|
|
Subscribe / Log in / New account

Color me shocked...

Color me shocked...

Posted Jul 13, 2022 5:14 UTC (Wed) by oldtomas (guest, #72579)
In reply to: Color me shocked... by ermo
Parent article: Garrett: Responsible stewardship of the UEFI secure boot ecosystem

Remember that corporations aren't people. There's something with corporations I like to call "emergent evil". It may well be that no one personally wants evil [1], but the emerging behaviour (think anthill) still results on that.

So for corporations, I prefer this bastard made of Hanlon's razor and Clarke's third law "Any sufficiently advanced malice is indistinguishable from stupidity".

CYA, plausible denial, diluted responsibility and all that.

For me, this practically means that Microsoft should get as much flak as humanly possible for this.

[1] sometimes, some people very much do, as the current Uber files thing chillingly shows.

to post comments

Color me shocked...

Posted Jul 13, 2022 12:28 UTC (Wed) by atnot (subscriber, #124910) [Link] (1 responses)

> There's something with corporations I like to call "emergent evil"

I think this is the most useful framework to think about these things.

For example, imagine you are in charge of security at Microsoft. You propose to a wide array of security measures. Some of them require additional work in Windows, some of them require work from vendors and some would be easy to enable but require extra development to make work well with other operating systems.

Your boss is tasked with picking which of these things should be the companies priority this year. Which of these do you think will be at the bottom of the list? The measures start to roll out and you receive backlash. You earnestly suggested these security measures in good faith so you will of course defend them and be adamant that their purpose is security. But your good intentions were ultimately irrelevant, because filtered through bad incentives they created emergent evil.

"Is Microsoft good or bad" is a trick question, it's a blind self-feeding machine.

Color me shocked...

Posted Jul 15, 2022 19:09 UTC (Fri) by Wol (subscriber, #4433) [Link]

I dunno about "emergent evil", but there is also "responsibility to your stake holders", which is a legal obligation, and is rarely thought through by legislators.

Unfortunately, as someone caught up in the disability/benefits/advocacy mess, you very soon realise that people *want* to be helpful, but are seriously constrained in what the law allows them to do (or they're in "cover your ass" mode, because if they don't they know the law will be looking for a scapegoat :-(

It's like GDPR - I don't consider it onerous - but I absolutely insist people I deal with provide me with proof they "opted in". Otherwise I'm setting myself up for an "unfortunate" interview with the police if things turn nasty.

Cheers,
Wol


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds