> you are by definition moving _away_ from single point-of-failure
Depends on the frame of reference of “single point-of-failure”.
In the context of technical SPOFs, sure. It’s a distributed system across multiple geographies and failure domains to mitigate disaster in the event any one of those failure domains, well, fails.
It doesn’t fix that technology is operated by humans who form part of the sociotechnical system and build their own feedback loops (whose failures may not be, in fact are likely not going to be, independent events).
SPOFs also need to contemplate the resilience and independence of the operators of the system from the managing organisation. There is one company that bears accountability for operating CF infra. The pressures, headwinds, policies and culture of that organisation can still influence a failure in their supposedly fully distributed and immune system.
For most people hosting behind Cloudflare probably makes sense. But you need to understand what you’re giving up in doing so, or what you’re sacrificing in that process. For others, this will lead to a decision _not_ to use them and that’s also okay.
Turns out most of the human population do not understand the difference between the local part and the domain part. I’ve had this too. They ask if I work there because I have store.name@myname.com. No , go and read the RFCs…
I have often wondered why we don’t see more usage of the brand gTLDs, which many of these big firms own. I muse that this is (part of) the reason why – there simply isn’t the understanding or recognition outside tech circles (or even within tech circles) to comprehend that it is possible to use such a gTLD without a conventional .com or similar suffix tacked on the end. I tend to see it localised to use for marketing micro sites that do not ask for credentials so have no need to establish user trust, or occasionally internal technical uses that will never touch the typical customer’s eyeballs.
The other reason I hypothesise is that corporate big brother snooping systems that have whitelists for their trusted services – with entries like mail.google.com or calendar.google.com – are simply too painful at this point for big tech to break for their customers by dropping the .com suffix, so big tech doesn’t bother.
I don't think you can put cookies on a TLD. So if Google used mail.google and calendar.google , the login system would be more complex, because they can't share cookies.
Modern auth systems do not work by exposing multiple services on a single domain with shared cookies.
Instead, they authenticate using a common auth service (say, auth.google), which by virtue of being a single domain can persist shared cookies for all its consumers. This would yield a valid token (possibly a JWT) that the authenticating application can then use however it would like, including as a cookie on the application's own domain.
Whenever you go to a service that temporarily sends you to a different login domain (often just immediately redirection you back), this is why.
I created a separate Chrome profile, and logged in to gmail. Then I disabled javascript, then deleted all my google.com cookies (but left my mail.google.com cookies). Then I reenabled javascript and visited mail.google.com again. I was logged out. So Google is using the google.com cookies.
It's one of the few pieces of software I bought a licence for, rather than tolerate free tiers or simply not use it, because I approve of the licensing model.
Teslas have a large driver base (note, likely doesn't apply to this forum) who don't know good engineering or design when they see it. They confuse "I spent good money on this" with "this is a good product".
Sorry, we all have our opinions and perspective, but money isn't the only value judgement.
I want my speedo in my easy line of vision on any vehicle I drive. I want to be able to demist my windscreen by reaching for a button I can find without taking my eyes off the road.
One of the best and most memorable experiences I've had was sleeping in Premium Economy on the upper deck of a BA A380 back from San Francisco (from a work trip). It's quiet and the ride quality comfortable. It's a shame the food on that trip didn't make up for it.
The A380 is one of my favourite aircraft. I never flew on a 747 and likely never will now, so it's the next best thing I've got for a two-deck experience.
Ross was one of the most influential people in my time at Cambridge, someone of whom I was very fond and whose work I still follow over a decade later. I am deeply saddened to learn of his passing.
His dry sense of wit and humour, his uncompromising pursuit of injustice and his loathing of foolhardy decisions made by the political or moneyed elites were evident in all he did and said. Misunderstood by some, I came to respect most his tenacity; at fighting the big guy – and, more often than not, prevailing with his typical grit, logic and determination. His work continues to inspire, especially since three decades after he founded the field he would go on to be recognised for internationally, in many business and industrial circles we are still making the same basic security mistakes, driven by the same flawed economic models as Ross predicted. His work is timeless.
When he spoke, I listened, and on those rare occasions he complimented my work, I did not take that for granted. It is a regret that I did not take the opportunity to do a PhD with him. Rest in peace.
Depends on the frame of reference of “single point-of-failure”.
In the context of technical SPOFs, sure. It’s a distributed system across multiple geographies and failure domains to mitigate disaster in the event any one of those failure domains, well, fails.
It doesn’t fix that technology is operated by humans who form part of the sociotechnical system and build their own feedback loops (whose failures may not be, in fact are likely not going to be, independent events).
SPOFs also need to contemplate the resilience and independence of the operators of the system from the managing organisation. There is one company that bears accountability for operating CF infra. The pressures, headwinds, policies and culture of that organisation can still influence a failure in their supposedly fully distributed and immune system.
For most people hosting behind Cloudflare probably makes sense. But you need to understand what you’re giving up in doing so, or what you’re sacrificing in that process. For others, this will lead to a decision _not_ to use them and that’s also okay.