Ya sure for the cloud agnostic deployment . Thank you for your feedback.
For the GDPR part, the whole point of the project is that any data that comes out of the proxy is completely anonymized and as such is not subject to GDPR.
What I meant was, you are cloud-hosting (assuming not CE) the part where the non-anonymised PII is sent to [as opposed to sanitised coming out of] and processing it; and in addition the only provider supported is one subject to https://en.wikipedia.org/wiki/CLOUD_Act
I see. We are not storing the PII (ip + ua) and do not expect you to send us any PII (e.g. as part of your page title, etc). Basically, (ip + ua) hit our servers, are translated into a hash and mapped to a random id. When you come back, we recalculate the hash, find your random id and forward it to GA. And, after 24h everything is deleted.
Hey dylz - not yet. Historically Snowplow has been engineered in a way that is idiomatic to each host cloud - in other words, it runs using the AWS / GCP services that a data platform team would use if they were building a behavioral data pipeline from scratch on that cloud.
This said, we are steadily working to refactor all our components to be more generic, and already we run a lot of the Snowplow components on k8s for our customers.
IANAL but I think legally, if you put CC-BY on it, then just write in the comments that you can't use it commercially, that wouldn't stand. CC-BY-NC is available, and the author did not have to upload it as CC-BY in the first place.
To be clear, I still think this site has some problems, and author's wishes should be respected, but I think if the author wants you to not use it commercially, they should put the correct license on their work.
Last year I found a used petrol hedge trimmer 5 mins drive from home on eBay. Tried to arrange to see the item working in person but my messages to the guy kept vanishing. Eventually I managed to send him a photo of my phone number and arrange to see it. Got a warning email containing specific quotes from my messages and telling me that my account would be banned if I ever tried exchanging contact details again.
Interestingly under UK law, business sellers must display contact details (address and phone) on listings. eBay seems to do its best to hide this info at the bottom of the page inside a js pop out.
HTML5 geolocation if you ever click allow even one time can granularly identify location based on where you are. It sends nearby MAC and correlates this to wardriving-equivalent scans. You do not need to be connected to wifi.
My non-invasive way for basic security - nothing sent to third parties at all; no blocking of VPNs other than the usual anti-bruteforce stuff:
- GeoIP server side; trigger MFA (email a confirmation code) if country mismatch. Anything less is too granular unless you have some good reason for it, people moved to cheaper places during the pandemic, mobile connections geo horribly wrong when NATed
- Drop a random unique cookie (long-lasting) on the client; if this cookie is not present and valid/signed prompt for MFA
- Give the user an opportunity to revoke all logged in sessions
Thanks; we use the long-lasting cookie approach for a few things as well. We haven't gotten to the revoking of logged in sessions. Do you give them the ability to view all login sessions a'la Gmail?
It works well past 10 users on very high powered mobile. Less so on cheap phones.
It's really more that you are spraying high volume websocket and webrtc data continuously while doing realtime 3D/WebGL - you are practically running a full game at this point.
After reading through the documentation and poking around in the UI, I didn't see any way for participants to stream their webcams. Do you know if that's possible?
I don't think we want a VR teleconference, we want to see each other.
99%+ of them are all terrible. Think jQuery 1 written in 2020 with hundreds of useless includes, over 50 web fonts loaded simultaneously to frontload on the feature list while providing nothing of value.
