Funny thing I had a paranoid freakout too before I got hacked on AWS, I had bought a visa gift card and that’s what I put in as a payment card on AWS. Of course they know where I live and could still screw me, but they would have to do it on their own dime.

They make it really hard to leave or just use a specific service only. I use them for DNS, objectively it’s supposed to be cheap AF pay yearly, but now I have to pay $2 a month just to do all the auxiliary stuff to notify me that I got hacked.

I’m buying a server rack soon and just got a full symmetric fiber line put in so I can do my own hosting.

It’s not fun, I got hacked through an archived git repo, for when I was learning to use AWS, following tutorials and whatnot.

Forgot about it for years, then out of nowhere got hit for 27k…needless to say I said good luck collecting that shit.

They waived it all granted I logged in and deleted all resources that were running as well as removed all identities. Sure as hell I did that and saw a ton of identities out in the middle of nowhere. Fucking hackers ran up a shit ton of AWS sagemaker resources trying to probably hack some dude’s wallet.

Every time I see a tutorial on how to deploy x in AWS, I get pissed. The newbies need to learn about administration before they start deploying shit on cloud infra.

That document doesn’t say what layer. But it does say it supports Websockets.

Just odd that when I try to set it up using a named tunnel I don’t get an option to specify the WS service type. However it does require a service type if you want to connect to it.

Looking at this page it would seem that it’s a layer 7. Although I could be wrong, but my front end app has issues finding my backend service for websockets.

Granted I even tried to connect to my private computer using other protocols. I couldn’t get through. Anyway I’m most likely going to be taking that project offline soon.

Cloudflare tunnels are layer 7, so it’s not unlimited access by any means. This also means that certain things will break btw, for example if your website uses websockets to load information, that isn’t supported.

Next, I’d put the computer that is going to be hosting into an isolated vlan of its own and access via external URL only.

If you’re going to use docker images, make sure to vet that they’re updated often and always spin up the latest.

Former healthcare to software engineer working on a master’s here. My colleagues who were licensed back in healthcare weren’t all of the same quality. They all made mistakes at one point or another, some pretty bad some minor. There’s no difference though, minor could just as well become major.

The way they get around it in healthcare is by throwing more people at the problem. You have a physician who is good at pointing in the general direction of the problem and a solution, then you have all the auxiliary staff who will narrow down on the solution based on their field. But at any single point all of them could fuck up, or one of them could.

Now that I’m a software engineer and I’ve written enough code to do stuff. I can confidently say that licensing will not solve this problem. Especially if there aren’t enough people involved. Which is probably what was missed in the beginning.

Anyway long rant over.

So they can’t sue you after the crash cuz no one survives it.

They’ll probably have kamikaze mode for when it detects a crash about to happen it speeds up.

Haha thanks for the good chuckle

This brings back some nightmares. Once I get them working I never upgrade or even look at them.