Remix clone Hacker News

new | show | ask | jobs Github

	▲	justjake 2 hours ago
		Totally! People who see the impact will likely see more impacted than say, 3% of their services. Not all disruption created equal. We rolled out a change to update our fraud model, and that uses workload fingerprinting Since, in all likelyhood, your projects are similarly structured, there will be more impacted workloads if the shape of your workloads was in the "false positive" set Will have more information soon but very valid (and astute) feelings!
	▲	vintagedave an hour ago \| parent [-]
		> We rolled out a change to update our fraud model, and that uses workload fingerprinting > Since, in all likelyhood, your projects are similarly structured... Thanks for the info. For what it's worth and to inform your retrospective, this included: * A Wordpress frontend, with just a few posts, minimal traffic -- but one that had been posted to LinkedIn yesterday * A Docusaurus-generated static site. Completely static. * A Python server where workload would show OpenAI API usage, with consistent behavioural patterns for at least two months (and, I am strongly skeptical would have different patterns to any hosted service that calls OpenAI.) These all seem pretty different to me. Some that _are_ similarly structured (eg a second Python OpenAI-using server) were not killed. Some things come to mind for your post-mortem: * If 3% of your services were affected, does that match your expected fraud rate? That is an awful lot of customers to take down in one go, and you'd want to be very accurate in your modeling. I can't see how you'd plan to kill that many without false positives and negative media. * I'm speaking only for myself but I cannot understand what these three services have in common, nor how at least 2/3 of them (Wordpress, static HTML) could seem anything other than completely normal. * How or why were customers not notified? I have used services before where if something seemed dodgy they would proactively reach out and say 'tell us if it's legit or in 24 hours it will be shut down' or for something truly bad, eg massive CPU usage affecting other services, they'd kill it right away but would _tell you_. Invisible SIGTERMS to random containers we find out about the hard way seems the exact opposite of sensible handling of supposedly questionable clients.