On the other side of things, i've seen plenty of examples where technical people try to manage things despite having no administration experience and screw it up.
I don't think GP is talking about average users; they seem to be talking about decision-makers in organizations, e.g., a town board that wants to achieve digital independence, but is made unsure by apparent turmoil in the governance in open source orgs...
> Last thing, the final part 6 comes off as really childish, risks to national security and sending letters to the board, really?
That struck me too. Maybe i've never worked high enough in an org (im unclear how highly ranked the author of the piece is) but i've never been in an org where going over your boss's boss's boss's boss's head and writing a letter to the board was likely to go well.
That said, i could easily believe that both Azure is an absolute mess and that the author of the piece was fired because of how he went about things.
I’d say they’re writing as if they expect everyone to share their ideals, and they’re responding to violations of those ideals in a naive and disempowered way. That doesn’t mean they’re wrong in those ideals, but the way they tried to fix things… they interacted with Cutler, why didn’t they try to influence him to fix things? Or any other senior technical leaders?
I never said I didn’t. It was a multi-year escalation and I shared my concerns widely along with concrete options.
The thing is in corporate environments people avoid admitting anything is wrong because that would make them look bad and also disavows the bosses who promoted them, so the true best interest of the company takes a back seat.
Yeah I get that, I have been in a similar situation. At some point you just want to pull the trigger instead of going along with values that aren't yours. Sure, there is always the way of just silently disagree and move on, but who cares. We live one life not to maximize our careers, but to be who we are. Was an interesting read and wish all the best to you in the future.
It is true that writing to the board will get you noticed, and that you might not like the consequences. If you value having the job then don’t write to the board. Even if you are right, being noticed like that isn’t going to endear you to your boss.
But if you care more about doing the right thing then writing to the board is the right thing to do. And after a few years of working at Microsoft you might not value your job very much either and you too might decide to go out in style.
Windows is ~500 times bigger than Azure, give or take, by machine count, and still many times larger by loc, modules, users, whatever else you want to measure. The heavy lifting (VM/containers, I/O, the things that cannot not be done just like that) is handled by the Windows folks anyway. The only hard part is the VM placement, everything else is mostly regular software engineering, some of medium-hard complexity but nothing that can excuse the need for constant human intervention.
It is, but “Microsoft runs on trust” they say. They also say the CEO’s inbox is always open, actually the CEO himself says it in the yearly mandatory training video on business conduct. So it should be safe, in theory, to openly speak out in the best interest of the customers, no? Rhetorical question :)
I feel like emailing the CEO in this case is just a no-op, the inbox is gatekeeped by his staff and very unlikely he saw your email.
That said, “inbox always open” means you should come with a problem AND a very well detailed solution. But question becomes if you had a detailed solution that was good, why wasn’t it ran up the org chart with buy in and why did it have to skip to the top.
But that's part of a great solution... it sounds like you might have had a good technical solution, but that's only half the solution in enterprise. If your technical solution requires another team to completely retool, its not a great solution overall.
"While some may see this as a dick move and I wasn’t exactly proud of it, but I actually waited for Daniel’s wife, Katie, to go into labor before bringing all of this up with his management."
Holy cow! Now I've unfortunately witnessed some ugly office behavior too, but this is quite another level.
> license allows them to do what they are doing, minus lacking the attribution.
That's a hell of a caveat though. That is basically the entire license.
Its like saying you are allowed to kill people minus that whole law about murder. Well like obviously. You are allowed to do anything minus the rules that forbid you from doing the thing.
> If Bitcoin is broken then your bank encryption and everything else is broken also.
Its a lot easier for your bank to change encryption methods than it is for bitcoin. Presumably you mean TLS here (where else do banks use encryption? Disk encryption?). People are already deploying experiments with quantum-proof TLS.
> As far as I know quantum computers still can't even honestly factor 7x3=21, so you are good. And the 5x3=15 is iffy about how honest that was either.
This is probably the wrong way to look at it. Once you start multiplying numbers together (for real, using error corrected qubits), you are already like 85% there. Like if this was a marathon, the multiplying thing is like a km from the finish line. By the time you start seeing people there the race would already be mostly over.
I still don’t really get the argument, like okay this extremely rich theoretical attacker can obtain the private key for the cert my service uses, and somehow they’re able to sniff my traffic and could then somehow extract creds. But that doesn’t give them my 2fa which is needed to book each transaction, and as soon as these attacks are in the wild anti fraud/surveillance systems will be in much harder mode.
I don’t see QC coming as meaning bank accounts will be emptied.
My bank definitely doesn't require 2FA on every transaction. It only requires it to log in. I guess other people have more security concious banks then me.
Even still, i think there is some benefit to attackers being able to passively monitor connections. Getting the info neccesary to conduct some other type of fraud outside of the system. Lots of frauds live or die on knowing enough about the victim's financial situation.
However it really doesn't matter, when it happens we will just switch to different encryption.
It’s turning into a bit of a grift now. So many crypto agility “consultants “ popping up with their slop graphics. Never mind the fact that even if a relevant quantum computer is built it will still cost the user millions of dollars to break each RSA key pair…
I dont neccesarily think it would cost millions per key pair. Hard to say with the technology so immature, but it seems like the sort of thing with huge upfront costs but low marginal costs. Once you have a QC you dont have to build a new one for the next key pair.
I find it crazy how whenever space stuff or even fundamental science stuff in general gets talked about, the its a waste of money crowd comes out. Everyone is totally fine with the AI bullshit of the day or the people spending millions on a start ups whose pitch is so stupid it sounds like something that would have been rejected from silicon valley the tv show, but suddenly if its for science its a bridge to far.
You want to save the world? by all means have at it. But let the science peeps do science things. Its not like the world would be any more saved if they weren't doing these things.
The same crowd comes out because in every human generation, a young boy will have seen the advances of human technology and ambition, and will have also seen the sheer scale of our curious contraptions by the time they are an old man. That’s why you get the same “revelation” generation after generation.
reply