Sounds about right. This keeps happening at my job, executives throwing good money after bad in an attempt to get some return on their investment. If we had just cut our losses years ago we’d be in a much better place now.

Where would you host the script? If it’s expected that the server that fires it off is always online and performing health checks, why not have it host a load-balancer? Or another local instance of the website? It’s something fun to play around with, but if this is for anything beyond a fun exercise there are much better ways to accomplish this.

If you don’t want to mess with another VPS you can use a global server load balancer (GSLB) provider like Akamai, Cloudflare, Azure, etc.

This being a self-host community though it’s unlikely you’d want to pursue something like this, but without knowing more about your specific use case it’s tough to make a recommendation.

If global high-availability is your primary goal then a hosted solution is probably best.

If this is just an exercise you and your friend are working on for giggles and it’s not for a mission-critical Production instance, then presumably self-hosting a load-balancer on each of your servers that includes both nodes in a target group would achieve this, though somewhat counterintuitive; if the website goes down at either location, I would imagine there’s a pretty high likelihood the LB itself would be down as well.

I hear you, but there’s no reason to be angry.

When I first learned of the issue, my first thought was, “Hey our update policy doesn’t pull the latest sensor to production servers.” After a little more research I came to the same conclusion you did, aside from disconnecting from the internet there’s nothing we really could have done.

There will always be armchair quarterbacks, use this as an opportunity to teach, life’s too short to be upset about such things.

Let me tell you about my mother

Crowdshite haha gotem

sungloc.utus

What about this scenario:

• you keep your main garage door, side doors, and windows locked
• provide a key to anyone who wants to borrow your lawnmower or whatever
• someone discovers a window you mistakenly left unlocked and starts using it to take stuff without using a key

Would this be considered breaking in? Probably. Here is where the analogy breaks down; if I were to leave the front door of my house unlocked, even if there’s a welcome mat outside, anyone who enters without my knowledge or consent can be charged with breaking and entering (yes, even though no actual breaking is involved).

The interesting thing with public APIs is that there are generally terms and conditions associated with creating an account and acquiring a key, though if you are hitting an unauthenticated endpoint you technically never agreed to them. In this particular case with Authy, it would probably be argued that the intent was to acquire data by exploiting a vulnerability in the custodian’s system and use it for nefarious purposes or profit. I’d call it a hack.

To build on you analogy: if you left your garage door open and people came in and started taking your things, is that not stealing?

They could bundle in my idea of having a telephone in your house, not a cell phone more like a land phone

Sorry

• • • ノ( ゜-゜ノ)

You know what they call alternative medicine when it works? Medicine.

deleted by creator

I signed up for a family plan a couple years ago and it’s honestly one of the last subscriptions I would cancel. I can justify it by the literally hundreds of hours of watching ads me and my family would have been subjected to otherwise.

Got me good

Lose the blackjack too

F91W will never not be supported

Your girlfriend has birthmarks all over her body?

The ol’ Uno reverso countersquat technique, I like it

It’s an odd position to be in; I work in the private sector but my company deals almost exclusively with government and NGO contracts, so at times I feel like I’m public sector.

What I’ve noticed is that even though the desired outcome is nearly identical for both sectors, the buzz words associated with each is what determines who responds to my job applications. As an example:

Private: IaC and Policy-as-Code, supply chain and software composition analysis, SAST, DAST, etc.

Public: Compliance automation, risk management frameworks, risk quantification (this one has generated a lot of excitement recently), etc.

This is purely anecdotal, but you may find adjusting your resume to include some of these buzzwords as applicable to the industry to which you are applying may help you get your foot in the door.

To reiterate, yes I know in the end all of these companies strive toward the same goals, whether it be passing audits or being able to demonstrate prudent security practices to clients, sometimes the hiring manager is looking for specific terminology and will discard any applications that exclude it.