| ▲ | jeffbee 7 hours ago |
| The bureaucracy is why people trust Google with their data. I wouldn't use a Google if I thought they didn't have BCID and proto field provenance and the rest of it. |
|
| ▲ | morshu9001 6 hours ago | parent | next [-] |
| Yeah, it's also different from the pointless technical complexity that this video is about. But that exists too. Could've talked about how spinning up a cronjob the new way takes 2 weeks regardless of what it's doing, how there's a proliferation of different config languages, or how everything is deprecated / not ready still. |
|
| ▲ | defen 6 hours ago | parent | prev | next [-] |
| How are you supposed to know that if you're evaluating whether to use a tool / service? |
| |
| ▲ | kridsdale3 3 hours ago | parent | next [-] | | I wish I had an answer for you. I spend at least half of the past year trying to make that decision. The internal LLM that can read all the docs and code, you'd think, could get the context to know what the optimal state is, but it easily gets confused by out of date documentation and recommends paths that are going to be marked as "why didn't you use the new thing?" at review time, OR it builds out a solution using "oh, this isn't ready for use yet" parts. | |
| ▲ | jeffbee 5 hours ago | parent | prev [-] | | You could just read their whitepapers and accept them at face value. What other major SaaS providers are publishing about their technical countermeasures against insider risk? If a company publishes loads of articles about how they have technical controls for privacy and security, through encryption and compartmentalization and code review and build provenance and so forth, and all the people who work/worked at said company are always whining about how onerous those processes are, then what gives you reason to doubt it? |
|
|
| ▲ | shadowgovt 6 hours ago | parent | prev [-] |
| Agreed. Google long ago passed the event horizon where they could keep pretending they were not mission-critical infrastructure for a significant portion of their users, and (from privacy to reliability) I'm glad they've put in structure to enforce acting like it, even if that means they no longer feel like working at a startup. Everyone who wants to work at a startup knows where to find the rest of Silicon Valley (and Austin and etc.). I wish them the best and I look forward to reading their data-breach disclosures if they get popular enough for anyone to care about what they're doing. |
| |
| ▲ | kridsdale3 2 hours ago | parent [-] | | I was at Meta when it was forced by the FTC to start adding this compliance stuff. It SUCKED to retrofit everything. Now I'm at google, and onboarded on to the version of the infra that already went through that, and I can take it all at face value. It is a PAIN still, but this is the reality of a system that interfaces with O(10^8) users, O(10^2) governments. |
|
