If the concern is: my apartment burned down and I need a backup from this past month, it should be ok (given the double copies & other redundancy)
If the idea is that they feel safe deleting things from main storage because it's backed up several times, your concern is probably right. I'm not sure tape is really justified for their use though. (What else has comparable longevity?)
And of course you could back up somewhere else. But eg mongo doesn't let you delete from their cold storage iirc (I can't validate this claim! So consider it hearsay)
Jailed Russian opposition leader Alexei Navalny is dead, the prison service of the Yamalo-Nenets region where he had been serving his sentence said on Friday.
I'm not sure this situation is comparable because the US is already fighting a proxy war including economic sanctions against Russia's invasion of Ukraine, with US materiel and funds directly responsible for the deaths of thousands of Russian soldiers.
Situation is comparable politically as an example of promise America probably cannot keep. There’s nothing left to do, no additional pressure to apply. And that is going to have consequences for America more than for Russia.
The latest theory even added Gazprom to the suspects list.
The blowing up of the pipeline enabled force majeure.
By invoking force majeure, Gazprom could potentially avoid penalties for non-fulfillment of their obligations, or renegotiate contracts in a manner that might be financially or strategically beneficial.
Benchmark 1: openssl sha256 /tmp/rand_1G
Time (mean ± σ): 540.0 ms ± 1.1 ms [User: 406.2 ms, System: 132.0 ms]
Range (min … max): 538.5 ms … 542.3 ms 10 runs
Benchmark 2: b3sum --num-threads 1 /tmp/rand_1G
Time (mean ± σ): 279.6 ms ± 0.8 ms [User: 213.9 ms, System: 64.4 ms]
Range (min … max): 278.6 ms … 281.1 ms 10 runs
Benchmark 3: sha256sum /tmp/rand_1G
Time (mean ± σ): 509.0 ms ± 6.3 ms [User: 386.4 ms, System: 120.5 ms]
Range (min … max): 504.6 ms … 524.2 ms 10 runs
further research suggests that GNU coreutils cksum will use libcrypto in some configurations (though not mine); I expect that both both your commands above are actually using sha-ni
Thank you for answer! Yep, I'm moving to ovh because you pay for channel, not for consumed traffic. Ovh has a load balancer, but for 0.5pb per month it will cost you 15k. Data is mostly outbound. Haproxy will help until the channel is not saturated.
EDIT
I've checked linode pricing, their lb has a flat fee because it includes 2tb of traffic :)
Sounds like you need to perhaps consider egress data costs as a high priority factor when comparing services - by my calculation 500,000 GB on Linode would be about $2.5K, even ignoring any included transfer allowance.
True, spinning up nginx and setting that up is the cheapest option I have come across with the best enterprise support. It's also available in Microsoft to deploy instead of using their tools. However, some people like being cloud native.
It's currently operating at 5 Gbps, but it is expected to scale significantly based on traffic trends. It appears to be more cost-effective to rent multiple 5 Gbps boxes rather than a single 20 Gbps box.
The protocol used is protobuf over HTTPS (not gRPC) without channels, and it is stateless. The application proxies requests to underlying services, and is capable of handling 10 Gbps of requests on 8 cores. While the likelihood of a DDoS attack seems low, it is not entirely immune. Though there is no strict SLA, the service aims for availability 99.5% of the time
Your 99.5% target simplifies failover. As long as you don't do it very often, you can just drop sessions; it's not ideal, but it's within your target and just carefully schedule the maitenance (and take the failures when they happen).
If you can, the least equipment option would be to run ECMP from your application servers; no need for a load balancer at all. If you can run 10Gbps on 8 cores, a 16-core server (which is a small server) might do all you need; if so, you could do CARP/VVRP/IP takeover and have everything run through one box at a time.
Or, HAProxy will work fine in front. If you want to make it easier for HAProxy, don't terminate TLS on those, run in tcp mode and let the application server do TLS; but then you can't let HAProxy split requests. If that works for you, you could do better with something that can do Direct Server Return so your load balancer doesn't need to process outbound traffic, but I don't have experience running that kind of load balancer (only being behind one), so no software recommendations.
For HAProxy, especially tcp mode HAProxy, you want a power of two CPU cores that's no more than the number of NIC queues, hyper threads disabled. If you do it right, all the traffic stays on the same CPU, although it's tricky to align the backend connections.
An Nvidia RTX 4090 can crack a 4 digit pin using PBKDF2 with 200k iterations in less than a quarter of a second. Argon2 is definitely the better option, but even at 1 hash per second, that's less 3 hours.
> [...] As a comparison baseline, a 2.4 GHz Core2 CPU can perform about 2.3 millions of elementary SHA-256 computations per second (with a single core), so this would imply, on that CPU, about 20000 rounds to achieve the "8 milliseconds" goal.
So you'll need something that takes at least as long as entering your full password, at which point you basically could enter the full password (from a UX perspective). They PIN is here to make it faster and it will always be security vs. ease-of-use.
