By definition of the United States Constitution, The United States Government (this includes ICE) does not have the right to search you, which includes searching your identity information.

If you're inside the country, unless you're doing something wrong, they have no right to simply track you within a database for 15 years? This right is enjoyed by both citizens and non-citizens alike.

Now, what they DO have a right to do is obtain warrants for individuals that they have documented of violating the law or suspected of violating the law. Signed by a judge.

Walking up to you with a cell phone camera and biometrically identifying you is not even close to something they should have the power to do, and when the Democrats regain power should shut this down as soon as possible.

These features already do exist for Teams calls, but it requires you to have the correct Teams Premium licensing for the person running the call, and requires them to enable the feature and provide a sensitivity label for the meeting.

Most companies do not purchase nor use all of Microsoft's security features.

#1 implies that they have a warrant they're charging you with in the first place.

#2 would probably still be bypassed by Cellebrite.

Quite literally your god emperor king trump has kicked out the press from the DOD unless they tote the party line, tried to kick Jimmy Kimmel off the air, kicked off Stephen Colbert from the air.

Spare me the "free speech, first amendment" bullshit.

Freedom of speech does not mean freedom from PRIVATE consequences. Not using the government to strongarm companies for whatever speech you deem appropriate by threatening to pull their FCC licenses.

"Anonymous Coward" about sums up MAGA.

That does not mean we should not continue to preach it. Because we should all use it as a guiding north star to continue the march of progress.

This reads like an ad to get folks to move to SASE solutions, which arguably may often be less secure for remote authentication into your network than a traditional VPN solution.

One area I've seen fall short in authentication between SASE solutions and say, Palo Alto's GlobalProtect VPN is GlobalProtect *in addition* to a SAML flow will also do a client certificate validation flow. And this works with hardware-backed private keys on TPMs in Windows (using the Microsoft Platform Crypto Provider). SASE solutions are very often pure IDP only, and what the access token says, the SASE will deliver. I'm not saying GlobalProtect is good (it's really god awful tbh), but in this specific regard it offers a little more connection verification beyond blindly trusting an access token in a world where token theft is becoming more and more of a problem.

Beyond that, the rest is fluff, really. A SASE solution can be configured poorly just as much as a VPN/Firewall can be. There's also the inevitable world where a vendor platform like Tailscale could eventually be compromised and all of your issued wireguard keys between systems are downloaded and exploited.

There's no "perfect" solution out there. There's only proper security. You can do good or bad security with traditional firewalls/VPNs or SASE solutions. And the security of both is an evaluation of what your organization is willing to put the work into maintaining. As called out in the original post, "and aren't integrated into centralized logging solutions" isn't a technical problem with the device, but an implementation problem with engineering.

I think it's time Microsoft replaces Nadella. He's failing in the same way that Ballmer failed, which is suffering from extreme FOMO on literally any and every new hype coming out while ignoring the rug pulling that's slowly gaining steam beneath him.

Open source solutions for most things have surpassed Microsoft's Windows Server platform to the point that Windows Server is effectively dead except in very specific circumstances. Over the next decade that will continue to grow to be a thing, and further financial investment in open source platforms will eventually catch up to cloud products as over time people and companies continue to invest in developing on-premises solutions to replace the ones Microsoft is ignoring.

We are starting to see the cracks in cloud compute. On-premises compute support is growing again as companies realize it's actually cheaper to run all of this random bullshit on some shared hardware than to spend tens of thousands of dollars per month on cloud compute spend.

Sovereign clouds are growing and becoming more of a thing. And the day that Microsoft, AWS, or Google is forced by the United States government to turn over information in a European cloud to the US government will spell the end for massive generalized cloud computing. These major cloud vendors ignored the fact that they've been riding the coattails of trust the world has had in the United States government to trend towards more progress and freedom. And that's clearly not going to be the case anymore.

Broadcom's push to basically force everyone off of VMWare is massively modernizing software which companies still want to run on-premises but moving them all to bare metal k8s nodes. Reducing VMWare licensing will have a direct impact on how many Windows servers exist across the world.

Nadella has put next to no investment in Windows except for chasing AI bullshit. Which itself is already showing cracks with Meta's recent layoffs in AI.

All of this focus on AI and Cloud, both of which are going to be massively reduced over the next 10 years, along with modernizing software to run in containers and getting away from traditional VMs driven by Broadcom's licensing onsense, will make Microsoft virtually irrelevant as soon as someone releases a comparable Office and Exchange stack you can run on-prem again.

Clearly the programmers haven't woken up yet :)

The hypothesis is probably a correct one, although I am still wondering exactly where AI will land in the grand scheme of things.

It's obvious the intention of management types is to replace highly skilled engineers with lower paid vibe coders. The MBAs would love nothing more than that. But as the author hypothesized, I'm guessing the most high folks will be the entry level positions. Exactly where that lands, I'm not sure. Is it a 10% replacement? 5%? 25%? Will we ultimately not change the number of engineers needed and just their overall output goes up by a few points? My guess is the latter, and definitely not this promised utopia of "we can finally not hire all of these overpaid software engineers!". Just like this ultimately didn't happen with the cloud + BYOD shift in the 2010s. The largest push for cloud, devops, and BYOD was to get rid of both on-prem datacenters AND to get rid of IT folks. But what ultimately happened is that software development organizations realized that IT operations is a distinct set of skills, so instead they created the "SRE"--which is a fancily-renamed operations person in a software development org. Oh, and the average SRE makes 2-3x as much money as the IT ops folks they replaced.

  Given the way LLMs work I highly doubt wholesale replacing entire large chunks of software engineers is going to be a thing anytime soon. Most interestingly is the fact that LLMs can only know what we have already put out there, and we'll basically need to continually train newer models with more information. As technology changes, give it another 5-10 years, and today's LLMs may be in fact completely useless. Particularly as sites like Stack Overflow's knowledge becomes more obsolete.

I liken LLMs to the know-it-all at a bar. They speak like they know everything about everything, but you're just trying to get drunk in a bar and don't feel like correcting them. They might have most of the answers to that night's trivia game, but if you deep dive any particular area they're going to make up a bunch of bullshit to avoid saying "I don't know." Unfortunately (or fortunately?) the world doesn't run on such people. Jim Bob's trivia knowledge doesn't architect and engineer buildings, bridges, roads, nor would you trust him for the bar's financials. You don't ask Jim Bob how many drinks you sold in a night, "oh around 1000 or so" when your livelihood depends on knowing that you actually sold 1315 drinks. And the rest of the world isn't going to let you use Jim Bob's guesstimates to pay your taxes, "Well Jim Bob said we sold around 1000 drinks so we paid taxes on 1000 drinks worth of income!"

There's going to be *some* AI impact, but I doubt it'll be as revolutionary as the smart phone.

Yep. There could be any number of motivations by the assassin, not the least of which because he's got some screws loose in his head that someone needs to adequately diagnose. Any motive beyond "wtf is wrong with that guy?" is politicization of the situation. We have barely enough information to determine that the guy disliked CK for some sort of reason, but beyond that we have no idea.

Anyone who claims otherwise is speculating on what the motive is, no doubt amplified by our idiotic fucking FBI leadership and US government leadership.

Damn we are becoming tech illiterate as fuck.

If you actually give a damn about security, encourage whistleblowers and journalists to get yubikeys and generate PGP keys and communicate that way. Encrypt e-mails.

Signal offers a decent alternative for less painful secure communications. But PGP is definitively the way to go if you want to securely share information.

So many comments degrading Microsoft for being more open than either Google or Apple, saying how they "lost" the "app store" game, etc. When in reality centralized stores/package managers have significant benefits for users overall. At least, that's what people tend to tell me as it relates to other platforms.

Now the Windows Store is more akin to the Ubuntu Universe repository, or the Arch User Repository. Which is a good thing.

Lots of comments mentioning that "Chrome is open source and on mobile phones" when even the little blurb shared on the Slashdot article mentions explicitly that they measured desktop browser usage AND not even mentioning that the "open source" part of Chrome is the Chromium project, which is *NOT* Chrome, and doesn't count here.

Brave, Vivaldi, Edge, and Opera are all Chromium-based browsers. Safari and Firefox are not. So the stats aren't skewed to Chrome because of the pervasiveness of Chromium usage. They're explicit stats to Google's Chrome browser.

Now, with that out of the way, there are many reasons that Chrome itself is the default, Part of that is Chrome drove much of the innovation in the browser space, not only on web standards, and driving everyone to Javascript instead of plugins; but also because of profiles, profile syncing, and deep integration into all things Google (SSO support for the browser and all Google apps, etc.)

But none of this was because of "Don't be evil", but a rather pure financially-driven effort on Google's part. From a developer perspective, it wrestled web development back out of the hands of designers/artists and back into the hands of programmers with deep javascript integration. Simultaneously, having provided the highest javascript performance on the client side, with the ease-of-use of Javascript over most other programming languages, and the extreme security issues of earlier approaches to dynamic code execution on the client side (untethered Java Plugins, Flash plugins, etc.), it did make a lot of sense to leverage that tool versus the other approaches that existed before.

One thing I do find funny from the earlier days is both Chrome and IE used a one-process-per-tab model and lots of early Firefox users (around the 3.6 era) constantly nitpicked over how many processes were spawned and Firefox was "cleaner" for having a single process in task manager. It turned out that the separate process model was significantly more secure and scalable.

At any rate, though, none of this was out of the goodness of Google's heart, contributing back to the open web, or whatever nonsense people filled their heads with back in those days. It was all a purpose-built, financial-driven effort to "light-touch" lock you into Google's services. "Hey look at all these shiny toys we are giving you in a web browser, don't you want them? You do don't you? Yeah look at this 1GB mailbox over the 25MB you used to get. Yeah you like that don't you?"

These days, the standardization part doesn't matter as much anymore. Javascript won the client side browser wars, even though we see as frequent if not more so Chrome security updates as we saw in Adobe Flash or Java back in the day (people hated monthly updates of both of these applications, and it was a massive driver to get off of them and into Chrome--only for Chrome to basically do the same thing but the only difference is it's generally [but not always, especially if you work in IT] more behind the scenes.) The security issues with Flash were so common that Microsoft ended up making Adobe Flash Player part of Windows Update just to get it out there more consistently.

Google has now cemented their monopoly position, however, because of instead of an open web, they've created a Google web. When Microsoft was trying to get the Windows Phone off the ground, Google explicitly and extremely purposefully did not make any software for the Windows Phone, and when Microsoft invested effort into building an in-house Youtube application, Google went through great lengths to prevent it from working. To be fair, this wasn't the only thing that killed Windows Phone, but it was a massive contributor by not giving people access to common applications at the time (Youtube, G-Mail, etc.) This act was deeply anti-competitive behavior and should have resulted in Chrome being split off from Google proper and into a separate entity (and to be honest, splitting up of all of these projects).

Google is effectively more evil today than Microsoft had ever been in the early Windows days, and if viewed under the same lens that gave us the Microsoft monopoly lawsuit efforts, would immediately result in Google being poofed into like 5 different companies at least. Microsoft's "We will only bundle our browser with Windows" effort seems childish in comparison to the platform and vendor wars that exist today between Google, Apple, and the rest of the industry.

Android device security doesn't matter because Google collects so much data on you directly to their servers and they hand it all over to the highest bidders [and governments] anyway. The important stuff is all on their servers: your e-mail (via gmail), the apps you buy and download, how much Youtube or Youtube Music you consume, and all of the native data collection they pull in from your phone anyway.

Google knows more about you than you know about yourself at this point.

Google securing android is like the time when rootkit developers were patching the holes they used to prevent others from exploiting the same holes.

Ask yourself why the relationship between two peoples in the language learning content matters to you?