As a father of a 9 mo old with a sesame allergy found out the hard way with a trip to the ER... not only are we making our own bread now because of this, but also, so should you! Store bread has so much unnecessary crap in it, idk why we didn't do this sooner. It's a bummer that we basically can't eat anyone's baked goods outside of the house now, but hey, I guess the market decided I should keep my money and invest in my family, while the rest of you should enjoy the completely unnecessary calories, exposure, and expense of sesame flour.
Also, as far as I can tell, most involved in this sucks, FDA for demanding regulation without investment, lobbyists for supplying a crap solution, and manufactures for not rising above it and rarely caring about the quality of their products.
My recommendation is to boycott store bakery isles in general, invest in $BVILF, and use your kitchen to make friends with your neighbors and get everyone you know making bread/baked goods at home. It absolutely takes privilege to follow this journey, but pay it forward with the bread you can make at home with simple ingredients.
When companies install a handicap ramp in their business, it also incurs a cost. I don't blame the bread companies for their choice, and I'm in the minority now left with no choice but to boycott, and that's fine, their finance team likely said my dollars don't impact their bottomline, and they're likely correct.
I also understand that a handicap ramp is likely considerably cheaper than retrofitting a manufacturing facility or building new sesame free facilities. It really would have been nice to see an investment from my taxes to lower the cost of this burden to enable new products. Obviously, that isn't going to happen.
My point of also posting was to let you know that you're now also being exposed to sesame flour, kinda without your consent, because they value capital over quality, and that's also their choice, and a choice you're also now participating in.
You're not going to get anywhere with boycotts. Write and contact decision makers/representatives, on a fairly regular basis. You might end up just screaming into the wind, but you might also make a difference. A boycott by sesame allergy suffers of companies that aren't mindful will always have zero impact.
I think I can do both? Especially because I have no choice but to boycott or risk killing my kid? But also, YOU should boycott too, why are you eating food with crap in it?
I've used the ASEA to get a number of organizations setup. I prefer it to Control Tower (it can be installed on top of CT). The ASEA is open source and written in AWS cdk so it can be forked and modified if needed.
The guy or gal that's been working on it the last two years has slowly been working through my bucket list.
If I can just get guardrails that configure the basic AWS security foundation stuff like password policies, I'll be satisfied. And oddly enough, the CloudFormation coverage for this stuff is abysmal. We don't even allow IAM users in the member accounts, but we really need to check off this compliance box.
Seems relevant to me. The article is from your organization, and that information is something I wouldn't have known if not for the prior commenter's comment.
If they had disclosed their involvement in their profile at least I could give them the benefit of the doubt but in this case, like the other commenters, I assumed he had used the tool as a customer and had a positive experience, not that he was literally the founder of the group making the tool.
That’s not to say his opinion is not wanted, just that the potential bias should be made transparent.
There aren‘t any DMs on Hacker News, and if he didn’t post that comment I would have thought it was a disinterested commenter recommending something they had used, not somebody who works on the project. The cultural norm here is to disclose when you are recommending your own product and it’s not childish to point out when people fail to do that, it’s reinforcing that cultural norm.
Good thing they... (checks notes) ...know exactly who made the post and can reach out to them on LinkedIn or email them.
Cultural norms are reinforced by good examples, there's nothing good about snippy public comments. Reaching out to them privately isn't hard, and, dare I say it: is more inclusive. I don't think I need to explain the origin of the word assume.
It's impolite to assume on someone's behalf in public.
Could you explain how messaging in private is so hard to do if you have no problem making the comment in public...?
You seem to have a really hard time grasping that this entire comment thread we are part of wouldn't exist if OP had reached out about their concerns in private.
> It's impolite to assume on someone's behalf in public.
They asked a question, they didn’t state an assumption.
And why is it impolite.
> Could you explain how messaging in private is so hard to do if you have no problem making the comment in public...?
we’re not talking about difficulty, we’re talking about politeness.
> You seem to have a really hard time grasping that this entire comment thread we are part of wouldn't exist if OP had reached out about their concerns in private.
i don’t think i’d be here if it weren’t for you calling him impolite.
in fact, i’m quite surprised you would assume i have a hard time grasping why this thread exists in public rather than messaging me in private. would you mind messaging me on another social media platform directly before you do that? i hear that’s the polite thing to do here.
And yet you haven't sent me any emails, hatware. My door is always open, why not practice what you preach rather than be repeatedly harsh and make a scene over existing community norms? Crowley subsequently disclosed the affiliation, we're good.
Maybe you're newer here; It's a courteous social more of the HN community to be actively transparent about potential conflicts of interest.
I'm actually a fan of Crowley, he's got quite a brain.
You get what you give. I don't think I need to send emails to the one who has no problem calling others out in public.
It's pretty simple, I requested that concerns about conflict of interest are taken offline. But, here you are, making snide remarks in public at another person. Zero for two.
For what it's worth, I spoke up on this because I would be quite annoyed if someone did not give me the courtesy of correcting a mistake in private before broadcasting publicly about it. It doesn't matter if it comes from a stranger or a trusted friend. I can tell you aren't picking this up, but I'm happy to explain it ad nauseum so you can be a better individual to your peers.
>It's a courteous social more of the HN community
From what I can tell, the "norm" is to gang up on new folks without thinking critically about it. It's reddit with less complexity and more ego.
You get what you give.
> why not practice what you preach
From your profile: "I subscribe to the ideology of live and let live."
There is a lot of value in the CoI being visible quickly. While with an email there could be an unbound delay in the CoI being visible. And often visibility for such things drops off quite hard.
If 90% of the impressions happen within an hour of the post happening and it takes 2 hours for the CoI being visible, then 90% of people probably weren't aware of it.
I regularily don't check emails for hours at a time, and would really apprciate someone publicly "calling me out" if I were to forget disclosing a CoI. And I am sure we could as @dang for how quickly impressions drop off on HN specifically. Reddit is the most similar platform and there, a topic usually is active for a few hours at most, so after that window, the disclosure would be practically useless.
And how is stating a disagreement bullying? You can just disengage if tgis is that unpleasant to you.
Sure, it'd be nicer to privately do it, but IMO in such cases, informing the public is the more important part rather than being nice. (There were no insults, no accusations of it being intentional or such, which I'd personally count as nice enough)
Or do you believe we have to coddle everyone online? (I am being serious, and do not intend to troll, but can see how it can be taken as trolling)
If config can go this long with half-assed implementation I don’t see why control tower is going to fare better with more adoption. Most large enterprises are going to want to roll their own anyway.
Centralized management and application of IAM policy with the goal of giving teams the freedom to manage their own account, including account security, while still protecting the organization as a whole.
When customers request single tenancy in the cloud, where single tenancy is referring to an AWS account, being able to automate account management will be important when trying to scale.
While I don't know who Kubernetes was built for, it's certainly developers who are pushing for Kubernetes.
The majority of SREs and sys admins I know don't really want to run Kubernetes. They'll do it, if that's what's called for, but it just adds complexity to trivial problems.
Developers want Kubernetes because it's quick to deploy containers, networks, load balancers, anything they want. That's fair, traditional hosting doesn't have much that provides that level of flexibility or that will allow you to get off the ground at that speed.
The issue is that as a platform Kubernetes isn't that easy to manage. It certain has improve, but it can be difficult to debug when it break. Nobody wants a 3AM page that a Kubernetes cluster is down. We've even seen companies say that they'll just stand up a new cluster if something breaks, because it's faster. Add to that the complexity of components deployed inside your cluster. As an SRE it absolutely suck to get the "hey the network's broken" from a developer, because that means that you now have to be an expert on WHATEVER load balancer or CNI they've decides to pull in.
As great as much of the stuff you can deploy in Kubernetes is, it's still harder to debug than an application running on a VM or bare metal server, with a "real" network.
> Developers want Kubernetes because it's quick to deploy containers,
> networks, load balancers, anything they want.
> [...]
>
> As an SRE it absolutely suck to get the "hey the network's broken"
> from a developer, because that means that you now have to be an
> expert on WHATEVER load balancer or CNI they've decides to pull in.
This is why the "DevOps" approach exists.
If a developer wants root in the cluster so they can deploy some strange low-level plugin, then they need to be the ones carrying the pager.
Except that multi-stage builds are deceptively not grabbing or blending layers - it's simply letting you copy files from a layer.
And that is a big miss. Being able to describe "now append this layer and all, but only, its file changes from this previous layer" would be pretty epic.
Also, as far as I can tell, most involved in this sucks, FDA for demanding regulation without investment, lobbyists for supplying a crap solution, and manufactures for not rising above it and rarely caring about the quality of their products.
My recommendation is to boycott store bakery isles in general, invest in $BVILF, and use your kitchen to make friends with your neighbors and get everyone you know making bread/baked goods at home. It absolutely takes privilege to follow this journey, but pay it forward with the bread you can make at home with simple ingredients.