More

theteapot · 2025-08-27T18:57:57 1756321077

xz-utils has a ton of build dependencies. The backdoor implant exploited a flaw in an m4 macro build dep.

theteapot · 2025-08-23T21:17:17 1755983837

It's an extension of a peace through strength philosophy. If you lose your critical sovereign capabilities you become weak and vulnerable. You no longer get to decide who you do and don't "never go to war with".

mgraczyk · 2025-08-23T21:21:08 1755984068

Yes I understand the reasoning, it's just obviously wrong. This doesn't happen and hasn't happened in hundreds of years. This is not why people get invaded, otherwise Switzerland would have been invaded many times over the last century

1718627440 · 2025-08-24T12:41:06 1756039266

That's exactly why Switzerland didn't got invaded in the last century. Every side depended on them for money supply, so they couldn't risk bringing the war to Switzerland. Also it had a track record of staying neutral, so they didn't feared it may pick a side, because it largely made money from selling stuff from both sides.

theteapot · 2025-08-14T02:27:06 1755138426

The environment? As in trees?

theteapot · 2025-07-22T07:24:06 1753169046

AFAICT "The AI" (which is never actually described in the article) is a CSOP solver.

omnicognate · 2025-07-22T08:03:32 1753171412

They should stop optimizing their Company Share Option Plans and get back to work!

(It was a gradient descent optimizer, so probably unconstrained optimization rather than a Constraint Satisfaction Optimization Problem, but it might have had constraints.)

theteapot · 2025-07-21T21:50:56 1753134656

They should've just Linux.

theteapot · 2025-07-21T21:50:12 1753134612

Says this in the article:

> A programming flaw in its cloud services also allowed China-backed hackers to steal email from federal officials. On Friday, Microsoft said it would stop using China-based engineers to support Defense Department cloud-computing programs after a report by investigative outlet ProPublica revealed the practice, prompting Defense Secretary Pete Hegseth to order a review of Pentagon cloud deals.

samtheprogram · 2025-07-22T02:36:20 1753151780

Absolutely insane. Especially in light of their layoffs. Should be criminal. According to another comment in the thread, it is?

999900000999 · 2025-07-22T03:35:01 1753155301

Microsoft only has a market cap if 3.7 trillion. They can't afford to hire domestically.

Anyway, from what I can tell being in this industry, a lot of things need to be explicitly illegal to stop companies from doing it.

Edit: The penalities also have to be meaningful. There's a lot of "technically not legal, but sue us lol" going on.

"Hey, this is a really really stupid idea." Isn't going to stop a middle manager from trying to come in under budget.

At most MS will pay a nominal fine, and proceed to learn nothing.

duped · 2025-07-22T14:55:04 1753196104

> "Hey, this is a really really stupid idea." Isn't going to stop a middle manager from trying to come in under budget.

Neither is "you can go to jail" when it comes to export controls training

1718627440 · 2025-07-22T10:49:37 1753181377

Maybe instead of fines, large companies should be forbidden to do any new contracts for some months. That would be a larger incentive and also comprehensible to sales people.

999900000999 · 2025-07-22T13:16:00 1753190160

In which magical country do you suspect this would be enforced ?

Microsoft also has a captive market here. Realistically you aren't going to migrate millions of employees and servers to another tech stack, even over something egregiously bad.

Something like storing cleared data really should be handled 100% internally with an open source stack that's regularly audited.

But that sounds really difficult, even if it would be cheaper or the same price in the long run.

1718627440 · 2025-07-22T13:32:29 1753191149

One can dream.

I didn't suggested preventing the fulfillment of existing contracts. Nobody would change for all costumers. They just wouldn't get any new contractors.

Sanctions already exist.

999900000999 · 2025-07-22T14:47:38 1753195658

Ok.

So after the current contract do you switch stacks, or just have a 3rd partner Microsoft shop maintain your existing stack?

Regardless, I don't think our current legal system has any real ability to hold a company like Microsoft accountable.

1718627440 · 2025-07-22T15:06:14 1753196774

If you happen to be unlucky and Microsoft just got convicted, you either need to wait some months or go to a competitor. The state shouldn't care about that, when your mechanic just went to prison, what you're gonna do?

But yeah I don't know any party who has such ideas.

paulwilsondev · 2025-07-22T01:29:19 1753147759

Excuse me??

theteapot · 2025-07-19T01:00:44 1752886844

What's wrong with `kubectl apply -f xxx.yaml`?

physicles · 2025-07-19T02:17:49 1752891469

We use kustomize because we have four environments that run basically the same stuff (dev with k3s, test, and two cloud regions). If we didn’t use kustomize, we’d be forced to reinvent it to avoid duplicating so much yaml.

theteapot · 2025-07-18T00:25:38 1752798338

> .. they rarely seem to have even a basic grasp of computer science. I've had to personally mentor many (academic route) engineers over the years on what I would consider absolute basics.

This is kind of fascinating. Please give some examples.

theteapot · 2025-07-18T00:18:49 1752797929

"inflationary collapse" seems contradictory. I think hyperinflation is a more correct term.

theteapot · 2025-07-16T04:03:50 1752638630

Isn't that most software devs?