By his own narrative, it wasn't creating PowerShell specifically that got him demoted. It was doing "unassigned" work during work hours.

He details that it was specifically that Microsoft did/does not have the 80/20 type thing some competitors have, where you get some time to free range random concepts and ideas, so some pissy middle manager got mad that he wasn't going through the whole project approval (you know, the let everyone comment on the color of the shed stage) and he got demerits.

*What is YOUR source for this. Do you even have one?*

THE PAPER THAT WAS SUBMITTED. They are very open about the *incredibly* narrow known threat model (basically ASLR pointer obscuring *in the same process*), albeit -- as all papers do -- opining that maybe there is something worse that could be done. These sorts of security papers come out by the dozen per year, and generally no, there isn't any further risk, and the latent risk is negligible to irrelevant.

To be clear, when security researchers are pitching a novel vulnerability, the foundation of their claim is a proof of concept, because the chasm between "well it could...." and the actual can be enormous. No proof of concept. Not even a vague inclination of the knowledge of how to make a proof of concept. And this issue has been very widely disseminated, every hacker group pounding on Augury -- theoretically it is trivial to exploit on an array of pointers -- and no one else has a proof of concept yet. Weird, right?

ROFL. Classic Slashdot. Good god.

"No bias there at all."

Because I have an M1 Mac I have a "bias"? Yeah, not really. I'm typing this on an Intel box. I have servers on AMD, Graviton 2, among many others. That's a modern life.

"Sources are people in the security industry in which I work."

ROFL. Yeah, no you don't. You are claiming ridiculous things.

These sorts of "you know it *could* hypothetically be exploited" (in a profoundly narrow sense) security papers come up by the dozens per month. The overwhelming majority have no real impact whatsoever. This one is particularly spurious.

The "amateur hour" bit in your comment was particularly hilarious, and betrayed that you're just some guy saying dumb stuff.

What source says it's "impossible to mitigate this"? Do you have even one?

Because the notion is preposterous. Not only is this largely a theoretical attack (I'm being generous by not calling it a fully theoretical attack), with extremely little real world consequences, mitigations are *trivial* if it were something real.

"I really want Arm on the workstation and server to succeed."

You seem to know literally nothing about security or chip design, and decided to post some tosser, laugahble anti-Apple screed. Me, I'll keep using my M1 Mac, and have been using ARM on the server for half a decade now. Hurrr.

14.5 million is nothing for IBM. Not even a rounding error. This is a cheap way to kill SCO once and for all.

They're using a payment processor. Meaning a third-party is converting cryptocoins to real money, and the real money is transmitted to Newegg.

Bitpay added dogecoin a month ago, so now they can milk this with every retailer that has Bitpay as an option.

This overly broad excuse comes up all the time. They are not legally obligated to kill the goose that lays the golden eggs. Youtube does not produce content. Content creators take time and effort to make content. If they don't get paid, said content disappears and Youtube becomes useless. How's that shareholder profit now?