Pistrie

Pistrie

What is your experience with Fly.io, and do you think it's okay for them to require your credit card information to use the free tier?

I’m looking for a service to host a (couple of) small Elixir application, and Fly.io looks interesting. However, they want your credit card information before you can use the free tier. I understand their reasoning, but it doesn’t sit right with me to supply them with that info since I’m not even a customer yet.

What are your preferred alternatives to Fly.io for free small VMs?

Most Liked

D4no0

D4no0

This is a anti-spam method used by a lot of services nowadays, their scope is to avoid creation of fake accounts and abusing the free tier.

brightball

brightball

Agreed. It’s a necessity IMO. Waaaay too much free tier abuse happens on these platforms.

AstonJ

AstonJ

Not sure we really need a thread on this tbh.. the practice is fairly common on similar platforms now and so I guess you have to vote with your wallet/support on details like this, or if you feel really strongly about it contact their support team to let them know how you feel.

Be glad you’re not taking out a dedicated server, most of those companies require a copy of your passport :lol:

Feel free to start a dedicated thread for that topic.. or check our some of our older threads:

And:

https://forum.elixirforum.net/tag/deployment?order=posts

Eiji

Eiji

Some check is definitely needed, but in this case some is a keyword. Storing sensitive data that could leak is extremely bad in my opinion. They secure themself without providing anything in exchange. Some may say that that free tier is what they give, but this is only true in general. :thinking:

Since this is anti-spam method they protect not from creating a single account, but from creating multiple accounts. If we scale the problem down to 1 account it’s not a case anymore. Why scale down you may ask - that’s simple. When creating an account, the customer does not think about other ones, about hungry children in Africa and so on … :see_no_evil:

However when data would leak then all affected accounts would cause a huge problems. So to protect 1 company x number of customers needs to “pay” for that and this part is unfair. On the other side if credit card would not be a sensitive data, so it would not give an attacker anything after leak, the deal would be right. :+1:

That’s just a tip of the iceberg. The world would be much better if we would limit to above cases. Unfortunately unfair people have much more wider range of possibilities that normal customers at least do not use, if not known them at all. So let’s see an extreme edge case by example … :ice_cube:

When hearing about scam companies in news we hear often a scenario in which somebody pays small amount of money to homeless and they in exchange do some illegal things. If homeless can have a company (with some good, possible fake, profits at start) then they also need to have an bank account and later maybe they could have a credit. What stops the attackers from simple doing same for credit cards? :supervillain:

So here we do not have an anti-spam method, but spam-limiting method. How much it limits attackers? Depends if attacker is single or if attacker is a member of the bigger group. People living in extreme poverty, that “could die for a few cents”, is in the huge millions. Now what? Block credit cards from India because they have slums? :no_entry_sign:

So the deal is that services storing credit card numbers (talking in general, no bad feeling for Fly.io) protects itself from let’s call them … “teen scammers” and we take the risk in case those data would leak, giving another (possibly easier) area for attackers. So in practice every single customer in most cases simply takes all the risk on themself. :-1:

I’m not saying this solution is only bad, but it’s like adding a huge amount of antibiotics to the animal feed. In short term it’s a good thing protecting people from lots of diseases. However in long term it leads to creating the super bacteria that is resistant to all antibiotics. :microbe:

I am part of that power which eternally wills good and eternally works evil. :sweat_smile:

So I don’t want to force people to use this method or not, but to say that both sides are wrong and we should focus on creating an alternative rather than wasting time on biased criticism. If you worry about security you do not need to use it. If you want to help give an alternative that is worth for all sides. :handshake:

Hope it helps, cheers! :heart:

stevensonmt

stevensonmt

In limited interaction I found them to be responsive and pleasant even for my simple free tier instance.

Where Next?

Popular in Questions Top

vonH
In asking this question I am more interested about the expressiveness of the language itself and less concerned about the availability of...
New
polypush135
As many of you may have realized by now (sorry for all the posts here) I’ve been working on a db problem where I’m trying to aggregate a ...
New
Fl4m3Ph03n1x
Background Let’s assume I have a typical GenServer that receives messages as requests, does some operation in a DB and returns responses....
New
stefanluptak
Hello everybody, usually, I use a 29" ultra-wide monitor for VSCode which can easily accomodate explorer (files panel) + file with code ...
New
johnnyicon
Hi all, I've just started learning Elixir and Phoenix Framework, so please pardon my n00bness at this stage. I'm trying to use Postg...
New
WestKeys
Currently suffering from paralysis by [HTTP client] analysis. This is rather unusual in Elixirland as there tends to be consensus on the ...
New
Exadra37
Sometimes I want to check if the input into a function is not a blank string. My first approach: defmodule Example do def do_stuff(s...
New
Fl4m3Ph03n1x
About me? ( if you have nothing better to do than reading about some random guy in the internet :stuck_out_tongue: ) Hello all, this is ...
New
Codball
Mix format works fine if run from the cmd. I’ve followed this to facilitate the implementation into VSC which involves downloading an ext...
New
wernerlaude
In AR this is so simple @articles = current_user.articles How to do in Ecto? def index(conn, _params) do current_user = conn.assig...
New

Other popular topics Top

sergio
In Ruby, I can go: User.find_by(email: "foobar@email.com").update(email: "hello@email.com") How can I do something similar in Elixir? ...
New
bsollish-terakeet
Credo is smart enough to check for (something like) this: assert length(the_list) == 0 with this response: Checking if an enum is empt...
New
albydarned
Hello all! I am typing this post from my new MacBook Pro with the M1 chip. I’m loving it so far, and will probably use it as my daily dr...
New
quazar
How to set Jason to encode all fields in ecto schema, I don’t care about security and implementing only is taking long list of attributes...
New
fireproofsocks
I’m working on defining a simple Ecto schema for a table (in PostGres), but I don’t see where I can define a column as NOT NULL. Conside...
New
hariharasudhan94
I would like to know what is the best IDE for elixir development?
New
vertexbuffer
Hello, can anybody help here..? I have a list of players and I what to delete an element, but every for loop the list is reverting to ori...
New
lastday4you
I wanted to check elixir version in phoenix because i found that my elixir is 1.5 but when i use Enum.chunk_by it said the function is un...
New
qwerescape
Is there a way to get the call stack or stack trace at any point in the code? Not from exceptions, but an expression that returns how the...
New
aesmail
Hello guys, I have finally made it. I created an admin interface for a framework. It’s been on my todo list for years and with the curre...
New

We're in Beta

About us Mission Statement