Forgot your password?
typodupeerror

Comment Re:Amazon is corrupt! (Score 4, Insightful) 22

I think it may be evidence that Amazon has a shitty corporate culture that squeezes every penny it can out its employees.

Corruption can happen anywhere, but it's more likely to happen in totalitarian cultures where people feel like the system is rigged anyway. That's why countries like Russia and China have corruption problems. But I suspect the same feelings of me vs. the system occur in a capitalist enterprise like Amazon where employees are governed by dystopian, rigid, computerized metrics.

Comment Re:If I have steam installed on top of Linux (Score 1) 45

I want it for a computer that can't take Win11, but is perfectly usable hardware otehrwise. My plan is to convert it to a dedicated Steam game machine and have the SteamOS features included, and I'd rather it be actual SteamOS with Arch instead of Bazzite (on Fedora) or something else similar that's more likely to get abandoned by the maintainers down the road.

Comment Re: Very fuzzy. (Score 1, Insightful) 45

Well, you Klansucking Sisterhumping America Hating ReCUNTlicans already packed the court to try to destroy our Constitutional rights. So I reject your claim that speaking out on matters of public importance as an equal citizen is "corporate sabotage," you neonazi inbred bitchtrash.

Comment Reminder of how this works (Score 1) 295

No one can possibly think that a one-time tax like this is a good idea. Even if you want higher taxes on the wealthy surely (a) you want recurring revenue not a one-off (b) you want to actually collect the taxes not just scare the tax base out of state.

But this is the key part:

Although it has gained enough signatures for the ballot, the groups backing the measure have until June 25 to decide whether to move forward or potentially strike a deal with the state.

The way the ballot process in California works is you can propose terrible legislation, pay for signatures, then get what you want in return for withdrawing it (which you can do even after submitting signatures, which is ridiculous).

It's become a very broken system.

Comment Re: Seems defensible. (Score 1) 38

If their published standards indicate that giving the connector that level of admin permissions is excessive, and the access needed to exploit this is as clearly a set of poor security management as the last paragraph of the summary implies, then, "Yes, it should be corrected, and no, it's not bounty worthy" seems a reasonable stance to take. It sits right in the zone of that definition.

You could have the argument, but it's not clear to me that Google has it wrong.

Well I am sure they are not wrong in that they have legal cover to refuse the bounty.

I think they probably are wrong in excluding all config related bugs from their bounty program. Chained exploits are becoming increasing attack vectors so "you need elevated privileges" is not the moat it used to be. And GCP takeover is a big cost to bear. "We can prove it was your fault for not reading our docs carefully enough" will probably not be the salve their customers want in case of exploit. Security is hard and protecting customers from footguns is often worth doing.

But if Google doesn't want to know about these kinds of issues that's up to them. Keep it in mind before purchasing their services, however.

Slashdot Top Deals

Professional wrestling: ballet for the common man.

Working...