This is going to age like a 90s cybercafe.

If they're right about how pervasive this crap will be, this is like a carpenter calling themselves a "Saw User". If they're wrong, it is like calling themselves a "Fax Machine Specialist".

If you build a dangerous theme park and I buy it from you, I take responsibility when kids get mangled.

And PE is absolutely a terrible model for any software with a security aspect. They will always strip maintenance to the bone and PE backwater shops don't exactly have the best and brightest banging on their doors anyway.

After we were bought by a massive firm, one of the (many) things that bugged me was losing control of my vendors. Instead of making our own deals, now I tell a centralized procurement department what I need. It still causes problems and bugs me, but one thing they do is evaluate vendor capabilities. And they really don't like PE-owned software, for exactly this sort of reason. SolarWinds kicked them in the nuts on that one and they're not eager for a repeat.

This isn't a fluffy hippy saying "I don't like breakers and takers", this is a Dow 50 CTO saying "PE's business model is not compatible with security-critical software".

I'm not talking about Joe Random's laptop, I'm talking about systems involved in commerce that are exposed to attack. You want at least 60 bits of entropy right now; if you're monitoring competently you'll notice the attack well before there's significant risk of success. Better not to expose an access path at all, of course, but sometimes it can't be avoided.

Diceware or whatever is fine, I guess, but in our environment I don't care about typability. End user passwords only have to be entered once a week or so. Access to accounts with elevated privileges is not an everyday thing here, and is gated.

But hey, do what you want, I don't manage your machines.

So that's the WSJ article Zuckerbook's press shop purchased.

Nice and bland with the thumb pretty heavily on the "make him not look predatory" side.

You could also read slightly less obsequious reporting elsewhere.

Password storage is the same whether or not you use a robot-poop password.

I use Hashicorp Vault at home, because I tend to dogfood the services I run at work. But that's a bit ridiculous, I don't recommend it.

We also run a local Bitwarden installation at work, that's generally for nontechnical users and the dedicated programming staff (although I repeat myself).

For normal people, I recommend some password manager with local storage not tied to a browser, and ideally not tied to your OS. But it depends on how competent the user is.

Why are you using four character passwords? I don't know what your threat model looks like, but a cat might "guess" that, bouncing on your keyboard.

Because people don't know how things work, and treat the robots like oracles.
"But ChatGPT said..." is the new "I saw it on television, it must be true."

If you're not doing something like

< /dev/urandom tr -dc _A-A-a-z-0-9 | head -c30

or some tool that does something similar, you already have problems.

My HR department emits a continuous stream of robot poop at us, it just seems equitable to return the favor.

Plain old faceplant failure.

If you want to troll, at least be entertaining.

The thing that makes this so utterly stupid is, "all resources" of what? That embedded system in the pregnancy tester that troll will never have a use for, or the huge distributed clusters they're not smart enough to know what to do with?

And I guess it also thinks operating systems should not use available resources?

Anyway, the story telling is good. History always is, but this is also useful for pointing out how contingent things like this are - if Theo hadn't mirrored early versions, or if Linus got possessive at the wrong time, something else may have ended up in the "Linux" niche.

Small actions can have major downstream effects, but you can't know in advance which ones matter. There are several different lessons in there, depending on what you want to focus on.

Robots have been clicking ads hosted in WP for decades now, it is high time content generation got some love.

We are well on our way to a human-free internet.

The UK engages in import/export, just like everyone else.

I suspect this is the beginning of the end for building your own rig for most folks.

Manufacturers prefer locked down, soldered RAM machines for obvious reasons. Microsoft would be happy with fewer, more predictable builds they could lean on people over. Businesses already mostly treat machines as "no user serviceable parts" inside.

That leaves gamers, nerds and hardware hobbyists (but I repeat myself).

Parts of the gamer segment can be peeled off in various ways. Nerds are forced to retreat to Ebay and other sources of trash hardware. Accessing anything of interest will require remote attestation support, and your machine is officially no longer your machine, you just get to pay for it. Anyone who complains gets a litany of "but you can still can have an AWS VM or Raspberry Pi, what's your problem?"

Broadcom found a great niche to run their game - virtualization is one of the harder foundational tools to move out from under. It is like they found a way to tax data center floor space.

But that only lasts until people can move. Long enough to earn Tan a really nice chunk of change, and probably also long enough to make VMWare a tiny niche player.

Eliminating jobs that can be done automatically IS "real money on the table" to company shareholders. Will AI replace these jobs? You bet your ass they will. The West is not prepared for the impact AI is having on employment, and will continue to have for decades to come. Some people are burying their heads, but it won't save them. Entire fields that used to be good paying professional work are quickly becoming something a glorified script can handle with minimal input.

Gosh, maybe somebody should have thought about the poor public house before destroying the economy and telling the rest of the world to fuck off.

It turns out if everyone hates each other and is poor, they don't hang out in bars much.

Oh well. Maybe if they turn the island into an even poorer, meaner place, the good times will come back.

Some of us are kind of doing that already by running old OS's in VirtualBox, and then running old but useful abandonware for personal tasks on those OS's. It's pretty fun and there's an ocean of useful and interesting software out there.... especially from the 90's. You just have to be careful about where you get it from to avoid the malware aspect. But there are some reliable sites. And it's pretty fascinating using software that my dad used. We're definitely in a weird time.