsom has been trolling lately and his approval ratings are only going up.
Dems being a million years old is killing the dems.
> I think what's killing Dems is that they don't understand the medium.
Generally agree, but
> Him and Trump had a grand old time at the whitehouse
Yeah, but that wasn't entirely positively received, despite his earlier social media success. Him buddying up with Trump was a huuuuge turn off for me.
> Newsom has been trolling lately and his approval ratings are only going up.
Newsom's content is also a huge turn off for me, and I am not convinced that his supposed approval ratings are not simply more CTR type machinations from the DNC. Maybe there's some segment of the population that genuinely wants whatever the hell Newsom is pushing content-wise, I certainly don't have #s on my side. Mamdani's efforts - Trump buddying aside - were much better.
> Dems being a million years old is killing the dems.
Yes, but I think age is simply a proxy for a number of other highly correlated behaviors and positions. Most progressives can name a couple of >70yo dems for whom these complaints do not apply.
Mandani did really well in NYC which is entirely consistent with the social media helping the left in urban cores but hurting elsewhere.
I think it is structural about the medium because it elevates the profile of relatively rare things like crime or ‘wokeness gone amok’ that dems are losing on. Similarly, with regards to ICE, it is helping dems by also raising the profile of rare incidents. But on net I think this sort of coverage hurts dems more than it helps.
It isn't like the left was doing well in rural America before social media: people in the urban cores just didn't know what was going on there, and they didn't know what was going on the urban cores. But when I was growing up, people thought Bill Clinton was a communist in league with Castro.
Valve is not building all this Linux Compatibility out of the goodness of their hearts. They are doing it to avoid being shutdown by Microsoft, who effectively had a monopoly on the OS people used to play games.
It's a bit of miracle that Valve beat MS to the punch and built momentum behind Steam as the marketplace for games. They know this.
If gamers move to Linux and all the compatibility issues are solved, Valve is not going to pick a different passion project. Conversely, as long as Microsoft has a monopoly on OSes for gaming, Valve will support linux gaming.
Sure, none of that is untrue, but they could still engage in rent seeking behavior. They could start requiring subscription fees for stuff that previously didn't require it (like start capping download speeds unless you're part of "Steam+" or something), or blacklist any distro that isn't SteamOS, or make it difficult or impossible to install games from third-party stores (like GOG) on Steam Decks or their upcoming Steam Boxes.
I'm not saying that this still will happen, and it's fairly likely that it won't happen, but I just think we should be mindful for it. Twenty years ago, pretty much everyone in the tech world loved Google.
Before SSR (unless you were using PHP I guess) you had to ship a shell of a site with all the conditionals being decided only AFTER the browser has gotten all the HTML + JS pulled down. If you need to make any API calls, you've delayed rendering by hundreds of milliseconds or worse (round trip to your server)
With SSR, those round trips to the server could be down to single-digit milliseconds assuming your frontend server is in the same datacenter as your backend. Plus you send HTML that has actual content to be rendered right away.
A truly functional pageload can go from seconds to milliseconds, and you're transferring less data over the wire. Better all around at the expense of running a React Server instead of a static file host.
They are the same species, but it's a Brussel-sprouts vs Broccoli type situation where they started as the same plant but have been selectively bred for different purposes
The THCa/Delta8 stuff is not brussel-sprouts vs. broccoli. They difference is in timing around harvest and process. They're growing many of the exact same cultivars as what is sold in a proper dispensary (and indeed, much of what is sold in dispensaries would actually qualify because they actually have very low levels of Delta9 in them)
You can effectively just under-cure the exact same plant and get something that comes in under the limit.
They were taking very low % hemp that is supposed to be for textiles and extracting the little THC there was into low quality vapes. Because they didn't need the state growers licenses to grow hemp, there was no mechanism to test for pesticides and such. When we do have all that infrastructure for legal THC regulation, why allow people to sidestep all that?
> They were taking very low % hemp that is supposed to be for textiles and extracting the little THC there was into low quality vapes.
This is not at all what was happening. These aren't some special strains or cultivars where there is a remnant of THC that is getting squeezed out from a large quantity of plants to make a small quantity of product - they are same strains and cultivars being used by the legal dispensaries. It is a matter of timing and process - harvest and undercure the flower and it will not have converted enough THCa to Delta9 THC to hit the legal limit. In fact, many legal operations follow similar timing on harvesting and similar processing - the flower in your local dispensary is still mostly THCa, and a good chunk of it is likely under the limit for D9 THC as well.
Much if it is effectively the exact same thing under a different label.
> When we do have all that infrastructure for legal THC regulation, why allow people to sidestep all that?
I do agree here. There's no need for the unregulated market when a proper legal market exists.
I'm not sure I understand how this is particularly nefarious. It complies with the law as written, and results in a significantly better product for those choosing to consume it.
>I'm not sure I understand how this is particularly nefarious. It complies with the law as written, and results in a significantly better product for those choosing to consume it.
Perhaps "nefarious" is too strong a term, but the intent (at least in states that have legal cannabis) AFAICT, is to avoid the regulations around testing for adulterants, potency, etc.
In most states with legalized cannabis, testing for a variety of harmful ingredients and the potency of specific products is required for those taking part in the legalized cannabis trade.
Those growing, packaging and distributing "hemp" products are not subject to such testing regulations.
That may not be nefarious, but avoiding such regulation increases the likelihood of harmful additives (chemical pesticides and other adulterants) and unknown potencies. This would likely increase the chances that unscrupulous vendors will sell (knowingly or unknowingly) harmful/dangerous products.
And given that the products are essentially the same, that gives those who don't have to pay for testing or go through the marketplaces defined by state laws, giving those folks an advantage over those who follow state law.
What's more, folks who avoid extant law through this loophole, are not incentivized to make safe, tested products.
So maybe not "nefarious," but certainly anti-consumer with perverse incentives to create and sell harmful products.
> Perhaps "nefarious" is too strong a term, but the intent (at least in states that have legal cannabis) AFAICT, is to avoid the regulations around testing for adulterants, potency, etc.
My (perhaps incorrect) understanding is that the majority of the sales are happening in the 26 states without recreational marijuana, however, and that many consumers in the recreational states are still choosing to go with the dispensary product vs. head shop/liquor store/etc.
As someone in a non-rec state, as much as I would prefer the dispensary option with stricter regulations, it's still much more regulated than "the dude whose house i show up with and venmo him some money and get a bag that came from god knows where"
>My (perhaps incorrect) understanding is that the majority of the sales are happening in the 26 states without recreational marijuana, however, and that many consumers in the recreational states are still choosing to go with the dispensary product vs. head shop/liquor store/etc.
I don't know if that's the case, but it wouldn't surprise me at all.
I'm not sure what you mean WRT "hemp" being more "regulated" than the black market. Even though I live in a (now) legalized state, there's still a thriving black market, both for folks who have been growing for decades who maintain a positive reputation among distributors/wholesalers, and those who purchase out-of-state product (that's tested and sold legally in those other states) without tax or records, and can then undercut the legal dispensaries.
I'm not familiar enough with the "hemp" growers/sellers, but IIUC, since it's not supposed to be used as a mind-altering substance, the testing and purity regulations may not apply.
All that said, things are a mess WRT to cannabis in the US. Some states are doing it well, others are not. And the Federal government, while not irrelevant, has not made progress in this area -- and that includes the "hemp" loophole which (and I could be mistaken here) isn't regulated at all.
Hopefully sometime in the future the states and the federal governments will get it right. Which is often how these types of issues are addressed in the US -- study the issue carefully, choose the path that is least effective and most harmful, then iterate, trying less bad and less harmful "solutions" as you go along.
> I'm not sure what you mean WRT "hemp" being more "regulated" than the black market.
Just basic laws around farming. For example, lead arsenate is banned in the US, and I trust the hemp farmers to not be using it as much as I trust any similar operation, but someone illegally growing stuff? They're already breaking the law. And who knows where it was grown to begin with?
And in general, there are companies behind all of this. There are names. Legal recourse if shit goes wrong. Who am I going to sue if I find out that the shit Bob has been selling me has been full of harmful pesticides or if the oil was full of some harmful additive, etc.?
Legal recourse is definitely an upside of not dealing with a black market. I agree.
I'm not familiar with the laws around hemp growing and/or the Federal loophole, but I hope you're right about at least minimal regulation (and legal recourse for) of non-consumable products, especially if they're being consumed (can you sue the makers of clothing or rope if you get sick eating or smoking their products?).
As I said, hopefully we'll eventually get to a sane policy regarding cannabis.
If it was a textile-style-hemp farmer getting the last few bucks out of their crop via a loophole, that I can understand. Not great, but I can rationalize it.
Someone growing the same plant that is regulated by California but decides they don't need testing or licenses is just plain anti-social. You can't not know you're doing something wrong in that case.
I don't understand how this has anything to do with federal hemp law, under federal law marijuana doesn't have any testing requirements either as it's just plain illegal. So what does California have to gain in testing by dumping hemp into the marijuana bucket at a federal level, neither of which improves the testing requirements in California? California could simply require hemp to be tested, but making hemp federally illegal does nothing on that point.
The only answer I can think of is that hemp grown outside of California was competing with california 'legal' weed, the testing angle is non-sensical since this change in law moves hemp from 'kind of required to be tested (but none of the DEA testing implemented, so it's done privately and sometimes not at all), but poorly' to 'illegal' and marijuana still at 'illegal'.
In general this kind of excuse is used by incumbents to pass laws to thwart competition.
You have some regulatory framework which has already been created by captured regulators, so it has a couple of rules that it ought to have (always the ones pointed to in order to justify it) and then others that exist merely to exclude competitors or make sure fixed costs are high enough that only large incumbents can meet them.
The latter set of rules are unreasonable so the market finds a way around them. The incumbents then call this a "loophole" and insist that the competitors be forced into the entire framework rather than just the subset of reasonable rules they'd be able to satisfy without being destroyed. Which destroys them, as intended.
Does HDD vs SSD matter at all these days? I can think of certain caching use-cases where swapping to an SSD might make sense, if the access patterns were "bursty" to certain keys in the cache
It's still extremely slow and can cause very unpredictable performance. I have swap setup with swappiness=1 on some boxes, but I wouldn't generally recommend it.
Building the fuel refinery is a high upfront cost which will quickly disappear. The delta-V required to exit Earth's surface is nearly an order of magnitude higher than what's required to exit the Moon's surface, and the moon is full of fuel.
reply