This weekly roundup thread is intended for all culture war posts. 'Culture war' is vaguely defined, but it basically means controversial issues that fall along set tribal lines. Arguments over culture war issues generate a lot of heat and little light, and few deeply entrenched people ever change their minds. This thread is for voicing opinions and analyzing the state of the discussion while trying to optimize for light over heat.
Optimistically, we think that engaging with people you disagree with is worth your time, and so is being nice! Pessimistically, there are many dynamics that can lead discussions on Culture War topics to become unproductive. There's a human tendency to divide along tribal lines, praising your ingroup and vilifying your outgroup - and if you think you find it easy to criticize your ingroup, then it may be that your outgroup is not who you think it is. Extremists with opposing positions can feed off each other, highlighting each other's worst points to justify their own angry rhetoric, which becomes in turn a new example of bad behavior for the other side to highlight.
We would like to avoid these negative dynamics. Accordingly, we ask that you do not use this thread for waging the Culture War. Examples of waging the Culture War:
-
Shaming.
-
Attempting to 'build consensus' or enforce ideological conformity.
-
Making sweeping generalizations to vilify a group you dislike.
-
Recruiting for a cause.
-
Posting links that could be summarized as 'Boo outgroup!' Basically, if your content is 'Can you believe what Those People did this week?' then you should either refrain from posting, or do some very patient work to contextualize and/or steel-man the relevant viewpoint.
In general, you should argue to understand, not to win. This thread is not territory to be claimed by one group or another; indeed, the aim is to have many different viewpoints represented here. Thus, we also ask that you follow some guidelines:
-
Speak plainly. Avoid sarcasm and mockery. When disagreeing with someone, state your objections explicitly.
-
Be as precise and charitable as you can. Don't paraphrase unflatteringly.
-
Don't imply that someone said something they did not say, even if you think it follows from what they said.
-
Write like everyone is reading and you want them to be included in the discussion.
On an ad hoc basis, the mods will try to compile a list of the best posts/comments from the previous week, posted in Quality Contribution threads and archived at /r/TheThread. You may nominate a comment for this list by clicking on 'report' at the bottom of the post and typing 'Actually a quality contribution' as the report reason.
Jump in the discussion.
No email address required.
Notes -
Ok this might just be funny to me, but the
CloudStrikeCrowdstrike worldwide outage is the funniest thing to happen in computer security this decade.If you haven't caught up,
100+ million(billion?) computers around the world were simulatenously broken in an instant. It's black comedy for sure. Hospital & emergency systems around the world have crawled to a halt, and there will be a few hundred deaths that will be traced back to this event. Millions of $$ will be lost. But, the humor comes from the cause of it.Here is how things panned out:
CloudStrikeCrowdstrike is a 100 billion valuation tech company that provides security services to a bulk of the world business.CloudStrikeCrowdstrike deployed a software update that began this outageCloudStrikeCrowdstrike is a 'trusted' secuirty tool, it sits under the OS layer, bricking the whole device.This is the Y2k that was promised.
The world spends billions in computer security every year, and no virus has managed the kind of world-wide disruption caused by one simple bug by the premier security company in the world.
No direct culture war implications, but goes to show just how much of a house-of-cards the tech ecosystem is. 1 little, simple, stupid bug can bring the whole world to a halt. Yet, the industry continues quarterly-earnings chasing.
Jobs keep getting cut, senior members get aged out, timelines get thinner and 'how many features did you deploy' remains the only metric for evaluation.
In tech, staying at a job for more than 3 years is seen as coasting. Devs are increasingly expected to do everything, because 'everyone should be full stack' and everything that isn't feature development (testing, staging, canaries) get deprioritized. Overworked novices means carelessness, carelessness creates mistakes.
At the same time, devs get zero agency. Random HR types make list of regulations mandating certain checkboxes for compliance, while having near-zero knowledge of the risks-and-benefits of these technical decisions. Therefore, the implications of a mistake are opaque to decisions makers. So by being compliant, you've suddenly given
CloudStrikeCrowdstrike a button to shut your entire business down.This kind of error should literally be impossible in a company of the size of
CloudStrikeCrowdstrike . If such an error happens, it should be impossible for giant corporations to crumble zero backup. Incompetence on display, on all sides. Having worked in 'prestigious tech companies', especially in 2024, it isn't surprising. At times, the internal dysfunction is seriously alarming, other times it's a tuesday.I'm not going to hope for much out of this. Just like Spectre & Solar , people will cry about it for weeks, demand change and everyone will get collective amnesia about it as the next quarter rolls around.
End of the day, tech workers are treated as disposable labor. Executive bean counters are divorced from the product. And the stock price is the only incentive that matters.
As long as tech is run by MBAs and smooth talkers, this will go on.
Some choice photos:
If everyone uses this, what determined who got hit? Did they do a random staged rollout and stop once the problems started?
Pure hearsay--but my IT guy says "if your system had Crowdstrike installed, and it was on and running automatic updates when the updates was pushed, then you got hit. If your system happened to be off, power-cycling, delaying updates, etc., then you missed it, and the actual fix was rolled out very quickly to prevent further problems."
So now "zero day" protection is also a zero day exploit.
Something something security monoculture? Truly critical infrastructure should probably be running multiple operating systems on vendor-diverse hardware in parallel, I guess?
If your system was up when the update rolled out in the afternoon, and you turned off or reset your computer before the rollback patch, you got a BSOD easily fixable by anyone with the admin privilege.
Part of security is a monopoly on force — sorry, on access — so nobody dumb can infect the system, and few people had the privilege. I was one of the clever few who could boot with a Windows installation USB, delete the affected files, and be back up in minutes. Whereupon I was asked to get other PCs up in our building, which I gladly did.
On reddit, someone said they’d been speaking with their crowdstrike security rep the previous week, who said they had a beta for the new version which was getting BSOD on some windows systems, so they weren’t going to push it out until the bug was squashed. It’s assumed in IT the bad update accidentally got into global distrib.
Who is John Galt?
People old enough to have done things like "boot from a USB drive," but not so old as to be confused by computing devices generally?
Thirty years ago, relatively few undergraduates brought their own computers to college, though most had access to some kind of computer "lab." Twenty years ago, most undergrads brought their own computers to college. Ten years ago, it was common for many programs of higher learning to "give" students a laptop for curricular use, testing, etc. Today, I get a surprising number of students whose only computing device is their cell phone, or a similarly hobbled tablet-style appliance. They live in walled gardens and think that computing begins and ends with "apps." Throwaway consumption devices are, slowly but surely, crowding from our collective consciousness the general purpose (and modular!) machines that delivered the Information Age.
And in some ways, I suppose, that was always the goal ("it was always the plan to put the world in your hands...")--just as we don't need everyone to change their own oil, or know how to fly airplanes, we don't need everyone to be using desktop computers. But in much the way that the average American utterly fails to understand or, therefore, appreciate the systems that keep them fed, keep the power on, etc., I suspect that failure to even slightly understand the technology on which our civilization functions contributes to some pretty distorted perspectives--on the world, on life, on politics, etc.
More options
Context Copy link
More options
Context Copy link
More options
Context Copy link
More options
Context Copy link
More options
Context Copy link