| ▲ | 866-RON-0-FEZ 2 hours ago |
| Many brilliant people have serious mental health issues that preclude their ability to regulate their emotions and act maturely in serious situations e.g. responsible vulnerability disclosure. I've watched genius-level IQ people get fired time and again because they don't know how to work with others at a basic kindergarten level. |
|
| ▲ | wolvoleo an hour ago | parent | next [-] |
| To be honest if I got fired in a mean or unfair way I'd definitely hit back at my employer in such a manner if I'd have the ability to. I'm unlikely to have that though as I'm not aware of any saucy company secrets. But if this is what happened I think it's pretty justified. The secret here seems to be that Microsoft caches the key somewhere even when it's supposed to be only in the TPM! That's a pretty big revelation IMO. |
| |
| ▲ | mananaysiempre 22 minutes ago | parent [-] | | > The secret here seems to be that Microsoft caches the key somewhere even when it's supposed to be only in the TPM! Not what happened here (I reserve my judgment wrt the promised TPM+PIN exploit). In the default TPM-only mode of BitLocker, the secret is in fact in the TPM, which will (as instructed by Windows upon key creation) release it to the correct OS running on the correct computer. Notably not in the picture is any user-provided data: measured boot is the only protection. It is only the correct programming of the OS that makes it request an account password (completely unrelated to the disk-encryption cryptography) before letting the user poke at the disk, which the OS can at that point already decrypt. Well, turns out the programming is such that if you ask politely it’ll just pop an Administrator(?) shell. |
|
|
| ▲ | gusfoo 2 hours ago | parent | prev | next [-] |
| There is, sadly, no place for non-standard ICs in corpos nowadays. HR will enforce that. |
| |
| ▲ | david-gpu 2 hours ago | parent | next [-] | | Emotionally immature people tend to be a liability, not an asset. Therapy can help, but they first need a willingness to do better. | |
| ▲ | wolvoleo 33 minutes ago | parent | prev | next [-] | | Yeah I'm getting a lot of pressure to be a "team player" lately. I've told them over and over I'm not capable of that and that has never been a problem before. But we have a hipster new VP who is really pushy and wants to generalise everything. | | |
| ▲ | stackghost 11 minutes ago | parent [-] | | If you worked for me and you said you're not capable of being part of a team I'd immediately start looking to replace you. You might be a 100x rockstar developer. You might even be the best software engineer in the world. But the vast majority of good software is built by teams of people. It doesn't matter how good you are if you can't play nice with others. I'd rather have a team of "merely" good engineers than one "rockstar" creating a toxic work culture. Fuck that noise. |
| |
| ▲ | hatsix 16 minutes ago | parent | prev [-] | | Nonsense. there are way more accommodations for people who wouldn't have had a place 20 years ago... those accommodations have changed what a "standard IC" is. There never was a place for run-of-the-mill geniuses who couldn't be bothered to spend a few hours researching P2P (Person to Person) protocols. They were always pushed off to small companies where the risk was much lower. This hasn't, won't, and shouldn't change. If that makes you salty, I got some things I'd recommend you research. |
|
|
| ▲ | jrflowers 28 minutes ago | parent | prev | next [-] |
| Adults pay rent in money, not feelings. The answer to “how could Microsoft leave you homeless?” is “by not paying you”, not some bizarre “by making you feel so bad you lose your house, which you pay for with good feelings” |
|
| ▲ | BoorishBears 2 hours ago | parent | prev [-] |
| This is an oddly passive-aggressive comment when a much more likely read is they were relying on the funding and the large tech company did what large tech companies do and started moving slowly. And I can see others already blaming them for relying on the vulnerability for living expenses, but if we can hold the hyper-rationalization for a second, we shouldn't be against the person who expected an organization with more money than God to uphold a deal for relative peanuts, right? Like yes we all get that large orgs make spending $5 very hard, many claps for being the in-group, but their frustration would be understandable. |
| |
| ▲ | 866-RON-0-FEZ an hour ago | parent [-] | | I'm supposed to feel bad that Microsoft didn't immediately wire him an advance on the bounty before validating anything? Have you ever tried to get anything corrected with a corporate payroll department? Try three months minimum. It's like suggesting someone was relying on a lottery ticket to payout to survive. | | |
| ▲ | BoorishBears an hour ago | parent [-] | | I tried to be as coddling with my language as possible. Acknowledged how orgs work, separated blaming the org from sympathizing with their reaction, tried to separate the prudence of their actions from the sticky situation they'd still be left in by the orgs actions... But it was for naught: people are really ingrained in a weird "might-makes-right" model of corporate operations. "Larry Ellison is a lawnmower" was supposed to be a jeremiad but now it's more like a guiding principle that we browbeat anyone for questioning. |
|
|
