It's $10 for one person, but take 1 million people, and it's $10 million

Right, that's why this makes sense for Gmail. The spreadsheet says make the free tier extraction percentage number go up, and they value noncomplying users' time at zero. The math should is different for company-internal email.

The operative question should be, how much do you want to spend on employees sorting email instead of writing code or whatever you hired them to do? Because that's how you're buying your disk storage savings.

Different places have different considerations - as I mentioned above, my employer now clearly values reducing litigation risk over my productivity. In the past at startups, my decision was to give folks huge quotas and treat it like any other capacity management problem for scaling/budgeting.

There has to be some limit, and if someone somehow bounces off of it nobody thinks it unreasonable to tell them to fix it. And anyway there's usually a reason like a misconfigured something that infinitely-spams about whatever it is upset about. Otherwise they can worry about work instead of email management make-work.

Should be a knock-off for $500 soon enough.

Of course it'll be a little rough around the edges, and the solar panel won't work, and instead of growls it makes Bart Simpson jokes, but I'm sure it'll be fine.

When I was directly admining systems, I didn't have time to argue with people over a couple dollars worth of storage.

I also didn't want people wasting time worrying about quotas or other artificial limits unless they were abusive. (The dude who wrote something that was authing against LDAP 10s of millions of times a day got a talking-to.)

A lot of people confuse "I can't imagine doing or needing X" with "there is a good reason to deny the ability to do X." Honestly, I think most people are Doing It Wrong, most of the time. So? If they're getting shit done, none of my business until they are making unreasonable demands that impact operations. And 100G of mail is peanuts.

My current complaint is the opposite - I can't keep mail longer than a year now, lest it be discoverable in some potential future lawsuit. I've gotten better at predicting what I'll need to know later, but still miss things I should have saved somewhere, and that absolutely damages my productivity.

What I'm hearing is "But, I'm a highly-compensated professional! Not like all the plebes we spy on constantly to compensate me."

I do agree that they should stand up for themselves, and they have my support, once I'm done supporting causes I consider more important, like toe lint eradication.

Facebook headhunters used to bug me constantly. I put up an autoresponder telling them what I thought of their business model, leadership and general behavior, and that I would wash dishes for a living before working for a degrading, anti-human shithole like FB. Eventually they got the message.

I ended up in a fairly heated argument with some FB employees several years back when I mentioned that. It was obvious they felt stung by someone rejecting the choices they made and kept leaning in to, "but I make more money than you". Which was I was happy to concede, it was true. Suggesting that my self-esteem costs more than theirs didn't seem to be what they wanted to hear..

I wonder if those folks are still there, protesting about their workplace privacy.

The headline may as well be "Rose maintains transactional relationships with tech media after all these years".

At this point I think if a good idea walked up and smacked him on the head, the name alone might doom it. It has been an also-ran in a confusing number of categories, so depending on your age you may remember it as a very different kind of failure than I do. Sort of the converse of trademark dilution - it is clear what the name is and who owns it, what's muddy is what the service is supposed to be.

My home storage setup is currently is two 8 20TB drive arrays - one live, one a remote backup.

I was buying drives to add another stripe when the pricing started to ramp up - I try to buy them over time to get different drives from different lots. Now I wish I'd just bought a bunch.

This time last year they were $369, sometimes cheaper. The most recent one I bought was $500. The cheapest I see them right now is $769.

I think I'll be waiting on that new stripe, but at least I have four spares to keep the existing system running.

Can anyone name under what authority this would operate?

I'll wait.

(Executive orders are orders to the executive branch. If you aren't an executive branch employee, they have as much authority over you as a postcard from me does.)

Also a good time to remember that a big part of the anti-Biden case from the techbro money types was how stifling and onerous the "please don't make dangerous robots" guidance was. Bill Ackman upside down in clownshoes on a unicycle, with a kazoo up his ass.

I disagree.

1. Backups were stored on the same volume as live data, and were destroyed by the same command. I agree that is a bad design on the vendor's part, but dude's responsibility was to read and understand the system he was using, and he tacitly admits he didn't understand that:

This is the part that should be a red alert for every Railway customer reading this. Railway markets volume backups as a data-resiliency feature. But per their own docs: "wiping a volume deletes all backups."

2. No, I think you misread - he says he didn't understand the token's scope:

We had no idea — and Railway's token-creation flow gave us no warning — that the same token had blanket authority across the entire Railway GraphQL API, including destructive operations like volumeDelete. Had we known a CLI token created for routine domain operations could also delete production volumes, we would never have stored it.

3. DR !=backups. Disaster recovery is is ensuring you have a path back to operational health from disasters. It is a set of plans, procedures and assets that has to be rehearsed. We test our ours once a year; if you are not exercising your procedures, you don't have a DR plan.

Further, the "agent obtained the key itself" - from stuff it was allowed to dig through. It found the credential hardcoded in a script it has access to. This required three different fuckups to happen:

(1) They didn't understand the scope of the token - see above.
(2) They hardcoded the token (which they didn't understand to be 'root' scoped) in a script. This turns any disclosure into a full compromise.
(3) They obviously let the robot root around lots of stuff it shouldn't have access to. Even aside from the disaster that happened, that's an invitation for adversarial disclosure - if this didn't get them, something else would have at some point.

Replace the word "AI agent" with "rogue employee". Would you blame yourself for them going postal and burning your business down?

To start with the utterly obvious, an LLM is not a human, and if you attempt to substitute one for the other, you are necessarily taking responsibility for the robot's actions. This is the same logic as not leaving weapons laying around where kids can find them, except some do kids have the capacity to know better than to use them.

That aside, I do agree that in early-stage companies you're not going to have the safeguards you need to survive a rogue employee or carelessly deployed robot, except probably around the bank account. Which is all the more reason to to be careful and understand your tools, or pay someone to do that for you.

The industry is shoehorning this shit into every product and service out there despite multiple documented examples of safeguards not working.

Oh my god. Tech companies are exaggerating their capabilities. This is a never-before seen crisis - how can other companies possibly be expected to understand that advertised claims may not be accurate or products might even be dangerous? My faith in capitalism is crushed. Please pass me my High Noon beverage so I can drink it while driving my Ford Pinto as my kid uses their Samsung Galaxy in the back seat.

Dude made several WTF-worthy decisions, any of which would have disqualified him from working anywhere near production where I work.

Let us count the ways:

- Did not take the time understand his own infrastructure (the backup issue)
- Did not take the time to understand permission scoping
- Clearly has never heard the term "disaster recovery"
- Let a robot play in production
- with way too many toys laying around
- and no apparent thought to risk/reward tradeoffs beyond "everybody (I know) does it this way"
- when the bullet encountered his foot, his first impulse was to blame everyone else, rather than own his shit. Unless his next Xitter post describes how he hired someone competent to re-architect and manage his technical infra, if I were a customer, I would be looking for a competent alternative.

My other comment in this thread probably makes it clear how I feel about them.

As a way to try to make suggestions instead of just being negative, I propose sidewalk bike guards. Think of a cattle guard with the slats rotated 90 degrees.

Anyone who has ridden a bike around trolley tracks understands how this works. But they should probably be placed in the middle of blocks, not at the ends. Street signals slow them down at the ends, and you want to disrupt use, not just access.

Self-enforcing, no need to convince arrogant, overfed cops to do their jobs.

I'd be fine with them if they used the street. As is, those things are a fucking menace.

I've seen two bad accidents. One was an electric scooter nailing a pedestrian in the ankle, it was obviously a bad break. The other was an electric bike driven by a delivery person, mowed down a kid, probably under 10. Also looked really bad.

In SF, the cops don't give a shit about bikes or pedestrians. (One of several reasons I don't give a shit about them.) But in a functional polity, that would be at least negligent assault, if not a more severe crime.

I can live with human powered conveyance on the sidewalk, especially if it is kids. Add a motor (don't care what the power source is) and you are a menace I hope I get to see you faceplant at a high speed.