There is no way to use it in the frontend securely. Communicating with OpenAI will have to happen on the backend and to prevent anyone from abusing your API, it will have to be protected by authentication.
Yeah sounds like OP is advertising an MVP that you can run in localhost with the sole purpose of proving a concept. There's no way this is going to any wise-man production project
Connect to a backend api that does the requests to OpenAi. Setup CORS to prevent embedding on other sites. And remember your api is still completely unauthenticated so add rate limiting and a block list to limit abuse.
> this is table stakes level security; realistically if your DB is compromised, your encryption key probably is too, because they probably got in through your application which holds the key in memory. this just prevents "oops I accidentally copied the DB somewhere and it leaked".
Good point. If the attacker gains access to e.g. a web service that needs to access the stored secrets, they will have encryption keys and DB access.
> if you have, or when you get to the point that you have, a competent ops org, just use HashiCorp Vault.
I watched a video about Vault, but I don't see how it would help. Attacker gains access to the web service which can access Vault -> Attacker downloads all API keys from Vault. Or is there something I'm missing?
at the end of the day if the code that handles the sensitive secret is compromised, you’re leaking secrets
one of the big ways Vault can help is by separating reads and writes. the web UI that stores a secret, exposed to internet, only receives a token that can write that secret for that customer, and only that customer. that service cannot get tokens that allow the code to read secrets. the background jobs, that aren't exposed to internet, do have the ability to generate scoped tokens to read.
it also helps you mitigate risk by shortening the lifespan of tokens that can access this data. the app container/lambda/process has a Vault token that is only valid for X seconds (whatever you want it to be). This can make it a lot more difficult for an attacker to do anything useful. First they find an exploit, then they try to do something with it. If their token/access is removed every 10 seconds, that makes it a hell of a lot harder to get anywhere once they get in
Vault also increases the discoverability of a compromise by letting you log all accesses to the secrets. this helps manage the aftermath of the compromise by having more certainty in which customers have been impacted etc
It’s all basically risk mitigation. If you have data you need to use legitimately, it’s possible for someone to get it illegitimately. Limit the scope of access they can get with one break in and the length of time they can do anything once they’re in. compartmentalize systems to create defense in depth
Disclaimer: I am not a security expert, but have managed this stuff at startups too small to hire one yet
Yeah you do, but you compartmentalize that with your orchestration (hence strong ops). With HashiCorp Nomad for example you might setup a parameterized job. When Nomad receives a job to do X for customer Y, it allocates a container with a short lived token. Nomad is the system with the longer living token that lets it generate short lived tokens for short lived workloads, that are themselves containerized to add a layer of security for a compromise. And so on.
Abstract that a little bit; the system that generates the short lived token ideally would not be the same as the system that is using it
Thanks, but this is about password hashing. I would like to know about storing third party customer secrets, like API keys, in the most secure way possible.
I‘m 42. Here‘s my advice to someone half my age. Have conflicts. Put your heart into it. If you loose, you receive some truth. If you win you give some truth. The outcome does not matter if it means you grow.
The prerequisite for this is a healthy foundation of self belief. Young adults out there are getting hammered by messages that imply that they are fundamentally flawed and will never stack up.
The messages need to be questioned. Questioning authority, your peers and the society as a whole is an important step to develop a sense of self. It means you might be perceived as a rebel or immature at times. Sometimes you can't give a shit what other people think about you: I do not see that message being reinforced. I see vicious conformity among American youth.
> Sometimes you can't give a shit what other people think about you
That worked when gossip didn't travel farther than the next town.
Just when young people are given more viable ways to live than ever to pick from, they're given fewer chances than ever to start over if they choose unwisely. Are many narrow choices better than a few broad ones?
And "it's" instead of "its", "you're" and "they're" instead of "your" and "their", "weary" instead of "wary". Lots more people seem to be making these same mistakes.
i think it’s because choose and chose are pronounced different from loose and lose- but autocorrect has no idea the difference or context of use and so people throw whatever out there
For me as a non-native English speaker it might be a case of English having confusing pronunciations. Pronunciation of loose and lose is very similar if not the same (I probably couldn't tell them apart). One might expect lose to be pronounced similarly to words like hose, rose or pose.
Spellcheck without autocorrect taught me to spell. I would retry the word with a squiggly red line under it til it was good. Autocorrect doesn't allow this self-remediation and learning. Disable it :)
The mother of my kid and I are separated. I wanted to restrict content/screen time, but she gave him unrestricted access to his iPhone and now I feel it can't be undone. He's 13.
I'm mostly worried about his attention span, especially when I watch him use his phone. But then again, maybe this is just a different generation and I must understand that his way of using the internet is different from mine.
Would you share a story of falling/picking them up?
My wife and I divorced last year. Fortunately, she and I have always agreed on this parenting philosophy for our kids. Unfortunately, that means I can't totally relate to the specific tension you're having, other than to guess that it must be very hard that the two of you disagree on something so intermingled with today's parent-child relationship.
A screen is a great way to amuse a kid while you regain your sanity after a rough day. But so is a playdate with another kid, or a sleepover if they're older. And if your kid went on a playdate or a sleepover, wouldn't you ask how it went? Wouldn't you talk to the other parent(s) about how it went? Wouldn't it be weird if you didn't ever talk about that sleepover? Why should an iPhone be any different?
My point is that a screen isn't a pause button on your parent-child relationship. It's an experience that the kid goes through, separately from you, and it's your duty as a parent to get back in sync again afterward. Sorry to use your kid's mom as a pointed subject here, but it makes all the difference whether she sees the iPhone as an extra parenting responsibility, or a substitute for some of hers. In our case, we didn't demand a full accounting of every one of our kids' clicks. But occasional conversations were expected. (And pro tip for separated parents, these kinds of conversations can also happen... over the phone! On SMS!)
Stories to share... well, I won't get too specific because they're kids and all that, but briefly...
One: the kids all have small savings accounts with even smaller allowances. Twice they've gotten bamboozled by online gaming sites (similar to Club Penguin) into putting in their debit-card number to buy a virtual trinket that then turns into a $expensive/month subscription. Both times they noticed they were suddenly overdrawn, and came to me asking for help. If those payments were tuition in life experience, we got good value for it, because my kids today are pretty good at reading the fine print. And we now have a family legend/parable of Kid #2 buying the $1 powerup that cost him all his savings.
Two: Call of Duty during the pandemic. Self-regulation issues surfaced, and grades slipped. We talked about it and came up with a homework-before-gaming-each-night rule. We (the parents) didn't enforce the rule; that was the kids' job. Grades came back slowly, but the bleeding stopped almost immediately.
Honestly, I sat here for a while trying to think of a zinger of a third story, but most are the same -- the kid walking up to me with a screen in hand, showing me a site or an app, and asking "Dad, is this legit?" and oh god no it isn't and I'm so glad they felt OK asking me about it. I think that's actually the common thread with all these stories: we've been reasonably successful keeping the lines of communication open about their online lives, giving us the opportunity to parent through the teachable moments, rather than preemptively shaming them into dealing with it alone. My kids aren't perfect, but I'm satisfied with how they're prepared for the world, in all its gory detail.
Best of luck with your parenting! If you do it right, your kids will grant you lifetime tenure!
> Wouldn't it be weird if you didn't ever talk about that sleepover? Why should an iPhone be any different?
> My point is that a screen isn't a pause button on your parent-child relationship. It's an experience that the kid goes through, separately from you, and it's your duty as a parent to get back in sync again afterward.
Very well said, thank you for sharing. I’ve never considered it like that because it was never my experience, nor one I’ve seen firsthand in others... but it sounds so obvious reading it now. Makes me wish I had more of that growing up. Makes me hope I remember this when I’m a parent.
I think (barring excesses) they’ll generally be fine regardless of the way the parent raises them. It’s mostly about me feeling good about the way I’m raising my kids.
Even if you change the unit of computation in k8s from a container, that's only one problem that it solves. What about deployments, services, ingress, configmaps/secrets, jobs, volumes, etc. If you're going to create your own distributed system, all these concepts are going to exist in some form.
Going from coarse-grained compute to fine-grained compute. The finer grain you have, the more "composability" and "flexibility" you get.
At some point you become so fine-grain that all you have are just lambdas floating in the cloud. And universal pointers to data floating in the cloud. Wire them up and everything scales automatically.
Back when I was working on this sort of stuff, there was an intermediate development between containers and wasm, that being of library OS like mirage OS, unikernels... Etc. I think wasm has probably better positioning compared to those unikernels.
I found it helps us bring more variety into ours sessions, since it lets us easily try out new keys or modes which we are not yet comfortable with. Also, we play bass and guitar but not the piano, so having the chords play with one click or keystroke makes it very easy to get a basic synth layer done without resorting to the piano roll.
There is a simple algorithm which modifies the chords in a way to get smoother chord changes.
To the musicians among you (and those aspiring to make music) - I would be very happy to get some feedback!
