Everyone knows that 10x engineers validate inputs and carefully manage dependencies; so clearly there's no risk of unexpected behavior.

It seems worth noting that one of the items in Wyden's rather pointed inquiry is the fact that the feasibility of doing this is known to have been demonstrated for the DoD by outside people familiar with it at least as early as 2016; so while this is the first confirmed case of adversarial use it's the outcome of at least a decade of just ignoring the problem; and a significantly longer period of failing to reasonably anticipate the problem. It's not like there's No Such Agency you could ask about "how could you spy on someone with the internet even?" if you wanted to know how well or poorly readily available information matched a nation state signals intelligence apparatus.

Purely as a matter of cellphones being expensive and somewhat tepidly capable in the before times I assume that there was a period within living memory when merely telling people not to Gordon Gekko on their DynaTAC where the russians can hear you was good enough; but that would have clearly and rapidly been getting less true for at least a quarter century.

The whole 'responsible disclosure' preaching and the not-terribly-subtle threats seem particularly bad given that there's an entire industry of actively more dangerous people who are not only treated as legal but actively courted by state agents and cops(and often even less savory customers, though they tend to be cagey about those); the ones who actively seek to keep vulnerabilities quiet so that they can continue to sell exploit tools and services based on them. Throwing zero days on github isn't ideal vs. getting them fixed; but it gets them fixed faster than if Cellebrite wants to hang on to a bitlocker bypass or Trenchant, and L3Harris Technologies Company, wants to keep selling 'network investigative techniques' that can bypass default windows defender configurations or whatever the situation is.

From the outside it's hard to know whether MS actually mistreated the researcher badly enough to justify their displeasure(the consensus appears to be that MSRC was never the best to deal with and has actively gone downhill; but this person's position seems significantly angrier than average) or whether they are perhaps wound a little tight; but implying that their legal status is the same as people actively running attacks against user systems is blatantly false and totally ignores the class of researchers who do actively run attacks while being treated as respectable.

It's a particularly bad look when at least Facebook got into a public legal fight with the NSO group over their nerd-merc work against their users; not like that actually solved the problem of attacks on cellphones; but it was an all-too-rare case of industry pushing back against the 'respectable' arms dealers; and not one that MS has an analog to.

We'll all pretend that nuclear-tipped VCs will remain cool-headed and cooperative when the AI debts start to go sour.

I'm not an expert on rebuilding massively exploded launch infrastructure; but I have a suspicion that a 2026-2029 plan is now going to involve less Blue Origin than previously believed.

Oh, they know; it's more that you can't really put "fuck palantir!" in an encyclical; but you absolutely can choose which perfectly plausible catholic author to quote in your piece on how weaponized AI is bad; and going with Tolkien over the other options seems deliberate.

When "AI-enthused defense contractors with names out of Tolkien" are literally a genre I suspect that he chose that particular citation because he knew it would lead to a few amusing crashouts.

Isn't much of the point here the cultural shove? Sure, there's the line-go-up stuff; but that doesn't explain the companies gutting quite profitable software development operations to shovel money at Nvidia for things that have no demonstrated ROI; if it were nothing personal, just business, the level of enthusiasm for taking on poorly characterized risk would not be as fervent as it is. It's absolutely about resentment of the human resources that has been running at least as long as the demonstration that it would actually take some shoving to get them all to come back to the office, likely significantly longer.

It's the significantly less common case, for some combination of a lot of high-visibility stupidity being lethal and lethal accidents being public in ways that the details of nonlethal accidents aren't; but destruction of gonads under sufficiently foolish circumstances qualifies a living recipient.

They already pretty much are. You have to do at least a little performative fretting about the risks, which spoils the enjoyment of pure cheering at the best crunching sounds; but there's no way we'd justify the level of recreational head trauma something like football produces if we didn't fundamentally regard the players as relevant only the the way racehorses are.

There was no excuse for having an insufficient pitot heat to prevent icing.

They're not exotic components but don't work properly when blocked, be it by icing or (on the ground) by insects seeking a new home.

There are obviously cases where complete vertical integration makes no sense; literally all of them if you interpret 'complete' at full strictness; but when someone actually says "privatization" they basically always mean contracting out something large enough to be or have been an internal program. Sort of the way you don't say "outsourcing" unless it either was or plausibly could be an internal function. Ordering copy paper from staples or having a meeting catered generally doesn't count.

That doesn't mean to say that it's always a bad idea; but when someone says 'privatization' that's a "we'll have SAIC do it" proposal not a "employees and the DoE use laptops they got under a GSA schedule contract rather than from the First People's Computational Manufactury" proposal.

What stood out to me was the part where the monster swallowed the bomb. The bomb seemed to move unnaturally, like it wasn't affected by gravity.