| ▲ | john_strinlai 5 hours ago |
| >The comments that followed were a bit off the rails. There's no conspiracy here from Microsoft. But the Internet discussion wound up catching the attention of Microsoft, and a day later, the account was unblocked, and all was well. I think this is just a case of bureaucratic processes getting a bit out of hand, which Microsoft was able to easily remedy. I don't think there's been any malice or conspiracy or anything weird. it was a bit crazy how quickly people got conspiracy-minded about it. microsoft fucked up, and as per typical big-tech, only fixed it when noise got made on social media. but not everything is a grand conspiracy orchestrated by microsoft or the government or whatever. incompetence is always more likely than malice. any news from the veracrypt maintainers? i would imagine whatever microsoft employee got tasked with resolving this issue would have also seen that one. --- edit: well, i certainly underestimated the response to this comment. my mistake for using a common saying rather than being extremely explicit when it comes to something as emotionally charged as microsoft. i dont think i have seen a comment of mine go up and down points so many times before. what i intended to get across was: "this was not a deliberate, coordinated, purposeful attack on the wireguard project, at the behest of some microsoft executive, to accomplish some goal of making encrypted communication impossible or whatever. instead, this was the result of a stupid system, with a stupid resolution process (social media), that is still awful, but different in important ways from a deliberate attack. this is the typical scenario (stupid system, stupid resolution). the non-typical scenario would be a deliberate choice made and executed by microsoft employees to suddenly destroy a popular project". i shortened the above paragraph to the common saying "incompetence is always more likely than malice". i shouldnt have. my bad. |
|
| ▲ | anonymous908213 5 hours ago | parent | next [-] |
| > incompetence is always more likely than malice. "Incompetence" of this degree is malice. It is actively malicious to create a system that automatically locks people out of their accounts with absolutely no possibility for human review or recourse short of getting traction in the media. "No sir, I didn't grind those orphans up. It was this orphan grinding machine I made that did it, teehee!" |
| |
| ▲ | john_strinlai 5 hours ago | parent [-] | | i am positive that you understand the spirit of what that saying means. incompetence is always more likely than [intentional, directed] malice. microsoft employees did not deliberately attack the wireguard project with a goal of taking it down for whatever grand scheme people's hatred cooks up. if you have evidence that microsoft did this deliberately to ruin the wireguard project, please forward it along to jason (the wireguard maintainer) and several news outlets. | | |
| ▲ | tialaramex 4 hours ago | parent | next [-] | | Where possible I recommend not caring because figuring out whether malice was present is difficult and you can likely address a problem without needing to be sure. For example by creating working processes which never end up "accidentally" causing awful outcomes. This is sometimes more expensive, but we should ensure that the resulting lack of goodwill if you don't is unaffordable. Worst case there is malice and you've now made it more difficult to hide the malice so you've at least made things easier for those who remain committed to looking for malice, including criminal prosecutors. | | |
| ▲ | john_strinlai 4 hours ago | parent [-] | | >Worst case there is malice and you've now made it more difficult to hide the malice so you've at least made things easier for those who remain committed to looking for malice, including criminal prosecutors. i am quoting the maintainer of the project. take it up with them if you think microsoft coordinated a directed attack on their project. | | |
| ▲ | mlyle 4 hours ago | parent | next [-] | | I think you're missing the point of the person you're replying to. It's really easy to end up with procedural machinery that makes it unpleasant for other entities that you don't like. It seems to get the things that you do like and value less often. Why? Because you think about the consequences to what you consider important and you're inclined to ignore potential consequences to those you oppose or are competing with. The Vogons weren't necessarily overtly malicious when they obliterated Earth. | |
| ▲ | ImPostingOnHN 4 hours ago | parent | prev [-] | | "hostage speaks well of hostage-taker" | | |
| ▲ | john_strinlai 4 hours ago | parent [-] | | if you think i am defending microsoft, your hatred has blinded you to what my comments are actually saying. | | |
| ▲ | ImPostingOnHN 4 hours ago | parent [-] | | Why would I think that? That isn't a sensible conclusion from what I posted. I think you replied to the wrong post Regardless of what the maintainer says of their abuser after being abused, the point I think you are getting stuck on is this: Creating a system which locks you out if you don't speak to a human isn't de-facto malicious. Having support where you can't speak to a human isn't de-facto malicious, either. Doing both at the same time, however, is de-facto malicious. Some executives likely got bonuses for doing it, too. | | |
| ▲ | john_strinlai 4 hours ago | parent [-] | | you said "hostage speaks well of hostage-taker" in response to my comment. i interpreted that as you saying i am the hostage of microsoft, and have stockholm syndrome, therefor am speaking well of (defending) microsoft. if i misinterpreted that, my bad. are you calling jason the hostage? | | |
| ▲ | ImPostingOnHN 4 hours ago | parent [-] | | Yes, the maintainer continues to be held hostage by Microsoft, so it is no surprise that they don't publicly denounce Microsoft or ascribe ill intent or in any way speak ill of Microsoft. | | |
|
|
|
|
|
| |
| ▲ | bronson 5 hours ago | parent | prev | next [-] | | And I'm positive that you understand the spirit of the post you're replying to. The saying implies that incompetence and malice are polar opposites. They're not. | | | |
| ▲ | wtallis 4 hours ago | parent | prev | next [-] | | Microsoft's incompetence is certainly reckless at a minimum, and often manifests in ways that come across as misanthropic toward their users. They don't really fit the pattern of mere bumbling fools. | | |
| ▲ | PunchyHamster 3 hours ago | parent | next [-] | | what about pattern of bumbling fools on crack ? | |
| ▲ | john_strinlai 4 hours ago | parent | prev [-] | | sure! my point was that it wasnt a deliberate conspiracy/attack to fuck over wireguard, which would be an absolutely crazy story if it were true. |
| |
| ▲ | acedTrex 5 hours ago | parent | prev | next [-] | | And the person you are responding is asserting that the response to incompetence of this level should be the SAME as if it directed and intentional malice. Which is a completely valid way to view a fuckup like this. | | |
| ▲ | john_strinlai 4 hours ago | parent [-] | | >response to incompetence of this level should be the SAME sure. but this was not a deliberate attack by microsoft employees to shutdown wireguard. that is what i was trying to say and the essence of the quote in question. | | |
| ▲ | direwolf20 an hour ago | parent | next [-] | | Microsoft drove a truck through a school yard at 150mph. It was not a deliberate attack, it was just the fastest route and their map says there's a highway there. Is it malice? A certain level of recklessness is automatically malice. | | |
| ▲ | john_strinlai 43 minutes ago | parent [-] | | >[...] It was not a deliberate attack [...] in that case, it certainly wouldnt be called a deliberate attack, right? the edit in my original comment should hopefully clear up any confusion of my intended point. and, well... the comment you replied to should also make it clear that my entire point is centered around something being deliberate attack vs. ridiculous incompetence. the deliberateness of it is the entirety of the reason i wrote my comment. choosing the phrase "malice vs. incompetence" was a poor choice on my part, when i should have been extremely explicit. it would have avoided all of this back-and-forth. |
| |
| ▲ | acedTrex 4 hours ago | parent | prev [-] | | They are saying that "deliberate attack" or not does not matter and is not worth pointing out. The response is the same so its a worthless point. | | |
| ▲ | john_strinlai 4 hours ago | parent [-] | | whether something is a deliberate attack or not is not worth pointing out? its, like, the only thing worth pointing out. if microsoft is deliberately targeting projects and literally attacking them, that would be huge fucking news. like crazy news. lawsuits galore. | | |
| ▲ | acedTrex 3 hours ago | parent [-] | | > whether something is a deliberate attack or not is not worth pointing out? Correct in cases like this we are discussing it as a meaningless distinction. |
|
|
|
| |
| ▲ | direwolf20 an hour ago | parent | prev | next [-] | | Malicious people are quite good at feigning incompetence. | |
| ▲ | r14c 4 hours ago | parent | prev | next [-] | | I mean, sure, but at a certain point negligent incompetence is directly harmful and the motives or lack thereof are just context. | | |
| ▲ | john_strinlai 4 hours ago | parent [-] | | "just context" is important. i get that everyone has a frothing-at-the-mouth extreme hatred to microsoft and its employees. but microsoft did not say "fuck jason, fuck wireguard, lets try and shut that down". that would be a way different story. | | |
| ▲ | r14c 4 hours ago | parent | next [-] | | What's the accountability mechanism here? Make a big fuss online and hope the bad press outweighs the negligence? | | |
| ▲ | john_strinlai 4 hours ago | parent [-] | | i point out in my original comment that i think it is stupid that the only way to resolve this sort of thing is via social media. i think it is insane. and the lack of accountability is also crazy, given the influence microsoft (and other big tech) has over everyday life. i think people are reading my comment as some sort of defense of microsoft. its not. all i wanted to emphasize was that this incident, while obviously ridiculous, did not come about because a bunch of microsoft employees sat in a cigar-smoke filled room saying "lets destroy wireguard". |
| |
| ▲ | trinsic2 4 hours ago | parent | prev [-] | | It doesn't matter. They are doing things that are clearly hostile to users, they should pay dearly for it. | | |
| ▲ | john_strinlai 4 hours ago | parent [-] | | get mad at the shitty stuff they do (there is a lot!), not the fictitious things people come up with in hn comments. | | |
|
|
| |
| ▲ | izacus 2 hours ago | parent | prev [-] | | Except that the system that removes culpability, visibility and consequences of this kind of abuse is set up deliberately to avoid liability and consequences of such actions. This isn't a tee-hee accident, this is deliberate organizational design which removed any kind of bad consequences or even thought about what the software does to user from the engineers at Microsoft. They're happy about that. They now don't need to deal with that. And if you'll ask them, they will refuse a change that will make them responsible for abuse of their users. So, to hell with them :) | | |
| ▲ | john_strinlai 27 minutes ago | parent [-] | | and even with all of that in mind, this was not a coordinated microsoft attack against wireguard. which was my point. i am in no way defending microsoft. just pointing out that the conspiracy-theorists suggesting that some exec at microsoft specifically targeted wireguard for whatever nefarious purpose was, well, a conspiracy. |
|
|
|
|
| ▲ | trinsic2 4 hours ago | parent | prev | next [-] |
| With the way things are going right now with all the corruption in governments and corporations were way past the point of giving the benefit of the doubt. These organizations are clearly making changes to their OS's to slowly remove user control. Everything should be treat as suspicious moving forward and I am glad of the skepticism. |
| |
| ▲ | sscaryterry 4 hours ago | parent [-] | | The question is, did they notify the user that the account was blocked, or was it done silently? My money is on the latter, obviously I don’t know, just my guess. Was there a reason? Blocked is semantically harsher, than it has been disabled. | | |
|
|
| ▲ | Scaled 3 hours ago | parent | prev | next [-] |
| Society is a bit fatigued of big tech companies making their various accounts essential and then locking people out of them without any due process. |
| |
| ▲ | john_strinlai 3 hours ago | parent [-] | | yes, i am in agreement. i tried to be extremely clear in my edit that i think that the whole social media being the only way to get an account back is crazy stupid. |
|
|
| ▲ | orbital-decay 3 hours ago | parent | prev | next [-] |
| All this doesn't matter. What matters is the destructive potential and a breach of trust. CAs have been distrusted for less. |
| |
| ▲ | john_strinlai 3 hours ago | parent [-] | | >CAs have been distrusted for less. root programs are super specific about root cause analysis, what actions lead up to distrust, differentiating deliberate maliciousness from systemic incompetence, etc. its like the exact opposite of "all this doesnt matter". of course they still look at the outcome (danger to users, etc.), typically as a first step. but they take great care to determine exactly what lead up to a specific outcome. | | |
| ▲ | orbital-decay 3 hours ago | parent [-] | | It really depends on the scale of the breach, for example DigiNotar was immediately killed for their gross incompetence. In this case even the scale is unclear, with heavy suspicion towards malice and little hope on fixing any process inside that monstrous bureaucracy or even making it meaningfully care if it's not. I see no reason to trust Microsoft anymore, regardless of it being a fuckup or malice. |
|
|
|
| ▲ | dec0dedab0de 3 hours ago | parent | prev | next [-] |
| Microsoft lost the benefit of the doubt decades ago. |
|
| ▲ | themafia an hour ago | parent | prev | next [-] |
| Who needs conspiracy? Microsoft has entitled itself to decide what I can and cannot run on the computer and OS that I paid for, this earns them no additional revenue, so they don't care to do a good job. This system will never work properly. |
|
| ▲ | TiredOfLife 4 hours ago | parent | prev | next [-] |
| > it was a bit crazy how quickly people got conspiracy-minded about it. That's just the side effect of the Soross tracking chips hidden in vaccines activated by 5g towers |
|
| ▲ | BLKNSLVR 5 hours ago | parent | prev [-] |
| Conspiracy 1: rules from on-high about encryption projects to be suppressed. Debunked. Conspiracy 2: Copilot all the things! Probably not too far off. |
| |
| ▲ | john_strinlai 5 hours ago | parent [-] | | i think they have explicitly made it clear that they want to copilot all of the things (unfortunately), so i dont quite file it under the conspiracy label. | | |
| ▲ | wongarsu 3 hours ago | parent [-] | | If it's not a conspiracy (and to be clear, I don't think it is one) its still a failure on multiple levels of the organisation We can probably blame copilot for the email about new verification reqirements not going out to everyone. Maybe even for the reports of people who jumped through all the hoops and still got blocked as if they hadn't. But rolling out new verification reqirements, then not monitoring how many developers fulfill your new reqirements and following up is entirely on Microsoft employees. That's management failure and disregard for developers on their platform |
|
|
