I’ve been using that for years but was wondering whether the documentation is current about Chrome - they offer things like disabling the JIT (nearly half of Chrome’s exploits last year) as a group policy option on Windows, for example, but it doesn’t appear that APP does anything for Chrome users other than mandatory Safe Browsing.
Ada Health | SysOps Engineer | Fulltime | Remote US, CA, UK, or EU.
The SysOps team at Ada Health builds and manages the infrastructure and tools used to manage our fleet of macOS and Windows endpoints, while maintaining a consistent and seamless user experience for our employees. We value building over buying and employ modern engineering principles to ensure quality, reusability and auditability in all the things we do.
We are looking for a SysOps Engineer to help shape and define the next iteration of the infrastructure that manages Ada Health’s IT and endpoints, leveraging configuration tools such as Puppet, Ansible, Munki, and a range of enterprise software. We focus on automation, running at a global scale and most importantly, providing a seamless IT experience for all our employees.
Ada Health GmbH | SysOps Engineer | Berlin, Remote EU, Remote CA and Remote UK | Full-time
At Ada, we envision a world where everyone has access to the healthcare they need. In one of the biggest challenges facing the world, we pioneered a new form of artificial intelligence, combining medical knowledge with intelligent technology to empower millions of people to better understand their health. We’re proud to support medical doctors and work with leading health systems and global non-profit organizations. We’re a diversely skilled team representing 55 nationalities, and we’re growing rapidly to achieve our global ambitions for the future of health. This is just the beginning.
We are looking for a SysOps Engineer to help shape and define the next iteration of the infrastructure that manages Ada Health’s IT and endpoints, leveraging configuration tools such as Puppet, Ansible, Munki, and a range of enterprise software. We focus on automation, running at a global scale and most importantly, providing a seamless IT experience for all our employees.
Hopefully remains as interim. I'm still suspicious based on previous experience with him selling Whatsapp to Facebook and all that. Actually, very surprising move, are they planning to sell Signal?
The only reason Whatsapp was bidded up to an insane 19 Billion sale value was because Acton did not want to sell. Note that it's not insane in terms of value (in hindsight this was clearly a good buy for FB), but insane when considering that value for your small 30 person company.
That's a crazy sale price, I'd like to see you turn it down.
It can be true that he didn't want to sell and regrets it and just couldn't reject that offer, the opportunity costs available to you at the level are nuts. This is a risk with centralized services, it's why we need systems that don't require benevolence: https://zalberico.com/essay/2020/07/14/the-serfs-of-facebook...
Most people don't have principles valued at 19B.
I think Urbit is a potential way to get there, but a lot of the web3 ownership model points in this direction.
That said, I think Matrix is cool and appreciate what they're trying to do. I just think without solving the upstream problems you won't be able to succeed beyond a niche audience.
For all its flaws in Facebook integration, WhatApp is the single most impactful system ever in getting people to use secure communication. 1B+ people started using end-to-end encrypted communications overnight when WhatsApp enabled e2ee. This move pushed the entire industry towards adoption of e2ee.
Yes, they sold to Facebook. Yes, Facebook is doing everything it can to get the contents of WhatsApp communications so they can monetize. But it is impossible to not see the change they made on the landscape of communication privacy.
From my perspective, it's also remarkable that WhatsApp managed to enable e2e while already being owned by facebook. It probably won't last, but to me that demonstrates a commitment to security and privacy on the part of the WhatsApp team.
That's an important part of getting step 3 to happen.
You need proof of regret, and $800 million seems to have been enough. Cheap money if you can make step 4 happen such that it nets more than 0.8 billion.
They incorporated Signal as a nonprofit, so it is illegal for anybody to personally profit from the sale of Signal. Of course, that hasn't always stopped people from trying (eg, the recent debacle with the .org tld).
Given that Brian Acton apparently "left over a dispute with Facebook regarding monetization of WhatsApp, and voluntarily left $850 million in unvested options on the table by leaving a few months before vesting was completed"[0] and that he went on to found the Signal Foundation one year later with Moxie Marlinspike in 2018, I feel it's not a super clear signal that Acton or Marlinspike are trying to "sell" Signal.
Okay, but still. It seems like a stretch that the guy is secretly evil but voluntarily gave up almost $1 billion to deceptively prove he's not actually a bad guy. You can claim to be a good guy and wait a few months to cash out - leaving money on the table IS a real signal, even if he's already rich.
Depends on if he actually left money on the table or if he speculated that there would be more money coming to him if he publicly left FB when he did.
Social/public good will is a kind of money itself that can't easily be measured in dollars. That's a big part of the reason extremely wealthy people engage in philanthropy.
Good will is a currency that opens some doors that no amount of raw dollars can open.
I can't imagine they intend to sell Signal but then when I say "they" it's always been a stand in for Marlinspike. We can only hope he's correct in terms of the team he's built continuing the mission that had formerly been guided by his judgment.
The WhatsApp sale also happened back in 2014. I don't think FB was especially well liked at that time, but they didn't have as bad a reputation as they do now. 7-8 years is a long time.
I remember WhatsApp touting the fact that they charge a $1/year subscription to be evidence that they will not sell out data about your use of the app and your contacts, presumably as a contrast to the chat apps offered by Facebook, Google, Microsoft, and others wanting to sling ads.
Obviously, the offer from FB was worth selling out for.
At Ada, we envision a world where everyone has access to the healthcare they need. In one of the biggest challenges facing the world, we pioneered a new form of artificial intelligence, combining medical knowledge with intelligent technology to empower millions of people to better understand their health. We’re proud to support medical doctors and work with leading health systems and global non-profit organisations. We’re a diversely skilled team representing 50 nationalities, and we’re growing rapidly to achieve our global ambitions for the future of health. This is just the beginning.
We are looking for a Senior System Administrator to join our IT team, either in Berlin, Germany or fully remote (EU). Together with our Head of System Administration and team of 5 admins, you will be responsible for the administration and continued development of Ada’s IT infrastructure.
Ada Health | Senior IT System Administrator | Berlin, Remote EU OR Remote UK | Full-time | https://ada.com/
At Ada, we envision a world where everyone has access to the healthcare they need. In one of the biggest challenges facing the world, we pioneered a new form of artificial intelligence, combining medical knowledge with intelligent technology to empower millions of people to better understand their health. We’re proud to support medical doctors and work with leading health systems and global non-profit organisations. We’re a diversely skilled team representing 50 nationalities, and we’re growing rapidly to achieve our global ambitions for the future of health. This is just the beginning.
Hiring process: no technical task interviews. We'll have a couple of casual chats to assess mutual value-fit and tech background/experience, followed by a an offer.
Ada Health GmbH | Berlin, Germany | Full-time | Remote & some On-site | Senior SysOps Engineer
At Ada, we envision a world where everyone has access to the healthcare they need. In one of the biggest challenges facing the world, we pioneered a new form of artificial intelligence, combining medical knowledge with intelligent technology to empower millions of people to better understand their health. We’re proud to support medical doctors and work with leading health systems and global non-profit organizations.
At Ada, we envision a world where everyone has access to the healthcare they need. In one of the biggest challenges facing the world, we pioneered a new form of artificial intelligence, combining medical knowledge with intelligent technology to empower millions of people to better understand their health. We’re proud to support medical doctors and work with leading health systems and global non-profit organizations. We’re a diversely skilled team representing 50 nationalities, and we’re growing rapidly to achieve our global ambitions for the future of health. This is just the beginning.
Private DNS is what Android calls DNS over TLS. It's basically normal DNS but with a TLS connection wrapped around it.
DoT is very easy to self host if you already run something like a pihole (using nginx to proxy a tcpstream + having it wrap a TLS connection around it) and can be exposed to the internet because it can work over TCP (thus reducing the DDoS risk factor significantly).
In Android there's a setting to enable it in the network settings. The default will be "off", if you pick "on" you'll probably be using Google's DNS servers, if you pick "hostname" you can pick a different server.
It's more than that, private DNS is not just a different DNS server, it's a DNS over TLS (DoT) server. This means encrypting the lookups to prevent the ISP from tracking the host names you visit.
Many DNS servers don't support DoT and some support DoH (DNS over HTTPS) instead.
they recommend leaving it on because then all your dns queries go to google and no one else by default--their "private dns" defaults to the very unprivate google dns servers.
